Google Git
Sign in
fuchsia/third_party/github.com/kbknapp/cargo-outdated/refs/heads/main^!/.
commit
e522710a7bcd7e8150152cc9c99037a09d33ed11
[log]
author
David Hewitt <mail@davidhewitt.dev>
Tue Apr 14 16:02:55 2026 +0100
committer
GitHub <noreply@github.com>
Tue Apr 14 16:02:55 2026 +0100
tree
b04ce1e2b173315d8eb5f367abb917d631dce871
parent
e9959a288f19671b6e26853dc0f87de632c4a7c6 [diff]
ci: add trusted publishing (#436)
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 7edf918..eff00a5 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml

@@ -133,10 +133,6 @@
       - name: Install Rust stable
         uses: dtolnay/rust-toolchain@stable
 
-      - name: Create Cargo.lock
-        run: |
-          cargo update
-
       - name: Get version
         id: tagName
         run: |
@@ -157,3 +153,25 @@
             ./binaries/**/*.tar.gz
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  cargo-publish:
+    needs: [deploy]
+
+    permissions:
+      id-token: write
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Remove rust-toolchain.toml
+        # contains nightly & linters/formatters
+        run: rm -f rust-toolchain.toml
+
+      - uses: rust-lang/crates-io-auth-action@v1
+        id: auth
+
+      - run: cargo publish
+        env:
+          CARGO_REGISTRY_TOKEN: ${{ steps.auth.outputs.token }}