From 60cf96fefc31e7cd99cb893c2e03d450d21821a5 Mon Sep 17 00:00:00 2001
From: Plamen Neykov <plamen.neykov@cloudrisk.co.uk>
Date: Fri, 27 Mar 2026 20:35:54 +0000
Subject: [PATCH] Remove the signing and wheel checks as it is all part of the
 standard workflow.

Updated Python version requirement and modified the release workflow to automatically sign and upload attestations.
---
 .github/workflows/release.yml | 22 +++++-----------------
 1 file changed, 5 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index bf22e56..8d2f63b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -20,28 +20,16 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: "3.x"
+          python-version: ">=3.12"
 
       - name: Build Wheel and SDist
         run: |
-          pip install build twine
+          pip install build
           python -m build
 
-      # RUN THE CHECK HERE (Before signing)
-      - name: Check distributions
-        run: twine check dist/*
-
-      - name: Sign the artifacts with Sigstore
-        uses: sigstore/gh-action-sigstore-python@v3.0.0
-        with:
-          inputs: >-
-            ./dist/*.whl
-            ./dist/*.tar.gz
-
       - name: Publish to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          # This tells the action to upload everything in dist/, 
-          # including the signatures, but skip internal 'checks' on them.
-          verify-metadata: false
-          packages-dir: dist/
+          # This replaces the manual sigstore step. 
+          # It signs and uploads attestations automatically.
+          attestations: true