diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 78cdcd5..6ff88a5 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -63,7 +63,7 @@ jobs:
         run: pip install poetry
 
       - name: "Build wheels"
-        uses: pypa/cibuildwheel@v2.19.1
+        uses: pypa/cibuildwheel@v2.20.0
         with:
           output-dir: dist
         env:
@@ -97,40 +97,10 @@ jobs:
         name: artifact-source-dist
         path: "./**/dist/*.tar.gz"
 
-  test-publish:
-    name: Test PyPI Publishing
-    runs-on: ubuntu-latest
-    needs: [test, make-wheels, make-sdist]
-    # only run jobs if the feature branch is the base repo (not in a fork)
-    # TODO separate step, fails PRs from forks due to: "missing or insufficient OIDC token permissions,
-    #  the ACTIONS_ID_TOKEN_REQUEST_TOKEN environment variable was unset"
-    if: github.repository == 'jannikmi/timezonefinder'
-    permissions:
-        id-token: write
-        contents: write
-    steps:
-      - name: Download all artifacts
-        uses: actions/download-artifact@v4
-
-      - name: Copy artifacts to dist/ folder
-        run: |
-          find . -name 'artifact-*' -exec unzip '{}' \;
-          mkdir -p dist/
-          find . -name '*.tar.gz' -exec mv '{}' dist/ \;
-          find . -name '*.whl' -exec mv '{}' dist/ \;
-          ls -lR dist/
-
-      - name: Test PyPI Publishing
-        uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{ secrets.TEST_PYPI_DEPLOYMENT_API_KEY }}
-          repository-url: https://test.pypi.org/legacy/
-          skip-existing: true
-
   publish:
     runs-on: ubuntu-latest
     # Note: only run, when test publishing worked
-    needs: [test, make-wheels, make-sdist, test-publish]
+    needs: [test, make-wheels, make-sdist]
     if: endsWith(github.ref, '/master')
     permissions:
         id-token: write
@@ -159,6 +129,17 @@ jobs:
           find . -name '*.whl' -exec mv '{}' dist/ \;
           ls -lR dist/
 
+      -   name: Test PyPI Publishing
+          # TODO separate step to test publishing before merging to main
+          # NOTE: PRs from forks fail due to: "missing or insufficient OIDC token permissions,
+          #  the ACTIONS_ID_TOKEN_REQUEST_TOKEN environment variable was unset"
+          # -> test publishing cannot be triggered in PRs?!
+          uses: pypa/gh-action-pypi-publish@release/v1
+          with:
+              password: ${{ secrets.TEST_PYPI_DEPLOYMENT_API_KEY }}
+              repository-url: https://test.pypi.org/legacy/
+              skip-existing: true
+
       - name: Create GitHub Release
         id: create_gh_release
         uses: ncipollo/release-action@v1