diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 79d2eb8..417ccfc 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -1,28 +1,47 @@
-name: Upload Scarf
+name: Publish Scarf build to PyPI
 
 on:
   release:
     types: [published]
 
 jobs:
-  deploy:
-
+  build:
+    name: Build distribution
     runs-on: ubuntu-22.04
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Set up Python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v5
       with:
         python-version: 3.11.9
     - name: Install dependencies
       run: |
-        python -m pip install --upgrade pip setuptools wheel
-        pip install build
-    - name: Build package
+        python -m pip install --upgrade pip
+        python -m pip install --upgrade setuptools wheel build
+    - name: Build a binary wheel and a source tarball
       run: python -m build
-    - name: Publish to PyPi
-      uses: pypa/gh-action-pypi-publish@release/v1
+    - name: Store the distribution packages
+      uses: actions/upload-artifact@v3
       with:
-        user: __token__
-        password: ${{ secrets.PYPI_API_TOKEN }}
+        name: python-package-distributions
+        path: dist/
+
+  publish-to-pypi:
+    name: Publish to PyPI
+    needs:
+      - build
+    runs-on: ubuntu-22.04
+    environment:
+      name: pypi
+      url: https://pypi.org/p/scarf
+    permissions:
+      id-token: write  # IMPORTANT: mandatory for trusted publishing
+    steps:
+      - name: Download all the dists
+        uses: actions/download-artifact@v3
+        with:
+          name: python-package-distributions
+          path: dist/
+      - name: Publish distribution to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1