This will enable publishing digital attestations and using short-lived secrets.

If implemented right, this will preserve the ability for release managers to verify the dists before publishing them.

https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ shows how to do this.