feat: enable Trusted Publishing for PyPI uploads

[AliSharjeell]

Summary

Replace manual PYPI_TOKEN approach with OIDC-based authentication using pypa/gh-action-pypi-publish. This eliminates the need to manage and rotate API tokens, improving security posture and reducing supply chain attack risk.

Changes

1. .github/workflows/publish-pypi.yml:
   • Changed trigger from workflow_dispatch to release with types: [published]
   • Added permissions: id-token: write for OIDC authentication
   • Replaced bash ./bin/publish-pypi with pypa/gh-action-pypi-publish@release/v1
   • Removed PYPI_TOKEN secret dependency

Why Trusted Publishing?

From PyPI documentation:

Trusted Publishers allow you to securely authenticate with PyPI without needing to manage a PyPI API token as a GitHub Secret.

Benefits:

• No token rotation: Eliminates the risk of leaked/stale tokens
• Principle of least privilege: Only GitHub Actions can publish, not arbitrary code
• Audit trail: Every publish is tied to a specific GitHub release
• Reduced attack surface: No long-lived secrets to manage

Setup Requirements

For this to work, the repo needs to be registered as a Trusted Publisher on PyPI:

1. Go to https://pypi.org/manage/account/publishing/
2. Add a new publisher for the anthropic package
3. Select GitHub Actions environment and this repository

Related Issue

Closes #1568 — Use Trusted Publishing to upload to PyPI

Risk

Low. This is additive — the old workflow still works manually for recovery scenarios. After testing, the old token can be deleted.