diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml
index 5ea1969..0555c9e 100644
--- a/.github/workflows/build-and-push.yml
+++ b/.github/workflows/build-and-push.yml
@@ -25,21 +25,29 @@ jobs:
   deploy:
 
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version:
+          - setup: "3.11"
+            tox: "py311"
+
+    permissions:
+      id-token: write  # IMPORTANT: this permission is mandatory for trusted publishing
 
     steps:
     - uses: actions/checkout@v4
     - name: Set up Python
-      uses: actions/setup-python@v3
+      uses: actions/setup-python@v4
       with:
-        python-version:
-          - setup: '3.11'
-            tox: 'py311'
+        python-version: ${{ matrix.python-version.setup }}
+
+    
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
         python -m pip install tox
     - name: Build and test with tox
-      run: tox -e py311
+      run: tox -e ${{ matrix.python-version.tox }}
     - name: Build and check wheel package
       run:
         tox -e build,twinecheck