chore(deps): update pypa/gh-action-pypi-publish action to v1.12.3

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
pypa/gh-action-pypi-publish	action	patch	v1.12.2 -> v1.12.3

---

Release Notes

pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish)

v1.12.3

Compare Source

✨ What's Improved

With the updates by @​woodruffw💰 and @​webknjaz💰 via #​309 and #​313, it is now possible to publish distribution packages that include core metadata v2.4, like those built using maturin. This is done by bumping Twine to v6.0.1 and pkginfo to v1.12.0.

📝 Docs

We've made an attempt to clarify the runtime and workflow shape that are expected to be supported for calling this action in: https://github.com/marketplace/actions/pypi-publish#Non-goals.

[!TIP]
Please, let us know in the release discussion if anything still remains unclear.
TL;DR always call [pypi-publish][pypi-publish] once per job; don't invoke it in reusable workflows; physically move building the dists into separate jobs having restricted permissions and storing the dists as GitHub Actions artifacts; when using self-hosted runners, make sure to still use [pypi-publish][pypi-publish] on a GitHub-provided infra with runs-on: ubuntu-latest, while building and testing may remain self-hosted; don't perform any other actions in the publishing job; don't call [pypi-publish][pypi-publish] from composite actions.

🛠️ Internal Updates

@​br3ndonland💰 improved the container image generation automation to include Git SHA in #​301. And @​woodruffw💰 added the workflow_ref context to Trusted Publishing debug logging in #​305, helping us diagnose misconfigurations faster. #​313 also extends the smoke test in the CI to check against the maturin-made dists. Additionally, jeepney and secretstorage transitive deps have been added to the pip constraint-based lock file, as Dependabot seems to have missed those earlier.

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.12.2...v1.12.3

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​samuelcolvin💰 for nudging me to cut this release sooner and for sponsoring me via @​pydantic💰!

🔌 Shameless Plug: The other day I've made this 🦋 Bluesky 🇺🇦 FOSS Maintainers Starter Pack subscribe to read news from people like me :)

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.