From e9b340256b0361b280577f5c2274572e901f76cd Mon Sep 17 00:00:00 2001
From: Bruno Oliveira <bruno@soliv.dev>
Date: Thu, 16 May 2024 20:09:16 -0300
Subject: [PATCH] Revert attestation from test.yml and add changelog

---
 .github/workflows/test.yml  | 8 +-------
 changelog/12333.trivial.rst | 1 +
 2 files changed, 2 insertions(+), 7 deletions(-)
 create mode 100644 changelog/12333.trivial.rst

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index b294c1b4a..443474067 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -29,19 +29,13 @@ permissions: {}
 jobs:
   package:
     runs-on: ubuntu-latest
-    # Required by attest-build-provenance-github.
-    permissions:
-      id-token: write
-      attestations: write
     steps:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 0
         persist-credentials: false
     - name: Build and Check Package
-      uses: hynek/build-and-inspect-python-package@v2.5.0
-      with:
-        attest-build-provenance-github: 'true'
+      uses: hynek/build-and-inspect-python-package@v2.4.0
 
   build:
     needs: [package]
diff --git a/changelog/12333.trivial.rst b/changelog/12333.trivial.rst
new file mode 100644
index 000000000..ce609f1a5
--- /dev/null
+++ b/changelog/12333.trivial.rst
@@ -0,0 +1 @@
+pytest releases are now attested using the recent `Artifact Attestation <https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/>` support from GitHub, allowing users to attest the package provenance.