Switch to trusted publishing

[woodruffw]

All of our PyPI-packaged projects should use trusted publishing, rather than a manually configured API token.

Example trusted publishing workflow:

https://github.com/trailofbits/blight/blob/master/.github/workflows/release.yml

Resources:

• https://docs.pypi.org/trusted-publishers/
• https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/