ci(release): PyPI Trusted Publishing

[denfry]

Wires PyPI publishing into release.yml via Trusted Publishing (OIDC) — no stored token.

• New pypi-publish job (pypa/gh-action-pypi-publish, id-token: write, environment: pypi) consumes the same dist/ artifact that already passed twine check + clean-machine smoke.
• github-release now guards on refs/tags/*, and a workflow_dispatch trigger lets us publish the current main build to PyPI without recreating a GitHub release — used to push the already-tagged v1.6.0 to PyPI.
• Future v* tags publish to both GitHub and PyPI automatically.
• RELEASE_CHECKLIST.md intro updated (no longer "GitHub-only").

Assumes the PyPI trusted publisher uses environment name pypi (the recommended setup). If it was configured without an environment, that still matches; if it uses a different name, I'll adjust environment:.

🤖 Generated with Claude Code

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f1c15d37e3

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Limit manual PyPI publishes to main

When a maintainer manually dispatches this workflow from any branch other than main (GitHub's manual-run UI/CLI allow selecting a branch/ref, and github.ref then points at that ref), the build checks out that branch and pypi-publish still gets OIDC credentials and uploads it. That contradicts the "current main build" release path and can publish an unreviewed branch/version to PyPI without a GitHub release; add an if guard for workflow_dispatch on refs/heads/main or explicitly check out main for manual publishes.

Useful? React with 👍 / 👎.