Trusted publishing exchange failure: Token request failed: the server refused the request for the following reasons: * `invalid-publisher`: valid token, but no corresponding publisher (All lookup strategies exhausted) This generally indicates a trusted publisher configuration error, but could also indicate an internal error on GitHub or PyPI's part. The claims rendered below are **for debugging purposes only**. You should **not** use them to configure a trusted publisher unless they already match your expectations. If a claim is not present in the claim set, then it is rendered as `MISSING`. * `sub`: `repo:OWASP/Nettacker:pull_request` * `repository`: `OWASP/Nettacker` * `repository_owner`: `OWASP` * `repository_owner_id`: `155815` * `job_workflow_ref`: `OWASP/Nettacker/.github/workflows/ci_cd.yml@refs/pull/866/merge` * `ref`: `refs/pull/866/merge` See https://docs.pypi.org/trusted-publishers/troubleshooting/ for more help.

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/download-artifact@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/