diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yml
similarity index 100%
rename from .github/workflows/build.yaml
rename to .github/workflows/build.yml
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index e9566c9d..abbbcbd9 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -1,3 +1,6 @@
+# See also:
+#   https://github.com/pypa/gh-action-pypi-publish
+#   https://docs.pypi.org/trusted-publishers/creating-a-project-through-oidc/
 name: Publish
 
 on:
@@ -14,27 +17,19 @@ on:
 
 jobs:
   publish:
-    name: Publish to ${{ options.repository }}
+    name: Publish to ${{ inputs.repository }}
     runs-on: ubuntu-latest
+    environment:
+      name: publish-${{ inputs.repository }}
     permissions:
       id-token: write
     steps:
-      - uses: ./.github/workflows/build.yaml
+      - uses: actions/checkout@v4  # Required to use a dependent workflow
+      - uses: ./.github/workflows/build.yml
       - uses: actions/download-artifact@v4
         with:
           pattern: package-*
           path: dist
           merge-multiple: true
 
-      - name: Determine upload URL
-        run: |
-          case "${{ inputs.repository }}" in
-            "TestPyPI") URL="https://test.pypi.org/legacy/";;
-                "PyPI") URL="https://upload.pypi.org/legacy/";;
-                     *) echo "Incorrect input"; exit 1;;
-          esac
-          echo "UPLOAD_URL=$URL" >> "$GITHUB_ENV"
-
       - uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          repository-url: $UPLOAD_URL