[docs] Secretless publishing to PyPI

[webknjaz]

Description

I noticed that the GHA docs have a snippet with an updated version of pypi-publish and suggest using username/password there. The username field has always defaulted to __token__ so I've hidden that from the readme some time ago.
And now that PyPI supports trusted publishing, the docs here should stop suggesting people to make new non-expireable tokens. Instead, drop that password field.
Though, this requires not using that old tag. I specifically use release/v1 so the docs don't get outdated regularly and just hint to the users that they may use pins instead. I suggest you do the same.

[joerick]

Agreed. Also, the process is very easy to set up, doesn't require copy/pasting tokens around. PRs welcome!