Fix cargo release

.github/workflows/release-on-tag.yml

@@ -175,17 +175,19 @@ jobs:
       # For extra security we set the env variable with the token only
       # for the steps that require them.
       #
-      # There are two `cargo release` invocations here. One without the
-      # `cargo_marker` package, and one with it.
+      # We used to have two `cargo release` invocations here. One without the
+      # `cargo_marker` package, and one with it. This was done because there is
+      # an implicit dependency between `cargo_marker` and `marker_rustc_driver`,
+      # since the former installs the latter. However, this separation somehow
+      # resulted in the second `cargo release` invocation to fail with the error
+      # ```
+      # the remote server responded with an error (status 403 Forbidden):
+      # must be logged in to perform that action
+      # ```
       #
-      # Keep in mind that `cargo-marker` may install `marker_rustc_driver`
-      # from crates.io via `cargo install`.
-      #
-      # That being said, we will be extra safe if `cargo_marker` is published
-      # after `marker_rustc_driver`.
-      - run: cargo release publish --exclude cargo_marker --execute --no-confirm --no-verify --allow-branch '*'
-        env:
-          CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
-      - run: cargo release publish --package cargo_marker --execute --no-confirm --no-verify --allow-branch '*'
+      # No idea why this happens, but let's just keep a single cargo release
+      # to avoid this issue and to simplify the workflow, because the problem
+      # we tried to protect against is not that likely to happen anyway.
+      - run: cargo release publish --no-confirm --no-verify --no-push --no-tag --allow-branch '*'
         env:
           CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}