Further GHA / harden runner tweaks

Author: zerolab

.github/workflows/publish.yml

@@ -21,10 +21,15 @@ jobs:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
-            files.pythonhosted.org:443
             github.com:443
-            pypi.org:443
             api.github.com:443
+            ghcr.io:443
+            pkg-containers.githubusercontent.com:443
+            pypi.org:443
+            upload.pypi.org:443
+            files.pythonhosted.org:443
+            fulcio.sigstore.dev:443
+            tuf-repo-cdn.sigstore.dev:443
 
       - uses: actions/checkout@v5
         with: