ci: change nuget publishing

[askpt]

This PR

This pull request updates the NuGet publishing workflow in .github/workflows/release.yml to improve security and automation by switching from a static NuGet API key to using GitHub OIDC authentication for generating a temporary API key at publish time.

NuGet publishing workflow improvements:

• Added a step to log in to NuGet using OIDC to obtain a short-lived API key, replacing the use of a long-lived secret (NUGET_TOKEN).
• Updated the dotnet nuget push step to use the temporary API key from the OIDC login step instead of the static secret.
• Clarified the purpose of the id-token: write permission to indicate it's for enabling GitHub OIDC token issuance for the job.

Related Issues

Fixes #581

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.07%. Comparing base (f43625c) to head (a8f71a5).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #583   +/-   ##
=======================================
  Coverage   90.07%   90.07%           
=======================================
  Files          77       77           
  Lines        2881     2881           
  Branches      327      327           
=======================================
  Hits         2595     2595           
  Misses        226      226           
  Partials       60       60           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.