diff --git a/poetry.lock b/poetry.lock
index bdbd27c..bc74ec3 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -12,14 +12,14 @@ files = [
 ]
 
 [[package]]
-name = "application-download"
-version = "0.0.1.dev3"
+name = "applications-download"
+version = "0.7.1"
 description = "Tools used to publish Python packages, Docker images and Helm charts for GitHub tag and branch"
 optional = false
 python-versions = ">=3.9"
 files = [
-    {file = "application_download-0.0.1.dev3-py3-none-any.whl", hash = "sha256:89662f68d327ccd39c499947c58861ec0c94f648de471fd173d8df53dae25069"},
-    {file = "application_download-0.0.1.dev3.tar.gz", hash = "sha256:bc7d894bab6f87d6e822c717eecdc169489e3dc2a61ce8ab7de26a785b40bb57"},
+    {file = "applications_download-0.7.1-py3-none-any.whl", hash = "sha256:cb4c1a686d8b2522b3b3fe4632a8305cef59f31a02dfd7e5588292d58dc8f917"},
+    {file = "applications_download-0.7.1.tar.gz", hash = "sha256:b385e3c88fb41fd50121ae67e3c69f58613dc252e501e6aff6aea4c4698b1f98"},
 ]
 
 [package.dependencies]
@@ -2214,4 +2214,4 @@ type = ["pytest-mypy"]
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.9,<4.0"
-content-hash = "a30510453c99db72224432d0d8d9a084af11aef2983452005a7fabfa0702868e"
+content-hash = "ce93a305b88c95fc0e0250164a73ef4793a6a8b6b724a2b94242717a374f9249"
diff --git a/pyproject.toml b/pyproject.toml
index bbd0480..9bb44b6 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -66,7 +66,8 @@ twine = "5.1.1"
 PyYAML = "6.0.2"
 id = "1.4.0"
 security-md = "0.2.3"
-application-download = "0.0.1.dev3"
+applications-download = "0.7.1"
+jsonschema-validator-new = "0.1.0"
 PyGithub = "2.5.0"
 debian-inspector = "31.1.0"
 multi-repo-automation = "1.4.1"
diff --git a/tag_publish/__init__.py b/tag_publish/__init__.py
index b087b57..d81f8ff 100644
--- a/tag_publish/__init__.py
+++ b/tag_publish/__init__.py
@@ -2,7 +2,9 @@
 Tag Publish main module.
 """
 
+import json
 import os.path
+import pkgutil
 import re
 import subprocess  # nosec
 from re import Match, Pattern
@@ -10,6 +12,7 @@
 
 import application_download.cli
 import github
+import jsonschema_validator
 import requests
 import ruamel.yaml
 import security_md
@@ -94,9 +97,14 @@ def get_config(gh: GH) -> tag_publish.configuration.Configuration:
     """
     config: tag_publish.configuration.Configuration = {}
     if os.path.exists(".github/publish.yaml"):
+        schema_data = pkgutil.get_data("tag_publish", "schema.json")
+        assert schema_data is not None
+        schema = json.loads(schema_data)
+
         with open(".github/publish.yaml", encoding="utf-8") as open_file:
             yaml_ = ruamel.yaml.YAML()
             config = yaml_.load(open_file)
+            jsonschema_validator.validate(".github/publish.yaml", config, schema)
 
     merge(
         {
diff --git a/tag_publish/cli.py b/tag_publish/cli.py
index 7fc8bf5..43ea356 100644
--- a/tag_publish/cli.py
+++ b/tag_publish/cli.py
@@ -219,7 +219,7 @@ def _handle_pypi_publish(
         if "packages" in pypi_config:
             tag_publish.lib.oidc.pypi_login()
 
-        for package in pypi_config["packages"]:
+        for package in pypi_config.get("packages", []):
             if package.get("group", tag_publish.configuration.PIP_PACKAGE_GROUP_DEFAULT) == group:
                 publish = version_type in pypi_config.get(
                     "versions", tag_publish.configuration.PYPI_VERSIONS_DEFAULT