From c040b838e1cc05aa6555968cb9ce72f1216868fd Mon Sep 17 00:00:00 2001
From: Chris Wolfgang <210299580+Chris-Wolfgang@users.noreply.github.com>
Date: Sun, 19 Apr 2026 19:31:47 -0400
Subject: [PATCH] Fix duplicate run: mapping key that prevented workflow from
 parsing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The test-linux-core job had an orphan 'run:' block on line 244 — the
'Install OpenSSL 1.1 for .NET 5.0' step lost its '- name:' line during
a prior cleanup, so YAML saw two 'run:' keys under the same step.

GitHub's YAML parser silently fails on duplicate mapping keys, which is
why pull_request_target never fired since PR #72 merged. All open PRs
(including Dependabot updates #77, #78, #79) have been blocked because
no required check ever ran.

Restoring the missing step header fixes the parse error and brings the
workflow back online. Verified with js-yaml: file now parses cleanly
and all 6 jobs are present.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .github/workflows/pr.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
index 5213a58..a800b0b 100644
--- a/.github/workflows/pr.yaml
+++ b/.github/workflows/pr.yaml
@@ -241,6 +241,9 @@ jobs:
           echo ""
           echo "✅ Configuration files secured - using versions from main branch"
 
+      # Fix for .NET 5.0 on Ubuntu 22.04+ - install libssl1.1 from the focal-security
+      # repository so APT verifies the package via GPG instead of a plain wget download.
+      - name: Install OpenSSL 1.1 for .NET 5.0
         run: |
           echo "deb https://security.ubuntu.com/ubuntu focal-security main" | sudo tee /etc/apt/sources.list.d/focal-security.list
           sudo apt-get update -q