diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 1a16050..3051dc9 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -49,6 +49,7 @@ jobs:
           BUILDVAR_NuGetPublishSource: "${{ startsWith(github.ref, 'refs/tags/') && 'https://api.nuget.org/v3/index.json' || 'https://nuget.pkg.github.com/endjin/index.json' }}"
         secretsYaml: |
           NUGET_API_KEY: "${{ startsWith(github.ref, 'refs/tags/') && secrets.ENDJIN_NUGET_APIKEY || secrets.ENDJIN_GITHUB_PUBLISHER_PAT }}"
+          SBOM_ANALYSIS_RELEASE_READER_PAT: "${{ secrets.ENDJIN_GITHUB_READER_PAT }}"
 
   build:
     needs: prepareConfig
@@ -61,4 +62,5 @@ jobs:
       publishPhaseEnv: ${{ needs.prepareConfig.outputs.RESOLVED_ENV_VARS }}
     secrets:
       compilePhaseAzureCredentials: ${{ secrets.ENDJIN_PROD_ACR_READER_CREDENTIALS }}
+      compilePhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }}
       publishPhaseSecrets: ${{ needs.prepareConfig.outputs.RESOLVED_SECRETS }}
diff --git a/.gitignore b/.gitignore
index 62c463b..6fb2624 100644
--- a/.gitignore
+++ b/.gitignore
@@ -401,3 +401,4 @@ FodyWeavers.xsd
 *.sbom*
 _codeCoverage/
 _packages/
+.analysis/
\ No newline at end of file
diff --git a/build.ps1 b/build.ps1
index 6c857f2..2e99495 100644
--- a/build.ps1
+++ b/build.ps1
@@ -71,7 +71,10 @@ param (
     [string] $BuildModulePath,
 
     [Parameter()]
-    [version] $BuildModuleVersion = "1.5.4",
+    [version] $BuildModuleVersion = "1.5.5",
+
+    [Parameter()]
+    [string] $BuildModulePackageVersion = $BuildModuleVersion,
 
     [Parameter()]
     [version] $InvokeBuildModuleVersion = "5.10.3"
@@ -105,7 +108,7 @@ if ($MyInvocation.ScriptName -notlike '*Invoke-Build.ps1') {
 if (!($BuildModulePath)) {
     if (!(Get-Module -ListAvailable Endjin.RecommendedPractices.Build | ? { $_.Version -eq $BuildModuleVersion })) {
         Write-Information "Installing 'Endjin.RecommendedPractices.Build' module..."
-        Install-Module Endjin.RecommendedPractices.Build -RequiredVersion $BuildModuleVersion -Scope CurrentUser -Force -Repository PSGallery
+        Install-Module Endjin.RecommendedPractices.Build -RequiredVersion $BuildModulePackageVersion -Scope CurrentUser -Force -Repository PSGallery -AllowPrerelease:$($BuildModulePackageVersion -match "-")
     }
     $BuildModulePath = "Endjin.RecommendedPractices.Build"
 }
@@ -169,4 +172,3 @@ task PostPackage {}
 task PrePublish {}
 task PostPublish {}
 task RunLast {}
-