diff --git a/eng/scripts/Publish-MavenPackages.ps1 b/eng/scripts/Publish-MavenPackages.ps1
index 9a67be8bf9ddc..7c2d59d6c0a6b 100644
--- a/eng/scripts/Publish-MavenPackages.ps1
+++ b/eng/scripts/Publish-MavenPackages.ps1
@@ -147,14 +147,11 @@ foreach ($packageDetail in $packageDetails) {
   $gpgexeOption = "-Dgpgexe=$GPGExecutablePath"
   Write-Information "GPG Executable Option is: $gpgexeOption"
 
-  $gpgPluginVersion = . $PSScriptRoot\Get-ExternalDependencyVersion.ps1 -GroupId 'org.apache.maven.plugins' -ArtifactId 'maven-gpg-plugin'
-  if ($LASTEXITCODE) {
-    Write-Information "##vso[task.logissue type=error]Unable to resolve version of external dependency 'org.apache.maven.plugins:maven-gpg-plugin'"
-    exit $LASTEXITCODE
-  }
-
-  $gpgSignAndDeployWithVer = "org.apache.maven.plugins:maven-gpg-plugin:$gpgPluginVersion`:sign-and-deploy-file"
-
+  # Just hard code the maven-gpg-plugin version rather than the previous logic where it determined it based on values
+  # in /eng/versions/external_dependencies.txt. This will prevent an issue with new scripts that remove unused
+  # dependencies (which this usage wouldn't be considered one) and from an errant update to the version breaking this
+  # release. Effectively, the usage is unique enough here to be handled separately from our normal dependency management.
+  $gpgSignAndDeployWithVer = "org.apache.maven.plugins:maven-gpg-plugin:3.2.7:sign-and-deploy-file"
 
   if ($requiresLocalGpg) {
     $localRepositoryDirectory = Get-RandomRepositoryDirectory