Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cargo_publish.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/cargo_publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cargo_publish.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/cargo_publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cargo_publish.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/cargo_publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:701: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:708: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:247: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:372: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:437: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:648: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:683: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm_publish.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/npm_publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm_publish.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/npm_publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm_publish.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/npm_publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/post_publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/post_publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/post_publish.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/post_publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/promote_to_release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/promote_to_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote_to_release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/promote_to_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote_to_release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/promote_to_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote_to_release.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/promote_to_release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/start_release.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/start_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/start_release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/start_release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/version_bump.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/version_bump.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/version_bump.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/version_bump.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/version_bump.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/version_bump.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wpt_epoch.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/wpt_epoch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wpt_epoch.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/wpt_epoch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wpt_epoch.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/denoland/deno/wpt_epoch.yml/main?enable=pin
Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/vscode/devcontainers/rust:1-bullseye to mcr.microsoft.com/vscode/devcontainers/rust:1-bullseye@sha256:d30cd145267e69e4033e01498ea13560dbb96c7d832a810c561907097f75735b
Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:10
Info: 0 out of 16 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 20 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned