Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/workspace.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/workspace.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/workspace.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/workspace.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/RustCrypto/RSA/workspace.yml/master?enable=pin
Warn: containerImage not pinned by hash: marvin-toolkit/Dockerfile:1: pin your Docker image by updating python:3.12-bookworm to python:3.12-bookworm@sha256:b3edcabc927022dfa922374a8f609afb66900d54a483296b7b7d6cee402ec753
Warn: downloadThenRun not pinned by hash: marvin-toolkit/Dockerfile:9
Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 17 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned