Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-calm-moss-08cfe3010.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-calm-moss-08cfe3010.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-calm-moss-08cfe3010.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-calm-moss-08cfe3010.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-calm-moss-08cfe3010.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-calm-moss-08cfe3010.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-calm-moss-08cfe3010.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-calm-moss-08cfe3010.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-icy-sand-097a6230f.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-icy-sand-097a6230f.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-icy-sand-097a6230f.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-icy-sand-097a6230f.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-icy-sand-097a6230f.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-icy-sand-097a6230f.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-red-river-0f622590f.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-red-river-0f622590f.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-red-river-0f622590f.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-red-river-0f622590f.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/azure-static-web-apps-red-river-0f622590f.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/azure-static-web-apps-red-river-0f622590f.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/data.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/data.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/data.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/data.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/data.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/data.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/lock.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/cueblox/blox/main.yaml/main?enable=pin
Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:5
Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
Warn: pipCommand not pinned by hash: .github/workflows/azure-static-web-apps-calm-moss-08cfe3010.yml:23
Info: 0 out of 13 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 15 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 0 out of 1 pipCommand dependencies pinned