Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/benchmarks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/benchmarks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/benchmarks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/benchmarks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/benchmarks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/benchmarks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docs-preview.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/build-docs-preview.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-docs-preview.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/build-docs-preview.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docs-preview.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/build-docs-preview.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-docs-preview.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/build-docs-preview.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-docs-preview.yaml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/build-docs-preview.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/deploy-docs.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/deploy-docs.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-docs.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/deploy-docs.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docker.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docker.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docker.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docker.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/docs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/janitor.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/janitor.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/labeler.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/labeler.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-pr.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/lint-pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/lint.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mutest.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/mutest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mutest.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/mutest.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/mutest.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/mutest.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/mutest.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/mutest.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/on-chain-upgrade.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/on-chain-upgrade.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/on-chain-upgrade.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/on-chain-upgrade.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/on-chain-upgrade.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/on-chain-upgrade.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/proto.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/proto.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/proto.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/proto.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sims.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sims.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sims.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sims.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sims.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/sims.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:279: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:291: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:306: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:314: update your workflow using https://app.stepsecurity.io/secureworkflow/desmos-labs/desmos/test.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:16: pin your Docker image by updating alpine:edge to alpine:edge@sha256:115729ec5cb049ba6359c3ab005ac742012d92bbaa5b8bc1a878f1e8f62c0cb8
Warn: containerImage not pinned by hash: Dockerfile-ubuntu:1: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
Warn: containerImage not pinned by hash: contrib/images/desmos-builder/Dockerfile:1: pin your Docker image by updating golang:1.20-alpine3.18 to golang:1.20-alpine3.18@sha256:67b24c125a2563407c3af701882d07706b0558bd5ae04dd775d4740b1539c096
Warn: containerImage not pinned by hash: contrib/images/desmos-cosmovisor/Dockerfile:2
Warn: containerImage not pinned by hash: contrib/images/desmos-cosmovisor/Dockerfile:17
Warn: containerImage not pinned by hash: contrib/images/desmos-env/Dockerfile:1: pin your Docker image by updating ubuntu:18.04 to ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98
Warn: containerImage not pinned by hash: contrib/images/desmos-python/Dockerfile:1: pin your Docker image by updating python:3.9-alpine to python:3.9-alpine@sha256:43e2664b1c5cc23c9f1db305f2689191f1235de390610a317af7241fe70e19cc
Warn: pipCommand not pinned by hash: contrib/images/desmos-python/Dockerfile:6
Warn: goCommand not pinned by hash: contrib/devtools/proto-tools-installer.sh:94
Warn: goCommand not pinned by hash: contrib/devtools/proto-tools-installer.sh:116
Warn: npmCommand not pinned by hash: contrib/devtools/proto-tools-installer.sh:117
Warn: goCommand not pinned by hash: scripts/protocgen-pulsar.sh:6
Warn: goCommand not pinned by hash: scripts/protocgen-pulsar.sh:7
Info: 0 out of 67 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 29 third-party GitHubAction dependencies pinned
Info: 0 out of 7 containerImage dependencies pinned
Info: 0 out of 1 pipCommand dependencies pinned
Info: 2 out of 6 goCommand dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned