Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/action-test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/action-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/action-test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/action-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analysis.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/analysis.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cla.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/cla.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cla.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/cla.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/frogbot-scan-pull-request.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/frogbot-scan-pull-request.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/frogbot-scan-repository.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/frogbot-scan-repository.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/oidc-test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/oidc-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/oidc-test.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/oidc-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:240: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-v2-tag.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/update-v2-tag.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-v2-tag.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jfrog/frogbot/update-v2-tag.yml/master?enable=pin
Warn: npmCommand not pinned by hash: action/.husky/pre-commit:6
Warn: npmCommand not pinned by hash: .github/workflows/action-test.yml:30
Warn: pipCommand not pinned by hash: .github/workflows/test.yml:105
Warn: pipCommand not pinned by hash: .github/workflows/test.yml:141
Info: 0 out of 26 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 13 third-party GitHubAction dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned
Info: 0 out of 2 pipCommand dependencies pinned