Info: Possibly incomplete results: error parsing shell code: reached EOF without closing quote ": scripts/generate-docs.py:0
Info: Possibly incomplete results: error parsing shell code: not a valid parameter expansion operator: $: .github/workflows/upgrade.yml:207
Info: Possibly incomplete results: error parsing shell code: not a valid parameter expansion operator: $: .github/workflows/upgrade.yml:272
Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: show: .github/workflows/upgrade.yml:294
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cla.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/cla.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/client-tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/client-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/client-tests.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/client-tests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/context-tests.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/context-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-sphinx-python-dependency-build-checks.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/docs-sphinx-python-dependency-build-checks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gen.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/gen.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gen.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/gen.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/merge.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/merge.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/microk8s-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/microk8s-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/microk8s-tests.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/microk8s-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/migrate.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/migrate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/migrate.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/migrate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/smoke.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/smoke.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/snap.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/snap.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/snap.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/snap.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/static-analysis.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/static-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/static-analysis.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/static-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/static-analysis.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/static-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/static-analysis.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/static-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/static-analysis.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/static-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/static-analysis.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/static-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/terraform-smoke.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/terraform-smoke.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/terraform-smoke.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/terraform-smoke.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/terraform-smoke.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/terraform-smoke.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/upgrade.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/upgrade.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/juju/juju/upgrade.yml/main?enable=pin
Warn: containerImage not pinned by hash: caas/Dockerfile:1: pin your Docker image by updating public.ecr.aws/ubuntu/ubuntu:24.04 to public.ecr.aws/ubuntu/ubuntu:24.04@sha256:da20fb875cfefd317c49e7aaf3998d3e5ad42c5b20f34a0eec6dca2fe4fbb8f4
Warn: containerImage not pinned by hash: scripts/dqlite-bench/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:0e5e4a57c2499249aafc3b40fcd541e9a456aab7296681a3994d631587203f97
Warn: pipCommand not pinned by hash: caas/Dockerfile:35
Warn: goCommand not pinned by hash: scripts/golinters.bash:11
Warn: goCommand not pinned by hash: scripts/stresstest/run.sh:10
Warn: pipCommand not pinned by hash: .github/workflows/docs.yml:36
Warn: pipCommand not pinned by hash: .github/workflows/docs.yml:37
Warn: goCommand not pinned by hash: .github/workflows/static-analysis.yml:40
Warn: downloadThenRun not pinned by hash: .github/workflows/static-analysis.yml:41
Warn: goCommand not pinned by hash: .github/workflows/static-analysis.yml:45
Warn: pipCommand not pinned by hash: .github/workflows/static-analysis.yml:68
Info: 4 out of 35 GitHub-owned GitHubAction dependencies pinned
Info: 9 out of 12 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 0 out of 4 pipCommand dependencies pinned
Info: 2 out of 6 goCommand dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned