Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-commit.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-commit.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-commit.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-commit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-commit.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-commit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-commit.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-commit.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-commit.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-commit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-commit.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-commit.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-wip.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/check-wip.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepublish-version.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/prepublish-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-tests.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/loksonarius/mcsm/run-tests.yml/main?enable=pin
Warn: containerImage not pinned by hash: integration/Dockerfile:1: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
Info: 0 out of 18 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 6 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned