Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cov.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/cov.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cov.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/cov.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/long-tests.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/long-tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/long-tests.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/long-tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mqtt-test.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/mqtt-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mqtt-test.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/mqtt-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/nightly.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale-issues.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/stale-issues.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:208: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:270: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:237: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:240: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/nats-io/nats-server/tests.yaml/main?enable=pin
Warn: containerImage not pinned by hash: docker/Dockerfile.nightly:1
Warn: containerImage not pinned by hash: docker/Dockerfile.nightly:14: pin your Docker image by updating alpine:latest to alpine:latest@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099
Warn: goCommand not pinned by hash: docker/Dockerfile.nightly:12
Warn: goCommand not pinned by hash: scripts/cov.sh:19
Info: 0 out of 40 GitHub-owned GitHubAction dependencies pinned
Info: 2 out of 3 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 1 out of 3 goCommand dependencies pinned