Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-testing.yaml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/e2e-testing.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/persistenceOne/persistenceCore/release.yml/main?enable=pin
Warn: containerImage not pinned by hash: contrib/local/ibc/gaiad.Dockerfile:1
Warn: containerImage not pinned by hash: contrib/local/ibc/gaiad.Dockerfile:23: pin your Docker image by updating alpine:3.16 to alpine:3.16@sha256:452e7292acee0ee16c332324d7de05fa2c99f9994ecc9f0779c602916a672ae4
Warn: containerImage not pinned by hash: contrib/local/ibc/hermes.Dockerfile:1: pin your Docker image by updating informalsystems/hermes:1.0.0-rc.1 to informalsystems/hermes:1.0.0-rc.1@sha256:1b4de94fc73a47372775066209b33d439847194aab2c737e77e7a843e0f97b2a
Warn: containerImage not pinned by hash: docker/persistencecore/Dockerfile:1
Warn: containerImage not pinned by hash: docker/persistencecore/Dockerfile:32: pin your Docker image by updating alpine:3.16 to alpine:3.16@sha256:452e7292acee0ee16c332324d7de05fa2c99f9994ecc9f0779c602916a672ae4
Warn: containerImage not pinned by hash: docker/persistencecore/Dockerfile.release:1: pin your Docker image by updating golang:1.21.5-alpine3.18 to golang:1.21.5-alpine3.18@sha256:d8b99943fb0587b79658af03d4d4e8b57769b21dcf08a8401352a9f2a7228754
Warn: downloadThenRun not pinned by hash: starship/scripts/dev-setup.sh:29
Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 12 third-party GitHubAction dependencies pinned
Info: 0 out of 6 containerImage dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned