Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-and-push.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/Polarfox-DEX/polarfox-bridge/docker-build-and-push.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:4
Warn: containerImage not pinned by hash: Dockerfile:11: pin your Docker image by updating debian:stretch-slim to debian:stretch-slim@sha256:abaa313c7e1dfe16069a1a42fa254014780f165d4fd084844602edbe29915e70
Warn: containerImage not pinned by hash: scripts/geth/Dockerfile:4: pin your Docker image by updating ethereum/client-go:stable to ethereum/client-go:stable@sha256:b1b9701c7f66cfb7b9cf80410db52e1729f0efc0a1258fee93dfe850e504e391
Warn: downloadThenRun not pinned by hash: scripts/install_subkey.sh:10
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 6 third-party GitHubAction dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned
Info: 0 out of 3 containerImage dependencies pinned