Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gosec.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/gosec.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gosec.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/gosec.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/interchaintest.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest_custom_runner.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_custom_runner.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest_custom_runner.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_custom_runner.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest_custom_runner.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_custom_runner.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/interchaintest_custom_runner.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_custom_runner.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest_runner.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_runner.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest_runner.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_runner.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interchaintest_runner.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_runner.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/interchaintest_runner.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/interchaintest_runner.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/public-awesome/stargaze/lint.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:3
Warn: containerImage not pinned by hash: Dockerfile:29: pin your Docker image by updating alpine:3.20 to alpine:3.20@sha256:31687a2fdd021f85955bf2d0c2682e9c0949827560e1db546358ea094f740f12
Warn: containerImage not pinned by hash: docker/Dockerfile:1: pin your Docker image by updating alpine:3.19 to alpine:3.19@sha256:6380aa6b04faa579332d4c9d1f65bd7093012ba6e01d9bbcd5e2d8a4f9fae38f
Warn: containerImage not pinned by hash: docker/Dockerfile.gaia:1
Warn: containerImage not pinned by hash: docker/Dockerfile.gaia:19: pin your Docker image by updating alpine:3.17 to alpine:3.17@sha256:8fc3dacfb6d69da8d44e42390de777e48577085db99aa4e4af35f483eb08b989
Warn: containerImage not pinned by hash: docker/Dockerfile.go-devtools:2: pin your Docker image by updating golang:1.23.5 to golang:1.23.5@sha256:e213430692e5c31aba27473cdc84cfff2896d0c097e984bef67b6a44c75a8181
Warn: containerImage not pinned by hash: docker/Dockerfile.hermes:8
Warn: containerImage not pinned by hash: docker/Dockerfile.hermes:15: pin your Docker image by updating ubuntu:latest to ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782
Warn: containerImage not pinned by hash: docker/Dockerfile.icad:1
Warn: containerImage not pinned by hash: docker/Dockerfile.icad:13: pin your Docker image by updating alpine:3.17 to alpine:3.17@sha256:8fc3dacfb6d69da8d44e42390de777e48577085db99aa4e4af35f483eb08b989
Warn: containerImage not pinned by hash: docker/Dockerfile.osmosis:1
Warn: containerImage not pinned by hash: docker/Dockerfile.osmosis:20: pin your Docker image by updating alpine:3.17 to alpine:3.17@sha256:8fc3dacfb6d69da8d44e42390de777e48577085db99aa4e4af35f483eb08b989
Warn: containerImage not pinned by hash: docker/Dockerfile.readiness:1: pin your Docker image by updating alpine:3.19 to alpine:3.19@sha256:6380aa6b04faa579332d4c9d1f65bd7093012ba6e01d9bbcd5e2d8a4f9fae38f
Warn: containerImage not pinned by hash: docker/Dockerfile.test:1: pin your Docker image by updating alpine:3.19 to alpine:3.19@sha256:6380aa6b04faa579332d4c9d1f65bd7093012ba6e01d9bbcd5e2d8a4f9fae38f
Warn: goCommand not pinned by hash: scripts/proto-installer.sh:94
Warn: goCommand not pinned by hash: scripts/proto-installer.sh:116
Warn: npmCommand not pinned by hash: scripts/proto-installer.sh:118
Warn: goCommand not pinned by hash: scripts/protocgen.sh:7
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 14 containerImage dependencies pinned
Info: 0 out of 3 goCommand dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned