Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/angular.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/angular.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/angular.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/angular.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/angular.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/angular.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-legacy.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-legacy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-release.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-release.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-release.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-release.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-release.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/go-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kotlin.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kotlin.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kotlin.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kotlin.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/kotlin.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kotlin.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/kotlin.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/terraform.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/terraform.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/terraform.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/terraform.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/terraform.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/terraform.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/terraform.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/terraform.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/terraform.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/tillkuhn/angkor/terraform.yml/main?enable=pin
Warn: containerImage not pinned by hash: angular/Dockerfile:4
Warn: containerImage not pinned by hash: go/Dockerfile:4
Warn: containerImage not pinned by hash: go/Dockerfile:7: pin your Docker image by updating alpine:3.18 to alpine:3.18@sha256:de0eb0b3f2a47ba1eb89389859a9bd88b28e82f5826b6969ad604979713c2d4f
Warn: containerImage not pinned by hash: kotlin/Dockerfile:8
Warn: pipCommand not pinned by hash: terraform/templates/user-data.sh:39
Warn: pipCommand not pinned by hash: terraform/templates/user-data.sh:42
Warn: pipCommand not pinned by hash: terraform/templates/user-data.sh:47
Warn: pipCommand not pinned by hash: terraform/templates/user-data.sh:64
Warn: npmCommand not pinned by hash: .github/workflows/angular.yml:64
Warn: npmCommand not pinned by hash: .github/workflows/docs.yml:52
Warn: npmCommand not pinned by hash: .github/workflows/go-legacy.yml:87
Info: 0 out of 23 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 29 third-party GitHubAction dependencies pinned
Info: 0 out of 3 npmCommand dependencies pinned
Info: 0 out of 4 containerImage dependencies pinned
Info: 0 out of 4 pipCommand dependencies pinned