Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/automerge.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/automerge.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/automerge.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/automerge.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-container.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-container.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-container.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/build-container.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-snapshot.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/update-snapshot.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-snapshot.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/update-snapshot.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-snapshot.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/update-snapshot.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-snapshot.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/metacpan/metacpan-web/update-snapshot.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:7
Warn: containerImage not pinned by hash: Dockerfile:32
Warn: containerImage not pinned by hash: Dockerfile:33
Warn: containerImage not pinned by hash: Dockerfile:36
Warn: containerImage not pinned by hash: Dockerfile:59
Warn: containerImage not pinned by hash: Dockerfile:94
Warn: containerImage not pinned by hash: Dockerfile:114
Warn: containerImage not pinned by hash: Dockerfile:153
Warn: npmCommand not pinned by hash: Dockerfile:15
Warn: downloadThenRun not pinned by hash: Dockerfile:123-126
Warn: npmCommand not pinned by hash: Dockerfile:126-129
Warn: npmCommand not pinned by hash: Dockerfile:135
Warn: npmCommand not pinned by hash: bin/install-playwright:4
Warn: downloadThenRun not pinned by hash: bin/install-precious:19
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:25
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:117
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 18 third-party GitHubAction dependencies pinned
Info: 0 out of 8 containerImage dependencies pinned
Info: 0 out of 6 npmCommand dependencies pinned
Info: 0 out of 2 downloadThenRun dependencies pinned