Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_docs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/build_docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_docs.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/build_docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_docs.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/build_docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/codeql.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/codeql.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/codeql.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependencies.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/dependencies.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependencies.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/dependencies.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-5.x.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-5.x.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-6.8.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-6.8.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-alpha.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release_notes.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release_notes.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release_notes.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/mongodb/node-mongodb-native/release_notes.yml/main?enable=pin
Warn: containerImage not pinned by hash: .evergreen/docker/Dockerfile.musl:4
Warn: npmCommand not pinned by hash: .evergreen/install-dependencies.sh:21
Warn: npmCommand not pinned by hash: .evergreen/run-kerberos-tests.sh:31
Warn: npmCommand not pinned by hash: .evergreen/run-mongodb-aws-ecs-test.sh:18
Warn: npmCommand not pinned by hash: .evergreen/run-mongosh-integration-tests.sh:22
Warn: npmCommand not pinned by hash: .evergreen/run-mongosh-integration-tests.sh:27
Warn: npmCommand not pinned by hash: .evergreen/run-tests.sh:50
Warn: npmCommand not pinned by hash: .evergreen/run-tests.sh:51
Warn: npmCommand not pinned by hash: .evergreen/run-typescript.sh:19
Warn: npmCommand not pinned by hash: .evergreen/run-typescript.sh:33
Warn: npmCommand not pinned by hash: .evergreen/setup-mongodb-aws-auth-tests.sh:26
Warn: npmCommand not pinned by hash: etc/docs/legacy-generate.sh:81
Warn: npmCommand not pinned by hash: etc/docs/legacy-generate.sh:82
Warn: npmCommand not pinned by hash: etc/docs/legacy-generate.sh:83
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 30 third-party GitHubAction dependencies pinned
Info: 0 out of 13 npmCommand dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned