Info: Possibly incomplete results: error parsing shell code: (( can only be used to open an arithmetic cmd: build-plugin/spring-boot-gradle-plugin/src/main/resources/unixStartScript.txt:0
Info: Possibly incomplete results: error parsing shell code: invalid parameter name: .github/workflows/release-milestone.yml:65
Info: Possibly incomplete results: error parsing shell code: invalid parameter name: .github/workflows/release.yml:95
Info: Possibly incomplete results: error parsing shell code: invalid parameter name: .github/workflows/release.yml:98
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-deploy-snapshot.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/build-and-deploy-snapshot.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-pull-request.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/build-pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-pull-request.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/build-pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-milestone.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/release-milestone.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-system-tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/run-system-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trigger-docs-build.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/trigger-docs-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/verify.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/verify.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/verify.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/spring-projects/spring-boot/verify.yml/main?enable=pin
Warn: containerImage not pinned by hash: documentation/spring-boot-docs/src/docs/antora/modules/reference/partials/dockerfile:2
Warn: containerImage not pinned by hash: documentation/spring-boot-docs/src/docs/antora/modules/reference/partials/dockerfile:13: pin your Docker image by updating bellsoft/liberica-openjre-debian:24-cds to bellsoft/liberica-openjre-debian:24-cds@sha256:505223af62cf3d93f486a93248b4a3f858a5007bc58d837425132b82c4233f15
Warn: containerImage not pinned by hash: integration-test/spring-boot-launch-script-integration-tests/src/dockerTest/resources/conf/RedHat/ubi9-9.3-1476/Dockerfile:1
Warn: containerImage not pinned by hash: integration-test/spring-boot-launch-script-integration-tests/src/dockerTest/resources/conf/RedHat/ubi9-9.3-1476/Dockerfile:7: pin your Docker image by updating redhat/ubi9:9.3-1476 to redhat/ubi9:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398
Warn: containerImage not pinned by hash: integration-test/spring-boot-launch-script-integration-tests/src/dockerTest/resources/conf/Ubuntu/jammy/Dockerfile:1
Warn: containerImage not pinned by hash: integration-test/spring-boot-launch-script-integration-tests/src/dockerTest/resources/conf/Ubuntu/jammy/Dockerfile:7: pin your Docker image by updating ubuntu:jammy-20240405 to ubuntu:jammy-20240405@sha256:1b8d8ff4777f36f19bfe73ee4df61e3a0b789caeff29caa019539ec7c9a57f95
Warn: containerImage not pinned by hash: integration-test/spring-boot-launch-script-integration-tests/src/dockerTest/resources/conf/Ubuntu/noble/Dockerfile:1
Warn: containerImage not pinned by hash: integration-test/spring-boot-launch-script-integration-tests/src/dockerTest/resources/conf/Ubuntu/noble/Dockerfile:7: pin your Docker image by updating ubuntu:noble-20250404 to ubuntu:noble-20250404@sha256:1e622c5f073b4f6bfad6632f2616c7f59ef256e96fe78bf6a595d1dc4376ac02
Warn: containerImage not pinned by hash: integration-test/spring-boot-loader-classic-integration-tests/src/dockerTest/resources/conf/oracle-jdk-17/Dockerfile:1: pin your Docker image by updating ubuntu:noble-20250404 to ubuntu:noble-20250404@sha256:1e622c5f073b4f6bfad6632f2616c7f59ef256e96fe78bf6a595d1dc4376ac02
Warn: containerImage not pinned by hash: integration-test/spring-boot-loader-classic-integration-tests/src/dockerTest/resources/conf/oracle-jdk-17/Dockerfile-aarch64:1: pin your Docker image by updating ubuntu:noble-20250404 to ubuntu:noble-20250404@sha256:1e622c5f073b4f6bfad6632f2616c7f59ef256e96fe78bf6a595d1dc4376ac02
Warn: containerImage not pinned by hash: integration-test/spring-boot-loader-integration-tests/src/dockerTest/resources/conf/oracle-jdk-17/Dockerfile:1
Warn: containerImage not pinned by hash: integration-test/spring-boot-loader-integration-tests/src/dockerTest/resources/conf/oracle-jdk-17/Dockerfile:7: pin your Docker image by updating ubuntu:noble-20250404 to ubuntu:noble-20250404@sha256:1e622c5f073b4f6bfad6632f2616c7f59ef256e96fe78bf6a595d1dc4376ac02
Info: 6 out of 18 GitHub-owned GitHubAction dependencies pinned
Info: 8 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 12 containerImage dependencies pinned