Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linter.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/linter.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linter.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/linter.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-package.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-package.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-package.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/semgrep.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/semgrep.yml/main?enable=pin
Warn: containerImage not pinned by hash: docker/Dockerfile:1: pin your Docker image by updating debian:bookworm-slim to debian:bookworm-slim@sha256:1209d8fd77def86ceb6663deef7956481cc6c14a25e1e64daec12c0ceffcc19d
Warn: containerImage not pinned by hash: docker/docs/Dockerfile:1: pin your Docker image by updating python:3.12-slim-bookworm to python:3.12-slim-bookworm@sha256:a866731a6b71c4a194a845d86e06568725e430ed21821d0c52e4efb385cf6c6f
Warn: downloadThenRun not pinned by hash: docker/Dockerfile:65
Warn: pipCommand not pinned by hash: docker/docs/Dockerfile:23
Warn: pipCommand not pinned by hash: docker/docs/Dockerfile:27
Warn: downloadThenRun not pinned by hash: docker/scripts/install-pyenv.sh:3
Warn: pipCommand not pinned by hash: .github/workflows/python-package.yml:184
Warn: pipCommand not pinned by hash: .github/workflows/python-package.yml:66
Warn: pipCommand not pinned by hash: .github/workflows/python-package.yml:124
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 7 third-party GitHubAction dependencies pinned
Info: 0 out of 5 pipCommand dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 0 out of 2 downloadThenRun dependencies pinned