Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/docker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linter.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/linter.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linter.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/linter.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-package.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-package.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-package.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/python-package.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/python-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/semgrep.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/celery/celery/semgrep.yml/main?enable=pin
Warn: containerImage not pinned by hash: docker/Dockerfile:1: pin your Docker image by updating debian:bookworm-slim to debian:bookworm-slim@sha256:b1211f6d19afd012477bd34fdcabb6b663d680e0f4b0537da6e6b0fd057a3ec3
Warn: containerImage not pinned by hash: docker/docs/Dockerfile:1: pin your Docker image by updating python:3.12-slim-bookworm to python:3.12-slim-bookworm@sha256:85824326bc4ae27a1abb5bc0dd9e08847aa5fe73d8afb593b1b45b7cb4180f57
Warn: downloadThenRun not pinned by hash: docker/Dockerfile:65
Warn: pipCommand not pinned by hash: docker/docs/Dockerfile:23
Warn: pipCommand not pinned by hash: docker/docs/Dockerfile:27
Warn: downloadThenRun not pinned by hash: docker/scripts/install-pyenv.sh:3
Warn: pipCommand not pinned by hash: .github/workflows/python-package.yml:66
Warn: pipCommand not pinned by hash: .github/workflows/python-package.yml:130
Warn: pipCommand not pinned by hash: .github/workflows/python-package.yml:190
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 2 downloadThenRun dependencies pinned
Info: 0 out of 5 pipCommand dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned