Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/downstream.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/downstream.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/downstream.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/downstream.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/downstream.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/downstream.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/downstream.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/downstream.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/enforce-label.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/enforce-label.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prep-release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/prep-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prep-release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/prep-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-changelog.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-changelog.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-changelog.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-changelog.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/publish-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/jupyter/jupyter_core/test.yml/main?enable=pin
Warn: pipCommand not pinned by hash: .github/workflows/test.yml:49
Warn: pipCommand not pinned by hash: .github/workflows/test.yml:147
Info: 0 out of 21 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 36 third-party GitHubAction dependencies pinned
Info: 0 out of 2 pipCommand dependencies pinned