Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/CI.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-build.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/container-build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/container-build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-build.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/container-build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/container-build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-build.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/container-build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-build.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/container-build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/docs-deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-deploy.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/conventional-changelog/commitlint/docs-deploy.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile.ci:1
Warn: containerImage not pinned by hash: Dockerfile.ci:28: pin your Docker image by updating docker.io/library/node:18-alpine to docker.io/library/node:18-alpine@sha256:6eb9c3d9bd191bd2cc6ce7ec3d5ec4c2127616140c8586af96a6bec8f28689d1
Warn: containerImage not pinned by hash: Dockerfile.dev:1: pin your Docker image by updating brainpower/node-cubicle to brainpower/node-cubicle@sha256:6e49767749c600da4405b0acc7b7a7494db077f39f6464b904473d1068302542
Warn: npmCommand not pinned by hash: Dockerfile.ci:31-34
Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:77
Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 5 third-party GitHubAction dependencies pinned
Info: 0 out of 3 containerImage dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned