Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundle-size.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/bundle-size.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/bundle-size.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/bundle-size.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/daily-test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/daily-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-stale-issues.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/label-stale-issues.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-stale-issues.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/label-stale-issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-workflow-files.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/lint-workflow-files.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-workflow-files.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/lint-workflow-files.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manage-dist-tag.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/manage-dist-tag.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-ci.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-ci.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-ci.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-ci.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-latest.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-latest.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:402: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:406: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:665: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:668: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:864: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:906: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:573: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:584: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:711: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:714: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:325: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:351: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:360: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:372: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:448: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:458: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:496: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:545: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:761: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:788: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:931: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:1049: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:619: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:622: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:5
Warn: containerImage not pinned by hash: docker/mongodb_replica/Dockerfile:3
Warn: containerImage not pinned by hash: docker/planetscale_proxy/Dockerfile:1
Warn: containerImage not pinned by hash: docker/planetscale_proxy/Dockerfile:5: pin your Docker image by updating alpine:latest to alpine:latest@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a
Warn: containerImage not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:1
Warn: containerImage not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:3
Warn: containerImage not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:23
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:11
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:13
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:14
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:15
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:16
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:17
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:18
Warn: npmCommand not pinned by hash: .github/workflows/scripts/setup.sh:5
Info: 0 out of 39 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 52 third-party GitHubAction dependencies pinned
Info: 0 out of 7 containerImage dependencies pinned
Info: 0 out of 8 npmCommand dependencies pinned