Installations
npm install @pulumi/aws-nativeDeveloper
pulumi
Developer Guide
BETA
Module System
Unable to determine the module system for this package.
Min. Node Version
Typescript Support
Yes
Node Version
20.18.1
NPM Version
10.8.2
Statistics
95 Stars
857 Commits
17 Forks
27 Watching
160 Branches
98 Contributors
Updated on 27 Nov 2024
Languages
Go (98.41%)
Makefile (1.42%)
Dockerfile (0.17%)
Total Downloads
Cumulative downloads
Total Downloads
4,868,309
Last day
25.4%
11,144
Compared to previous day
Last week
22.5%
70,675
Compared to previous week
Last month
8%
280,867
Compared to previous month
Last year
24.9%
2,521,437
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
2
Versions
Pulumi AWS Cloud Control Provider
The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage any AWS resource that's supported by the AWS Cloud Control API. With Pulumi's native provider for AWS Cloud Control, you get same-day access to all new AWS resources and all new properties on existing resources supported by the Cloud Control API. You can use the AWS Cloud Control provider from a Pulumi program written in any Pulumi language: C#, Go, JavaScript/TypeScript, and Python. You'll need to install and configure the Pulumi CLI if you haven't already.
[!NOTE] This provider covers all resources as supported by the AWS Cloud Control API. This does not yet include all AWS resources. See the list of supported resources for full details.
For new projects, we recommend starting with our primary AWS Provider and adding AWS Cloud Control resources on an as needed basis.
Configuring credentials
To learn how to configure credentials refer to the AWS configuration options.
Building
Dependencies
- Go 1.20
- NodeJS 10.X.X or later
- Yarn 1.22 or later
- Python 3.6 or later
- .NET 6 or greater
- Gradle 7
- Pulumi CLI and language plugins
- pulumictl
You can quickly launch a shell environment with all the required dependencies using devbox:
1which devbox || curl -fsSL https://get.jetpack.io/devbox | bash 2devbox shell
Alternatively, you can develop in a preconfigured container environment using an editor or service that supports the devcontainer standard such as VS Code or Github Codespaces. Please note that building this project can be fairly memory intensive, if you are having trouble building in a container, please ensure you have at least 12GB of memory available for the container.
Building locally
Run the following commands to install Go modules, generate all SDKs, and build the provider:
1make ensure 2make build
Add the bin folder to your $PATH or copy the bin/pulumi-resource-aws-native file to another location in your $PATH.
Running tests
To run unittests, use:
1make test_provider
Running an example
Navigate to the ECS example and run Pulumi:
1cd ./examples/ecs 2yarn link @pulumi/aws-native 3pulumi config set aws:region us-west-2 4pulumi config set aws-native:region us-west-2 5pulumi up
Local Development
Additional Build Targets
make build can be a bit slow as it rebuilds the sdks for every language;
you can use make provider or make codegen to just rebuild the provider plugin or codegen binaries
Debugging / Logging
Oftentimes, it can be informative to investigate the precise requests this provider makes to upstream AWS APIs. By default, the Pulumi CLI writes all of its logs to files rather than stdout or stderr (though this can be overridden with the --logtostderr flag). This works to our benefit, however, as the AWS SDK used in this provider writes to stderr by default. To view a trace of all HTTP requests and responses between this provider and AWS APIs, run the Pulumi CLI with the following arguments:
1pulumi -v 9 --logflow [command]
this will correctly set verbosity to the level that the provider expects to log these requests (via -v 9), as well as flowing that verbosity setting down from the Pulumi CLI to the provider itself (via --logflow).
No vulnerabilities found.
Reason
30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/pulumi/.github/SECURITY.md:1
- Info: Found linked content: github.com/pulumi/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/pulumi/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/pulumi/.github/SECURITY.md:1
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/build.yml:362
Reason
no binaries found in the repo
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/build.yml:258
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/prerelease.yml:249
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:249
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/run-acceptance-tests.yml:277
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Warn: no topLevel permission defined: .github/workflows/cf2pulumi-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/command-dispatch.yml:1
- Warn: no topLevel permission defined: .github/workflows/nightly-sdk-generation.yml:1
- Warn: no topLevel permission defined: .github/workflows/prerelease.yml:1
- Warn: no topLevel permission defined: .github/workflows/pull-request.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/run-acceptance-tests.yml:1
- Warn: no topLevel permission defined: .github/workflows/weekly-pulumi-update.yml:1
- Info: no jobLevel write permissions found
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact v1.9.0 not signed: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/185989006
- Warn: release artifact v1.8.0 not signed: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/185430889
- Warn: release artifact v1.7.0 not signed: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/184707842
- Warn: release artifact v1.6.0 not signed: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/183450865
- Warn: release artifact v1.5.0 not signed: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/183086765
- Warn: release artifact v1.9.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/185989006
- Warn: release artifact v1.8.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/185430889
- Warn: release artifact v1.7.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/184707842
- Warn: release artifact v1.6.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/183450865
- Warn: release artifact v1.5.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-aws-native/releases/183086765
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:276: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:293: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:303: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:318: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:337: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:346: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:357: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:368: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:377: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:382: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:390: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:400: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:408: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:419: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:424: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:428: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:434: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:443: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:445: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:450: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:454: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:458: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:466: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:474: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:490: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cf2pulumi-release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/cf2pulumi-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/cf2pulumi-release.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/cf2pulumi-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/cf2pulumi-release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/cf2pulumi-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cf2pulumi-release.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/cf2pulumi-release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/cf2pulumi-release.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/cf2pulumi-release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/command-dispatch.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/command-dispatch.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/command-dispatch.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/command-dispatch.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:544: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:549: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:553: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:561: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:211: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:288: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:294: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:328: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:337: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:348: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:364: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:368: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:377: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:381: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:391: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:399: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:410: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:419: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:425: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:430: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:434: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:436: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:441: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:445: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:449: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:457: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:465: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:481: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:493: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:498: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:502: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:511: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:513: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prerelease.yml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yml:531: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/prerelease.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/pull-request.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:364: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:368: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:377: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:381: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:391: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:399: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:410: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:419: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:425: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:430: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:434: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:436: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:441: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:445: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:449: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:457: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:465: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:481: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:493: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:498: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:502: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:511: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:513: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:531: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:544: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:549: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:553: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:561: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:578: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:211: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:288: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:294: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:328: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:337: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:348: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:287: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:291: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:313: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:327: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:338: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:357: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:366: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:377: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/run-acceptance-tests.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/run-acceptance-tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-aws-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating debian:stable-slim to debian:stable-slim@sha256:32f6d6f046ee9b4c31b359e695a1f0174e85846148f058f3fecad9233e88ff6a
- Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:16
- Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:20
- Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:31
- Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:33
- Warn: pipCommand not pinned by hash: .github/workflows/build.yml:332
- Warn: pipCommand not pinned by hash: .github/workflows/build.yml:333
- Warn: pipCommand not pinned by hash: .github/workflows/build.yml:483
- Warn: pipCommand not pinned by hash: .github/workflows/prerelease.yml:323
- Warn: pipCommand not pinned by hash: .github/workflows/prerelease.yml:324
- Warn: pipCommand not pinned by hash: .github/workflows/prerelease.yml:474
- Warn: pipCommand not pinned by hash: .github/workflows/release.yml:323
- Warn: pipCommand not pinned by hash: .github/workflows/release.yml:324
- Warn: pipCommand not pinned by hash: .github/workflows/release.yml:474
- Warn: pipCommand not pinned by hash: .github/workflows/run-acceptance-tests.yml:352
- Warn: pipCommand not pinned by hash: .github/workflows/run-acceptance-tests.yml:353
- Warn: goCommand not pinned by hash: .github/workflows/weekly-pulumi-update.yml:75
- Info: 0 out of 132 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 147 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 goCommand dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 0 out of 4 downloadThenRun dependencies pinned
- Info: 0 out of 11 pipCommand dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
6
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More