Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:351: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:358: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:360: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:404: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:409: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:514: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:534: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:227: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:328: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bench.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/bench.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/bench.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/bench.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/bench.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/bench.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/bench.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/bench.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/ecosystem-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/ecosystem-ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/lock.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nissuer.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/nissuer.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-crates.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-crates.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-crates.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-crates.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-crates.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-crates.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-crates.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-crates.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:382: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:389: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:399: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:509: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:527: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:601: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:617: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:622: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:312: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:320: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:345: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:352: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-package.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish-npm-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/swc-project/swc/stale.yml/main?enable=pin
Warn: downloadThenRun not pinned by hash: .github/workflows/CI.yml:156
Warn: downloadThenRun not pinned by hash: .github/workflows/CI.yml:381
Warn: downloadThenRun not pinned by hash: .github/workflows/CI.yml:422
Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:442
Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:444
Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:489
Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-package.yml:371
Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-package.yml:411
Warn: downloadThenRun not pinned by hash: .github/workflows/publish-npm-package.yml:634
Warn: downloadThenRun not pinned by hash: .github/workflows/publish-npm-package.yml:255
Info: 0 out of 48 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 28 third-party GitHubAction dependencies pinned
Info: 0 out of 5 downloadThenRun dependencies pinned
Info: 0 out of 5 npmCommand dependencies pinned