{"id":13844529,"name":"securecodebox/dummy-ssh","ecosystem":"helm","description":"SSH Server for scan testing.","homepage":"https://www.securecodebox.io","licenses":"Unknown","normalized_licenses":["Other"],"repository_url":"https://github.com/secureCodeBox/secureCodeBox","keywords_array":["vulnerable","ssh"],"namespace":"securecodebox","versions_count":85,"first_release_published_at":"2021-07-01T13:53:28.000Z","latest_release_published_at":"2026-05-11T12:52:52.000Z","latest_release_number":"5.7.0","last_synced_at":"2026-05-11T13:16:44.218Z","created_at":"2026-02-17T08:58:01.571Z","updated_at":"2026-05-11T13:23:17.001Z","registry_url":"https://artifacthub.io/packages/helm/securecodebox/dummy-ssh","install_command":"helm repo add securecodebox https://charts.securecodebox.io/ \u0026\u0026 helm install dummy-ssh securecodebox/dummy-ssh","documentation_url":"https://artifacthub.io/packages/helm/securecodebox/dummy-ssh","metadata":{"app_version":"v1.0.0","chart_version":"5.7.0","category":5,"official":false,"deprecated":false,"repository_url":"https://charts.securecodebox.io/","maintainers":[{"name":"iteratec GmbH","email":"securecodebox@iteratec.com"}]},"repo_metadata":{"id":37405948,"uuid":"80711933","full_name":"secureCodeBox/secureCodeBox","owner":"secureCodeBox","description":"secureCodeBox (SCB) - continuous secure delivery out of the box ","archived":false,"fork":false,"pushed_at":"2026-05-08T15:31:26.000Z","size":89140,"stargazers_count":971,"open_issues_count":69,"forks_count":179,"subscribers_count":25,"default_branch":"main","last_synced_at":"2026-05-08T17:32:48.391Z","etag":null,"topics":["devsecops","hacktoberfest","kubernetes","kubernetes-operator","owasp","securecodebox","security","security-automation","security-testing","security-tools","zaproxy"],"latest_commit_sha":null,"homepage":"https://www.secureCodeBox.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/secureCodeBox.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":"DCO","cla":null}},"created_at":"2017-02-02T09:48:05.000Z","updated_at":"2026-05-08T15:31:52.000Z","dependencies_parsed_at":"2026-03-24T12:03:15.086Z","dependency_job_id":null,"html_url":"https://github.com/secureCodeBox/secureCodeBox","commit_stats":{"total_commits":6166,"total_committers":98,"mean_commits":62.91836734693877,"dds":0.8906908855011353,"last_synced_commit":"d52caf587550cab8968708c755847e2472fade59"},"previous_names":[],"tags_count":107,"template":false,"template_full_name":null,"purl":"pkg:github/secureCodeBox/secureCodeBox","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secureCodeBox%2FsecureCodeBox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secureCodeBox%2FsecureCodeBox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secureCodeBox%2FsecureCodeBox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secureCodeBox%2FsecureCodeBox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/secureCodeBox","download_url":"https://codeload.github.com/secureCodeBox/secureCodeBox/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secureCodeBox%2FsecureCodeBox/sbom","scorecard":{"id":112842,"data":{"date":"2025-08-04","repo":{"name":"github.com/secureCodeBox/secureCodeBox","commit":"f90a410ca7bfde520f82049073dddf2cd5290d55"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":6.6,"checks":[{"name":"Code-Review","score":9,"reason":"Found 9/10 approved changesets -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/helm-charts-release-ghcr.yaml:18","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/helm-charts-release-ghcr.yaml:19","Warn: no topLevel permission defined: .github/workflows/ci.yaml:1","Warn: no topLevel permission defined: .github/workflows/documentation-roulette.yaml:1","Warn: no topLevel permission defined: .github/workflows/helm-charts-release-ghcr.yaml:1","Warn: no topLevel permission defined: .github/workflows/helm-charts-release.yaml:1","Warn: no topLevel permission defined: .github/workflows/helm-docs.yaml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/label-commenter.yml:14","Warn: no topLevel permission defined: .github/workflows/license-check.yaml:1","Warn: no topLevel permission defined: .github/workflows/mega-linter.yml:1","Warn: no topLevel permission defined: .github/workflows/move-bot-pr-to-review.yaml:1","Warn: no topLevel permission defined: .github/workflows/release-build.yaml:1","Warn: no topLevel permission defined: .github/workflows/scb-bot.yaml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release-build.yaml:317"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (29) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Branch-Protection","score":4,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Warn: 'stale review dismissal' is disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Warn: codeowners review is not required on branch 'main'","Warn: 'last push approval' is disabled on branch 'main'","Warn: 'up-to-date branches' is disabled on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:589: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:592: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:595: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:605: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:611: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:617: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:639: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:650: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:661: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:251: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:279: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:315: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:436: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:442: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:452: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:458: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:486: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:497: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:508: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:723: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:726: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:342: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:345: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:368: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:397: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/ci.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation-roulette.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/documentation-roulette.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/documentation-roulette.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/documentation-roulette.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-charts-release-ghcr.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/helm-charts-release-ghcr.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-charts-release.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/helm-charts-release.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-docs.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/helm-docs.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-docs.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/helm-docs.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label-commenter.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/label-commenter.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-commenter.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/label-commenter.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license-check.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/license-check.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/license-check.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/license-check.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mega-linter.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/mega-linter.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/mega-linter.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/mega-linter.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mega-linter.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/mega-linter.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/move-bot-pr-to-review.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/move-bot-pr-to-review.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:347: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:351: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:361: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:364: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:374: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:387: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:492: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:496: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:504: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:517: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:529: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:552: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:555: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:563: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:572: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:575: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:581: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:591: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:306: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:422: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:425: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:433: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:447: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:450: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:456: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:468: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yaml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yaml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/release-build.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scb-bot.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/scb-bot.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scb-bot.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/scb-bot.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scb-bot.yaml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/scb-bot.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scb-bot.yaml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/scb-bot.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scb-bot.yaml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/scb-bot.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scb-bot.yaml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/secureCodeBox/secureCodeBox/scb-bot.yaml/main?enable=pin","Warn: containerImage not pinned by hash: .templates/new-scanner/parser/Dockerfile:8","Warn: containerImage not pinned by hash: auto-discovery/cloud-aws/Dockerfile:6","Warn: containerImage not pinned by hash: auto-discovery/cloud-aws/Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: auto-discovery/kubernetes/Dockerfile:6","Warn: containerImage not pinned by hash: auto-discovery/kubernetes/Dockerfile:26: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: auto-discovery/kubernetes/pull-secret-extractor/Dockerfile:5: pin your Docker image by updating python:3.13-alpine to python:3.13-alpine@sha256:f196fd275fdad7287ccb4b0a85c2e402bb8c794d205cf6158909041c1ee9f38d","Warn: containerImage not pinned by hash: demo-targets/dummy-ssh/container/Dockerfile:7: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:a08e551cb33850e4740772b38217fc1796a66da2506d312abe51acda354ff061","Warn: containerImage not pinned by hash: demo-targets/old-joomla/container/Dockerfile:5","Warn: containerImage not pinned by hash: demo-targets/old-joomla/container/Dockerfile:13: pin your Docker image by updating php:7.2-apache to php:7.2-apache@sha256:4dc0f0115acf8c2f0df69295ae822e49f5ad5fe849725847f15aa0e5802b55f8","Warn: containerImage not pinned by hash: demo-targets/old-typo3/container/Dockerfile:5: pin your Docker image by updating martinhelmich/typo3:9.5 to martinhelmich/typo3:9.5@sha256:ea9a2cf7e81114475dafd5c3971c903ecc7746a89788e611342fef35559d70f1","Warn: containerImage not pinned by hash: demo-targets/old-wordpress/container/Dockerfile:5","Warn: containerImage not pinned by hash: demo-targets/old-wordpress/container/Dockerfile:14: pin your Docker image by updating wordpress:4 to wordpress:4@sha256:7e476394586459bb622d3f37448cd07e703ec6906257d232542f2f51ff073da7","Warn: containerImage not pinned by hash: demo-targets/unsafe-https/container/Dockerfile:5: pin your Docker image by updating nginx:1.29-alpine to nginx:1.29-alpine@sha256:d67ea0d64d518b1bb04acde3b00f722ac3e9764b3209a9b0a98924ba35e4b779","Warn: containerImage not pinned by hash: documentation/docs/contributing/integrating-a-hook/dockerfile.md:15","Warn: containerImage not pinned by hash: documentation/docs/contributing/integrating-a-hook/dockerfile.md:21","Warn: containerImage not pinned by hash: hook-sdk/nodejs/Dockerfile:5","Warn: containerImage not pinned by hash: hook-sdk/nodejs/Dockerfile:12: pin your Docker image by updating node:22-alpine to node:22-alpine@sha256:1b2479dd35a99687d6638f5976fd235e26c5b37e8122f786fcd5fe231d63de5b","Warn: containerImage not pinned by hash: hooks/cascading-scans/hook/Dockerfile:7","Warn: containerImage not pinned by hash: hooks/cascading-scans/hook/Dockerfile:13","Warn: containerImage not pinned by hash: hooks/cascading-scans/hook/Dockerfile:21","Warn: containerImage not pinned by hash: hooks/finding-post-processing/hook/Dockerfile:7","Warn: containerImage not pinned by hash: hooks/finding-post-processing/hook/Dockerfile:13","Warn: containerImage not pinned by hash: hooks/generic-webhook/hook/Dockerfile:7","Warn: containerImage not pinned by hash: hooks/notification/hook/Dockerfile:7","Warn: containerImage not pinned by hash: hooks/notification/hook/Dockerfile:13","Warn: containerImage not pinned by hash: hooks/notification/hook/Dockerfile:21","Warn: containerImage not pinned by hash: hooks/persistence-azure-monitor/hook/Dockerfile:8","Warn: containerImage not pinned by hash: hooks/persistence-defectdojo/hook/Dockerfile:5","Warn: containerImage not pinned by hash: hooks/persistence-defectdojo/hook/Dockerfile:10: pin your Docker image by updating gcr.io/distroless/java17-debian12:nonroot to gcr.io/distroless/java17-debian12:nonroot@sha256:58719c599e1ee7af8d1bdd3ee7dbdddda7870637c357efb67f9a32a0e652b6f7","Warn: containerImage not pinned by hash: hooks/persistence-dependencytrack/hook/Dockerfile:8","Warn: containerImage not pinned by hash: hooks/persistence-elastic/dashboard-importer/Dockerfile:5: pin your Docker image by updating alpine:3.22 to alpine:3.22@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: hooks/persistence-elastic/hook/Dockerfile:7","Warn: containerImage not pinned by hash: hooks/persistence-elastic/hook/Dockerfile:13","Warn: containerImage not pinned by hash: hooks/update-field-hook/hook/Dockerfile:7","Warn: containerImage not pinned by hash: hooks/update-field-hook/hook/Dockerfile:13","Warn: containerImage not pinned by hash: lurker/Dockerfile:6","Warn: containerImage not pinned by hash: lurker/Dockerfile:24: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: operator/Dockerfile:6","Warn: containerImage not pinned by hash: operator/Dockerfile:28: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: parser-sdk/nodejs/Dockerfile:5","Warn: containerImage not pinned by hash: parser-sdk/nodejs/Dockerfile:12: pin your Docker image by updating node:22-alpine to node:22-alpine@sha256:1b2479dd35a99687d6638f5976fd235e26c5b37e8122f786fcd5fe231d63de5b","Warn: containerImage not pinned by hash: scanners/ffuf/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/ffuf/scanner/Dockerfile:5","Warn: containerImage not pinned by hash: scanners/ffuf/scanner/Dockerfile:12: pin your Docker image by updating gcr.io/distroless/static-debian12:nonroot to gcr.io/distroless/static-debian12:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: scanners/git-repo-scanner/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/git-repo-scanner/scanner/Dockerfile:5: pin your Docker image by updating docker.io/python:3-alpine to docker.io/python:3-alpine@sha256:f196fd275fdad7287ccb4b0a85c2e402bb8c794d205cf6158909041c1ee9f38d","Warn: containerImage not pinned by hash: scanners/gitleaks/parser/Dockerfile:8","Warn: containerImage not pinned by hash: scanners/kube-hunter/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/kube-hunter/scanner/Dockerfile:6","Warn: containerImage not pinned by hash: scanners/ncrack/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/ncrack/parser/Dockerfile:13","Warn: containerImage not pinned by hash: scanners/ncrack/scanner/Dockerfile:5: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:a08e551cb33850e4740772b38217fc1796a66da2506d312abe51acda354ff061","Warn: containerImage not pinned by hash: scanners/nikto/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/nikto/scanner/Dockerfile:5","Warn: containerImage not pinned by hash: scanners/nikto/scanner/Dockerfile:10: pin your Docker image by updating alpine:3.22 to alpine:3.22@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: scanners/nmap/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/nmap/parser/Dockerfile:13","Warn: containerImage not pinned by hash: scanners/nmap/scanner/Dockerfile:5: pin your Docker image by updating alpine:3.22 to alpine:3.22@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: scanners/nuclei/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/screenshooter/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/screenshooter/scanner/Dockerfile:7: pin your Docker image by updating debian:12.11 to debian:12.11@sha256:b6507e340c43553136f5078284c8c68d86ec8262b1724dde73c325e8d3dcdeba","Warn: containerImage not pinned by hash: scanners/semgrep/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/ssh-audit/parser/Dockerfile:8","Warn: containerImage not pinned by hash: scanners/ssh-audit/scanner/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/sslyze/parser/Dockerfile:8","Warn: containerImage not pinned by hash: scanners/sslyze/scanner/Dockerfile:6","Warn: containerImage not pinned by hash: scanners/subfinder/parser/Dockerfile:8","Warn: containerImage not pinned by hash: scanners/test-scan/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/test-scan/scanner/Dockerfile:5: pin your Docker image by updating alpine:3.22 to alpine:3.22@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: scanners/trivy-sbom/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/trivy/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/whatweb/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/whatweb/scanner/Dockerfile:5: pin your Docker image by updating ruby:latest to ruby:latest@sha256:04121e637d449ec6a93b4f4d05eef7bd55be4ffb04391127cab0999676c2de47","Warn: containerImage not pinned by hash: scanners/wpscan/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/wpscan/scanner/Dockerfile:8","Warn: containerImage not pinned by hash: scanners/zap-automation-framework/parser/Dockerfile:7","Warn: containerImage not pinned by hash: scanners/zap-automation-framework/parser/Dockerfile:13","Warn: pipCommand not pinned by hash: auto-discovery/kubernetes/pull-secret-extractor/Dockerfile:10","Warn: pipCommand not pinned by hash: scanners/git-repo-scanner/scanner/Dockerfile:7","Warn: npmCommand not pinned by hash: bin/npm-check-updates.sh:16","Info:   0 out of  68 GitHub-owned GitHubAction dependencies pinned","Info:   2 out of  72 third-party GitHubAction dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned","Info:  12 out of  13 npmCommand dependencies pinned","Info:   0 out of  77 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-15T14:49:17.711Z","repository_id":37405948,"created_at":"2025-08-15T14:49:17.711Z","updated_at":"2025-08-15T14:49:17.711Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32896364,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-10T13:40:02.631Z","status":"online","status_checked_at":"2026-05-11T02:00:05.975Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"repo_metadata_updated_at":"2026-05-11T13:23:17.000Z","dependent_packages_count":0,"downloads":0,"downloads_period":"total","dependent_repos_count":0,"rankings":{"downloads":0.0,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:helm/securecodebox/dummy-ssh","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/helm/securecodebox/dummy-ssh","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/helm/securecodebox/dummy-ssh","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/helm/securecodebox/dummy-ssh/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2026-05-08T00:01:18.792Z","issues_count":212,"pull_requests_count":1295,"avg_time_to_close_issue":20968565.45588235,"avg_time_to_close_pull_request":364933.52935779816,"issues_closed_count":136,"pull_requests_closed_count":1090,"pull_request_authors_count":34,"issue_authors_count":53,"avg_comments_per_issue":1.5330188679245282,"avg_comments_per_pull_request":2.200772200772201,"merged_pull_requests_count":867,"bot_issues_count":25,"bot_pull_requests_count":536,"past_year_issues_count":21,"past_year_pull_requests_count":170,"past_year_avg_time_to_close_issue":775946.9090909091,"past_year_avg_time_to_close_pull_request":148929.90384615384,"past_year_issues_closed_count":11,"past_year_pull_requests_closed_count":104,"past_year_pull_request_authors_count":10,"past_year_issue_authors_count":8,"past_year_avg_comments_per_issue":0.47619047619047616,"past_year_avg_comments_per_pull_request":1.6058823529411765,"past_year_bot_issues_count":6,"past_year_bot_pull_requests_count":88,"past_year_merged_pull_requests_count":87,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/secureCodeBox%2FsecureCodeBox/issues","maintainers":[{"login":"J12934","count":158,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/J12934"},{"login":"Weltraumschaf","count":108,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Weltraumschaf"},{"login":"Ilyesbdlala","count":50,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Ilyesbdlala"},{"login":"rseedorff","count":14,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/rseedorff"},{"login":"Freedisch","count":10,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Freedisch"},{"login":"malexmave","count":10,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/malexmave"},{"login":"fuhrmeistery","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/fuhrmeistery"}],"active_maintainers":[{"login":"J12934","count":35,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/J12934"},{"login":"Weltraumschaf","count":16,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Weltraumschaf"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/artifacthub.io/packages/securecodebox%2Fdummy-ssh/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/artifacthub.io/packages/securecodebox%2Fdummy-ssh/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/artifacthub.io/packages/securecodebox%2Fdummy-ssh/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/artifacthub.io/packages/securecodebox%2Fdummy-ssh/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/artifacthub.io/packages/securecodebox%2Fdummy-ssh/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/artifacthub.io/packages/securecodebox%2Fdummy-ssh/codemeta","maintainers":[]}