{"id":826213,"name":"@aws-cdk/aws-codebuild-codepipeline","ecosystem":"npm","description":"AWS CodePipline Actions for AWS CodeBuild","homepage":"https://github.com/awslabs/aws-cdk","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/awslabs/aws-cdk","keywords_array":["aws","cdk","codebuild","codepipeline","constructs"],"namespace":"aws-cdk","versions_count":2,"first_release_published_at":"2018-07-31T13:30:44.723Z","latest_release_published_at":"2018-08-09T09:55:29.557Z","latest_release_number":"0.8.1","last_synced_at":"2025-12-29T21:06:15.182Z","created_at":"2022-04-07T13:56:15.478Z","updated_at":"2025-12-29T21:26:23.886Z","registry_url":"https://www.npmjs.com/package/@aws-cdk/aws-codebuild-codepipeline","install_command":"npm install @aws-cdk/aws-codebuild-codepipeline","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"0.8.1"}},"repo_metadata":{"id":37269729,"uuid":"105808767","full_name":"aws/aws-cdk","owner":"aws","description":"The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code","archived":false,"fork":false,"pushed_at":"2025-12-24T13:49:16.000Z","size":1505607,"stargazers_count":12592,"open_issues_count":2574,"forks_count":4356,"subscribers_count":219,"default_branch":"main","last_synced_at":"2025-12-28T08:42:30.991Z","etag":null,"topics":["aws","cloud-infrastructure","hacktoberfest","infrastructure-as-code","typescript"],"latest_commit_sha":null,"homepage":"https://aws.amazon.com/cdk","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aws.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-10-04T19:22:36.000Z","updated_at":"2025-12-28T05:55:13.000Z","dependencies_parsed_at":"2023-09-23T14:24:00.548Z","dependency_job_id":"4780b909-fbab-46ee-9635-bfaee0051f10","html_url":"https://github.com/aws/aws-cdk","commit_stats":{"total_commits":13053,"total_committers":1568,"mean_commits":8.324617346938776,"dds":0.9036236880410633,"last_synced_commit":"c199378667cb63ffe8636dda6b6316dcc6eb47e9"},"previous_names":["awslabs/aws-cdk"],"tags_count":653,"template":false,"template_full_name":null,"purl":"pkg:github/aws/aws-cdk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aws%2Faws-cdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aws%2Faws-cdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aws%2Faws-cdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aws%2Faws-cdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aws","download_url":"https://codeload.github.com/aws/aws-cdk/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aws%2Faws-cdk/sbom","scorecard":{"id":219385,"data":{"date":"2025-08-11","repo":{"name":"github.com/aws/aws-cdk","commit":"88f3e04db826a1eb6c47feb92d5493c2b54f6a1a"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.8,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/analytics-metadata-updater.yml:46","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/analytics-metadata-updater.yml:46","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/analytics-metadata-updater.yml:46","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/analytics-metadata-updater.yml:46","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/lambda-runtime-tests.yml:44","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/lambda-runtime-tests.yml:44","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/lambda-runtime-tests.yml:44","Warn: script injection with untrusted input ' github.event.pull_request.head.ref ': .github/workflows/lambda-runtime-tests.yml:44","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/request-cli-integ-test.yml:19","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/request-cli-integ-test.yml:40"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/analytics-metadata-updater.yml:13","Info: jobLevel 'contents' permission set to 'read': .github/workflows/close-stale-issues.yml:15","Info: jobLevel 'packages' permission set to 'read': .github/workflows/codeql.yml:25","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:28","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:29","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/enum-auto-updater.yml:12","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/enum-static-mapping-updater.yml:12","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/lambda-runtime-tests.yml:12","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-linter.yml:64","Info: jobLevel 'statuses' permission set to 'read': .github/workflows/pr-linter.yml:66","Info: jobLevel 'issues' permission set to 'read': .github/workflows/pr-linter.yml:67","Info: jobLevel 'checks' permission set to 'read': .github/workflows/pr-linter.yml:68","Info: jobLevel 'contents' permission set to 'read': .github/workflows/spec-update.yml:15","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/spec-update.yml:81","Info: found token with 'none' permissions: .github/workflows/spec-update.yml:82","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/spec-update.yml:123","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/sync-from-upstream.yml:43","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update-metadata-regions.yml:45","Info: jobLevel 'contents' permission set to 'read': .github/workflows/yarn-upgrade-need-manual-work.yml:21","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/yarn-upgrade-need-manual-work.yml:78","Info: jobLevel 'contents' permission set to 'read': .github/workflows/yarn-upgrade.yml:13","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/yarn-upgrade.yml:92","Warn: no topLevel permission defined: .github/workflows/analytics-metadata-updater.yml:1","Warn: no topLevel permission defined: .github/workflows/auto-approve.yml:1","Warn: no topLevel permission defined: .github/workflows/check-lfs.yml:1","Warn: no topLevel permission defined: .github/workflows/close-stale-issues.yml:1","Warn: no topLevel permission defined: .github/workflows/close-stale-prs.yml:1","Warn: no topLevel permission defined: .github/workflows/codebuild-pr-build.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/codecov-collect.yml:7","Warn: topLevel 'contents' permission set to 'write': .github/workflows/codecov-upload.yml:10","Info: topLevel 'actions' permission set to 'read': .github/workflows/codecov-upload.yml:12","Warn: no topLevel permission defined: .github/workflows/codeql.yml:1","Warn: no topLevel permission defined: .github/workflows/enum-auto-updater.yml:1","Warn: no topLevel permission defined: .github/workflows/enum-static-mapping-updater.yml:1","Warn: no topLevel permission defined: .github/workflows/github-merit-badger.yml:1","Warn: no topLevel permission defined: .github/workflows/handle-stale-discussions.yml:1","Warn: no topLevel permission defined: .github/workflows/issue-label-assign.yml:1","Warn: no topLevel permission defined: .github/workflows/issue-regression-labeler.yml:1","Warn: no topLevel permission defined: .github/workflows/issue-reprioritization.yml:1","Warn: no topLevel permission defined: .github/workflows/issue-sync.yml:1","Warn: no topLevel permission defined: .github/workflows/lambda-runtime-tests.yml:1","Warn: no topLevel permission defined: .github/workflows/lock-issue-pr-with-message.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-build.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-labeler.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-linter-exemption-labeler.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-linter-review-trigger.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-linter.yml:1","Warn: no topLevel permission defined: .github/workflows/project-prioritization-added-on.yml:1","Warn: no topLevel permission defined: .github/workflows/project-prioritization-assignment.yml:1","Warn: no topLevel permission defined: .github/workflows/project-prioritization-bug.yml:1","Warn: no topLevel permission defined: .github/workflows/project-prioritization-needs-attention.yml:1","Warn: no topLevel permission defined: .github/workflows/project-prioritization-r2-assignment.yml:1","Warn: no topLevel permission defined: .github/workflows/project-prioritization-r5-assignment.yml:1","Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/repo-metrics-monthly.yml:9","Warn: no topLevel permission defined: .github/workflows/request-cli-integ-test.yml:1","Warn: no topLevel permission defined: .github/workflows/security-guardian.yml:1","Warn: no topLevel permission defined: .github/workflows/spec-update.yml:1","Warn: no topLevel permission defined: .github/workflows/sync-from-upstream.yml:1","Warn: no topLevel permission defined: .github/workflows/update-contributors.yml:1","Warn: no topLevel permission defined: .github/workflows/update-metadata-regions.yml:1","Warn: no topLevel permission defined: .github/workflows/yarn-upgrade-need-manual-work.yml:1","Warn: no topLevel permission defined: .github/workflows/yarn-upgrade.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: aws-cdk-2.210.0.zip.sig: https://github.com/aws/aws-cdk/releases/tag/v2.210.0","Info: signed release artifact: aws-cdk-2.209.1.zip.sig: https://github.com/aws/aws-cdk/releases/tag/v2.209.1","Info: signed release artifact: aws-cdk-2.209.0.zip.sig: https://github.com/aws/aws-cdk/releases/tag/v2.209.0","Info: signed release artifact: aws-cdk-2.208.0.zip.sig: https://github.com/aws/aws-cdk/releases/tag/v2.208.0","Info: signed release artifact: aws-cdk-2.207.0.zip.sig: https://github.com/aws/aws-cdk/releases/tag/v2.207.0","Warn: release artifact v2.210.0 does not have provenance: https://api.github.com/repos/aws/aws-cdk/releases/238093197","Warn: release artifact v2.209.1 does not have provenance: https://api.github.com/repos/aws/aws-cdk/releases/237856498","Warn: release artifact v2.209.0 does not have provenance: https://api.github.com/repos/aws/aws-cdk/releases/237795790","Warn: release artifact v2.208.0 does not have provenance: https://api.github.com/repos/aws/aws-cdk/releases/236088692","Warn: release artifact v2.207.0 does not have provenance: https://api.github.com/repos/aws/aws-cdk/releases/234894570"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/aws/.github/SECURITY.md:1","Info: Found linked content: github.com/aws/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/aws/.github/SECURITY.md:1","Info: Found text in security policy: github.com/aws/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":0,"reason":"binaries present in source code","details":["Warn: binary detected: packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.directory.lit.js.snapshot/asset.6b84b87243a4a01c592d78e1fd3855c4bfef39328cd0a450cc97e81717fea2a2/sample-jar-asset.jar:1","Warn: binary detected: packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/integ.assets.refs.lit.js.snapshot/asset.6b84b87243a4a01c592d78e1fd3855c4bfef39328cd0a450cc97e81717fea2a2/sample-jar-asset.jar:1","Warn: binary detected: packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/sample-asset-directory/sample-jar-asset.jar:1","Warn: binary detected: packages/@aws-cdk/aws-gamelift-alpha/test/integ.alias.js.snapshot/asset.b95e4173bc399a8f686a4951aa26e01de1ed1e9d981ee1a7f18a15512dbdcb37/TestApplicationServer:1","Warn: binary detected: packages/@aws-cdk/aws-gamelift-alpha/test/integ.build-fleet.js.snapshot/asset.b9a6ac85861c7bf3d745d9866a46a450a1b14afa77e28d2c2767e74ce4e37c03/TestApplicationServer:1","Warn: binary detected: packages/@aws-cdk/aws-gamelift-alpha/test/integ.build.js.snapshot/asset.b95e4173bc399a8f686a4951aa26e01de1ed1e9d981ee1a7f18a15512dbdcb37/TestApplicationServer:1","Warn: binary detected: packages/@aws-cdk/aws-gamelift-alpha/test/integ.game-session-queue.js.snapshot/asset.b95e4173bc399a8f686a4951aa26e01de1ed1e9d981ee1a7f18a15512dbdcb37/TestApplicationServer:1","Warn: binary detected: packages/@aws-cdk/aws-gamelift-alpha/test/integ.queued-matchmaking-configuration.js.snapshot/asset.b95e4173bc399a8f686a4951aa26e01de1ed1e9d981ee1a7f18a15512dbdcb37/TestApplicationServer:1","Warn: binary detected: packages/@aws-cdk/aws-gamelift-alpha/test/my-game-build/TestApplicationServer:1","Warn: binary detected: packages/@aws-cdk/aws-glue-alpha/test/integ.job-scalaspark-etl.js.snapshot/asset.e305655b966b957f91fcec580e3f8703573eb6b69528c5d52190d72579c91602.jar:1","Warn: binary detected: packages/@aws-cdk/aws-glue-alpha/test/integ.job-scalaspark-flex-etl.js.snapshot/asset.e305655b966b957f91fcec580e3f8703573eb6b69528c5d52190d72579c91602.jar:1","Warn: binary detected: packages/@aws-cdk/aws-glue-alpha/test/integ.job-scalaspark-streaming.js.snapshot/asset.e305655b966b957f91fcec580e3f8703573eb6b69528c5d52190d72579c91602.jar:1","Warn: binary detected: packages/@aws-cdk/aws-glue-alpha/test/integ.job-scalasparkflex-etl.js.snapshot/asset.e305655b966b957f91fcec580e3f8703573eb6b69528c5d52190d72579c91602.jar:1","Warn: binary detected: packages/@aws-cdk/aws-glue-alpha/test/job-jar/helloworld.jar:1","Warn: binary detected: packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/code-asset/WordCount.jar:1","Warn: binary detected: packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application-code-from-bucket.lit.js.snapshot/asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577/WordCount.jar:1","Warn: binary detected: packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.application.lit.js.snapshot/asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577/WordCount.jar:1","Warn: binary detected: packages/@aws-cdk/aws-kinesisanalytics-flink-alpha/test/integ.vpc-application.js.snapshot/asset.8be9e0b5f53d41e9a3b1d51c9572c65f24f8170a7188d0ed57fb7d571de4d577/WordCount.jar:1","Warn: binary detected: packages/aws-cdk-lib/aws-s3-assets/test/sample-asset-directory/sample-jar-asset.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-applicationautoscaling/test/step-scaling-policy.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-applicationautoscaling/test/util.ts:2","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-autoscaling-common/test/intervals.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-autoscaling-common/test/util.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/core/test/aspect.prop.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/core/test/fn.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/core/test/private/linked-queue.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-applicationautoscaling/test/step-scaling-policy.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-applicationautoscaling/test/util.ts:2","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-autoscaling-common/test/intervals.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/aws-autoscaling-common/test/util.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/core/test/aspect.prop.test.ts:2","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/core/test/fn.test.ts:1","Info: TypeScriptPropertyBasedTesting integration found: packages/aws-cdk-lib/core/test/private/linked-queue.test.ts:1"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 22 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analytics-metadata-updater.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/analytics-metadata-updater.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analytics-metadata-updater.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/analytics-metadata-updater.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-approve.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/auto-approve.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-lfs.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/check-lfs.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/close-stale-issues.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/close-stale-issues.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/close-stale-prs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/close-stale-prs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codebuild-pr-build.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codebuild-pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codebuild-pr-build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codebuild-pr-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/codebuild-pr-build.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codebuild-pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codebuild-pr-build.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codebuild-pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codebuild-pr-build.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codebuild-pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codebuild-pr-build.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codebuild-pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov-collect.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codecov-collect.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov-collect.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codecov-collect.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov-collect.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codecov-collect.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov-upload.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codecov-upload.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov-upload.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codecov-upload.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/codecov-upload.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codecov-upload.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/enum-auto-updater.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/enum-auto-updater.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/enum-auto-updater.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/enum-auto-updater.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/enum-static-mapping-updater.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/enum-static-mapping-updater.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/enum-static-mapping-updater.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/enum-static-mapping-updater.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/github-merit-badger.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/github-merit-badger.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/handle-stale-discussions.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/handle-stale-discussions.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-label-assign.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-label-assign.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-label-assign.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-label-assign.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-label-assign.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-label-assign.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-regression-labeler.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-regression-labeler.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-reprioritization.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-reprioritization.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-reprioritization.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-reprioritization.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-sync.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-sync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-sync.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-sync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-sync.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-sync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-sync.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/issue-sync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lambda-runtime-tests.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/lambda-runtime-tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lambda-runtime-tests.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/lambda-runtime-tests.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock-issue-pr-with-message.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/lock-issue-pr-with-message.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-build.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-build.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-build.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-build.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-build.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-build.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-labeler.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-labeler.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-linter-exemption-labeler.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-linter-exemption-labeler.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-linter-review-trigger.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-linter-review-trigger.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-linter.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-linter.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-linter.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/pr-linter.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-added-on.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-added-on.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-added-on.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-added-on.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-assignment.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-assignment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-assignment.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-assignment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-bug.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-bug.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-bug.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-bug.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-needs-attention.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-needs-attention.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-needs-attention.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-needs-attention.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-r2-assignment.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-r2-assignment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-r2-assignment.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-r2-assignment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-r5-assignment.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-r5-assignment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project-prioritization-r5-assignment.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/project-prioritization-r5-assignment.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repo-metrics-monthly.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/repo-metrics-monthly.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/repo-metrics-monthly.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/repo-metrics-monthly.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repo-metrics-monthly.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/repo-metrics-monthly.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/repo-metrics-monthly.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/repo-metrics-monthly.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/request-cli-integ-test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/request-cli-integ-test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/request-cli-integ-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/request-cli-integ-test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-guardian.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/security-guardian.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/spec-update.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/spec-update.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/spec-update.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-from-upstream.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/sync-from-upstream.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-from-upstream.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/sync-from-upstream.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-contributors.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-contributors.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-contributors.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-contributors.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-contributors.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-contributors.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-metadata-regions.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-metadata-regions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-metadata-regions.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-metadata-regions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-metadata-regions.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-metadata-regions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-metadata-regions.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-metadata-regions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-metadata-regions.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-metadata-regions.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-metadata-regions.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/update-metadata-regions.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade-need-manual-work.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/yarn-upgrade.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/aws/aws-cdk/yarn-upgrade.yml/main?enable=pin","Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating jsii/superchain:1-bookworm-slim-node20 to jsii/superchain:1-bookworm-slim-node20@sha256:438c01c49efc7919ce5398cdaefb48d5f8b23bfe6e9e14f860cc67c7a5553213","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-batch/test/batchjob-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-batch/test/integ.ecs-job-definition.js.snapshot/asset.8b518243ecbfcfd08b4734069e7e74ff97b7889dfde0a60d16e7bdc96e6c593b/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-codebuild/test/integ.docker-asset.lit.js.snapshot/asset.73ee9c3cafd103104e2a42ee76961a90a2410d0dcad42110343c5fd85ad6db78/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/assets/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:20-alpine to public.ecr.aws/docker/library/node:20-alpine@sha256:df02558528d3d3d0d621f112e232611aecfee7cbc654f6b375765f72bb262799","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-image-scan-action.js.snapshot/asset.27f275db75ac03bdc330dbcf7088081a073cf2e4126ccbf4d9b2726213619891/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:20-alpine to public.ecr.aws/docker/library/node:20-alpine@sha256:df02558528d3d3d0d621f112e232611aecfee7cbc654f6b375765f72bb262799","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/demo-image-dockerignore/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/demo-image-secret/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/demo-image-ssh/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.assets-docker.js.snapshot/asset.0a3355be12051c9984bf2b0b2bba4e6ea535968e5b6e7396449701732fe5ed14/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.assets-docker.js.snapshot/asset.394b24fcdc153a83b1fc400bf2e812ee67e3a5ffafdf977d531cfe2187d95f38/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.assets-docker.js.snapshot/asset.60dea2e16e94d1977b92fe03fa7085fea446233f1fe499702b69593438baa59f/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.assets-docker.js.snapshot/asset.615e365307bd4811880256cf541a7d05b5d4a752ee76ac03863a0a39631607a6/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.assets-docker.js.snapshot/asset.7937f4f8197a9feee726dbb5f91b41ff615930260bf8e300bf64d070886e3183/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.assets-docker.js.snapshot/asset.fa08370824fa0a7eab2c59a4f371fe7631019044d6c906b4268193120dc213b4/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecr-assets/test/integ.nested-stacks-docker.js.snapshot/asset.0a3355be12051c9984bf2b0b2bba4e6ea535968e5b6e7396449701732fe5ed14/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.asset-image.js.snapshot/asset.0a3355be12051c9984bf2b0b2bba4e6ea535968e5b6e7396449701732fe5ed14/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.circuit-breaker-queue-processing-fargate-service.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-custom-cpu-scaling.js.snapshot/asset.8be39d348c20f7e58a373abbd1152069e18da130e51bf52c89bd82a38d0e51d7/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-grace-period.js.snapshot/asset.205c5d917605ee59cc93dc29526bc4f73b315ae613cdfbc52b8179f388041a03/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.11 to public.ecr.aws/lambda/python:3.11@sha256:fd4cf35a598494a42f325c7d139db86a8b950f9f79c84e8c3772bed3c662aac3","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-health-check.js.snapshot/asset.205c5d917605ee59cc93dc29526bc4f73b315ae613cdfbc52b8179f388041a03/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.11 to public.ecr.aws/lambda/python:3.11@sha256:fd4cf35a598494a42f325c7d139db86a8b950f9f79c84e8c3772bed3c662aac3","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-no-cpu-scaling.js.snapshot/asset.8be39d348c20f7e58a373abbd1152069e18da130e51bf52c89bd82a38d0e51d7/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-public.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-task-definition-with-cooldown.js.snapshot/asset.205c5d917605ee59cc93dc29526bc4f73b315ae613cdfbc52b8179f388041a03/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.11 to public.ecr.aws/lambda/python:3.11@sha256:fd4cf35a598494a42f325c7d139db86a8b950f9f79c84e8c3772bed3c662aac3","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-task-definition.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.runtime-platform-application-load-balanced-fargate-service.js.snapshot/asset.0a3355be12051c9984bf2b0b2bba4e6ea535968e5b6e7396449701732fe5ed14/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.scheduled-fargate-task.js.snapshot/asset.0a3355be12051c9984bf2b0b2bba4e6ea535968e5b6e7396449701732fe5ed14/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/sqs-reader/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.11 to public.ecr.aws/lambda/python:3.11@sha256:fd4cf35a598494a42f325c7d139db86a8b950f9f79c84e8c3772bed3c662aac3","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.eks-service-account-sdk-call.js.snapshot/asset.027f028f56ccd09ca70c404bb25cae814956ca2956efb3bfd3d516f96b8b1e48/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:18-alpine3.18 to public.ecr.aws/docker/library/node:18-alpine3.18@sha256:8863523fed890ce945343aebf959daa56e6b089de1851074f4fe22fe86c04399","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/sdk-call-integ-test-docker-app/app/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:18-alpine3.18 to public.ecr.aws/docker/library/node:18-alpine3.18@sha256:8863523fed890ce945343aebf959daa56e6b089de1851074f4fe22fe86c04399","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/ecs/eventhandler-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/ecs/image-simple/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/ecs/integ.event-ec2-task.js.snapshot/asset.cb8db1ca45b29cf8a7db558e2cb31ac823252251ae003dc87318f485c6415d2b/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-events-targets/test/ecs/integ.event-fargate-task.js.snapshot/asset.7a4895bc694ae074467753dddb9a798e58f2f5eda62bcce5833d7d356b8a1da2/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/docker-arm64-handler/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:latest to public.ecr.aws/lambda/python:latest@sha256:cf4519ad761cba994c2f8508ebce492055dc4a64fea4452412eafe4f24c2028f","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/docker-lambda-handler/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/nodejs:18 to public.ecr.aws/lambda/nodejs:18@sha256:4fc3a482aa6384de16da2fa5f046c3e3e8343d45484b9d525cd79c600861fb09","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.lambda.docker-arm64.js.snapshot/asset.027b9b499ce9e488d4c3cfa41abdbdc6afe203989a5bd77258f471da03f3f040/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:latest to public.ecr.aws/lambda/python:latest@sha256:cf4519ad761cba994c2f8508ebce492055dc4a64fea4452412eafe4f24c2028f","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-lambda/test/integ.lambda.docker.js.snapshot/asset.768d7b6c1d41b85135f498fe0cca69fea410be3c3322c69cf08690aaad29a610/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/nodejs:12 to public.ecr.aws/lambda/nodejs:12@sha256:0fe4eb7ea2af0c349142d7cda41ddaf7356e0d15452b55b7f4e5a3161178cc4f","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-s3-assets/test/alpine-markdown/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine:latest to public.ecr.aws/docker/library/alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/batch/batchjob-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.13-alpine to public.ecr.aws/docker/library/python:3.13-alpine@sha256:f196fd275fdad7287ccb4b0a85c2e402bb8c794d205cf6158909041c1ee9f38d","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/batch/integ.run-batch-job.js.snapshot/asset.8b518243ecbfcfd08b4734069e7e74ff97b7889dfde0a60d16e7bdc96e6c593b/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/batch/integ.submit-job-queue-jsonpath.js.snapshot/asset.6b18aed490b9a0c682c4729d8e5955650709955e8275dcbe68d5defa39c43bda/Dockerfile:1: pin your Docker image by updating python:3.13-alpine to python:3.13-alpine@sha256:f196fd275fdad7287ccb4b0a85c2e402bb8c794d205cf6158909041c1ee9f38d","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/batch/integ.submit-job.js.snapshot/asset.8b518243ecbfcfd08b4734069e7e74ff97b7889dfde0a60d16e7bdc96e6c593b/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/ecs/eventhandler-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/ecs/integ.ec2-run-task-ref-definition.js.snapshot/asset.d87af9b5acc567118fa529d3d3b763098200a6446a5ca64aea987729efd52534/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/ecs/integ.ec2-run-task.js.snapshot/asset.d87af9b5acc567118fa529d3d3b763098200a6446a5ca64aea987729efd52534/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/ecs/integ.ec2-task.js.snapshot/asset.d87af9b5acc567118fa529d3d3b763098200a6446a5ca64aea987729efd52534/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/ecs/integ.fargate-task.js.snapshot/asset.d87af9b5acc567118fa529d3d3b763098200a6446a5ca64aea987729efd52534/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/@aws-cdk/app-staging-synthesizer-alpha/test/assets/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.10 to public.ecr.aws/lambda/python:3.10@sha256:337a5330200f4631cb51c265817faf36d9523cd04fc49ea6f1b0ace514e235a1","Warn: containerImage not pinned by hash: packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.js.snapshot/asset.16624c2a162b07c5cc0e2c59c484f638bac238ca558ccbdc2aa0e0535df3e622/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.10 to public.ecr.aws/lambda/python:3.10@sha256:337a5330200f4631cb51c265817faf36d9523cd04fc49ea6f1b0ace514e235a1","Warn: containerImage not pinned by hash: packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.js.snapshot/asset.68539effc3f7ad46fff9765606c2a01b7f7965833643ab37e62799f19a37f650/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.10 to public.ecr.aws/lambda/python:3.10@sha256:337a5330200f4631cb51c265817faf36d9523cd04fc49ea6f1b0ace514e235a1","Warn: containerImage not pinned by hash: packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.ts.snapshot/asset.16624c2a162b07c5cc0e2c59c484f638bac238ca558ccbdc2aa0e0535df3e622/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.10 to public.ecr.aws/lambda/python:3.10@sha256:337a5330200f4631cb51c265817faf36d9523cd04fc49ea6f1b0ace514e235a1","Warn: containerImage not pinned by hash: packages/@aws-cdk/app-staging-synthesizer-alpha/test/integ.synth-default-resources.ts.snapshot/asset.68539effc3f7ad46fff9765606c2a01b7f7965833643ab37e62799f19a37f650/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.10 to public.ecr.aws/lambda/python:3.10@sha256:337a5330200f4631cb51c265817faf36d9523cd04fc49ea6f1b0ace514e235a1","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-apprunner-alpha/test/docker.assets/Dockerfile:2: pin your Docker image by updating public.ecr.aws/aws-containers/hello-app-runner:latest to public.ecr.aws/aws-containers/hello-app-runner:latest@sha256:241db9b79e1ddc65bab9f3a01a4e5e29b2da9c552f3a21740d466749dbae1b4b","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-apprunner-alpha/test/integ.service-ecr.js.snapshot/asset.77284835684772d19c95f4f5a37e7618d5f9efc40db9321d44ac039db457b967.assets/Dockerfile:2: pin your Docker image by updating public.ecr.aws/aws-containers/hello-app-runner:latest to public.ecr.aws/aws-containers/hello-app-runner:latest@sha256:241db9b79e1ddc65bab9f3a01a4e5e29b2da9c552f3a21740d466749dbae1b4b","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-lambda-go-alpha/lib/Dockerfile:4","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-lambda-python-alpha/lib/Dockerfile:4","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-lambda-python-alpha/test/lambda-handler-custom-build/Dockerfile:1: pin your Docker image by updating public.ecr.aws/sam/build-python3.7 to public.ecr.aws/sam/build-python3.7@sha256:66a882903ad0e3647ea10d6a4f96cdf821536d695473efe9904438773b70c67f","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint-config.js.snapshot/asset.442a71de95281cb26bd41da567c79060206108b97bdde93cb4ce5f213f50013a/Dockerfile:1: pin your Docker image by updating python:3 to python:3@sha256:68d0775234842868248bfe185eece56e725d3cb195f511a21233d0f564dee501","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.alarms.js.snapshot/asset.442a71de95281cb26bd41da567c79060206108b97bdde93cb4ce5f213f50013a/Dockerfile:1: pin your Docker image by updating python:3 to python:3@sha256:68d0775234842868248bfe185eece56e725d3cb195f511a21233d0f564dee501","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-sagemaker-alpha/test/integ.endpoint.js.snapshot/asset.442a71de95281cb26bd41da567c79060206108b97bdde93cb4ce5f213f50013a/Dockerfile:1: pin your Docker image by updating python:3 to python:3@sha256:68d0775234842868248bfe185eece56e725d3cb195f511a21233d0f564dee501","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-sagemaker-alpha/test/integ.model.js.snapshot/asset.98e27853307092de1d03c86e89a5ead7aab9f8ea8f6722e4f113f04f34a329fd/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3 to public.ecr.aws/docker/library/python:3@sha256:68d0775234842868248bfe185eece56e725d3cb195f511a21233d0f564dee501","Warn: containerImage not pinned by hash: packages/@aws-cdk/aws-sagemaker-alpha/test/test-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3 to public.ecr.aws/docker/library/python:3@sha256:68d0775234842868248bfe185eece56e725d3cb195f511a21233d0f564dee501","Warn: containerImage not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3-deployment/bucket-deployment-handler/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:latest to public.ecr.aws/lambda/python:latest@sha256:cf4519ad761cba994c2f8508ebce492055dc4a64fea4452412eafe4f24c2028f","Warn: containerImage not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3-deployment/bucket-deployment-handler/Dockerfile.debug:1: pin your Docker image by updating public.ecr.aws/lambda/python:latest to public.ecr.aws/lambda/python:latest@sha256:cf4519ad761cba994c2f8508ebce492055dc4a64fea4452412eafe4f24c2028f","Warn: containerImage not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3-deployment/bucket-deployment-handler/Dockerfile_large:1: pin your Docker image by updating public.ecr.aws/lambda/python:latest to public.ecr.aws/lambda/python:latest@sha256:cf4519ad761cba994c2f8508ebce492055dc4a64fea4452412eafe4f24c2028f","Warn: containerImage not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3/notifications-resource-handler/Dockerfile:2: pin your Docker image by updating public.ecr.aws/lambda/python:3.11 to public.ecr.aws/lambda/python:3.11@sha256:fd4cf35a598494a42f325c7d139db86a8b950f9f79c84e8c3772bed3c662aac3","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-batch/test/batchjob-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-cloudformation/test/asset-docker-fixture/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine:latest to public.ecr.aws/docker/library/alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-codebuild/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecr-assets/test/allow-listed-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecr-assets/test/demo-image-custom-docker-file/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecr-assets/test/demo-image-custom-docker-file/Dockerfile.Custom:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecr-assets/test/demo-image-secret/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecr-assets/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecr-assets/test/dockerignore-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecs-patterns/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecs-patterns/test/sqs-reader/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-ecs/test/demo-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-events-targets/test/ecs/eventhandler-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-lambda-nodejs/lib/Dockerfile:4","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-lambda/test/docker-arm64-handler/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:latest to public.ecr.aws/lambda/python:latest@sha256:cf4519ad761cba994c2f8508ebce492055dc4a64fea4452412eafe4f24c2028f","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-lambda/test/docker-build-lambda/Dockerfile:1: pin your Docker image by updating public.ecr.aws/amazonlinux/amazonlinux:latest to public.ecr.aws/amazonlinux/amazonlinux:latest@sha256:16be01492b5ab08c47f64f615e8787e675e8f0e67bcefcd43cfca164b6b9d788","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-lambda/test/docker-lambda-handler/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/nodejs:18 to public.ecr.aws/lambda/nodejs:18@sha256:4fc3a482aa6384de16da2fa5f046c3e3e8343d45484b9d525cd79c600861fb09","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-s3-assets/test/alpine-markdown/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine:latest to public.ecr.aws/docker/library/alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-stepfunctions-tasks/test/batch/batchjob-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.6 to public.ecr.aws/lambda/python:3.6@sha256:bae58c5ea51776403c3b76bda7178bca25dc1f3f4696cf76230e5a0250958480","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/aws-stepfunctions-tasks/test/ecs/eventhandler-image/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/python:3.12 to public.ecr.aws/docker/library/python:3.12@sha256:645df645815f1403566b103b2a2bb07f6a01516bbb15078ed004e41d198ba194","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/cx-api/test/fixtures/asset-manifest/docker-asset/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/ubuntu:latest to public.ecr.aws/docker/library/ubuntu:latest@sha256:a08e551cb33850e4740772b38217fc1796a66da2506d312abe51acda354ff061","Warn: containerImage not pinned by hash: packages/aws-cdk-lib/cx-api/test/fixtures/assets/docker-asset/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/ubuntu:latest to public.ecr.aws/docker/library/ubuntu:latest@sha256:a08e551cb33850e4740772b38217fc1796a66da2506d312abe51acda354ff061","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.circuit-breaker-queue-processing-fargate-service.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-custom-cpu-scaling.js.snapshot/asset.8be39d348c20f7e58a373abbd1152069e18da130e51bf52c89bd82a38d0e51d7/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-grace-period.js.snapshot/asset.205c5d917605ee59cc93dc29526bc4f73b315ae613cdfbc52b8179f388041a03/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-health-check.js.snapshot/asset.205c5d917605ee59cc93dc29526bc4f73b315ae613cdfbc52b8179f388041a03/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-no-cpu-scaling.js.snapshot/asset.8be39d348c20f7e58a373abbd1152069e18da130e51bf52c89bd82a38d0e51d7/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-public.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-task-definition-with-cooldown.js.snapshot/asset.205c5d917605ee59cc93dc29526bc4f73b315ae613cdfbc52b8179f388041a03/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service-task-definition.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/fargate/integ.queue-processing-fargate-service.js.snapshot/asset.95cefedd43575452a70cdeeeceb0f1c5728fd58c9ff8e81e760c3dac33c46417/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/sqs-reader/Dockerfile:3","Warn: pipCommand not pinned by hash: packages/@aws-cdk/aws-lambda-python-alpha/lib/Dockerfile:26-47","Warn: pipCommand not pinned by hash: packages/@aws-cdk/aws-lambda-python-alpha/lib/Dockerfile:26-47","Warn: pipCommand not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3-deployment/bucket-deployment-handler/Dockerfile:7","Warn: pipCommand not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3-deployment/bucket-deployment-handler/Dockerfile.debug:4","Warn: pipCommand not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3-deployment/bucket-deployment-handler/Dockerfile_large:7","Warn: pipCommand not pinned by hash: packages/@aws-cdk/custom-resource-handlers/test/aws-s3/notifications-resource-handler/Dockerfile:7","Warn: pipCommand not pinned by hash: packages/aws-cdk-lib/aws-ecs-patterns/test/sqs-reader/Dockerfile:3","Warn: npmCommand not pinned by hash: packages/aws-cdk-lib/aws-lambda-nodejs/lib/Dockerfile:7","Warn: npmCommand not pinned by hash: packages/aws-cdk-lib/aws-lambda-nodejs/lib/Dockerfile:10","Warn: npmCommand not pinned by hash: packages/aws-cdk-lib/aws-lambda-nodejs/lib/Dockerfile:13","Warn: npmCommand not pinned by hash: packages/aws-cdk-lib/aws-lambda-nodejs/lib/Dockerfile:16","Warn: npmCommand not pinned by hash: packages/aws-cdk-lib/aws-lambda-nodejs/lib/Dockerfile:22","Warn: npmCommand not pinned by hash: packages/aws-cdk-lib/aws-appsync/test/verify.integ.graphql-iam.sh:9","Warn: npmCommand not pinned by hash: scripts/update-dependencies.sh:56","Warn: npmCommand not pinned by hash: scripts/update-dependencies.sh:63","Warn: npmCommand not pinned by hash: scripts/update-dependencies.sh:63","Warn: npmCommand not pinned by hash: .github/workflows/spec-update.yml:43","Warn: npmCommand not pinned by hash: .github/workflows/yarn-upgrade-need-manual-work.yml:49","Warn: npmCommand not pinned by hash: .github/workflows/yarn-upgrade.yml:41","Info:   0 out of  82 GitHub-owned GitHubAction dependencies pinned","Info:   2 out of  27 third-party GitHubAction dependencies pinned","Info:   0 out of  93 containerImage dependencies pinned","Info:   0 out of  17 pipCommand dependencies pinned","Info:   2 out of  14 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"14 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T02:11:50.156Z","repository_id":37269729,"created_at":"2025-08-17T02:11:50.156Z","updated_at":"2025-08-17T02:11:50.156Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28104110,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-28T02:00:05.685Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"aws","name":"Amazon Web Services","uuid":"2232217","kind":"organization","description":"","email":"open-source-github@amazon.com","website":"https://amazon.com/aws","location":"United States of America","twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/2232217?v=4","repositories_count":509,"last_synced_at":"2025-10-19T22:54:00.183Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/aws","funding_links":[],"total_stars":237333,"followers":13375,"following":0,"created_at":"2022-11-02T16:20:18.436Z","updated_at":"2025-10-19T22:54:00.183Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aws","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aws/repositories"},"tags":[]},"repo_metadata_updated_at":"2025-12-29T21:26:23.885Z","dependent_packages_count":4,"downloads":8,"downloads_period":"last-month","dependent_repos_count":1,"rankings":{"downloads":54.192844294393694,"dependent_repos_count":10.40278016761116,"dependent_packages_count":5.9343433631114415,"stargazers_count":0.9894354537079714,"forks_count":0.5824688442633447,"docker_downloads_count":null,"average":14.420374424617524},"purl":"pkg:npm/%40aws-cdk/aws-codebuild-codepipeline","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/@aws-cdk/aws-codebuild-codepipeline","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/npm/@aws-cdk/aws-codebuild-codepipeline","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/@aws-cdk/aws-codebuild-codepipeline/dependencies","status":"deprecated","funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2025-12-29T18:00:43.505Z","issues_count":5092,"pull_requests_count":8639,"avg_time_to_close_issue":17200353.590082053,"avg_time_to_close_pull_request":1148954.1025641025,"issues_closed_count":2798,"pull_requests_closed_count":7287,"pull_request_authors_count":865,"issue_authors_count":2985,"avg_comments_per_issue":4.0661822466614295,"avg_comments_per_pull_request":4.36497279777752,"merged_pull_requests_count":5533,"bot_issues_count":139,"bot_pull_requests_count":405,"past_year_issues_count":882,"past_year_pull_requests_count":3319,"past_year_avg_time_to_close_issue":1934336.502688172,"past_year_avg_time_to_close_pull_request":604842.0873898045,"past_year_issues_closed_count":372,"past_year_pull_requests_closed_count":2608,"past_year_pull_request_authors_count":319,"past_year_issue_authors_count":599,"past_year_avg_comments_per_issue":1.7573696145124718,"past_year_avg_comments_per_pull_request":4.179873455860199,"past_year_bot_issues_count":20,"past_year_bot_pull_requests_count":238,"past_year_merged_pull_requests_count":1965,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/aws%2Faws-cdk/issues","maintainers":[{"login":"aws-cdk-automation","count":941,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/aws-cdk-automation"},{"login":"Leo10Gama","count":81,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Leo10Gama"},{"login":"godwingrs22","count":38,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/godwingrs22"},{"login":"Abogical","count":34,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Abogical"},{"login":"ozelalisen","count":23,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/ozelalisen"},{"login":"clareliguori","count":17,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/clareliguori"},{"login":"roger-zhangg","count":13,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/roger-zhangg"},{"login":"abhay-krishna","count":7,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/abhay-krishna"},{"login":"5d","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/5d"},{"login":"astiwana","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/astiwana"},{"login":"jerry-shao","count":4,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jerry-shao"},{"login":"trivikr","count":4,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/trivikr"},{"login":"jacklin213","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jacklin213"},{"login":"jiayiwang7","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jiayiwang7"},{"login":"nathanpeck","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/nathanpeck"},{"login":"leoherran-aws","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/leoherran-aws"},{"login":"ppittle","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/ppittle"},{"login":"cartermckinnon","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/cartermckinnon"},{"login":"cogwirrel","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/cogwirrel"},{"login":"jmklix","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jmklix"},{"login":"tlindsay42","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/tlindsay42"},{"login":"Harsh0","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Harsh0"},{"login":"estepamo-amazon","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/estepamo-amazon"},{"login":"kellertk","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/kellertk"},{"login":"tmscarla","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/tmscarla"}],"active_maintainers":[{"login":"aws-cdk-automation","count":345,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/aws-cdk-automation"},{"login":"Leo10Gama","count":42,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Leo10Gama"},{"login":"Abogical","count":34,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Abogical"},{"login":"godwingrs22","count":34,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/godwingrs22"},{"login":"ozelalisen","count":23,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/ozelalisen"},{"login":"5d","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/5d"},{"login":"astiwana","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/astiwana"},{"login":"abhay-krishna","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/abhay-krishna"},{"login":"jacklin213","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jacklin213"},{"login":"roger-zhangg","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/roger-zhangg"},{"login":"cogwirrel","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/cogwirrel"},{"login":"Harsh0","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Harsh0"},{"login":"jmklix","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jmklix"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@aws-cdk%2Faws-codebuild-codepipeline/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@aws-cdk%2Faws-codebuild-codepipeline/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@aws-cdk%2Faws-codebuild-codepipeline/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@aws-cdk%2Faws-codebuild-codepipeline/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@aws-cdk%2Faws-codebuild-codepipeline/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@aws-cdk%2Faws-codebuild-codepipeline/codemeta","maintainers":[{"uuid":"amzn-oss","login":"amzn-oss","name":null,"email":"osa-3p@amazon.com","url":null,"packages_count":2133,"html_url":"https://www.npmjs.com/~amzn-oss","role":null,"created_at":"2022-11-15T07:58:43.295Z","updated_at":"2022-11-15T07:58:43.295Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/amzn-oss/packages"},{"uuid":"aws-cdk-team","login":"aws-cdk-team","name":null,"email":"aws-cdk-dev@amazon.com","url":null,"packages_count":658,"html_url":"https://www.npmjs.com/~aws-cdk-team","role":null,"created_at":"2022-11-15T07:58:43.311Z","updated_at":"2022-11-15T07:58:43.311Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/aws-cdk-team/packages"}]}