{"id":13466650,"url":"https://github.com/ponylang/ponyc","last_synced_at":"2026-04-02T16:59:57.907Z","repository":{"id":5470988,"uuid":"6667084","full_name":"ponylang/ponyc","owner":"ponylang","description":"Pony is an open-source, actor-model, capabilities-secure, high performance programming language","archived":false,"fork":false,"pushed_at":"2026-01-29T00:11:47.000Z","size":20366,"stargazers_count":6021,"open_issues_count":272,"forks_count":428,"subscribers_count":131,"default_branch":"main","last_synced_at":"2026-01-29T10:50:16.294Z","etag":null,"topics":["actor-model","pony-language","pony-source","ponyc","ponylang","programming-language"],"latest_commit_sha":null,"homepage":"http://www.ponylang.io","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ponylang.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"open_collective":"ponyc"}},"created_at":"2012-11-13T07:38:25.000Z","updated_at":"2026-01-29T00:11:51.000Z","dependencies_parsed_at":"2024-03-16T15:32:40.904Z","dependency_job_id":"cec94720-e68e-499f-b460-bdde4ed5d1ae","html_url":"https://github.com/ponylang/ponyc","commit_stats":{"total_commits":6477,"total_committers":242,"mean_commits":"26.764462809917354","dds":0.798209047398487,"last_synced_commit":"23c2bc936d2fe2c5efbca62210d44df255817af9"},"previous_names":[],"tags_count":147,"template":false,"template_full_name":null,"purl":"pkg:github/ponylang/ponyc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ponylang%2Fponyc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ponylang%2Fponyc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ponylang%2Fponyc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ponylang%2Fponyc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ponylang","download_url":"https://codeload.github.com/ponylang/ponyc/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ponylang%2Fponyc/sbom","scorecard":{"id":740813,"data":{"date":"2025-08-11","repo":{"name":"github.com/ponylang/ponyc","commit":"e08cd9526c5668f4d6ad7852c0992a0b9dde2d9c"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.9,"checks":[{"name":"Code-Review","score":1,"reason":"Found 5/30 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"28 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: test/full-program-tests/regression-4613/regression-4613:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: BSD 2-Clause \"Simplified\" License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: topLevel 'packages' permission set to 'read': .github/workflows/announce-a-release.yml:10","Warn: topLevel 'contents' permission set to 'write': .github/workflows/announce-a-release.yml:11","Warn: topLevel 'packages' permission set to 'write': .github/workflows/arm-builder-test.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/arm-builder-test.yml:7","Info: topLevel 'packages' permission set to 'read': .github/workflows/changelog-bot.yml:13","Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/changelog-bot.yml:14","Warn: topLevel 'contents' permission set to 'write': .github/workflows/changelog-bot.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/cloudsmith-package-sychronised.yml:9","Warn: topLevel 'packages' permission set to 'write': .github/workflows/cloudsmith-package-sychronised.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/generate-documentation.yml:7","Info: topLevel 'packages' permission set to 'read': .github/workflows/generate-documentation.yml:10","Info: topLevel 'packages' permission set to 'read': .github/workflows/lint-action-workflows.yml:10","Info: topLevel 'packages' permission set to 'read': .github/workflows/nightlies.yml:8","Info: topLevel 'packages' permission set to 'read': .github/workflows/pr.yml:10","Info: topLevel 'packages' permission set to 'read': .github/workflows/prepare-for-a-release.yml:10","Warn: topLevel 'contents' permission set to 'write': .github/workflows/prepare-for-a-release.yml:11","Warn: topLevel 'packages' permission set to 'write': .github/workflows/rebuild-stdlib-builder.yml:11","Info: topLevel 'packages' permission set to 'read': .github/workflows/release-notes-reminder.yml:9","Info: topLevel 'packages' permission set to 'read': .github/workflows/release-notes.yml:14","Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/release-notes.yml:15","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release-notes.yml:16","Info: topLevel 'packages' permission set to 'read': .github/workflows/release.yml:11","Info: topLevel 'packages' permission set to 'read': .github/workflows/stress-test-tcp-open-close-linux.yml:15","Info: topLevel 'packages' permission set to 'read': .github/workflows/stress-test-tcp-open-close-macos.yml:15","Info: topLevel 'packages' permission set to 'read': .github/workflows/stress-test-tcp-open-close-windows.yml:15","Info: topLevel 'packages' permission set to 'read': .github/workflows/stress-test-ubench-linux.yml:15","Info: topLevel 'packages' permission set to 'read': .github/workflows/stress-test-ubench-macos.yml:15","Info: topLevel 'packages' permission set to 'read': .github/workflows/stress-test-ubench-windows.yml:15","Warn: topLevel 'packages' permission set to 'write': .github/workflows/test-with-latest-tools.yml:11","Info: topLevel 'packages' permission set to 'read': .github/workflows/update-lib-cache.yml:13","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/arm-builder-test.yml:13"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":9,"reason":"SAST tool is not run on all commits -- score normalized to 9","details":["Warn: 13 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/announce-a-release.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/announce-a-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/arm-builder-test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/arm-builder-test.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/changelog-bot.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/changelog-bot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:287: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:294: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:246: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:310: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:327: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cloudsmith-package-sychronised.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/cloudsmith-package-sychronised.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-documentation.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/generate-documentation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-documentation.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/generate-documentation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-documentation.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/generate-documentation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-documentation.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/generate-documentation.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-action-workflows.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/lint-action-workflows.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-action-workflows.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/lint-action-workflows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:213: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:274: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:315: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:324: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightlies.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightlies.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/nightlies.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:391: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:394: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:403: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:470: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:479: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:261: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:510: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:565: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:568: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:577: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:426: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:429: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:438: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:612: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:615: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:624: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:318: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr.yml:320: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:344: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/pr.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prepare-for-a-release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/prepare-for-a-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebuild-stdlib-builder.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/rebuild-stdlib-builder.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-notes-reminder.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release-notes-reminder.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-notes.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release-notes.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:292: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-linux.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-macos.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-macos.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-macos.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-macos.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-macos.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-macos.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-windows.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-windows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-windows.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-windows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-tcp-open-close-windows.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-tcp-open-close-windows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-linux.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-linux.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-macos.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-macos.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-macos.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-macos.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-macos.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-macos.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-macos.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-windows.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-windows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-windows.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-windows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stress-test-ubench-windows.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/stress-test-ubench-windows.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-with-latest-tools.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/test-with-latest-tools.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-with-latest-tools.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/test-with-latest-tools.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-lib-cache.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/ponylang/ponyc/update-lib-cache.yml/main?enable=pin","Warn: containerImage not pinned by hash: .ci-dockerfiles/arm64-unknown-linux-alpine3.21-builder/Dockerfile:1: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:b6a6be0ff92ab6db8acd94f5d1b7a6c2f0f5d10ce3c24af348d333ac6da80685","Warn: containerImage not pinned by hash: .ci-dockerfiles/arm64-unknown-linux-ubuntu24.04-builder/Dockerfile:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: .ci-dockerfiles/cross-arm/Dockerfile:1","Warn: containerImage not pinned by hash: .ci-dockerfiles/cross-armhf/Dockerfile:1","Warn: containerImage not pinned by hash: .ci-dockerfiles/cross-riscv64/Dockerfile:1","Warn: containerImage not pinned by hash: .ci-dockerfiles/stdlib-builder/Dockerfile:2","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-alpine3.20-builder/Dockerfile:1: pin your Docker image by updating alpine:3.20 to alpine:3.20@sha256:b3119ef930faabb6b7b976780c0c7a9c1aa24d0c75e9179ac10e6bc9ac080d0d","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-alpine3.21-builder/Dockerfile:1: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:b6a6be0ff92ab6db8acd94f5d1b7a6c2f0f5d10ce3c24af348d333ac6da80685","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-arch-builder/Dockerfile:1: pin your Docker image by updating archlinux:base to archlinux:base@sha256:104d24b4464e89a16566d3e68ce0e2707aa15258c690ee9bef755930e8bc1c2d","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-fedora41-builder/Dockerfile:1: pin your Docker image by updating fedora:41 to fedora:41@sha256:db46c636d4c0efee042f54d2155d138f3d9e764c6d24a856eb4f4f36c92279f8","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-musl-builder/Dockerfile:1: pin your Docker image by updating alpine:3.20 to alpine:3.20@sha256:b3119ef930faabb6b7b976780c0c7a9c1aa24d0c75e9179ac10e6bc9ac080d0d","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-ubuntu22.04-builder/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-ubuntu24.04-builder/Dockerfile:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: .dockerfiles/latest/arm64-unknown-linux-musl/Dockerfile:1: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:b6a6be0ff92ab6db8acd94f5d1b7a6c2f0f5d10ce3c24af348d333ac6da80685","Warn: containerImage not pinned by hash: .dockerfiles/latest/x86-64-pc-windows-msvc/Dockerfile:3: pin your Docker image by updating mcr.microsoft.com/windows/servercore:ltsc2022 to mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c","Warn: containerImage not pinned by hash: .dockerfiles/latest/x86-64-unknown-linux-gnu/Dockerfile:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: .dockerfiles/latest/x86-64-unknown-linux-musl/Dockerfile:1: pin your Docker image by updating alpine:3.20 to alpine:3.20@sha256:b3119ef930faabb6b7b976780c0c7a9c1aa24d0c75e9179ac10e6bc9ac080d0d","Warn: containerImage not pinned by hash: .dockerfiles/release/x86-64-pc-windows-msvc/Dockerfile:3: pin your Docker image by updating mcr.microsoft.com/windows/servercore:ltsc2022 to mcr.microsoft.com/windows/servercore:ltsc2022@sha256:d9e1a220c13cf25c7b213fbd96df2b63671e2dba0de3909003d4bb23a8bc8a1c","Warn: containerImage not pinned by hash: .dockerfiles/release/x86-64-unknown-linux-gnu/Dockerfile:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: .dockerfiles/release/x86-64-unknown-linux-musl/Dockerfile:1: pin your Docker image by updating alpine:3.20 to alpine:3.20@sha256:b3119ef930faabb6b7b976780c0c7a9c1aa24d0c75e9179ac10e6bc9ac080d0d","Warn: pipCommand not pinned by hash: .ci-dockerfiles/arm64-unknown-linux-alpine3.21-builder/Dockerfile:5-23","Warn: pipCommand not pinned by hash: .ci-dockerfiles/arm64-unknown-linux-ubuntu24.04-builder/Dockerfile:10-29","Warn: pipCommand not pinned by hash: .ci-dockerfiles/stdlib-builder/Dockerfile:8-23","Warn: pipCommand not pinned by hash: .ci-dockerfiles/stdlib-builder/Dockerfile:8-23","Warn: pipCommand not pinned by hash: .ci-dockerfiles/stdlib-builder/Dockerfile:8-23","Warn: pipCommand not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-alpine3.20-builder/Dockerfile:5-23","Warn: pipCommand not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-alpine3.21-builder/Dockerfile:5-23","Warn: pipCommand not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-fedora41-builder/Dockerfile:5-19","Warn: pipCommand not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-musl-builder/Dockerfile:4-22","Warn: pipCommand not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-ubuntu22.04-builder/Dockerfile:10-27","Warn: pipCommand not pinned by hash: .ci-dockerfiles/x86-64-unknown-linux-ubuntu24.04-builder/Dockerfile:10-29","Warn: pipCommand not pinned by hash: .github/workflows/nightlies.yml:231","Warn: pipCommand not pinned by hash: .github/workflows/nightlies.yml:189","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:196","Warn: pipCommand not pinned by hash: .github/workflows/release.yml:230","Info:   2 out of 152 GitHub-owned GitHubAction dependencies pinned","Info:  57 out of  80 third-party GitHubAction dependencies pinned","Info:   0 out of  20 containerImage dependencies pinned","Info:   0 out of  15 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-22T17:22:48.201Z","repository_id":5470988,"created_at":"2025-08-22T17:22:48.201Z","updated_at":"2025-08-22T17:22:48.201Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28946071,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-31T14:26:55.697Z","status":"ssl_error","status_checked_at":"2026-01-31T14:26:52.545Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actor-model","pony-language","pony-source","ponyc","ponylang","programming-language"],"created_at":"2024-07-31T15:00:47.716Z","updated_at":"2026-04-02T16:59:57.901Z","avatar_url":"https://github.com/ponylang.png","language":"C","funding_links":["https://opencollective.com/ponyc"],"categories":["C++","C","Embed-Script/VM/","Pony","Uncategorized","计算机编程_数据结构与算法","programming-language","1. language"],"sub_categories":["Lua","Uncategorized","资源传输下载","1.9 pony"],"readme":"# Pony\n\nPony is an open-source, object-oriented, actor-model, capabilities-secure, high-performance programming language.\n\n## Status\n\nPony is still pre-1.0 and as such, semi-regularly introduces breaking changes. These changes are usually fairly easy to adapt to. Applications written in Pony are currently used in production environments.\n\n## Supported platforms\n\n### Operating Systems\n\n* Linux\n* macOS\n* Windows 11\n\n### CPUs\n\n* Full support for 64-bit platforms\n  * x86, ARM and RISC-V CPUs only\n* Partial support for 32-bit platforms\n  * The `arm` and `armhf` architectures are tested via CI (Continuous\n    Integration testing)\n\n## Best effort platforms\n\nBest-effort platforms are operating systems where Pony _should_ work, but with low confidence. We don't have automated testing or continuous integration for these platforms to ensure they remain functional. We won't intentionally break a best-effort platform. However, we make no effort to maintain compatibility with them. When building ponyc from source on a best-effort platform, you may encounter failures. We welcome thoughtful pull requests to restore Pony compatibility with the platform.\n\n* DragonFlyBSD (x86 only)\n* FreeBSD (x86 only)\n* OpenBSD (x86 only)\n* Windows 10 (x86 only)\n\n## More Information\n\n* [Installation](INSTALL.md)\n* [Building from source](BUILD.md)\n* [Docker images](INSTALL_DOCKER.md)\n* [Editor support](EDITORS.md)\n\n## Resources\n\n* [Learn more about Pony](https://www.ponylang.io/discover/)\n* [Start learning Pony](https://www.ponylang.io/learn/)\n  * [Getting help](https://www.ponylang.io/learn/#getting-help)\n* [Try Pony online](https://playground.ponylang.io)\n* [Frequently Asked Questions](https://www.ponylang.io/faq/)\n* [Community](https://www.ponylang.io/community/)\n\n## Contributing\n\nWe welcome contributions to Pony. Please read through [CONTRIBUTING.md](CONTRIBUTING.md) for details on how to get started.\n\n## License\n\nPony is distributed under the terms of the [2-Clause BSD License](https://opensource.org/licenses/BSD-2-Clause). See [LICENSE](LICENSE) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fponylang%2Fponyc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fponylang%2Fponyc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fponylang%2Fponyc/lists"}