Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.

The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/

The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

PIC100: Loading serialized data with the pickle module can expose arbitrary code execution using the __reduce__ method. Found in 'pickle.loads(environ["HTTP_COMMAND"])'.

PIC100: Loading serialized data with the pickle module can expose arbitrary code execution using the __reduce__ method. Found in 'pickle.loads(sys.argv[1])'.

PIC100: Loading serialized data with the pickle module can expose arbitrary code execution using the __reduce__ method. Found in 'pickle.loads(input())'.

PIC100: Loading serialized data with the pickle module can expose arbitrary code execution using the __reduce__ method. Found in 'pickle.loads(inputs[0])'.

PR100: Calling subprocess commands with shell=True can leave the host shell open to local code execution or remote code execution attacks. Found in 'command'.

PW100: Matching inputs, secrets or tokens using the == operator is vulnerable to timing attacks. Use compare_digest() instead. Found in 'arguments.password != arguments.password_confirmation'.

SH100: Potential shell injection with unescaped input. Found in 'environ["HTTP_COMMAND"]'.

SH100: Potential shell injection with unescaped input. Found in 'sys.argv[1]'.