The action sonarsource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 is not allowed in openremote/proxy because all actions must be from a repository owned by openremote, created by GitHub, or match one of the patterns: anchore/scan-action@*, docker/login-action@*, docker/setup-buildx-action@*, docker/setup-qemu-action@*, github/codeql-action/upload-sarif@*, styfle/cancel-workflow-action@*. All actions must also be pinned to a full-length commit SHA.