Describe the bug
The Pinned Dependency check is reporting a false positive for Dockerfile entries with a build arg and multi-stage build.

Reproduction steps
Steps to reproduce the behavior:

With the following Dockerfile:

ARG REGISTRY=docker.io
ARG GO_VER=1.21-alpine@sha256:110b07af87238fbdc5f1df52b00927cf58ce3de358eeeb1854f10a8b5e5e1411

FROM ${REGISTRY}/library/golang:${GO_VER} as golang
#...

FROM golang as tool1
#...

FROM golang as tool2
#...

Each of the FROM lines are reported as non-pinned.

Expected behavior
The described FROM lines should all indicate they are pinned.

Additional context
The registry.example.org/repo:tag@digest syntax is a pinned dependency, the digest is used and tag will be ignored by runtimes pulling the image.