Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reuse.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/InfraBox/reuse.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/reuse.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/InfraBox/reuse.yml/master?enable=pin
Warn: containerImage not pinned by hash: infrabox/deploy/build-dashboard-client/Dockerfile:1: pin your Docker image by updating node:8.9-alpine to node:8.9-alpine@sha256:6bb963d58da845cf66a22bc5a48bb8c686f91d30240f0798feb0d61a2832fc46
Warn: containerImage not pinned by hash: infrabox/deploy/static/Dockerfile:1: pin your Docker image by updating nginx:1.15-alpine to nginx:1.15-alpine@sha256:57a226fb6ab6823027c0704a9346a890ffb0cacde06bc19bbc234c8720673555
Warn: containerImage not pinned by hash: infrabox/generator/Dockerfile:1: pin your Docker image by updating alpine:3.6 to alpine:3.6@sha256:66790a2b79e1ea3e1dabac43990c54aca5d1ddf268d9a5a0285e4167c8b24475
Warn: containerImage not pinned by hash: infrabox/test-registry/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test-registry/Dockerfile_auth:2
Warn: containerImage not pinned by hash: infrabox/test-registry/mock-registry/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test/api/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test/collector-api/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test/e2e/Dockerfile:1: pin your Docker image by updating python:3-bookworm to python:3-bookworm@sha256:f7d51cd35460eeb962e8b3752127cf4c14ec2510467b64ce9d0870dc4c830716
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_compose_job/infrabox/server/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:current-alpine to public.ecr.aws/docker/library/node:current-alpine@sha256:b8ea75e6dcdf7dbba1ea8b57f77ec89ef04c1719d2ae986c8fbea21f9f4ec187
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_compose_job/infrabox/test/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_image_input_output/Dockerfile_consumer:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_input_output/Dockerfile_consumer:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_input_output/Dockerfile_producer:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_insecure_env/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_job/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_job_archive/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_multiple_jobs/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_secure_env/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/docker_secure_env_not_found/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/failed_job/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/infrabox_context/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:current-alpine to public.ecr.aws/docker/library/node:current-alpine@sha256:b8ea75e6dcdf7dbba1ea8b57f77ec89ef04c1719d2ae986c8fbea21f9f4ec187
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/infrabox_context/sub1/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/node:current-alpine to public.ecr.aws/docker/library/node:current-alpine@sha256:b8ea75e6dcdf7dbba1ea8b57f77ec89ef04c1719d2ae986c8fbea21f9f4ec187
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/infrabox_testresult/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/infrabox_yaml/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/malicious_job/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/resources_kubernetes/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-dependency-conditions/Dockerfile_consumer1:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-dependency-conditions/Dockerfile_consumer2:1
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-dependency-conditions/Dockerfile_consumer3:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-dependency-conditions/Dockerfile_producer:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-deployment/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-git-with-workflow/external_git/Dockerfile_external:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-one-git-job-env/external_git/Dockerfile_external:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test-one-git-job/external_git/Dockerfile_external:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/test_restart_job/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/workflow_nested/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/workflow_nested/flow/Dockerfile_flow:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/workflow_nested/flow/nested-flow/Dockerfile_nested:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/workflow_recursive/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/workflow_simple_job/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/e2e/tests/workflow_simple_job/flow/Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/alpine to public.ecr.aws/docker/library/alpine@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: infrabox/test/github-review/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test/pyinfrabox/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test/pyinfraboxutils/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/test/registry-auth/Dockerfile:2
Warn: containerImage not pinned by hash: infrabox/utils/storage/postgres/Dockerfile:1: pin your Docker image by updating postgres:9.5.5-alpine to postgres:9.5.5-alpine@sha256:ff6b73f647ba71bb949670459a3cffddb5c4b32180bc90398a479ebe4b102387
Warn: containerImage not pinned by hash: src/api/Dockerfile:2
Warn: containerImage not pinned by hash: src/checker/Dockerfile:2
Warn: containerImage not pinned by hash: src/cluster-status/Dockerfile:2
Warn: containerImage not pinned by hash: src/collector-api/Dockerfile:2
Warn: containerImage not pinned by hash: src/db/Dockerfile:2
Warn: containerImage not pinned by hash: src/docker-registry/auth/Dockerfile:2
Warn: containerImage not pinned by hash: src/docker-registry/nginx/Dockerfile:1: pin your Docker image by updating nginx:1.15-alpine to nginx:1.15-alpine@sha256:57a226fb6ab6823027c0704a9346a890ffb0cacde06bc19bbc234c8720673555
Warn: containerImage not pinned by hash: src/gc/Dockerfile:2
Warn: containerImage not pinned by hash: src/gerrit/api/Dockerfile:2
Warn: containerImage not pinned by hash: src/gerrit/review/Dockerfile:2
Warn: containerImage not pinned by hash: src/gerrit/trigger/Dockerfile:2
Warn: containerImage not pinned by hash: src/github/review/Dockerfile:2
Warn: containerImage not pinned by hash: src/github/trigger/Dockerfile:2
Warn: containerImage not pinned by hash: src/grafana/Dockerfile:1: pin your Docker image by updating grafana/grafana:latest to grafana/grafana:latest@sha256:b5b59bfc7561634c2d7b136c4543d702ebcc94a3da477f21ff26f89ffd4214fa
Warn: containerImage not pinned by hash: src/images/base/Dockerfile:5: pin your Docker image by updating debian:buster-slim to debian:buster-slim@sha256:bb3dc79fddbca7e8903248ab916bb775c96ec61014b3d02b4f06043b604726dc
Warn: containerImage not pinned by hash: src/images/test/Dockerfile:2
Warn: containerImage not pinned by hash: src/job/Dockerfile:1: pin your Docker image by updating docker:20.10.14-dind to docker:20.10.14-dind@sha256:210076c7772f47831afaf7ff200cf431c6cd191f0d0cb0805b1d9a996e99fb5e
Warn: containerImage not pinned by hash: src/metrics/Dockerfile:2
Warn: containerImage not pinned by hash: src/openpolicyagent/Dockerfile:1: pin your Docker image by updating openpolicyagent/opa:0.10.7-debug to openpolicyagent/opa:0.10.7-debug@sha256:829b8338ce11196957a50f0137cb070249e056b81d7e3b0e20554bac1bd387ad
Warn: containerImage not pinned by hash: src/postgres/Dockerfile:1: pin your Docker image by updating postgres:9.5.5-alpine to postgres:9.5.5-alpine@sha256:ff6b73f647ba71bb949670459a3cffddb5c4b32180bc90398a479ebe4b102387
Warn: containerImage not pinned by hash: src/scheduler/kubernetes/Dockerfile:2
Warn: containerImage not pinned by hash: src/services/aks/Dockerfile:1
Warn: containerImage not pinned by hash: src/services/aks/Dockerfile:15: pin your Docker image by updating alpine:3.9 to alpine:3.9@sha256:414e0518bb9228d35e4cd5165567fb91d26c6a214e9c95899e1e056fcd349011
Warn: containerImage not pinned by hash: src/services/gardener/Dockerfile:1
Warn: containerImage not pinned by hash: src/services/gardener/Dockerfile:13: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10
Warn: containerImage not pinned by hash: src/services/gardener/tmp/build/Dockerfile:1: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10
Warn: containerImage not pinned by hash: src/services/gcp/Dockerfile:1
Warn: containerImage not pinned by hash: src/services/gcp/Dockerfile:15: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10
Warn: containerImage not pinned by hash: src/services/gcp/tmp/build/Dockerfile:1: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10
Warn: containerImage not pinned by hash: src/services/namespace/Dockerfile:1
Warn: containerImage not pinned by hash: src/services/namespace/Dockerfile:13: pin your Docker image by updating alpine:3.7 to alpine:3.7@sha256:8421d9a84432575381bfabd248f1eb56f3aa21d9d7cd2511583c68c9b7511d10
Warn: containerImage not pinned by hash: src/services/namespace/tmp/build/Dockerfile:1: pin your Docker image by updating alpine:3.6 to alpine:3.6@sha256:66790a2b79e1ea3e1dabac43990c54aca5d1ddf268d9a5a0285e4167c8b24475
Warn: containerImage not pinned by hash: src/status/cachet/Dockerfile:2
Warn: containerImage not pinned by hash: src/utils/changelog_generator/Dockerfile:1: pin your Docker image by updating ruby:2.4-alpine3.6 to ruby:2.4-alpine3.6@sha256:8bd1ffb980378f1308dc2f4ab6ab1b531fcc768cf8f6cfd41bbbbf614210920e
Warn: pipCommand not pinned by hash: infrabox/test/e2e/Dockerfile:9-11
Warn: pipCommand not pinned by hash: infrabox/test/e2e/Dockerfile:9-11
Warn: pipCommand not pinned by hash: src/docker-registry/nginx/Dockerfile:2-4
Warn: pipCommand not pinned by hash: src/images/base/Dockerfile:29
Warn: pipCommand not pinned by hash: src/images/base/Dockerfile:29
Warn: pipCommand not pinned by hash: src/images/test/Dockerfile:8
Warn: pipCommand not pinned by hash: src/job/Dockerfile:11-31
Warn: pipCommand not pinned by hash: src/job/Dockerfile:11-31
Warn: downloadThenRun not pinned by hash: src/services/aks/Dockerfile:4
Warn: pipCommand not pinned by hash: src/services/aks/Dockerfile:19-26
Warn: pipCommand not pinned by hash: src/services/aks/Dockerfile:19-26
Warn: downloadThenRun not pinned by hash: src/services/gardener/Dockerfile:4
Warn: downloadThenRun not pinned by hash: src/services/gcp/Dockerfile:4
Warn: pipCommand not pinned by hash: src/services/gcp/Dockerfile:20-40
Warn: pipCommand not pinned by hash: src/services/gcp/Dockerfile:20-40
Warn: downloadThenRun not pinned by hash: src/services/namespace/Dockerfile:4
Warn: npmCommand not pinned by hash: infrabox/test/e2e/tests/docker_compose_job/infrabox/server/entrypoint.sh:9
Warn: npmCommand not pinned by hash: src/dashboard-client/build.sh:13
Warn: npmCommand not pinned by hash: src/dashboard-client/run_dev.sh:7
Info: 0 out of 1 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 1 third-party GitHubAction dependencies pinned
Info: 0 out of 81 containerImage dependencies pinned
Info: 0 out of 12 pipCommand dependencies pinned
Info: 0 out of 4 downloadThenRun dependencies pinned
Info: 0 out of 3 npmCommand dependencies pinned