Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-android.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-android.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-android.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-android.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-android.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-android.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-arm.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-arm.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-arm.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-arm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-arm.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-arm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-arm64.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-arm64.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-arm64.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-arm64.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-arm64.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-arm64.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-linux.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-linux.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-linux.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-linux.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-linux.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-linux.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-mac-intel.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-mac-intel.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-mac-intel.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-mac-intel.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-mac-intel.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-mac-intel.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-mac.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-mac.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-mac.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-mac.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-mac.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-mac.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-windows.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-windows.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-windows.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-windows.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/build-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/go.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/alexballas/go2tv/go.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating golang:1.23 to golang:1.23@sha256:927112936d6b496ed95f55f362cc09da6e3e624ef868814c56d55bd7323e0959
Warn: goCommand not pinned by hash: .github/workflows/build-android.yml:23
Warn: goCommand not pinned by hash: .github/workflows/build-mac-intel.yml:23
Warn: goCommand not pinned by hash: .github/workflows/build-mac.yml:23
Warn: goCommand not pinned by hash: .github/workflows/build-windows.yml:26
Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned
Info: 0 out of 4 goCommand dependencies pinned