Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/deploy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dev.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/dev.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dev.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/dev.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dev.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/dev.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dev.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/dev.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dev.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/dev.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pages.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pages.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pages.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pages.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pages.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pages.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pages.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/amir20/dozzle/test.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:2
Warn: containerImage not pinned by hash: Dockerfile:25
Warn: goCommand not pinned by hash: Dockerfile:28-31
Warn: goCommand not pinned by hash: Dockerfile:28-31
Warn: goCommand not pinned by hash: .github/workflows/deploy.yml:42
Warn: goCommand not pinned by hash: .github/workflows/deploy.yml:43
Warn: goCommand not pinned by hash: .github/workflows/test.yml:67
Warn: goCommand not pinned by hash: .github/workflows/test.yml:68
Info: 0 out of 32 GitHub-owned GitHubAction dependencies pinned
Info: 2 out of 19 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 0 out of 6 goCommand dependencies pinned