Info: Possibly incomplete results: error parsing shell code: ? must follow an expression: .github/actions/check-go-modules/entrypoint.sh:0
Info: Possibly incomplete results: error parsing shell code: "then" can only be used in an if: infrastructure/cdn-in-a-box/health/Dockerfile:0
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.fo.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.fo.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.fo.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.fo.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.fo.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.fo.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.fo.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.fo.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.todb.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.todb.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.todb.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.todb.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.todb.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.todb.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ansible.molecule.todb.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ansible.molecule.todb.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/assign-triage-role.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/assign-triage-role.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/assign-triage-role.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/assign-triage-role.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config-tests.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config.unit.tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cache-config.unit.tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config.unit.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cache-config.unit.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/cache-config.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-go-modules.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/check-go-modules.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-go-modules.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/check-go-modules.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromdriver-update.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/chromdriver-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromdriver-update.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/chromdriver-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromdriver-update.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/chromdriver-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromdriver-update.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/chromdriver-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromdriver-update.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/chromdriver-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromdriver-update.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/chromdriver-update.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:261: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:315: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:319: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:326: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:334: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:217: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ciab.yaml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/ciab.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.cpp.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.cpp.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.cpp.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.cpp.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.cpp.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.cpp.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.go.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.go.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.go.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.go.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.go.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.go.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.java.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.java.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.java.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.java.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.java.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.java.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.java.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.java.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.javascript.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.javascript.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.javascript.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.javascript.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.javascript.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.javascript.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.javascript.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.javascript.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.python.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.python.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.python.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.python.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.python.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.python.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.python.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/codeql.python.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-trafficserver-alpine.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/container-trafficserver-alpine.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-trafficserver-alpine.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/container-trafficserver-alpine.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-trafficserver-alpine.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/container-trafficserver-alpine.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-trafficserver-alpine.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/container-trafficserver-alpine.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.fmt.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.fmt.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.fmt.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.fmt.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.lib.unit.tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.lib.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.lib.unit.tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.lib.unit.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.lib.unit.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.lib.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.vet.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.vet.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.vet.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/go.vet.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/grove.unit.tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/grove.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/grove.unit.tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/grove.unit.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/grove.unit.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/grove.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/health-client-tests.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/health-client-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license-file-coverage.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/license-file-coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license-file-coverage.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/license-file-coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license-file-coverage.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/license-file-coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/postinstall.tests.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/postinstall.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/postinstall.tests.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/postinstall.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-to-update-go.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/pr-to-update-go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-to-update-go.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/pr-to-update-go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-to-update-go.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/pr-to-update-go.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tm.integration.tests.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tm.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tm.integration.tests.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tm.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tm.unit.tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tm.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tm.unit.tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tm.unit.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tm.unit.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tm.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.api.contract.tests.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.api.contract.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.api.contract.tests.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.api.contract.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.api.contract.tests.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.api.contract.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.api.contract.tests.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.api.contract.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.api.contract.tests.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.api.contract.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.api.contract.tests.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.api.contract.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:208: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:246: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.integration.tests.yml:287: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.unit.tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/to.unit.tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.unit.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/to.unit.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/to.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tp.integration.tests.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tp.integration.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tpv2.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tpv2.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tpv2.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr-ultimate-test-harness.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr-ultimate-test-harness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr-ultimate-test-harness.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr-ultimate-test-harness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr-ultimate-test-harness.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr-ultimate-test-harness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr-ultimate-test-harness.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr-ultimate-test-harness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr-ultimate-test-harness.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr-ultimate-test-harness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr.tests.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr.tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr.tests.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr.tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tr.tests.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr.tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr.tests.yaml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr.tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tr.tests.yaml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/tr.tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/traffic-stats.unit.tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/traffic-stats.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/traffic-stats.unit.tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/traffic-stats.unit.tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/traffic-stats.unit.tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/traffic-stats.unit.tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/traffic.ops.database.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/traffic.ops.database.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weasel.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/trafficcontrol/weasel.yml/master?enable=pin
Warn: containerImage not pinned by hash: .github/containers/trafficserver-alpine/Dockerfile:18
Warn: containerImage not pinned by hash: .github/containers/trafficserver-alpine/Dockerfile:64: pin your Docker image by updating alpine:3.18 to alpine:3.18@sha256:dd60c75fba961ecc5e918961c713f3c42dd5665171c58f9b2ef5aafe081ad5a0
Warn: containerImage not pinned by hash: cache-config/testing/docker/ort_test/Dockerfile:29
Warn: containerImage not pinned by hash: cache-config/testing/docker/traffic_ops/Dockerfile:25
Warn: containerImage not pinned by hash: cache-config/testing/docker/trafficserver/Dockerfile:24
Warn: containerImage not pinned by hash: cache-config/testing/docker/yumserver/Dockerfile:23: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: dev/t3c/Dockerfile:19
Warn: containerImage not pinned by hash: dev/t3c/Dockerfile:20
Warn: containerImage not pinned by hash: dev/tpv2/Dockerfile:14
Warn: containerImage not pinned by hash: dev/tpv2/Dockerfile:26
Warn: containerImage not pinned by hash: dev/traffic_monitor/Dockerfile:15
Warn: containerImage not pinned by hash: dev/traffic_ops/Dockerfile:15
Warn: containerImage not pinned by hash: dev/traffic_ops/Dockerfile:26
Warn: containerImage not pinned by hash: dev/traffic_portal/Dockerfile:14
Warn: containerImage not pinned by hash: dev/traffic_portal/Dockerfile:25
Warn: containerImage not pinned by hash: dev/traffic_router/Dockerfile:14
Warn: containerImage not pinned by hash: experimental/postgrest/Postgrest_Dockerfile:25: pin your Docker image by updating ubuntu:15.10 to ubuntu:15.10@sha256:02521a2d079595241c6793b2044f02eecf294034f31d6e235ac4b2b54ffc41f3
Warn: containerImage not pinned by hash: experimental/url-rewriter-nginx/Url_Rewriter_Dockerfile:24: pin your Docker image by updating nginx:1.9 to nginx:1.9@sha256:54313b5c376892d55205f13d620bc3dcccc8e70e596d083953f95e94f071f6db
Warn: containerImage not pinned by hash: experimental/webfront/Dockerfile:17: pin your Docker image by updating golang to golang@sha256:927112936d6b496ed95f55f362cc09da6e3e624ef868814c56d55bd7323e0959
Warn: containerImage not pinned by hash: grove/docker/Dockerfile:20: pin your Docker image by updating centos/systemd to centos/systemd@sha256:09db0255d215ca33710cc42e1a91b9002637eeef71322ca641947e65b7d53b58
Warn: containerImage not pinned by hash: grove/integration_test/Dockerfile:19: pin your Docker image by updating centos:7 to centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4
Warn: containerImage not pinned by hash: infrastructure/ansible/sample.lab/Ansible.Dockerfile:15: pin your Docker image by updating centos:7.4.1708 to centos:7.4.1708@sha256:8906d699cbd9406b07a105bedebc14a5945c200971b0a3a067aa245badc545b2
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:27
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:81
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:135
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:139
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:143
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:147
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:151
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:156
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/dns/Dockerfile:17: pin your Docker image by updating ubuntu:18.04 to ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:19
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:20
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:34
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:64
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:67
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:88
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:92
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/grafana/Dockerfile:18: pin your Docker image by updating grafana/grafana:10.2.3-ubuntu to grafana/grafana:10.2.3-ubuntu@sha256:d292a458726385a81fcf71c8fd4a67b6976f527585fc82cb6e24825d01c5797a
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/socksproxy/Dockerfile:25
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_portal_v2/Dockerfile:26
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_portal_v2_e2e_test/Dockerfile:21
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_portal_v2_e2e_test/Dockerfile:55
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_portal_v2_e2e_test/Dockerfile:69
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_vault/Dockerfile:17: pin your Docker image by updating basho/riak-kv:ubuntu-2.2.3 to basho/riak-kv:ubuntu-2.2.3@sha256:4ea3b1178c4be2650086613a4ff4a6d702b52cf25415b233951ec0a32f3c4a8a
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/vnc/Dockerfile:21
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/optional/vpn/Dockerfile:18: pin your Docker image by updating ubuntu:18.04 to ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/origin/Dockerfile:23: pin your Docker image by updating alpine:3.13 to alpine:3.13@sha256:469b6e04ee185740477efa44ed5bdd64a07bbdd6c7e5f5d169e540889597b911
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/readiness/Dockerfile:18: pin your Docker image by updating alpine:3.13 to alpine:3.13@sha256:469b6e04ee185740477efa44ed5bdd64a07bbdd6c7e5f5d169e540889597b911
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/smtp/Dockerfile:18: pin your Docker image by updating maildev/maildev:2.0.0-beta3 to maildev/maildev:2.0.0-beta3@sha256:31c4235d6ff8fc63e99e90f9ed17de148c32e16463883349c414911c50e98a1d
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/static/Dockerfile:23: pin your Docker image by updating alpine:3.13 to alpine:3.13@sha256:469b6e04ee185740477efa44ed5bdd64a07bbdd6c7e5f5d169e540889597b911
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_monitor/Dockerfile:25
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_monitor/Dockerfile:47
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_monitor/Dockerfile:72
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_monitor/Dockerfile:77
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_monitor/Dockerfile:81
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile:26
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile:91
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile:132
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile:137
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile:142
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile-db:23
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops_integration_test/Dockerfile:19
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops_integration_test/Dockerfile:20
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops_integration_test/Dockerfile:54: pin your Docker image by updating alpine:3.13 to alpine:3.13@sha256:469b6e04ee185740477efa44ed5bdd64a07bbdd6c7e5f5d169e540889597b911
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal/Dockerfile:26
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal_integration_test/Dockerfile:21
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal_integration_test/Dockerfile:48
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal_integration_test/Dockerfile:62
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_router/Dockerfile:25
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_router_load_test/Dockerfile:19
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_router_load_test/Dockerfile:20
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_router_load_test/Dockerfile:38
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile:25
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile:45
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile:64
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile:69
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile:73
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile-influxdb:18: pin your Docker image by updating influxdb:1.7.3 to influxdb:1.7.3@sha256:5c55b037533d285728e2920c369bb1cb91a47cce93bf6cc4c77f6ce0b804cbcf
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/varnish/Dockerfile:21
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/varnish/Dockerfile:27
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/varnish/Dockerfile:66
Warn: containerImage not pinned by hash: infrastructure/cdn-in-a-box/varnish/Dockerfile:70
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-cache-config:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-cache-config:51
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-docs:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-docs:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-fakeOrigin:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-fakeOrigin:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-grove:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-grove:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-grovetccfg:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-grovetccfg:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-source:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-source:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-tc-health-client:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-tc-health-client:51
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_monitor:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_monitor:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_ops:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_ops:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_portal:19
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_portal_v2:18
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_router:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_router:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_stats:20
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_stats:43
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-tsb:21
Warn: containerImage not pinned by hash: infrastructure/docker/build/Dockerfile-tsb:32
Warn: containerImage not pinned by hash: tc-health-client/testing/docker/db_init/Dockerfile:23: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: tc-health-client/testing/docker/health-check-test/Dockerfile:28
Warn: containerImage not pinned by hash: tc-health-client/testing/docker/traffic_ops/Dockerfile:25
Warn: containerImage not pinned by hash: test/fakeOrigin/Dockerfile:18: pin your Docker image by updating golang:1.11 to golang:1.11@sha256:e972c78795b22d5cfab02ac410aa2305fcc036319a7af51065d1af583cd3ec04
Warn: containerImage not pinned by hash: tools/golang/Dockerfile:19
Warn: containerImage not pinned by hash: tools/golang/Dockerfile:20
Warn: containerImage not pinned by hash: tools/golang/Dockerfile:40
Warn: containerImage not pinned by hash: tools/golang/Dockerfile:53
Warn: containerImage not pinned by hash: traffic_monitor/tests/Dockerfile-golangtest:15
Warn: containerImage not pinned by hash: traffic_monitor/tests/Dockerfile-golangtest:16: pin your Docker image by updating debian:buster to debian:buster@sha256:58ce6f1271ae1c8a2006ff7d3e54e9874d839f573d8009c20154ad0f2fb0a225
Warn: containerImage not pinned by hash: traffic_monitor/tests/_integration/Dockerfile:24
Warn: containerImage not pinned by hash: traffic_monitor/tests/_integration/Dockerfile:25: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: traffic_monitor/tests/_integration/tm/Dockerfile:23: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: traffic_monitor/tools/testcaches/Dockerfile:18: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: traffic_monitor/tools/testto/Dockerfile:18: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: traffic_ops/app/bin/tests/Dockerfile-golangtest:15
Warn: containerImage not pinned by hash: traffic_ops/app/bin/tests/Dockerfile-golangtest:16: pin your Docker image by updating debian:buster to debian:buster@sha256:58ce6f1271ae1c8a2006ff7d3e54e9874d839f573d8009c20154ad0f2fb0a225
Warn: containerImage not pinned by hash: traffic_ops/app/db/trafficvault/test/Dockerfile-db-admin:22: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: traffic_ops/app/db/trafficvault/test/Dockerfile-tvdb:23
Warn: containerImage not pinned by hash: traffic_ops/traffic_ops_golang/swaggerdocs/v13/Dockerfile:20
Warn: containerImage not pinned by hash: traffic_ops/traffic_ops_golang/swaggerdocs/v13/Dockerfile:23
Warn: containerImage not pinned by hash: traffic_ops/traffic_ops_golang/swaggerdocs/v13/swaggerspec/Dockerfile:19: pin your Docker image by updating python:2 to python:2@sha256:cfa62318c459b1fde9e0841c619906d15ada5910d625176e24bf692cf8a2601d
Warn: containerImage not pinned by hash: traffic_ops_db/docker/Dockerfile:15
Warn: containerImage not pinned by hash: traffic_ops_db/test/docker/Dockerfile-db:23
Warn: containerImage not pinned by hash: traffic_ops_db/test/docker/Dockerfile-db-admin:22: pin your Docker image by updating rockylinux:8 to rockylinux:8@sha256:9794037624aaa6212aeada1d28861ef5e0a935adaf93e4ef79837119f2a2d04c
Warn: containerImage not pinned by hash: traffic_router/tests/Dockerfile-test-alpine:14: pin your Docker image by updating alpine:3.13 to alpine:3.13@sha256:469b6e04ee185740477efa44ed5bdd64a07bbdd6c7e5f5d169e540889597b911
Warn: containerImage not pinned by hash: traffic_router/tests/Dockerfile-test-centos:14: pin your Docker image by updating centos:7 to centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4
Warn: containerImage not pinned by hash: traffic_server/_tsb/Dockerfile:22
Warn: containerImage not pinned by hash: traffic_server/_tsb/Dockerfile:47
Warn: goCommand not pinned by hash: dev/t3c/Dockerfile:31-39
Warn: goCommand not pinned by hash: dev/traffic_monitor/Dockerfile:21-23
Warn: goCommand not pinned by hash: dev/traffic_ops/Dockerfile:34-36
Warn: pipCommand not pinned by hash: infrastructure/ansible/sample.lab/Ansible.Dockerfile:17-31
Warn: pipCommand not pinned by hash: infrastructure/ansible/sample.lab/Ansible.Dockerfile:17-31
Warn: pipCommand not pinned by hash: infrastructure/ansible/sample.lab/Ansible.Dockerfile:17-31
Warn: goCommand not pinned by hash: infrastructure/cdn-in-a-box/cache/Dockerfile:136-137
Warn: goCommand not pinned by hash: infrastructure/cdn-in-a-box/enroller/Dockerfile:65
Warn: downloadThenRun not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_portal_v2/Dockerfile:33-34
Warn: downloadThenRun not pinned by hash: infrastructure/cdn-in-a-box/optional/traffic_portal_v2_e2e_test/Dockerfile:57-58
Warn: goCommand not pinned by hash: infrastructure/cdn-in-a-box/traffic_monitor/Dockerfile:74-75
Warn: goCommand not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops/Dockerfile:134-135
Warn: goCommand not pinned by hash: infrastructure/cdn-in-a-box/traffic_ops_integration_test/Dockerfile:30
Warn: downloadThenRun not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal/Dockerfile:33-34
Warn: downloadThenRun not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal_integration_test/Dockerfile:50-51
Warn: npmCommand not pinned by hash: infrastructure/cdn-in-a-box/traffic_portal_integration_test/Dockerfile:60
Warn: goCommand not pinned by hash: infrastructure/cdn-in-a-box/traffic_stats/Dockerfile:66-67
Warn: downloadThenRun not pinned by hash: infrastructure/cdn-in-a-box/varnish/Dockerfile:34
Warn: pipCommand not pinned by hash: infrastructure/docker/build/Dockerfile-docs:58-59
Warn: pipCommand not pinned by hash: infrastructure/docker/build/Dockerfile-docs:58-59
Warn: downloadThenRun not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_portal:41-42
Warn: npmCommand not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_portal:44
Warn: downloadThenRun not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_portal_v2:40-41
Warn: npmCommand not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_portal_v2:43
Warn: downloadThenRun not pinned by hash: infrastructure/docker/build/Dockerfile-traffic_stats:45-46
Warn: goCommand not pinned by hash: tools/golang/Dockerfile:57-58
Warn: goCommand not pinned by hash: tools/golang/Dockerfile:57-58
Warn: goCommand not pinned by hash: traffic_monitor/tests/Dockerfile-golangtest:46
Warn: pipCommand not pinned by hash: traffic_ops/traffic_ops_golang/swaggerdocs/v13/swaggerspec/Dockerfile:25
Warn: pipCommand not pinned by hash: traffic_server/_tsb/Dockerfile:106
Warn: npmCommand not pinned by hash: .github/actions/chromedriver-updater/entrypoint.sh:51
Warn: npmCommand not pinned by hash: .github/actions/tp-integration-tests/entrypoint.sh:83
Warn: npmCommand not pinned by hash: dev/tpv2/run.sh:38
Warn: npmCommand not pinned by hash: dev/traffic_portal/run.sh:38
Warn: npmCommand not pinned by hash: traffic_portal/test/integration/runtests.bash:17
Warn: npmCommand not pinned by hash: traffic_stats/build/build_rpm.sh:84
Warn: pipCommand not pinned by hash: .github/workflows/ansible.molecule.fo.yml:49
Warn: pipCommand not pinned by hash: .github/workflows/ansible.molecule.fo.yml:80
Warn: pipCommand not pinned by hash: .github/workflows/ansible.molecule.todb.yml:49
Warn: pipCommand not pinned by hash: .github/workflows/ansible.molecule.todb.yml:81
Warn: pipCommand not pinned by hash: .github/workflows/assign-triage-role.yml:55
Warn: pipCommand not pinned by hash: .github/workflows/chromdriver-update.yml:45
Warn: pipCommand not pinned by hash: .github/workflows/chromdriver-update.yml:70
Warn: pipCommand not pinned by hash: .github/workflows/pr-to-update-go.yml:48
Warn: pipCommand not pinned by hash: .github/workflows/to.api.contract.tests.yml:93
Warn: pipCommand not pinned by hash: .github/workflows/to.api.contract.tests.yml:96
Warn: pipCommand not pinned by hash: .github/workflows/to.api.contract.tests.yml:97
Warn: pipCommand not pinned by hash: .github/workflows/to.api.contract.tests.yml:98
Info: 0 out of 177 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 13 third-party GitHubAction dependencies pinned
Info: 5 out of 143 containerImage dependencies pinned
Info: 2 out of 14 goCommand dependencies pinned
Info: 0 out of 19 pipCommand dependencies pinned
Info: 0 out of 8 downloadThenRun dependencies pinned
Info: 12 out of 21 npmCommand dependencies pinned