Info: Possibly incomplete results: error parsing shell code: > must be followed by a word: man/Dockerfile.5.md:87
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/e2e.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/e2e.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/e2e.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/validate.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/validate.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/cli/validate.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:18
Warn: containerImage not pinned by hash: Dockerfile:20
Warn: containerImage not pinned by hash: Dockerfile:26
Warn: containerImage not pinned by hash: Dockerfile:31
Warn: containerImage not pinned by hash: Dockerfile:37
Warn: containerImage not pinned by hash: Dockerfile:41
Warn: containerImage not pinned by hash: Dockerfile:47
Warn: containerImage not pinned by hash: Dockerfile:54
Warn: containerImage not pinned by hash: Dockerfile:77
Warn: containerImage not pinned by hash: Dockerfile:88
Warn: containerImage not pinned by hash: Dockerfile:98
Warn: containerImage not pinned by hash: Dockerfile:101
Warn: containerImage not pinned by hash: Dockerfile:104
Warn: containerImage not pinned by hash: Dockerfile:105
Warn: containerImage not pinned by hash: Dockerfile:107
Warn: containerImage not pinned by hash: Dockerfile:122
Warn: containerImage not pinned by hash: Dockerfile:135
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.authors:5
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.authors:14
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.dev:10
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.dev:12
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.dev:16
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.dev:24
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.dev:31
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.dev:38
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.lint:7
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.lint:9
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.shellcheck:3
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.vendor:7
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.vendor:12
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.vendor:27
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.vendor:38
Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.vendor:39
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:24
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:135: pin your Docker image by updating ubuntu to ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:145: pin your Docker image by updating ubuntu to ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:286: pin your Docker image by updating ubuntu to ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:295: pin your Docker image by updating ubuntu to ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:350: pin your Docker image by updating busybox to busybox@sha256:a5d0ce49aa801d475da48f8cb163c354ab95cab073cd3c138bd458fc8257fbf1
Warn: containerImage not pinned by hash: man/Dockerfile.5.md:359: pin your Docker image by updating busybox to busybox@sha256:a5d0ce49aa801d475da48f8cb163c354ab95cab073cd3c138bd458fc8257fbf1
Info: 0 out of 13 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 16 third-party GitHubAction dependencies pinned
Info: 0 out of 40 containerImage dependencies pinned