Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_wheels.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/build_wheels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_master_only.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_pr.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_pr.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_pr.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_pr.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/java_pr.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/java_pr.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/java_pr.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint_pr.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/lint_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linter.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/linter.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linter.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/linter.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master_only.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master_only.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master_only.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master_only.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master_only.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master_only.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master_only.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master_only.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master_only.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/master_only.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/master_only.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-ci.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/nightly-ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/operator-e2e-integration-tests.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/operator-e2e-integration-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/operator-e2e-integration-tests.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/operator-e2e-integration-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/operator_pr.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/operator_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/operator_pr.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/operator_pr.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_integration_tests.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_integration_tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_integration_tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr_integration_tests.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_integration_tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr_integration_tests.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_integration_tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr_integration_tests.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_integration_tests.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_local_integration_tests.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_local_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_local_integration_tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_local_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_local_integration_tests.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_local_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_local_integration_tests.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_local_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_remote_rbac_integration_tests.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_remote_rbac_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_remote_rbac_integration_tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_remote_rbac_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_remote_rbac_integration_tests.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/pr_remote_rbac_integration_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_helm_charts.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_helm_charts.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_helm_charts.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_helm_charts.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_helm_charts.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_helm_charts.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_images.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_images.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_images.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_images.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_images.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_images.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_images.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_images.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_images.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_images.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_images.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_images.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_java_sdk.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_java_sdk.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_java_sdk.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_java_sdk.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_java_sdk.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_java_sdk.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_java_sdk.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_java_sdk.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_python_sdk.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_python_sdk.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_python_sdk.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/publish_python_sdk.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke_tests.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/smoke_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke_tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/smoke_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke_tests.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/smoke_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit_tests.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/unit_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit_tests.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/unit_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit_tests.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/unit_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit_tests.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/unit_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit_tests.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/unit_tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update_stable_branch.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/feast-dev/feast/update_stable_branch.yml/master?enable=pin
Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/vscode/devcontainers/python:3.9-buster to mcr.microsoft.com/vscode/devcontainers/python:3.9-buster@sha256:e4e3453ee5d3243269367711c75921d0d0cdd44ab0383b1c50ef69252d391a82
Warn: containerImage not pinned by hash: .gitpod.Dockerfile:1: pin your Docker image by updating gitpod/workspace-base to gitpod/workspace-base@sha256:7f35e401405c38ebc1185dfc3d6c066f73a524e8b86641453ea4690cc5c24fb6
Warn: containerImage not pinned by hash: go/infra/docker/feature-server/Dockerfile:1: pin your Docker image by updating golang:1.22.5 to golang:1.22.5@sha256:86a3c48a61915a8c62c0e1d7594730399caa3feb73655dfe96c7bc17710e96cf
Warn: containerImage not pinned by hash: infra/feast-helm-operator/Dockerfile:2: pin your Docker image by updating quay.io/operator-framework/helm-operator:v1.34.1 to quay.io/operator-framework/helm-operator:v1.34.1@sha256:ecb23393140d2553d97ba9de4d75a7d9aac6a76c9390d22824941e89b983bb68
Warn: containerImage not pinned by hash: infra/feast-operator/Dockerfile:2
Warn: containerImage not pinned by hash: infra/feast-operator/Dockerfile:25: pin your Docker image by updating registry.access.redhat.com/ubi8/ubi-micro:8.10 to registry.access.redhat.com/ubi8/ubi-micro:8.10@sha256:34d05733611f4c7c9e07e5b00191c9928f1e7d0e126d51276b4bc75eb3331dab
Warn: containerImage not pinned by hash: java/infra/docker/feature-server/Dockerfile:5
Warn: containerImage not pinned by hash: java/infra/docker/feature-server/Dockerfile:33
Warn: containerImage not pinned by hash: java/infra/docker/feature-server/Dockerfile.dev:1
Warn: containerImage not pinned by hash: sdk/python/feast/infra/feature_servers/multicloud/Dockerfile:1: pin your Docker image by updating registry.access.redhat.com/ubi8/python-311:1 to registry.access.redhat.com/ubi8/python-311:1@sha256:552046341bbe2e4a0e89be4401403ccd39293ea53a736db2e5ec695bc6d906aa
Warn: containerImage not pinned by hash: sdk/python/feast/infra/feature_servers/multicloud/Dockerfile.dev:1: pin your Docker image by updating registry.access.redhat.com/ubi8/python-311:1 to registry.access.redhat.com/ubi8/python-311:1@sha256:552046341bbe2e4a0e89be4401403ccd39293ea53a736db2e5ec695bc6d906aa
Warn: containerImage not pinned by hash: sdk/python/feast/infra/materialization/aws_lambda/Dockerfile:1: pin your Docker image by updating public.ecr.aws/lambda/python:3.9 to public.ecr.aws/lambda/python:3.9@sha256:55ab3901df1eb7f0bfc073d5984981a409f80903edf798b25618aa5978d8807f
Warn: containerImage not pinned by hash: sdk/python/feast/infra/materialization/kubernetes/Dockerfile:1
Warn: containerImage not pinned by hash: sdk/python/feast/infra/transformation_servers/Dockerfile:1: pin your Docker image by updating python:3.11-slim to python:3.11-slim@sha256:42420f737ba91d509fc60d5ed65ed0492678a90c561e1fa08786ae8ba8b52eda
Warn: containerImage not pinned by hash: ui/docker/Dockerfile:1: pin your Docker image by updating node:17.9.0-slim to node:17.9.0-slim@sha256:2eb08c3db371c724aa30ecc28a75debf7fdc0ac50340d7b675a3c98c93493d72
Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:4
Warn: downloadThenRun not pinned by hash: .devcontainer/Dockerfile:5
Warn: downloadThenRun not pinned by hash: .gitpod.Dockerfile:3
Warn: downloadThenRun not pinned by hash: .gitpod.Dockerfile:4
Warn: downloadThenRun not pinned by hash: .gitpod.Dockerfile:6
Warn: pipCommand not pinned by hash: sdk/python/feast/infra/feature_servers/multicloud/Dockerfile:4
Warn: npmCommand not pinned by hash: sdk/python/feast/infra/feature_servers/multicloud/Dockerfile.dev:4
Warn: npmCommand not pinned by hash: sdk/python/feast/infra/feature_servers/multicloud/Dockerfile.dev:10-13
Warn: pipCommand not pinned by hash: sdk/python/feast/infra/feature_servers/multicloud/Dockerfile.dev:25-27
Warn: pipCommand not pinned by hash: sdk/python/feast/infra/materialization/aws_lambda/Dockerfile:22
Warn: pipCommand not pinned by hash: sdk/python/feast/infra/materialization/kubernetes/Dockerfile:22
Warn: pipCommand not pinned by hash: sdk/python/feast/infra/transformation_servers/Dockerfile:18
Warn: npmCommand not pinned by hash: ui/docker/Dockerfile:9
Warn: npmCommand not pinned by hash: ui/docker/Dockerfile:20
Warn: pipCommand not pinned by hash: infra/scripts/test-end-to-end.sh:10
Warn: pipCommand not pinned by hash: infra/scripts/test-end-to-end.sh:12
Warn: pipCommand not pinned by hash: .github/workflows/build_wheels.yml:60
Warn: pipCommand not pinned by hash: .github/workflows/build_wheels.yml:95
Warn: pipCommand not pinned by hash: .github/workflows/build_wheels.yml:183
Warn: pipCommand not pinned by hash: .github/workflows/build_wheels.yml:184
Warn: pipCommand not pinned by hash: .github/workflows/build_wheels.yml:189
Warn: downloadThenRun not pinned by hash: .github/workflows/java_master_only.yml:123
Warn: downloadThenRun not pinned by hash: .github/workflows/java_pr.yml:172
Warn: downloadThenRun not pinned by hash: .github/workflows/linter.yml:20
Warn: downloadThenRun not pinned by hash: .github/workflows/master_only.yml:58
Warn: pipCommand not pinned by hash: .github/workflows/nightly-ci.yml:49
Warn: pipCommand not pinned by hash: .github/workflows/nightly-ci.yml:50
Warn: pipCommand not pinned by hash: .github/workflows/nightly-ci.yml:51
Warn: downloadThenRun not pinned by hash: .github/workflows/nightly-ci.yml:122
Warn: downloadThenRun not pinned by hash: .github/workflows/pr_integration_tests.yml:83
Warn: downloadThenRun not pinned by hash: .github/workflows/pr_local_integration_tests.yml:45
Warn: downloadThenRun not pinned by hash: .github/workflows/pr_remote_rbac_integration_tests.yml:45
Warn: downloadThenRun not pinned by hash: .github/workflows/smoke_tests.yml:30
Warn: downloadThenRun not pinned by hash: .github/workflows/unit_tests.yml:38
Info: 0 out of 95 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 39 third-party GitHubAction dependencies pinned
Info: 0 out of 15 containerImage dependencies pinned
Info: 0 out of 15 downloadThenRun dependencies pinned
Info: 2 out of 2 goCommand dependencies pinned
Info: 0 out of 15 pipCommand dependencies pinned
Info: 0 out of 4 npmCommand dependencies pinned