Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/build.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/build.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/build.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/build.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/build.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2eTests.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/e2eTests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2eTests.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/e2eTests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yaml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/golangci-lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/golangci-lint.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/golangci-lint.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/golangci-lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/k3s-e2eTests.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/k3s-e2eTests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/k3s-e2eTests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/k3s-e2eTests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trivy.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/trivy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trivy.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/trivy.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/trivy.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/trivy.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trivy.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/flannel-io/flannel/trivy.yml/master?enable=pin
Warn: containerImage not pinned by hash: e2e/Dockerfile:4
Warn: containerImage not pinned by hash: images/Dockerfile:1
Warn: containerImage not pinned by hash: images/Dockerfile:3
Warn: containerImage not pinned by hash: images/Dockerfile:28: pin your Docker image by updating alpine:20250108 to alpine:20250108@sha256:115729ec5cb049ba6359c3ab005ac742012d92bbaa5b8bc1a878f1e8f62c0cb8
Warn: containerImage not pinned by hash: images/iperf3/Dockerfile:1
Info: 0 out of 25 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 18 third-party GitHubAction dependencies pinned
Info: 0 out of 5 containerImage dependencies pinned