Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-main.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-main.yml:208: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-main.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-main.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-main.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-main.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-main.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-main.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-sub.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-sub.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-sub.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-sub.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-sub.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-sub.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-sub.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/ci-sub.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-build.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/doc-build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-build.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/doc-build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/doc-build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/doc-build.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/doc-build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/format-code-on-push.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/format-code-on-push.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/format-code-on-push.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/format-code-on-push.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gitee-sync.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/gitee-sync.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gitee-sync.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/gitee-sync.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/golangci-lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/golangci-lint.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/golangci-lint.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-check-inactive.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/issue-check-inactive.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-close-inactive.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/issue-close-inactive.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-labeled.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/issue-labeled.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-remove-inactive.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/issue-remove-inactive.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-remove-need-more-details.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/issue-remove-need-more-details.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-translator.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/issue-translator.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonarcloud.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/sonarcloud.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sonarcloud.yaml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/sonarcloud.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonarcloud.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/sonarcloud.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gogf/gf/tag.yml/master?enable=pin
Warn: goCommand not pinned by hash: .github/workflows/before_script.sh:5
Warn: goCommand not pinned by hash: .github/workflows/ci-main.yml:236
Warn: goCommand not pinned by hash: .github/workflows/ci-main.yml:237
Warn: goCommand not pinned by hash: .github/workflows/format-code-on-push.yml:22
Info: 1 out of 18 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 17 third-party GitHubAction dependencies pinned
Info: 0 out of 4 goCommand dependencies pinned
Info: 1 out of 1 npmCommand dependencies pinned