Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: tools/notary-migration-fix.sh:51
Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: tools/notary-migration-fix.sh:55
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:269: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:273: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:320: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:334: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/CI.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto_assign_prs.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/auto_assign_prs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-package.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-package.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-package.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-package.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-package.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-package.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-package.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-package.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/build-package.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/conformance_test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/conformance_test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/conformance_test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/conformance_test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/conformance_test.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/conformance_test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/conformance_test.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/conformance_test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/conformance_test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/conformance_test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping-stale-issues-prs.yaml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/housekeeping-stale-issues-prs.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label_check.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/label_check.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-trivy-scan.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/nightly-trivy-scan.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-trivy-scan.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/nightly-trivy-scan.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-trivy-scan.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/nightly-trivy-scan.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_release.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/publish_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/publish_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/publish_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/publish_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_release.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/publish_release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_release.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/goharbor/harbor/publish_release.yml/main?enable=pin
Warn: containerImage not pinned by hash: make/photon/core/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/core/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/db/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/db/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/exporter/Dockerfile:5
Warn: containerImage not pinned by hash: make/photon/exporter/Dockerfile:15
Warn: containerImage not pinned by hash: make/photon/exporter/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/jobservice/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/jobservice/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/log/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/log/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/nginx/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/nginx/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/portal/Dockerfile:4
Warn: containerImage not pinned by hash: make/photon/portal/Dockerfile:25
Warn: containerImage not pinned by hash: make/photon/portal/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/prepare/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/prepare/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/redis/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/redis/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/registry/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/registry/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/registry/Dockerfile.binary:1: pin your Docker image by updating golang:1.23.2 to golang:1.23.2@sha256:ad5c126b5cf501a8caef751a243bb717ec204ab1aa56dc41dc11be089fafcb4f
Warn: containerImage not pinned by hash: make/photon/registryctl/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/registryctl/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/standalone-db-migrator/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/trivy-adapter/Dockerfile:3
Warn: containerImage not pinned by hash: make/photon/trivy-adapter/Dockerfile.base:1: pin your Docker image by updating photon:5.0 to photon:5.0@sha256:df32a2bcf3f7e7ae03b6810656d9d8a3e1ea117f4f25ddaaf2a47ade8fbc424d
Warn: containerImage not pinned by hash: make/photon/trivy-adapter/Dockerfile.binary:1: pin your Docker image by updating golang:1.23.2 to golang:1.23.2@sha256:ad5c126b5cf501a8caef751a243bb717ec204ab1aa56dc41dc11be089fafcb4f
Warn: containerImage not pinned by hash: src/portal/docker-build/Dockerfile:1
Warn: containerImage not pinned by hash: src/portal/docker-build/Dockerfile:19: pin your Docker image by updating nginx:1.17 to nginx:1.17@sha256:6fff55753e3b34e36e24e37039ee9eae1fe38a6420d8ae16ef37c92d1eb26699
Warn: containerImage not pinned by hash: tests/robot-cases/Group2-Longevity/Dockerfile.longevity:1: pin your Docker image by updating busybox:1.26 to busybox:1.26@sha256:be3c11fdba7cfe299214e46edc642e09514dbb9bbefcd0d3836c05a1e0cd0642
Warn: containerImage not pinned by hash: tests/test-engine-image/Dockerfile.api_test:2: pin your Docker image by updating photon:4.0 to photon:4.0@sha256:dee27a183d8d03c833f747c6f7299c081d7820b865ee0c2be2c15fa50a0ee811
Warn: containerImage not pinned by hash: tests/test-engine-image/Dockerfile.common:1
Warn: containerImage not pinned by hash: tests/test-engine-image/Dockerfile.ui_test:2: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
Warn: containerImage not pinned by hash: tools/migrate_chart/Dockerfile:1: pin your Docker image by updating python:3.8.5-slim to python:3.8.5-slim@sha256:502cd057453744145010eceb5a4af1e4f04ebed54f6e1e8d23d29ebe2afdbe6d
Warn: containerImage not pinned by hash: tools/mockery/Dockerfile:2
Warn: containerImage not pinned by hash: tools/spectral/Dockerfile:2
Warn: containerImage not pinned by hash: tools/swagger/Dockerfile:2
Warn: npmCommand not pinned by hash: make/photon/portal/Dockerfile:14
Warn: npmCommand not pinned by hash: make/photon/portal/Dockerfile:17-18
Warn: npmCommand not pinned by hash: make/photon/portal/Dockerfile:22
Warn: pipCommand not pinned by hash: make/photon/prepare/Dockerfile.base:4
Warn: npmCommand not pinned by hash: src/portal/docker-build/Dockerfile:11
Warn: npmCommand not pinned by hash: src/portal/docker-build/Dockerfile:16
Warn: pipCommand not pinned by hash: tests/test-engine-image/Dockerfile.api_test:12-31
Warn: pipCommand not pinned by hash: tests/test-engine-image/Dockerfile.ui_test:35-37
Warn: pipCommand not pinned by hash: tests/test-engine-image/Dockerfile.ui_test:39-43
Warn: pipCommand not pinned by hash: tools/migrate_chart/Dockerfile:9-13
Warn: pipCommand not pinned by hash: tools/migrate_chart/Dockerfile:9-13
Warn: pipCommand not pinned by hash: tools/migrate_chart/Dockerfile:9-13
Warn: npmCommand not pinned by hash: tests/ci/ui_ut_run.sh:6
Warn: npmCommand not pinned by hash: tests/ci/ui_ut_run.sh:7
Warn: npmCommand not pinned by hash: tests/ci/ui_ut_run.sh:8
Warn: goCommand not pinned by hash: tests/ci/ut_install.sh:14
Warn: goCommand not pinned by hash: tests/ci/ut_install.sh:15
Warn: goCommand not pinned by hash: tests/ci/ut_install.sh:16
Warn: downloadThenRun not pinned by hash: tests/ci/ut_install.sh:21
Info: 0 out of 26 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 16 third-party GitHubAction dependencies pinned
Info: 0 out of 39 containerImage dependencies pinned
Info: 0 out of 8 npmCommand dependencies pinned
Info: 0 out of 7 pipCommand dependencies pinned
Info: 0 out of 3 goCommand dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned