Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/alerting-swagger-gen.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/alerting-swagger-gen.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/alerting-update-module.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/alerting-update-module.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/alerting-update-module.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/alerting-update-module.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analytics-events-report.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/analytics-events-report.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analytics-events-report.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/analytics-events-report.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-code-checks.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-code-checks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-code-checks.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-code-checks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-unit-tests.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-unit-tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-unit-tests.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-unit-tests.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backend-unit-tests.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport-trigger.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backport-trigger.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/backport-workflow.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backport-workflow.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport-workflow.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backport-workflow.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport-workflow.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backport-workflow.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/backport-workflow.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/backport-workflow.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bump-version.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/bump-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/changelog.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/changelog.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/changelog.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/changelog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeowners-validator.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/codeowners-validator.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/commands.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/commands.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commands.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/commands.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/community-release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/community-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/community-release.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/community-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/core-plugins-build-and-release.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/core-plugins-build-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/core-plugins-build-and-release.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/core-plugins-build-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/core-plugins-build-and-release.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/core-plugins-build-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/core-plugins-build-and-release.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/core-plugins-build-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-next-release-branch.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/create-next-release-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-next-release-branch.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/create-next-release-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-security-branch.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/create-security-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-security-branch.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/create-security-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-security-patch-from-security-mirror.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/create-security-patch-from-security-mirror.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dashboards-issue-add-label.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/dashboards-issue-add-label.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-pr-preview.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/deploy-pr-preview.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-storybook-preview.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/deploy-storybook-preview.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-storybook-preview.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/deploy-storybook-preview.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-storybook-preview.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/deploy-storybook-preview.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-storybook-preview.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/deploy-storybook-preview.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:337: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:353: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:371: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/detect-breaking-changes-levitate.yml:388: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/detect-breaking-changes-levitate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation-ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/documentation-ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/documentation-ci.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/documentation-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-dashboard-new-layouts.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/e2e-dashboard-new-layouts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-dashboard-new-layouts.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/e2e-dashboard-new-layouts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-dashboard-new-layouts.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/e2e-dashboard-new-layouts.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ephemeral-instances-pr-comment.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/ephemeral-instances-pr-comment.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/feature-toggles-ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/feature-toggles-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/feature-toggles-ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/feature-toggles-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/frontend-lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/frontend-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/github-release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/github-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-lint.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/go-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/go-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/i18n-crowdin-create-tasks.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/i18n-crowdin-create-tasks.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/i18n-crowdin-download.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/i18n-crowdin-download.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/i18n-crowdin-upload.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/i18n-crowdin-upload.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/i18n-verify.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/i18n-verify.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-opened.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/issue-opened.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-opened.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/issue-opened.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-opened.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/issue-opened.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-opened.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/issue-opened.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-opened.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/issue-opened.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-build-docs.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/lint-build-docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-build-docs.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/lint-build-docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/migrate-prs.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/migrate-prs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/migrate-prs.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/migrate-prs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-checks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-codeql-analysis-javascript.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-codeql-analysis-javascript.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-codeql-analysis-javascript.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-codeql-analysis-javascript.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-codeql-analysis-javascript.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-codeql-analysis-javascript.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-codeql-analysis-python.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-codeql-analysis-python.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-codeql-analysis-python.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-codeql-analysis-python.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-codeql-analysis-python.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-codeql-analysis-python.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-commands.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-commands.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-dependabot-update-go-workspace.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-dependabot-update-go-workspace.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-dependabot-update-go-workspace.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-dependabot-update-go-workspace.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-dependabot-update-go-workspace.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-dependabot-update-go-workspace.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-e2e-tests.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-frontend-unit-tests.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-frontend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-frontend-unit-tests.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-frontend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-frontend-unit-tests.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-frontend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-frontend-unit-tests.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-frontend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-frontend-unit-tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-frontend-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-go-workspace-check.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-go-workspace-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-k8s-codegen-check.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-k8s-codegen-check.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-patch-check-event.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-patch-check-event.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-patch-check.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-patch-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-patch-check.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-patch-check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-test-integration.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-test-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-test-integration.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-test-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-test-integration.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-test-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-test-integration.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-test-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-test-integration.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-test-integration.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-test-integration.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/pr-test-integration.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-artifact.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-artifact.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-artifact.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-artifact.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-kinds-next.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-kinds-next.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-kinds-next.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-kinds-next.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-kinds-release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-kinds-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-kinds-release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-kinds-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-kinds-release.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-kinds-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-next.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-technical-documentation-next.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-next.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-technical-documentation-next.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-technical-documentation-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-technical-documentation-release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/publish-technical-documentation-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-build.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-build.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-build.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-comms.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-comms.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-comms.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-comms.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-comms.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-comms.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-comms.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-comms.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-comms.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-comms.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-comms.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-comms.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-pr.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-pr.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-pr.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-pr.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-pr.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-dashboard-search-e2e.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-dashboard-search-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-schema-v2-e2e.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-schema-v2-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-schema-v2-e2e.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-schema-v2-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-schema-v2-e2e.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/run-schema-v2-e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/shellcheck.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/shellcheck.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/skye-add-to-project.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/skye-add-to-project.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/stale.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook-verification.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/storybook-verification.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook-verification.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/storybook-verification.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/swagger-gen.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/swagger-gen.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/swagger-gen.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/swagger-gen.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-mirror-event.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/sync-mirror-event.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-mirror-event.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/sync-mirror-event.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trivy-scan.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/trivy-scan.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trivy-scan.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/trivy-scan.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trufflehog.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/trufflehog.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-make-docs.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/update-make-docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-make-docs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/update-make-docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-kinds.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/grafana/grafana/verify-kinds.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:17
Warn: containerImage not pinned by hash: Dockerfile:18
Warn: containerImage not pinned by hash: Dockerfile:19
Warn: containerImage not pinned by hash: Dockerfile:20
Warn: containerImage not pinned by hash: Dockerfile:23
Warn: containerImage not pinned by hash: Dockerfile:49
Warn: containerImage not pinned by hash: Dockerfile:121
Warn: containerImage not pinned by hash: Dockerfile:133
Warn: containerImage not pinned by hash: Dockerfile:134
Warn: containerImage not pinned by hash: Dockerfile:137
Warn: containerImage not pinned by hash: devenv/docker/blocks/alert_webhook_listener/Dockerfile:2: pin your Docker image by updating golang:latest to golang:latest@sha256:14fd8a55e59a560704e5fc44970b301d00d344e45d6b914dda228e09f359a088
Warn: containerImage not pinned by hash: devenv/docker/blocks/auth/apache_proxy/Dockerfile:1: pin your Docker image by updating jmferrer/apache2-reverse-proxy:latest to jmferrer/apache2-reverse-proxy:latest@sha256:cd958b3505d180aa6f8b8491be8a9abdd1d8b0fdd2c1b382912f5d52a0df9d83
Warn: containerImage not pinned by hash: devenv/docker/blocks/auth/apache_proxy_mac/Dockerfile:1: pin your Docker image by updating jmferrer/apache2-reverse-proxy:latest to jmferrer/apache2-reverse-proxy:latest@sha256:cd958b3505d180aa6f8b8491be8a9abdd1d8b0fdd2c1b382912f5d52a0df9d83
Warn: containerImage not pinned by hash: devenv/docker/blocks/auth/nginx_proxy_mac/Dockerfile:1: pin your Docker image by updating nginx:1.19.3-alpine to nginx:1.19.3-alpine@sha256:5aa44b407756b274a600c7399418bdfb1d02c33317ae27fd5e8a333afb115db1
Warn: containerImage not pinned by hash: devenv/docker/blocks/auth/prometheus_basic_auth_proxy/Dockerfile:1: pin your Docker image by updating nginx:1.19.3-alpine to nginx:1.19.3-alpine@sha256:5aa44b407756b274a600c7399418bdfb1d02c33317ae27fd5e8a333afb115db1
Warn: containerImage not pinned by hash: devenv/docker/blocks/caddy_tls/build/Dockerfile:1: pin your Docker image by updating caddy:2.8.4-alpine to caddy:2.8.4-alpine@sha256:af32e97399febea808609119bb21544d0265c58a02836576e32a2d082c262c17
Warn: containerImage not pinned by hash: devenv/docker/blocks/collectd/Dockerfile:1: pin your Docker image by updating ubuntu:jammy to ubuntu:jammy@sha256:3c61d3759c2639d4b836d32a2d3c83fa0214e36f195a3421018dbaaf79cbe37f
Warn: containerImage not pinned by hash: devenv/docker/blocks/elastic/data/Dockerfile:1: pin your Docker image by updating node:16-alpine to node:16-alpine@sha256:a1f9d027912b58a7c75be7716c97cfbc6d3099f3a97ed84aa490be9dee20e787
Warn: containerImage not pinned by hash: devenv/docker/blocks/loki/data/Dockerfile:1: pin your Docker image by updating node:18-alpine to node:18-alpine@sha256:8d6421d663b4c28fd3ebc498332f249011d118945588d0a35cb9bc4b8ca09d9e
Warn: containerImage not pinned by hash: devenv/docker/blocks/mqtt/build/Dockerfile:1: pin your Docker image by updating emqx/nanomq:0.21.11-full to emqx/nanomq:0.21.11-full@sha256:98db3f914a8448419ae71a581ab46b6092081fd718188ec48e85c976fb1af605
Warn: containerImage not pinned by hash: devenv/docker/blocks/mssql/build/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/mssql/server:2019-CU8-ubuntu-18.04 to mcr.microsoft.com/mssql/server:2019-CU8-ubuntu-18.04@sha256:bf3cc5fb2abfd327c6eeaf2a021869077298511eb6ded5fabd9a1e39ebff7c30
Warn: containerImage not pinned by hash: devenv/docker/blocks/mssql_arm64/build/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/azure-sql-edge:1.0.4 to mcr.microsoft.com/azure-sql-edge:1.0.4@sha256:209a502ac7d35a8e9d5ae777bca874930950a6bf0ec4915acf23390321c576e9
Warn: containerImage not pinned by hash: devenv/docker/blocks/mssql_tls/build/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/mssql/server:2019-CU8-ubuntu-18.04 to mcr.microsoft.com/mssql/server:2019-CU8-ubuntu-18.04@sha256:bf3cc5fb2abfd327c6eeaf2a021869077298511eb6ded5fabd9a1e39ebff7c30
Warn: containerImage not pinned by hash: devenv/docker/blocks/mysql_opendata/Dockerfile:3: pin your Docker image by updating mysql:latest to mysql:latest@sha256:f1049ce35b3986b84c08184de43a0b2109ae037a4a10a23ecf373a893daeadf7
Warn: containerImage not pinned by hash: devenv/docker/blocks/mysql_tests/Dockerfile:2
Warn: containerImage not pinned by hash: devenv/docker/blocks/postgres_tests/Dockerfile:2
Warn: containerImage not pinned by hash: devenv/docker/blocks/prometheus/Dockerfile:1: pin your Docker image by updating prom/prometheus:v3.2.1 to prom/prometheus:v3.2.1@sha256:6927e0919a144aa7616fd0137d4816816d42f6b816de3af269ab065250859a62
Warn: containerImage not pinned by hash: devenv/docker/blocks/prometheus_high_card/Dockerfile:1
Warn: containerImage not pinned by hash: devenv/docker/blocks/prometheus_random_data/Dockerfile:4
Warn: containerImage not pinned by hash: devenv/docker/blocks/prometheus_utf8/Dockerfile:1
Warn: containerImage not pinned by hash: devenv/docker/blocks/slow_proxy/Dockerfile:1
Warn: containerImage not pinned by hash: devenv/docker/blocks/smtp/Dockerfile:1: pin your Docker image by updating centos:centos7 to centos:centos7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4
Warn: containerImage not pinned by hash: devenv/docker/blocks/stateful_webhook/Dockerfile:1: pin your Docker image by updating golang:1.24.4 to golang:1.24.4@sha256:20a022e5112a144aa7b7aeb3f22ebf2cdaefcc4aac0d64e8deeee8cdc18b9c0f
Warn: containerImage not pinned by hash: devenv/docker/buildcontainer/Dockerfile:1: pin your Docker image by updating centos:6.6 to centos:6.6@sha256:32b80b90ba17ed16e9fa3430a49f53ff6de0d4c76ad8631717a1373d5921fa26
Warn: containerImage not pinned by hash: devenv/docker/debtest/Dockerfile:1: pin your Docker image by updating debian:jessie to debian:jessie@sha256:32ad5050caffb2c7e969dac873bce2c370015c2256ff984b70c1c08b3a2816a0
Warn: containerImage not pinned by hash: devenv/docker/ha-test-unified-alerting/Dockerfile:1: pin your Docker image by updating golang:1.19 to golang:1.19@sha256:3025bf670b8363ec9f1b4c4f27348e6d9b7fec607c47e401e40df816853e743a
Warn: containerImage not pinned by hash: packaging/docker/custom/Dockerfile:3
Warn: containerImage not pinned by hash: scripts/verify-repo-update/Dockerfile.deb:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:3c61d3759c2639d4b836d32a2d3c83fa0214e36f195a3421018dbaaf79cbe37f
Warn: containerImage not pinned by hash: scripts/verify-repo-update/Dockerfile.rpm:1: pin your Docker image by updating centos:7 to centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4
Warn: goCommand not pinned by hash: Dockerfile:98-101
Warn: goCommand not pinned by hash: pkg/build/wire/internal/check_api_change.sh:43
Warn: downloadThenRun not pinned by hash: pkg/build/wire/internal/runtests.sh:31
Warn: goCommand not pinned by hash: scripts/mixin-check.sh:5
Warn: goCommand not pinned by hash: scripts/mixin-check.sh:6
Warn: npmCommand not pinned by hash: .github/workflows/commands.yml:65
Warn: goCommand not pinned by hash: .github/workflows/core-plugins-build-and-release.yml:112
Warn: npmCommand not pinned by hash: .github/workflows/issue-opened.yml:34
Warn: npmCommand not pinned by hash: .github/workflows/pr-checks.yml:42
Warn: npmCommand not pinned by hash: .github/workflows/pr-commands.yml:27
Warn: npmCommand not pinned by hash: .github/workflows/publish-kinds-release.yml:49
Info: 23 out of 167 GitHub-owned GitHubAction dependencies pinned
Info: 42 out of 91 third-party GitHubAction dependencies pinned
Info: 0 out of 39 containerImage dependencies pinned
Info: 3 out of 8 goCommand dependencies pinned
Info: 1 out of 1 pipCommand dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned
Info: 0 out of 5 npmCommand dependencies pinned