Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/assign.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/assign.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/assign.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/assign.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aws-e2e-tests-non-root.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/aws-e2e-tests-non-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aws-e2e-tests-non-root.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/aws-e2e-tests-non-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/backport.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/backport.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/backport.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backport.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/backport.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-code-nonroot.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/benchmark-code-nonroot.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-code-nonroot.yaml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/benchmark-code-nonroot.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-code-root.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/benchmark-code-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark-code-root.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/benchmark-code-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bloat.yaml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/bloat.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-api.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-api.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-api.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-api.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-centos7-assets.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-centos7-assets.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ci-buildbox-images.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-ci-buildbox-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ci-buildbox-images.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-ci-buildbox-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ci-buildbox-images.yaml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-ci-buildbox-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ci-buildbox-images.yaml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-ci-buildbox-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ci-buildbox-images.yaml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-ci-buildbox-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-ci-service-images.yaml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-ci-service-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-macos.yaml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-macos.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-macos.yaml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-macos.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-macos.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-macos.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-usage-image.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-usage-image.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-windows.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-windows.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-windows.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/build-windows.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/changelog.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/changelog.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/changelog.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/changelog.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/check.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/check.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check.yaml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/check.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cla-assistant.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/cla-assistant.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dismiss.yaml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/dismiss.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dismiss.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/dismiss.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/doc-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/doc-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yaml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/doc-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/doc-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yaml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/doc-tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs-amplify.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/docs-amplify.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/e2e-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/e2e-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/e2e-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/e2e-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/flaky-tests.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/flaky-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/flaky-tests.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/flaky-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/flaky-tests.yaml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/flaky-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests-non-root.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/integration-tests-non-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests-non-root.yaml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/integration-tests-non-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests-root.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/integration-tests-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests-root.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/integration-tests-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kube-integration-tests-non-root.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/kube-integration-tests-non-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kube-integration-tests-non-root.yaml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/kube-integration-tests-non-root.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/label.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/label.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-ui.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/lint-ui.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:254: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yaml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/lint.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/os-compatibility-test.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/os-compatibility-test.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-release.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/post-release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-release.yaml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/post-release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-release.yaml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/post-release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-code.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-code.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-helm.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-helm.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-helm.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-helm.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-integrations.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-integrations.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-integrations.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-integrations.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-rust.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-rust.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-rust.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-rust.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-ui.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/unit-tests-ui.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-ami-ids.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/update-ami-ids.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-ami-ids.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/gravitational/teleport/update-ami-ids.yaml/master?enable=pin
Warn: containerImage not pinned by hash: .github/services/Dockerfile.etcd:4
Warn: containerImage not pinned by hash: build.assets/Dockerfile:21
Warn: containerImage not pinned by hash: build.assets/Dockerfile:75
Warn: containerImage not pinned by hash: build.assets/Dockerfile:110
Warn: containerImage not pinned by hash: build.assets/Dockerfile-arm:9: pin your Docker image by updating docker.io/library/debian:11 to docker.io/library/debian:11@sha256:e5bfb7364038fd100c2faebdd674145bd1bc758a57f3c67023cced99d0eff0f7
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:5
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:9
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:81
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:97
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:158
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:184
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:205
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7:356
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7-assets:3
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7-assets:62
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7-assets:90
Warn: containerImage not pinned by hash: build.assets/Dockerfile-centos7-assets:118
Warn: containerImage not pinned by hash: build.assets/Dockerfile-grpcbox:3: pin your Docker image by updating docker.io/golang:1.23 to docker.io/golang:1.23@sha256:8c10f21bec412f08f73aa7b97ca5ac5f28a39d8a88030ad8a339fd0a781d72b4
Warn: containerImage not pinned by hash: build.assets/Dockerfile-node:18
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile:33
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile:54
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile:63
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile:83
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile:106
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile:134
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile-thirdparty:19
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile-thirdparty:91
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile-thirdparty:110
Warn: containerImage not pinned by hash: build.assets/buildbox/Dockerfile-thirdparty:136
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile:7
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile:83
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-distroless:3
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-distroless:8
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-distroless:32
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-distroless-fips:3
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-distroless-fips:8
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-distroless-fips:32
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-tbot-distroless:3
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-tbot-distroless:19
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-tbot-distroless-fips:3
Warn: containerImage not pinned by hash: build.assets/charts/Dockerfile-tbot-distroless-fips:19
Warn: containerImage not pinned by hash: e2e/config/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:0e5e4a57c2499249aafc3b40fcd541e9a456aab7296681a3994d631587203f97
Warn: containerImage not pinned by hash: examples/teleport-usage/Dockerfile:3
Warn: containerImage not pinned by hash: examples/teleport-usage/Dockerfile:20
Warn: containerImage not pinned by hash: integrations/access/Dockerfile:5
Warn: containerImage not pinned by hash: integrations/access/Dockerfile:22
Warn: containerImage not pinned by hash: integrations/event-handler/Dockerfile:5
Warn: containerImage not pinned by hash: integrations/event-handler/Dockerfile:22
Warn: containerImage not pinned by hash: integrations/event-handler/build.assets/Dockerfile:2
Warn: containerImage not pinned by hash: integrations/kube-agent-updater/Dockerfile:5
Warn: containerImage not pinned by hash: integrations/kube-agent-updater/Dockerfile:33
Warn: containerImage not pinned by hash: integrations/operator/Dockerfile:4
Warn: containerImage not pinned by hash: integrations/operator/Dockerfile:84
Warn: containerImage not pinned by hash: integrations/operator/Dockerfile.gha:4
Warn: containerImage not pinned by hash: integrations/operator/Dockerfile.gha:103
Warn: containerImage not pinned by hash: integrations/teleport-spacelift-runner/Dockerfile:4
Warn: containerImage not pinned by hash: integrations/teleport-spacelift-runner/Dockerfile:31
Warn: downloadThenRun not pinned by hash: build.assets/Dockerfile:223-229
Warn: npmCommand not pinned by hash: build.assets/Dockerfile:302
Warn: downloadThenRun not pinned by hash: build.assets/Dockerfile:328-330
Warn: downloadThenRun not pinned by hash: build.assets/Dockerfile-arm:95-99
Warn: downloadThenRun not pinned by hash: build.assets/Dockerfile-centos7:276-280
Warn: npmCommand not pinned by hash: build.assets/Dockerfile-grpcbox:24
Warn: goCommand not pinned by hash: build.assets/Dockerfile-grpcbox:36-39
Warn: goCommand not pinned by hash: build.assets/Dockerfile-grpcbox:36-39
Warn: goCommand not pinned by hash: build.assets/Dockerfile-grpcbox:36-39
Warn: downloadThenRun not pinned by hash: build.assets/Dockerfile-node:78-84
Warn: downloadThenRun not pinned by hash: build.assets/buildbox/Dockerfile:91-101
Warn: pipCommand not pinned by hash: assets/aws/files/install-hardened.sh:13
Warn: pipCommand not pinned by hash: assets/aws/files/install-hardened.sh:14
Warn: downloadThenRun not pinned by hash: examples/terraform-starter/agent-installation/userdata:3
Warn: goCommand not pinned by hash: fuzz/oss-fuzz-build.sh:7
Warn: goCommand not pinned by hash: fuzz/oss-fuzz-build.sh:10
Warn: goCommand not pinned by hash: fuzz/oss-fuzz-build.sh:20
Info: 0 out of 87 GitHub-owned GitHubAction dependencies pinned
Info: 48 out of 49 third-party GitHubAction dependencies pinned
Info: 0 out of 7 downloadThenRun dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned
Info: 5 out of 11 goCommand dependencies pinned
Info: 0 out of 2 pipCommand dependencies pinned
Info: 0 out of 57 containerImage dependencies pinned