Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/broken-link-checker.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/broken-link-checker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/broken-link-checker.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/broken-link-checker.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-build.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/verify-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/verify-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-build.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/verify-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-build.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/verify-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-build.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/verify-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-build.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/verify-build.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-scan.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/vulnerability-scan.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-scan.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/fabric/vulnerability-scan.yml/main?enable=pin
Warn: containerImage not pinned by hash: images/baseos/Dockerfile:22
Warn: containerImage not pinned by hash: images/ccenv/Dockerfile:20
Warn: containerImage not pinned by hash: images/orderer/Dockerfile:24
Warn: containerImage not pinned by hash: images/orderer/Dockerfile:51
Warn: containerImage not pinned by hash: images/peer/Dockerfile:24
Warn: containerImage not pinned by hash: images/peer/Dockerfile:52
Warn: containerImage not pinned by hash: images/tools/Dockerfile:24
Warn: containerImage not pinned by hash: images/tools/Dockerfile:51
Warn: goCommand not pinned by hash: .github/workflows/broken-link-checker.yml:36
Info: 3 out of 21 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 9 third-party GitHubAction dependencies pinned
Info: 0 out of 8 containerImage dependencies pinned
Info: 0 out of 1 goCommand dependencies pinned