Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-image.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-image.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/docker-image.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gateway-conformance.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gateway-conformance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gobuild.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gobuild.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gobuild.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gobuild.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golang-analysis.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/golang-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golang-analysis.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/golang-analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/golang-analysis.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/golang-analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/golang-analysis.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/golang-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golint.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/golint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golint.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/golint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gotest.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gotest.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gotest.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gotest.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gotest.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gotest.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gotest.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/gotest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/interop.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/interop.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sharness.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sharness.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sharness.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sharness.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sharness.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sharness.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sharness.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sharness.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sharness.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sharness.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-release-assets.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sync-release-assets.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-release-assets.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sync-release-assets.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-release-assets.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sync-release-assets.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-release-assets.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ipfs/kubo/sync-release-assets.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:1
Warn: containerImage not pinned by hash: Dockerfile:30
Warn: containerImage not pinned by hash: Dockerfile:47: pin your Docker image by updating busybox:stable-glibc to busybox:stable-glibc@sha256:3ba15b0b46538caeef7771e53572ada5cd32b3cbaaa7f448f9e94d42e24bd305
Warn: containerImage not pinned by hash: test/3nodetest/bootstrap/Dockerfile:1
Warn: containerImage not pinned by hash: test/3nodetest/client/Dockerfile:1
Warn: containerImage not pinned by hash: test/3nodetest/data/Dockerfile:1: pin your Docker image by updating ubuntu to ubuntu@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6734ab
Warn: containerImage not pinned by hash: test/3nodetest/server/Dockerfile:1
Info: 0 out of 44 GitHub-owned GitHubAction dependencies pinned
Info: 2 out of 26 third-party GitHubAction dependencies pinned
Info: 0 out of 7 containerImage dependencies pinned
Info: 1 out of 1 npmCommand dependencies pinned