Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/build.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/build.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/build.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check_doc.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/check_doc.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/codeql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/documentation.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/documentation.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/documentation.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/experimental.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/experimental.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/experimental.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/experimental.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/experimental.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/experimental.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/experimental.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/experimental.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/experimental.yaml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/experimental.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/experimental.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/experimental.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-docker-images.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/sync-docker-images.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-docker-images.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/sync-docker-images.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/template-webui.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/template-webui.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/template-webui.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/template-webui.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/template-webui.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/template-webui.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-conformance.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-conformance.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-conformance.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-conformance.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-integration.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-integration.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-integration.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-integration.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-integration.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-integration.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-integration.yaml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-integration.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-integration.yaml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-integration.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yaml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-unit.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-unit.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-unit.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yaml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/test-unit.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yaml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/ldez/traefik/validate.yaml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:2: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: docs/check.Dockerfile:1: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: docs/docs.Dockerfile:1: pin your Docker image by updating alpine:3.21 to alpine:3.21@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: script/codegen.Dockerfile:1: pin your Docker image by updating golang:1.23 to golang:1.23@sha256:1acb493b9f9dfdfe705042ce09e8ded908ce4fb342405ecf3ca61ce7f3b168c7
Warn: containerImage not pinned by hash: webui/Dockerfile:1: pin your Docker image by updating node:22.9-alpine3.20 to node:22.9-alpine3.20@sha256:c9bb43423a6229aeddf3d16ae6aaa0ff71a0b2951ce18ec8fedb6f5d766cf286
Warn: npmCommand not pinned by hash: docs/check.Dockerfile:26-28
Warn: pipCommand not pinned by hash: docs/docs.Dockerfile:9-12
Warn: downloadThenRun not pinned by hash: .github/workflows/documentation.yml:34
Warn: downloadThenRun not pinned by hash: .github/workflows/documentation.yml:37
Warn: downloadThenRun not pinned by hash: .github/workflows/documentation.yml:40
Warn: downloadThenRun not pinned by hash: .github/workflows/validate.yaml:50
Info: 0 out of 40 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 5 containerImage dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned
Info: 0 out of 1 pipCommand dependencies pinned
Info: 1 out of 1 goCommand dependencies pinned
Info: 0 out of 4 downloadThenRun dependencies pinned