Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backends-docs-sync.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/backends-docs-sync.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/backends-docs-sync.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/backends-docs-sync.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yaml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yaml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/build.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-links.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/check-links.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check-links.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/check-links.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-stale.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/close-stale.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cross-cloud-tests.yaml:200: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/cross-cloud-tests.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yaml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yaml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yaml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yaml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-mod-tidy.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/go-mod-tidy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-mod-tidy.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/go-mod-tidy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/helm-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-lint.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/helm-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-modules.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-modules.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-odiglet-base-builder.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-odiglet-base-builder.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-odiglet-base-builder.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-odiglet-base-builder.yaml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-odiglet-base-builder.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/publish-odiglet-base-builder.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-logos-s3-bucket.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/sync-logos-s3-bucket.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-logos-s3-bucket.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/sync-logos-s3-bucket.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag-patch.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/tag-patch.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-otel-versions.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/update-otel-versions.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-otel-versions.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/update-otel-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-api-crds.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-api-crds.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-api-crds.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-api-crds.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-collector-ocb.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-collector-ocb.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-collector-ocb.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-collector-ocb.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-odiglet-base-builder.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify-odiglet-base-builder.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify-odiglet-base-builder.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-odiglet-base-builder.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify-odiglet-base-builder.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/odigos-io/odigos/verify-odiglet-base-builder.yaml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:1
Warn: containerImage not pinned by hash: Dockerfile:28: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:6cd937e9155bdfd805d1b94e037f9d6a899603306030936a3b11680af0c2ed58
Warn: containerImage not pinned by hash: collector/Dockerfile:1
Warn: containerImage not pinned by hash: collector/Dockerfile:8: pin your Docker image by updating gcr.io/distroless/base:latest to gcr.io/distroless/base:latest@sha256:e9d0321de8927f69ce20e39bfc061343cce395996dfc1f0db6540e5145bc63a5
Warn: containerImage not pinned by hash: frontend/Dockerfile:1
Warn: containerImage not pinned by hash: frontend/Dockerfile:6
Warn: containerImage not pinned by hash: frontend/Dockerfile:12
Warn: containerImage not pinned by hash: frontend/Dockerfile:21: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:6cd937e9155bdfd805d1b94e037f9d6a899603306030936a3b11680af0c2ed58
Warn: containerImage not pinned by hash: odiglet/Dockerfile:4
Warn: containerImage not pinned by hash: odiglet/Dockerfile:19
Warn: containerImage not pinned by hash: odiglet/Dockerfile:35
Warn: containerImage not pinned by hash: odiglet/Dockerfile:52
Warn: containerImage not pinned by hash: odiglet/Dockerfile:62
Warn: containerImage not pinned by hash: odiglet/Dockerfile:88
Warn: containerImage not pinned by hash: odiglet/Dockerfile:121: pin your Docker image by updating registry.fedoraproject.org/fedora-minimal:38 to registry.fedoraproject.org/fedora-minimal:38@sha256:46d9dd1088e30a5ae8cf0f3907ce97c11f59d189fc2067d96264568945a2923e
Warn: containerImage not pinned by hash: odiglet/base.Dockerfile:1
Warn: containerImage not pinned by hash: odiglet/debug.Dockerfile:1
Warn: containerImage not pinned by hash: odiglet/debug.Dockerfile:17
Warn: containerImage not pinned by hash: odiglet/debug.Dockerfile:37
Warn: containerImage not pinned by hash: odiglet/debug.Dockerfile:51
Warn: containerImage not pinned by hash: odiglet/debug.Dockerfile:77
Warn: containerImage not pinned by hash: odiglet/debug.Dockerfile:115: pin your Docker image by updating registry.fedoraproject.org/fedora-minimal:38 to registry.fedoraproject.org/fedora-minimal:38@sha256:46d9dd1088e30a5ae8cf0f3907ce97c11f59d189fc2067d96264568945a2923e
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/cpp-http-server/Dockerfile:2
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/cpp-http-server/Dockerfile:23: pin your Docker image by updating alpine:latest to alpine:latest@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net6-glibc.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net6-glibc.Dockerfile:8: pin your Docker image by updating mcr.microsoft.com/dotnet/aspnet:6.0 to mcr.microsoft.com/dotnet/aspnet:6.0@sha256:57abdb74d36f8cd459d87da732fb616a31b78b0042096760d31d51fa9c431d5e
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net6-musl.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net6-musl.Dockerfile:8: pin your Docker image by updating mcr.microsoft.com/dotnet/aspnet:6.0-alpine to mcr.microsoft.com/dotnet/aspnet:6.0-alpine@sha256:56b0baf7e2b8136cc75c359cbd7c358ad644f48dc7153fb6f174784b390eaa02
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net8-glibc.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net8-glibc.Dockerfile:7: pin your Docker image by updating mcr.microsoft.com/dotnet/aspnet:8.0 to mcr.microsoft.com/dotnet/aspnet:8.0@sha256:9461e0688e9141bd312da7afef640bb551529ad70511209509b5b9d387309d4b
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net8-musl.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net8-musl.Dockerfile:7: pin your Docker image by updating mcr.microsoft.com/dotnet/aspnet:8.0-alpine to mcr.microsoft.com/dotnet/aspnet:8.0-alpine@sha256:a0062262fd674573be2314890006acadfd233fd7fdf89b3a5f44694b7632b29e
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-azul.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-azul.Dockerfile:6: pin your Docker image by updating azul/zulu-openjdk-alpine:17.0.12-jre-headless to azul/zulu-openjdk-alpine:17.0.12-jre-headless@sha256:12e335ed6d5cb4cd55ef6b5e2e769b2a77f25ced0270df1277bc2bca3dfd209e
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-latest-version.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-latest-version.Dockerfile:6: pin your Docker image by updating eclipse-temurin:latest to eclipse-temurin:latest@sha256:843686b2422d68890bb3ee90c5d08d9b325b9a2acf06ffca42351c2d187d3921
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-old-version.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-old-version.Dockerfile:6: pin your Docker image by updating eclipse-temurin:11-jre-jammy to eclipse-temurin:11-jre-jammy@sha256:9e59672d639264a9af9e37f6744be8e51aa019ed220c7a84f9f7a3010da3ac7b
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-supported-docker-env.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-supported-docker-env.Dockerfile:6: pin your Docker image by updating eclipse-temurin:17.0.12_7-jre-jammy to eclipse-temurin:17.0.12_7-jre-jammy@sha256:6c4c0938462c9678fe380bf01c7da7f4242dc20f54362f24ced3bb70f6e0183a
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-supported-manifest-env.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-supported-manifest-env.Dockerfile:6: pin your Docker image by updating eclipse-temurin:17.0.12_7-jre-jammy to eclipse-temurin:17.0.12_7-jre-jammy@sha256:6c4c0938462c9678fe380bf01c7da7f4242dc20f54362f24ced3bb70f6e0183a
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-supported-version.Dockerfile:1
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/java-http-server/java-supported-version.Dockerfile:6: pin your Docker image by updating eclipse-temurin:17.0.12_7-jre-jammy to eclipse-temurin:17.0.12_7-jre-jammy@sha256:6c4c0938462c9678fe380bf01c7da7f4242dc20f54362f24ced3bb70f6e0183a
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/nodejs-http-server/dockerfile-env.Dockerfile:1: pin your Docker image by updating node:20.17.0-alpine to node:20.17.0-alpine@sha256:2d07db07a2df6830718ae2a47db6fedce6745f5bcd174c398f2acdda90a11c03
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/nodejs-http-server/latest-version.Dockerfile:1: pin your Docker image by updating node:current-alpine to node:current-alpine@sha256:c61b6b12a3c96373673cd52d7ecee2314e82bca5d541eecf0bc6aee870c8c6f7
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/nodejs-http-server/manifest-env.Dockerfile:1: pin your Docker image by updating node:20.17.0-alpine to node:20.17.0-alpine@sha256:2d07db07a2df6830718ae2a47db6fedce6745f5bcd174c398f2acdda90a11c03
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/nodejs-http-server/minimum-version.Dockerfile:1: pin your Docker image by updating node:14.0.0-alpine to node:14.0.0-alpine@sha256:628ae0898c092799f09af3f15775b9d5f2feeafc1bb2485e68d577f3ea8f267e
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/nodejs-http-server/unsupported-version.Dockerfile:1: pin your Docker image by updating node:8.17.0-alpine to node:8.17.0-alpine@sha256:38f7bf07ffd72ac612ec8c829cb20ad416518dbb679768d7733c93175453f4d4
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/nodejs-http-server/very-old-version.Dockerfile:1: pin your Docker image by updating node:8.17.0-alpine to node:8.17.0-alpine@sha256:38f7bf07ffd72ac612ec8c829cb20ad416518dbb679768d7733c93175453f4d4
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-alpine:2: pin your Docker image by updating python:3.10.15-alpine to python:3.10.15-alpine@sha256:039508c234f83314a3be8eed523f347f6f26816541be7caa4a9ef4a4bf1bfb66
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-latest:1: pin your Docker image by updating python to python@sha256:cea505b81701dd9e46b8dde96eaa8054c4bd2035dbb660edeb7af947ed38a0ad
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-min-version:2: pin your Docker image by updating python:3.8.0-slim to python:3.8.0-slim@sha256:8e243f41e500238f78f7a29a81656114d3fe603d5c34079a462d090f71c4b225
Warn: containerImage not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-not-supported-version:2: pin your Docker image by updating python:3.6-slim to python:3.6-slim@sha256:2cfebc27956e6a55f78606864d91fe527696f9e32a724e6f9702b5f9602d0474
Warn: pipCommand not pinned by hash: odiglet/Dockerfile:8
Warn: pipCommand not pinned by hash: odiglet/debug.Dockerfile:6
Warn: goCommand not pinned by hash: odiglet/debug.Dockerfile:95
Warn: nugetCommand not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net6-glibc.Dockerfile:5: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)
Warn: nugetCommand not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net6-musl.Dockerfile:5: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)
Warn: nugetCommand not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net8-glibc.Dockerfile:4: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)
Warn: nugetCommand not pinned by hash: tests/e2e/workload-lifecycle/services/dotnet-http-server/net8-musl.Dockerfile:4: pin your dependecies by either enabling central package management (https://learn.microsoft.com/nuget/consume-packages/Central-Package-Management) or using a lockfile (https://learn.microsoft.com/nuget/consume-packages/package-references-in-project-files#locking-dependencies)
Warn: pipCommand not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-alpine:5
Warn: pipCommand not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-alpine:10
Warn: pipCommand not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-latest:11
Warn: pipCommand not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-min-version:14
Warn: pipCommand not pinned by hash: tests/e2e/workload-lifecycle/services/python-http-server/Dockerfile.python-not-supported-version:8
Warn: pipCommand not pinned by hash: .github/workflows/backends-docs-sync.yaml:23
Warn: pipCommand not pinned by hash: .github/workflows/backends-docs-sync.yaml:24
Info: 0 out of 51 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 42 third-party GitHubAction dependencies pinned
Info: 0 out of 54 containerImage dependencies pinned
Info: 0 out of 9 pipCommand dependencies pinned
Info: 0 out of 1 goCommand dependencies pinned
Info: 0 out of 4 nugetCommand dependencies pinned