Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-merge.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/auto-merge.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-merge.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/auto-merge.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-merge.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/auto-merge.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/docker-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/docker-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/docker-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-release.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/docker-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-release.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/docker-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/docker-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/golangci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/golangci-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/golangci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/helm-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-drafter.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/release-drafter.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/reuse.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/reuse.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/reuse.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/reuse.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-labels.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/size-labels.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/onmetal/meeting-operator/tests.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:18
Warn: containerImage not pinned by hash: Dockerfile:38: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:6cd937e9155bdfd805d1b94e037f9d6a899603306030936a3b11680af0c2ed58
Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 16 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned