Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/build-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/build-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dep-auto-merge.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dep-auto-merge.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dep-auto-merge.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dep-auto-merge.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/dockerhub-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/lint-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/lint-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/lint-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-binary.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/release-binary.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-binary.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/release-binary.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-binary.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/release-binary.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/release-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/release-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-test.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/chaos-client/release-test.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:2
Warn: containerImage not pinned by hash: Dockerfile:10: pin your Docker image by updating alpine:3.17.2 to alpine:3.17.2@sha256:ff6bdca1701f3a8a67e328815ff2346b0e4067d32ec36b7992c1fdc001dc8517
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned