Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/build-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/build-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dep-auto-merge.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dep-auto-merge.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dep-auto-merge.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dep-auto-merge.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dockerhub-push.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-push.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/dockerhub-push.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/functional-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/functional-test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/functional-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/lint-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/lint-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/lint-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-binary.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/release-binary.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-binary.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/release-binary.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-binary.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/release-binary.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-test.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/release-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/release-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-test.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/projectdiscovery/httpx/release-test.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:2
Warn: containerImage not pinned by hash: Dockerfile:10: pin your Docker image by updating alpine:3.18.2 to alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1
Info: 0 out of 16 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned