Info: Possibly incomplete results: error parsing shell code: "foo(" must be followed by ): Dockerfile-windows.dapper:6-13
Info: Possibly incomplete results: error parsing shell code: "foo(" must be followed by ): Dockerfile-windows.dapper:15-31
Info: Possibly incomplete results: error parsing shell code: "foo(" must be followed by ): Dockerfile-windows.dapper:34-47
Info: Possibly incomplete results: error parsing shell code: "foo(" must be followed by ): package/windows/Dockerfile.agent:19-24
Info: Possibly incomplete results: error parsing shell code: "foo(" must be followed by ): package/windows/Dockerfile.agent:26-33
Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: tests/validation/tests/Dockerfiles/windows/metrics/Dockerfile:5-18
Info: Possibly incomplete results: error parsing shell code: "foo(" must be followed by ): tests/validation/tests/Dockerfiles/windows/nginx/Dockerfile:6-10
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-agent-windows.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent-windows.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-agent-windows.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent-windows.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-agent-windows.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-agent.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-agent.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-agent.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-agent.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-agent.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-agent.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-agent.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-agent.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-installer.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-installer.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-installer.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-installer.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-installer.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-installer.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-installer.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-installer.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-installer.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-publish-chart.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-publish-chart.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-publish-chart.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-publish-chart.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-publish-chart.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-publish-chart.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-server.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-server.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-server.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-server.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-server.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-server.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-server.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-server.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-server.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-server.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-server.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/build-server.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/controller-test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/controller-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/controller-test.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/controller-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-images-files.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/create-images-files.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-images-files.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/create-images-files.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-images-files.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/create-images-files.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fossa.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/fossa.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/fossa.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/fossa.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/fossa.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/fossa.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-get.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/go-get.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/go-get.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/go-get.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-get.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/go-get.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go-get.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/go-get.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/integration-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/integration-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration-tests.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/integration-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge-agent-manifest.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-agent-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-agent-manifest.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-agent-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-agent-manifest.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-agent-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-agent-manifest.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-agent-manifest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge-installer-manifest.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-installer-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-installer-manifest.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-installer-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-installer-manifest.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-installer-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-installer-manifest.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-installer-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-installer-manifest.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-installer-manifest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge-server-manifest.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-server-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-server-manifest.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-server-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-server-manifest.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-server-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge-server-manifest.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/merge-server-manifest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote-to-stable.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/promote-to-stable.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/promote-to-stable.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/promote-to-stable.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote-to-stable.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/promote-to-stable.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote-to-stable.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/promote-to-stable.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/promote-to-stable.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/promote-to-stable.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/provisioning-tests.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/provisioning-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/provisioning-tests.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/provisioning-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/pull-request.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-images.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-images.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-images.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-images.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-images.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-images.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-images.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-images.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:539: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:545: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:567: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:573: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:623: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:637: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:659: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:665: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:211: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:308: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:314: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:379: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:383: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:385: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:391: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:689: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:263: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:269: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:344: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:348: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:350: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:356: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:442: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:447: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:453: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:459: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:466: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:468: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:474: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/push-release.yml:495: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:499: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:502: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:508: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/push-release.yml:514: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/push-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/replace-env-value.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/replace-env-value.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/replace-env-value.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/replace-env-value.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/stale.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/system-agent-upgrade.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/system-agent-upgrade.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-agent-upgrade.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/system-agent-upgrade.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-agent-upgrade.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/system-agent-upgrade.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-agent-upgrade.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/system-agent-upgrade.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/validate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/validate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-generated-code-changes.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/verify-generated-code-changes.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-generated-code-changes.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/verify-generated-code-changes.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-generated-code-changes.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/rancher/rancher/verify-generated-code-changes.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile-windows.dapper:1: pin your Docker image by updating library/golang:1.24 to library/golang:1.24@sha256:30baaea08c5d1e858329c50f29fe381e9b7d7bced11a0f5f1f69a1504cdfbf5e
Warn: containerImage not pinned by hash: Dockerfile.dapper:1: pin your Docker image by updating registry.suse.com/bci/golang:1.24 to registry.suse.com/bci/golang:1.24@sha256:66fcbaf574d42d7f81172ed660e52f5eef495d0386925ecc6a4cb021df026817
Warn: containerImage not pinned by hash: package/Dockerfile:11
Warn: containerImage not pinned by hash: package/Dockerfile:15
Warn: containerImage not pinned by hash: package/Dockerfile:27
Warn: containerImage not pinned by hash: package/Dockerfile:36
Warn: containerImage not pinned by hash: package/Dockerfile:45
Warn: containerImage not pinned by hash: package/Dockerfile:48
Warn: containerImage not pinned by hash: package/Dockerfile:54
Warn: containerImage not pinned by hash: package/Dockerfile:63
Warn: containerImage not pinned by hash: package/Dockerfile:72
Warn: containerImage not pinned by hash: package/Dockerfile:81
Warn: containerImage not pinned by hash: package/Dockerfile:87
Warn: containerImage not pinned by hash: package/Dockerfile:99
Warn: containerImage not pinned by hash: package/Dockerfile:303
Warn: containerImage not pinned by hash: package/Dockerfile:318
Warn: containerImage not pinned by hash: package/Dockerfile:329
Warn: containerImage not pinned by hash: package/Dockerfile:344
Warn: containerImage not pinned by hash: package/Dockerfile:356
Warn: containerImage not pinned by hash: package/Dockerfile:389
Warn: containerImage not pinned by hash: package/Dockerfile.installer:3
Warn: containerImage not pinned by hash: package/Dockerfile.installer:5
Warn: containerImage not pinned by hash: package/windows/Dockerfile.agent:5
Warn: containerImage not pinned by hash: package/windows/Dockerfile.agent:17
Warn: containerImage not pinned by hash: tests/scripts/custodian/Dockerfile:1: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:1e622c5f073b4f6bfad6632f2616c7f59ef256e96fe78bf6a595d1dc4376ac02
Warn: containerImage not pinned by hash: tests/v2/codecoverage/Dockerfile.buildcodecoverage:1: pin your Docker image by updating registry.suse.com/bci/golang:1.24 to registry.suse.com/bci/golang:1.24@sha256:66fcbaf574d42d7f81172ed660e52f5eef495d0386925ecc6a4cb021df026817
Warn: containerImage not pinned by hash: tests/v2/codecoverage/Dockerfile.codecoverage:1: pin your Docker image by updating registry.suse.com/bci/golang:1.24 to registry.suse.com/bci/golang:1.24@sha256:66fcbaf574d42d7f81172ed660e52f5eef495d0386925ecc6a4cb021df026817
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile:1
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile:4
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile:18
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile:232
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile:247
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile:272
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile.agent:8
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile.agent:30
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile.agent:32
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile.agent:34
Warn: containerImage not pinned by hash: tests/v2/codecoverage/package/Dockerfile.agent:48
Warn: containerImage not pinned by hash: tests/v2/validation/Dockerfile.e2e:1: pin your Docker image by updating registry.suse.com/bci/golang:1.24 to registry.suse.com/bci/golang:1.24@sha256:66fcbaf574d42d7f81172ed660e52f5eef495d0386925ecc6a4cb021df026817
Warn: containerImage not pinned by hash: tests/v2/validation/Dockerfile.validation:1: pin your Docker image by updating registry.suse.com/bci/golang:1.24 to registry.suse.com/bci/golang:1.24@sha256:66fcbaf574d42d7f81172ed660e52f5eef495d0386925ecc6a4cb021df026817
Warn: containerImage not pinned by hash: tests/validation/Dockerfile.rke:1: pin your Docker image by updating python:3.11 to python:3.11@sha256:2d6676523b9052699d536b6dd7396a19499a0bea78975a2c0c7c49b538b6fbd2
Warn: containerImage not pinned by hash: tests/validation/Dockerfile.v3api:1: pin your Docker image by updating python:3.11 to python:3.11@sha256:2d6676523b9052699d536b6dd7396a19499a0bea78975a2c0c7c49b538b6fbd2
Warn: containerImage not pinned by hash: tests/validation/tests/Dockerfiles/testcontainer/Dockerfile:1: pin your Docker image by updating nginx to nginx@sha256:c15da6c91de8d2f436196f3a768483ad32c258ed4e1beb3d367a27ed67253e66
Warn: containerImage not pinned by hash: tests/validation/tests/Dockerfiles/unprivileged-testcontainer/Dockerfile:1
Warn: containerImage not pinned by hash: tests/validation/tests/Dockerfiles/windows/metrics/Dockerfile:3
Warn: containerImage not pinned by hash: tests/validation/tests/Dockerfiles/windows/nginx/Dockerfile:3
Warn: containerImage not pinned by hash: tests/validation/tests/Dockerfiles/windows/testcontainer/Dockerfile:3
Warn: downloadThenRun not pinned by hash: Dockerfile.dapper:22-24
Warn: downloadThenRun not pinned by hash: Dockerfile.dapper:27-29
Warn: downloadThenRun not pinned by hash: tests/scripts/custodian/Dockerfile:38
Warn: pipCommand not pinned by hash: tests/scripts/custodian/Dockerfile:42
Warn: downloadThenRun not pinned by hash: tests/v2/codecoverage/Dockerfile.buildcodecoverage:13-17
Warn: goCommand not pinned by hash: tests/v2/codecoverage/Dockerfile.codecoverage:20-24
Warn: goCommand not pinned by hash: tests/v2/codecoverage/Dockerfile.codecoverage:20-24
Warn: goCommand not pinned by hash: tests/v2/codecoverage/Dockerfile.codecoverage:20-24
Warn: goCommand not pinned by hash: tests/v2/validation/Dockerfile.e2e:20-22
Warn: goCommand not pinned by hash: tests/v2/validation/Dockerfile.validation:16-17
Warn: pipCommand not pinned by hash: tests/validation/Dockerfile.rke:10-18
Warn: pipCommand not pinned by hash: tests/validation/Dockerfile.rke:10-18
Warn: pipCommand not pinned by hash: tests/validation/Dockerfile.v3api:19-49
Warn: pipCommand not pinned by hash: tests/validation/Dockerfile.v3api:19-49
Warn: goCommand not pinned by hash: tests/controllers/run_controller_tests.sh:5
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/install_k3s_master.sh:76
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/install_k3s_master.sh:80
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/install_k3s_master.sh:82
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/install_k3s_master.sh:89
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/install_k3s_master.sh:93
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/install_k3s_master.sh:95
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/join_k3s_master.sh:64
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/join_k3s_master.sh:68
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/join_k3s_master.sh:70
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/join_k3s_master.sh:76
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/join_k3s_master.sh:80
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/master/join_k3s_master.sh:82
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/worker/join_k3s_agent.sh:38
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/worker/join_k3s_agent.sh:42
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/k3s/worker/join_k3s_agent.sh:44
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/master/install_rke2_master.sh:57
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/master/install_rke2_master.sh:59
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/master/install_rke2_master.sh:76
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/master/join_rke2_master.sh:58
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/master/join_rke2_master.sh:60
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/master/join_rke2_master.sh:77
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/worker/join_rke2_agent.sh:55
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/worker/join_rke2_agent.sh:57
Warn: downloadThenRun not pinned by hash: tests/validation/tests/v3_api/resource/terraform/rke2/worker/join_rke2_agent.sh:72
Warn: downloadThenRun not pinned by hash: .github/workflows/integration-tests.yml:79
Warn: pipCommand not pinned by hash: .github/workflows/integration-tests.yml:89
Warn: pipCommand not pinned by hash: .github/workflows/integration-tests.yml:90
Warn: downloadThenRun not pinned by hash: .github/workflows/provisioning-tests.yml:92
Warn: pipCommand not pinned by hash: .github/workflows/validate.yml:28
Warn: pipCommand not pinned by hash: .github/workflows/validate.yml:29
Info: 0 out of 66 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 81 third-party GitHubAction dependencies pinned
Info: 0 out of 47 containerImage dependencies pinned
Info: 0 out of 30 downloadThenRun dependencies pinned
Info: 0 out of 9 pipCommand dependencies pinned
Info: 5 out of 11 goCommand dependencies pinned