Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/olm-stable.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/olm-stable.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/package-operator-stable.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/package-operator-stable.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-checks.yaml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/pr-checks.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/rhobs/observability-operator/release.yaml/main?enable=pin
Warn: containerImage not pinned by hash: build/Dockerfile:2
Warn: containerImage not pinned by hash: build/Dockerfile:21: pin your Docker image by updating registry.access.redhat.com/ubi8/ubi-micro to registry.access.redhat.com/ubi8/ubi-micro@sha256:22448ec2e9234d99a2cd9adf9e571a367d1e4b0e1546b2b5c36518e5183e1b32
Warn: containerImage not pinned by hash: test/Dockerfile:2
Warn: containerImage not pinned by hash: test/Dockerfile:26: pin your Docker image by updating registry.access.redhat.com/ubi7/ubi-minimal:latest to registry.access.redhat.com/ubi7/ubi-minimal:latest@sha256:244564fff3841542a17abe5d7daf5c803676dc13af48ea5302218b31ee1c2db7
Warn: goCommand not pinned by hash: test/Dockerfile:15
Info: 0 out of 20 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 5 third-party GitHubAction dependencies pinned
Info: 0 out of 4 containerImage dependencies pinned
Info: 0 out of 1 goCommand dependencies pinned