Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:331: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:336: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/builds.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/builds.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:266: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/builds.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/builds.yml:312: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/builds.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dispatch-deploy-event-dev.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/dispatch-deploy-event-dev.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/housekeeping.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/housekeeping.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/labeler.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-description-enforcer.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/pr-description-enforcer.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/prerelease.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/prerelease.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/prerelease.yaml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/prerelease.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yaml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/release-please.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/semantic-pr.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/semantic-pr.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-release.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/sync-release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:261: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:274: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:276: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yaml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-server/verify.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:7
Warn: containerImage not pinned by hash: Dockerfile:34
Warn: containerImage not pinned by hash: cmd/benchmark/Dockerfile:2
Warn: containerImage not pinned by hash: cmd/benchmark/Dockerfile:15: pin your Docker image by updating alpine:3.21.3 to alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: processor/internal/transformer/destination_transformer/embedded/warehouse/benchmark/Dockerfile:1
Warn: containerImage not pinned by hash: processor/internal/transformer/destination_transformer/embedded/warehouse/benchmark/Dockerfile:7: pin your Docker image by updating alpine:3.21.0 to alpine:3.21.0@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45
Warn: containerImage not pinned by hash: suppression-backup-service/Dockerfile:6
Warn: containerImage not pinned by hash: suppression-backup-service/Dockerfile:12
Warn: goCommand not pinned by hash: .github/workflows/tests.yaml:283
Info: 0 out of 28 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 44 third-party GitHubAction dependencies pinned
Info: 0 out of 8 containerImage dependencies pinned
Info: 0 out of 1 goCommand dependencies pinned