Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yaml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/main.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/travelping/upg-vpp/release.yaml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:5
Warn: containerImage not pinned by hash: Dockerfile:13
Warn: containerImage not pinned by hash: Dockerfile:32
Warn: containerImage not pinned by hash: hack/images/Dockerfile.rsyncd:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: hack/images/Dockerfile.runner:1: pin your Docker image by updating summerwind/actions-runner:latest to summerwind/actions-runner:latest@sha256:32617e5803014308a5eab722bad79c55c595991341de29f4766c7ad6ab8f334d
Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 22 third-party GitHubAction dependencies pinned
Info: 0 out of 5 containerImage dependencies pinned