Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/check.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/check.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/check.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/check.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/check.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_release.yaml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_release.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_release.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_release.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_release.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_release.yaml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_release.yaml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/create_release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release_tags.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release_tags.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release_tags.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release_tags.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release_tags.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release_tags.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release_tags.yaml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release_tags.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release_tags.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/w6d-io/ci-operator/release_tags.yaml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:3
Warn: containerImage not pinned by hash: Dockerfile:35: pin your Docker image by updating gcr.io/distroless/base:nonroot to gcr.io/distroless/base:nonroot@sha256:6d4a4f40e93615df1677463ca56456379cc3a4e2359308c9e72bc60ffc4a12a9
Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 16 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned