Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analytic-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/analytic-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analytic-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/analytic-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/api-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/api-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/api-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/api-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auth-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/auth-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auth-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/auth-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/core-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/core-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/core-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/core-pipeline.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dco.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/dco.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-pipeline.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/e2e-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-pipeline.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/e2e-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-pipeline.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/e2e-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/e2e-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/license.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/license.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/license.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manager-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/manager-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manager-pipeline.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/manager-pipeline.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/manager-pipeline.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/manager-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manager-pipeline.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/manager-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/messages-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/messages-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/messages-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/messages-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/migrations-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/migrations-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-alpha.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-alpha.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-beta.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-beta.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-beta.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-beta.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-beta.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-beta.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-beta.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-beta.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-beta.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-beta.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-final.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-final.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-final.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-final.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-final.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-rc.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-rc.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-rc.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rc.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rc.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rc.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rc.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rc.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rc.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/release-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/vulnerability-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/vulnerability-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/webhook-pipeline.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/webhook-pipeline.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/webhook-pipeline.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ZupIT/horusec-platform/webhook-pipeline.yml/main?enable=pin
Warn: containerImage not pinned by hash: analytic/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: analytic/deployments/dockerfiles/Dockerfile:28: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: analytic/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: analytic/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: api/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: api/deployments/dockerfiles/Dockerfile:28: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: api/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: api/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: auth/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: auth/deployments/dockerfiles/Dockerfile:27: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: auth/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: auth/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: core/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: core/deployments/dockerfiles/Dockerfile:27: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: core/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: core/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: deployments/dockerfiles/all-in-one/Dockerfile:15
Warn: containerImage not pinned by hash: deployments/dockerfiles/all-in-one/Dockerfile:39
Warn: containerImage not pinned by hash: deployments/dockerfiles/all-in-one/Dockerfile:48: pin your Docker image by updating docker:dind to docker:dind@sha256:aa3df78ecf320f5fafdce71c659f1629e96e9de0968305fe1de670e0ca9176ce
Warn: containerImage not pinned by hash: manager/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: manager/deployments/dockerfiles/Dockerfile:28: pin your Docker image by updating nginx:1.21.6-alpine to nginx:1.21.6-alpine@sha256:a74534e76ee1121d418fa7394ca930eb67440deda413848bc67c68138535b989
Warn: containerImage not pinned by hash: messages/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: messages/deployments/dockerfiles/Dockerfile:27: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: messages/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: messages/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: migrations/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: migrations/deployments/dockerfiles/Dockerfile:19: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: migrations/deployments/dockerfiles/Dockerfile.goreleaser:15: pin your Docker image by updating migrate/migrate:v4.15.1 to migrate/migrate:v4.15.1@sha256:23a1243f72f1f825ce82d920c5cd2e997a6685f2d8b1bac4c957b65b3886d3bc
Warn: containerImage not pinned by hash: vulnerability/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: vulnerability/deployments/dockerfiles/Dockerfile:27: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: vulnerability/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: vulnerability/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: webhook/deployments/dockerfiles/Dockerfile:15
Warn: containerImage not pinned by hash: webhook/deployments/dockerfiles/Dockerfile:27: pin your Docker image by updating alpine:3.15.0 to alpine:3.15.0@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300
Warn: containerImage not pinned by hash: webhook/deployments/dockerfiles/Dockerfile.dev:1: pin your Docker image by updating golang to golang@sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
Warn: containerImage not pinned by hash: webhook/deployments/dockerfiles/Dockerfile.goreleaser:1: pin your Docker image by updating alpine to alpine@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: goCommand not pinned by hash: analytic/deployments/dockerfiles/Dockerfile.dev:8
Warn: goCommand not pinned by hash: api/deployments/dockerfiles/Dockerfile.dev:8
Warn: goCommand not pinned by hash: auth/deployments/dockerfiles/Dockerfile.dev:8
Warn: goCommand not pinned by hash: core/deployments/dockerfiles/Dockerfile.dev:8
Warn: goCommand not pinned by hash: messages/deployments/dockerfiles/Dockerfile.dev:8
Warn: goCommand not pinned by hash: vulnerability/deployments/dockerfiles/Dockerfile.dev:8
Warn: goCommand not pinned by hash: webhook/deployments/dockerfiles/Dockerfile.dev:8
Warn: downloadThenRun not pinned by hash: .github/workflows/analytic-pipeline.yml:51
Warn: downloadThenRun not pinned by hash: .github/workflows/api-pipeline.yml:49
Warn: downloadThenRun not pinned by hash: .github/workflows/auth-pipeline.yml:49
Warn: downloadThenRun not pinned by hash: .github/workflows/core-pipeline.yml:49
Warn: downloadThenRun not pinned by hash: .github/workflows/manager-pipeline.yml:61
Warn: downloadThenRun not pinned by hash: .github/workflows/messages-pipeline.yml:49
Warn: downloadThenRun not pinned by hash: .github/workflows/migrations-pipeline.yml:40
Warn: downloadThenRun not pinned by hash: .github/workflows/vulnerability-pipeline.yml:49
Warn: downloadThenRun not pinned by hash: .github/workflows/webhook-pipeline.yml:49
Info: 0 out of 35 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 35 third-party GitHubAction dependencies pinned
Info: 0 out of 36 containerImage dependencies pinned
Info: 21 out of 28 goCommand dependencies pinned
Info: 0 out of 9 downloadThenRun dependencies pinned