Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-check.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/code-check.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-check.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/code-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linters.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/linters.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/linters.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/linters.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linters.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/linters.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:240: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-publish-nightly.yml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/async-profiler/async-profiler/test-and-publish-nightly.yml/master?enable=pin
Warn: containerImage not pinned by hash: docker/alpine.Dockerfile:1: pin your Docker image by updating public.ecr.aws/docker/library/amazoncorretto:11-alpine-jdk to public.ecr.aws/docker/library/amazoncorretto:11-alpine-jdk@sha256:46cb7d2700c15a303c669cbe5ea6ab1d20bc60982d31382ec09103f4996a395b
Warn: containerImage not pinned by hash: docker/amazonlinux2.Dockerfile:1: pin your Docker image by updating public.ecr.aws/amazonlinux/amazonlinux:2 to public.ecr.aws/amazonlinux/amazonlinux:2@sha256:bf4d96f155dff2ebf31ad98a503ee48609e0b883a728c5be75c7fb1b86b5f334
Warn: containerImage not pinned by hash: docker/amazonlinux2.Dockerfile:21: pin your Docker image by updating public.ecr.aws/amazonlinux/amazonlinux:2 to public.ecr.aws/amazonlinux/amazonlinux:2@sha256:bf4d96f155dff2ebf31ad98a503ee48609e0b883a728c5be75c7fb1b86b5f334
Warn: containerImage not pinned by hash: docker/amazonlinux2023.Dockerfile:1: pin your Docker image by updating public.ecr.aws/amazonlinux/amazonlinux:2023 to public.ecr.aws/amazonlinux/amazonlinux:2023@sha256:2b1c4a8251e3a0e95fba952161e05f7417fdca66580ca9bf0638d83c017f0e69
Warn: containerImage not pinned by hash: docker/code-check.Dockerfile:2: pin your Docker image by updating public.ecr.aws/docker/library/amazoncorretto:11-alpine-jdk to public.ecr.aws/docker/library/amazoncorretto:11-alpine-jdk@sha256:46cb7d2700c15a303c669cbe5ea6ab1d20bc60982d31382ec09103f4996a395b
Warn: containerImage not pinned by hash: docker/debian.Dockerfile:4: pin your Docker image by updating public.ecr.aws/debian/debian:10-slim to public.ecr.aws/debian/debian:10-slim@sha256:f66e997bfdb5ae37b5ca293d66e52a7a8fdbec8b35c88844d40c45df9fbd7677
Warn: containerImage not pinned by hash: docker/debian.Dockerfile:24: pin your Docker image by updating public.ecr.aws/debian/debian:10-slim to public.ecr.aws/debian/debian:10-slim@sha256:f66e997bfdb5ae37b5ca293d66e52a7a8fdbec8b35c88844d40c45df9fbd7677
Warn: pipCommand not pinned by hash: docker/amazonlinux2.Dockerfile:24-30
Warn: pipCommand not pinned by hash: docker/amazonlinux2023.Dockerfile:3-8
Warn: pipCommand not pinned by hash: docker/code-check.Dockerfile:9
Warn: npmCommand not pinned by hash: .github/workflows/linters.yml:24
Info: 0 out of 17 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 0 out of 7 containerImage dependencies pinned
Info: 0 out of 3 pipCommand dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned