Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-licenses.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/cron-licenses.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-licenses.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/cron-licenses.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-licenses.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/cron-licenses.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-translations.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/cron-translations.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-translations.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/cron-translations.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-translations.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/cron-translations.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/files-changed.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/files-changed.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/files-changed.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/files-changed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:200: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-compliance.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-compliance.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-db-tests.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-db-tests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-docker-dryrun.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-docker-dryrun.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-docker-dryrun.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-docker-dryrun.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-docker-dryrun.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-docker-dryrun.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-docker-dryrun.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-docker-dryrun.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-e2e-tests.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-e2e-tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-e2e-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-e2e-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-labeler.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/pull-labeler.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-nightly.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-nightly.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-rc.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-rc.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-tag-version.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/go-gitea/gitea/release-tag-version.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:2
Warn: containerImage not pinned by hash: Dockerfile:44: pin your Docker image by updating docker.io/library/alpine:3.22 to docker.io/library/alpine:3.22@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: containerImage not pinned by hash: Dockerfile.rootless:2
Warn: containerImage not pinned by hash: Dockerfile.rootless:42: pin your Docker image by updating docker.io/library/alpine:3.22 to docker.io/library/alpine:3.22@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
Warn: pipCommand not pinned by hash: .github/workflows/pull-compliance.yml:44
Warn: pipCommand not pinned by hash: .github/workflows/pull-compliance.yml:58
Info: 0 out of 60 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 50 third-party GitHubAction dependencies pinned
Info: 0 out of 4 containerImage dependencies pinned
Info: 1 out of 1 goCommand dependencies pinned
Info: 0 out of 2 pipCommand dependencies pinned