Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c1d.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c1d.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c1d.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c1d.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c1d1a.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c1d1a.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c1d1a.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c1d1a.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c3d.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c3d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c3d.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c3d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cluster-it-1c3d.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/cluster-it-1c3d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compile-check.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/compile-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compile-check.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/compile-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-it.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-it.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-it.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-it.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-it.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-it.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-ut.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-ut.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-ut.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-ut.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/daily-ut.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/daily-ut.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-check.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/dependency-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-check.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/dependency-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependency-check.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/dependency-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/greetings.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/greetings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/multi-language-client.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/multi-language-client.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:324: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:362: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:364: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:369: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:429: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:446: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:448: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:453: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:513: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:614: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:616: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:621: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:681: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:697: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:699: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:704: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:764: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:530: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:532: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:537: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:597: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:780: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:782: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:787: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pipe-it.yml:847: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/pipe-it.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonar-codecov.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/sonar-codecov.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonar-codecov.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/sonar-codecov.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/sonar-codecov.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/sonar-codecov.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonar-codecov.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/sonar-codecov.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonar-codecov.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/sonar-codecov.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sonar-codecov.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/sonar-codecov.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c1d.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c1d.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c1d.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c1d.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c1d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c3d.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c3d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c3d.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c3d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/table-cluster-it-1c3d.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/table-cluster-it-1c3d.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/todos-check.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/todos-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/unit-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/unit-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/unit-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-check.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/vulnerability-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-check.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/vulnerability-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-check.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/vulnerability-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vulnerability-check.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/iotdb/vulnerability-check.yml/master?enable=pin
Warn: containerImage not pinned by hash: docker/src/main/Dockerfile-1.0.0-confignode:19: pin your Docker image by updating eclipse-temurin:17-jre-noble to eclipse-temurin:17-jre-noble@sha256:47ab52d436cd9d76bbe5fcc01d82bd550a2daf753ba43c1a0a8032b35b455932
Warn: containerImage not pinned by hash: docker/src/main/Dockerfile-1.0.0-datanode:19: pin your Docker image by updating eclipse-temurin:17-jre-noble to eclipse-temurin:17-jre-noble@sha256:47ab52d436cd9d76bbe5fcc01d82bd550a2daf753ba43c1a0a8032b35b455932
Warn: containerImage not pinned by hash: docker/src/main/Dockerfile-1.0.0-standalone:21: pin your Docker image by updating eclipse-temurin:17-jre-noble to eclipse-temurin:17-jre-noble@sha256:47ab52d436cd9d76bbe5fcc01d82bd550a2daf753ba43c1a0a8032b35b455932
Warn: containerImage not pinned by hash: docker/src/main/Dockerfile-1c1d:22: pin your Docker image by updating eclipse-temurin:17-jre-noble to eclipse-temurin:17-jre-noble@sha256:47ab52d436cd9d76bbe5fcc01d82bd550a2daf753ba43c1a0a8032b35b455932
Warn: pipCommand not pinned by hash: .github/workflows/multi-language-client.yml:168
Info: 0 out of 89 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 1 third-party GitHubAction dependencies pinned
Info: 0 out of 1 pipCommand dependencies pinned
Info: 0 out of 4 containerImage dependencies pinned