{"id":14038773,"name":"github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins","ecosystem":"go","description":"","homepage":"https://github.com/fluent/fluent-bit","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/fluent/fluent-bit","keywords_array":[],"namespace":"github.com/fluent/fluent-bit/tests/runtime_shell","versions_count":4,"first_release_published_at":"2026-04-07T19:23:01.000Z","latest_release_published_at":"2026-04-20T15:27:12.000Z","latest_release_number":"v0.0.0-20260420152712-29deec9e72a5","last_synced_at":"2026-05-23T11:39:24.940Z","created_at":"2026-03-13T08:46:12.645Z","updated_at":"2026-05-23T11:39:24.940Z","registry_url":"https://pkg.go.dev/github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins","install_command":"go get github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins","documentation_url":"https://pkg.go.dev/github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins#section-documentation","metadata":{},"repo_metadata":{"id":26481990,"uuid":"29933948","full_name":"fluent/fluent-bit","owner":"fluent","description":"Fast and Lightweight Logs, Metrics and Traces processor for Linux, BSD, OSX and Windows","archived":false,"fork":false,"pushed_at":"2026-03-17T06:02:57.000Z","size":138174,"stargazers_count":7721,"open_issues_count":738,"forks_count":1886,"subscribers_count":108,"default_branch":"master","last_synced_at":"2026-03-17T13:18:33.896Z","etag":null,"topics":["c","cloudnative","data-collector","fluent-bit","fluentd","forwarder","logging","logs","metrics","opentelemetry","prometheus","sql-queries","stream-processing","traces"],"latest_commit_sha":null,"homepage":"https://fluentbit.io","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fluent.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":"GOVERNANCE.md","roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.md","copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2015-01-27T20:41:52.000Z","updated_at":"2026-03-17T09:55:24.000Z","dependencies_parsed_at":"2026-01-05T23:11:10.400Z","dependency_job_id":null,"html_url":"https://github.com/fluent/fluent-bit","commit_stats":{"total_commits":10609,"total_committers":492,"mean_commits":21.5630081300813,"dds":0.5933641247996984,"last_synced_commit":"12cb22e0e9eecad19618d5def36249c1dcee61cd"},"previous_names":[],"tags_count":312,"template":false,"template_full_name":null,"purl":"pkg:github/fluent/fluent-bit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fluent%2Ffluent-bit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fluent%2Ffluent-bit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fluent%2Ffluent-bit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fluent%2Ffluent-bit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fluent","download_url":"https://codeload.github.com/fluent/fluent-bit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fluent%2Ffluent-bit/sbom","scorecard":{"id":373432,"data":{"date":"2025-08-16T02:11:35Z","repo":{"name":"github.com/fluent/fluent-bit","commit":"c51a9e4e36126a26bd193c0525110fe21fe2ed8a"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":6.1,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Code-Review","score":3,"reason":"Found 4/12 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/build-legacy-branch.yaml:17","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build-legacy-branch.yaml:52","Info: jobLevel 'contents' permission set to 'read': .github/workflows/build-legacy-branch.yaml:122","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:208","Info: jobLevel 'packages' permission set to 'read': .github/workflows/call-build-images.yaml:265","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:264","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:296","Info: jobLevel 'packages' permission set to 'read': .github/workflows/call-build-images.yaml:297","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:331","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:396","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:60","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:84","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-images.yaml:155","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-linux-packages.yaml:60","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-linux-packages.yaml:110","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-macos.yaml:47","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-macos.yaml:72","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-macos.yaml:126","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-windows.yaml:54","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-windows.yaml:99","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-build-windows.yaml:205","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-integration-image-build.yaml:39","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-integration-image-build.yaml:104","Info: jobLevel 'packages' permission set to 'read': .github/workflows/call-integration-image-build.yaml:105","Info: jobLevel 'packages' permission set to 'read': .github/workflows/call-run-integration-test.yaml:42","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-run-integration-test.yaml:172","Info: jobLevel 'packages' permission set to 'read': .github/workflows/call-run-integration-test.yaml:173","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-run-integration-test.yaml:228","Info: jobLevel 'contents' permission set to 'read': .github/workflows/call-windows-unit-tests.yaml:48","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cron-unstable-build.yaml:168","Info: found token with 'none' permissions: .github/workflows/cron-unstable-build.yaml:32","Info: jobLevel 'contents' permission set to 'read': .github/workflows/cron-unstable-build.yaml:107","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/pr-closed-docker.yaml:13","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-image-tests.yaml:72","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-image-tests.yaml:96","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-image-tests.yaml:20","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-install-script.yaml:18","Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr-package-tests.yaml:65","Info: found token with 'none' permissions: .github/workflows/pr-package-tests.yaml:27","Info: jobLevel 'contents' permission set to 'read': .github/workflows/staging-release.yaml:744","Info: jobLevel 'packages' permission set to 'read': .github/workflows/staging-release.yaml:745","Info: jobLevel 'contents' permission set to 'read': .github/workflows/staging-release.yaml:39","Info: found token with 'none' permissions: .github/workflows/staging-release.yaml:258","Info: found token with 'none' permissions: .github/workflows/staging-release.yaml:850","Info: found token with 'none' permissions: .github/workflows/staging-release.yaml:899","Info: jobLevel 'contents' permission set to 'read': .github/workflows/staging-release.yaml:722","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/staging-release.yaml:768","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/staging-release.yaml:1008","Info: jobLevel 'contents' permission set to 'read': .github/workflows/staging-release.yaml:108","Info: jobLevel 'contents' permission set to 'read': .github/workflows/staging-release.yaml:181","Info: found token with 'none' permissions: .github/workflows/staging-release.yaml:296","Info: jobLevel 'contents' permission set to 'read': .github/workflows/staging-release.yaml:335","Info: found token with 'none' permissions: .github/workflows/staging-release.yaml:695","Info: jobLevel 'contents' permission set to 'read': .github/workflows/unit-tests.yaml:120","Info: jobLevel 'contents' permission set to 'read': .github/workflows/unit-tests.yaml:147","Info: found token with 'none' permissions: .github/workflows/unit-tests.yaml:271","Info: jobLevel 'contents' permission set to 'read': .github/workflows/unit-tests.yaml:70","Info: jobLevel 'contents' permission set to 'read': .github/workflows/update-dockerhub.yaml:11","Warn: no topLevel permission defined: .github/workflows/build-branch-containers.yaml:1","Warn: no topLevel permission defined: .github/workflows/build-legacy-branch.yaml:1","Warn: no topLevel permission defined: .github/workflows/build-master-packages.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-build-images.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-build-linux-packages.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-build-macos.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-build-windows.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-integration-image-build.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-run-integration-test.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-test-images.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-test-packages.yaml:1","Warn: no topLevel permission defined: .github/workflows/call-windows-unit-tests.yaml:1","Info: topLevel permissions set to 'read-all': .github/workflows/cron-scorecards-analysis.yaml:16","Warn: no topLevel permission defined: .github/workflows/cron-stale.yaml:1","Warn: no topLevel permission defined: .github/workflows/cron-trivy.yaml:1","Warn: no topLevel permission defined: .github/workflows/cron-unstable-build.yaml:1","Warn: no topLevel permission defined: .github/workflows/master-integration-test.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-closed-docker.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-commit-message.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-compile-check.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-fuzz.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-image-tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-install-script.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-integration-test.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-labels.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-lint.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-package-tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-perf-test.yaml:1","Warn: no topLevel permission defined: .github/workflows/pr-windows-build.yaml:1","Warn: no topLevel permission defined: .github/workflows/skipped-unit-tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/staging-build.yaml:1","Warn: no topLevel permission defined: .github/workflows/staging-release.yaml:1","Warn: no topLevel permission defined: .github/workflows/staging-test.yaml:1","Warn: no topLevel permission defined: .github/workflows/unit-tests.yaml:1","Warn: no topLevel permission defined: .github/workflows/update-dockerhub.yaml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":0,"reason":"binaries present in source code","details":["Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/connection.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/event_publisher.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/event_subscriber.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/request_handler.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/request_sender.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sensor.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/simple:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sys/connection.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sys/event_publisher.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sys/event_subscriber.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sys/request_handler.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sys/request_sender.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/sys/timer.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/timer.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/ui_app.wasm:1","Warn: binary detected: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/static/upload/wasm_runtime_wgl:1","Warn: binary detected: tests/runtime/data/wasm/append_tag.wasm:1","Warn: binary detected: tests/runtime/data/wasm/drop_record.wasm:1","Warn: binary detected: tests/runtime/data/wasm/modify_record.wasm:1","Warn: binary detected: tests/runtime/data/wasm/msgpack/filter_rust_mp.wasm:1","Warn: binary detected: tests/runtime/data/wasm/numeric_records.wasm:1","Warn: binary detected: tests/runtime/data/wasm/say_hello.wasm:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'master'","Info: 'force pushes' disabled on branch 'master'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'","Warn: 'stale review dismissal' is disabled on branch 'master'","Warn: required approving review count is 1 on branch 'master'","Warn: codeowners review is not required on branch 'master'","Info: 'last push approval' is required to merge on branch 'master'","Warn: 'up-to-date branches' is disabled on branch 'master'","Info: status check found to merge onto on branch 'master'","Info: PRs are required in order to make changes on branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: OSSFuzz integration found","Info: CppLibFuzzer integration found: lib/jansson-e23f558/test/ossfuzz/json_load_dump_fuzzer.cc:31","Info: CppLibFuzzer integration found: lib/jansson-e23f558/test/ossfuzz/standaloneengine.cc:46","Info: CppLibFuzzer integration found: lib/jansson-e23f558/test/ossfuzz/json_load_dump_fuzzer.cc:31","Info: CppLibFuzzer integration found: lib/jansson-e23f558/test/ossfuzz/standaloneengine.cc:46","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-fuzz.c:56","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-fuzz.c:68","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-test-fuzz-name.c:34","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-test-fuzz-name.c:42","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-test-fuzz-name.c:59","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-test-fuzz.c:32","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-test-fuzz.c:50","Info: CLibFuzzer integration found: lib/c-ares-1.34.4/test/ares-test-fuzz.c:129","Info: CLibFuzzer integration found: lib/librdkafka-2.10.1/tests/fuzzers/fuzz_regex.c:44","Info: CLibFuzzer integration found: lib/librdkafka-2.10.1/tests/fuzzers/fuzz_regex.c:70","Info: CLibFuzzer integration found: lib/nghttp2-1.65.0/third-party/mruby/oss-fuzz/mruby_fuzzer.c:6","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/block_decompress.c:29","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/block_round_trip.c:56","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/decompress_cross_format.c:24","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/decompress_dstSize_tooSmall.c:30","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/dictionary_decompress.c:27","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/dictionary_loader.c:69","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/dictionary_round_trip.c:110","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/dictionary_stream_round_trip.c:149","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/fse_read_ncount.c:28","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/generate_sequences.c:49","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/huf_decompress.c:25","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/huf_round_trip.c:41","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/raw_dictionary_round_trip.c:70","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/regression_driver.c:78","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/seekable_roundtrip.c:20","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/sequence_compression_api.c:336","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/simple_compress.c:29","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/simple_decompress.c:28","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/simple_round_trip.c:141","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/stream_decompress.c:68","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/stream_round_trip.c:156","Info: CLibFuzzer integration found: lib/zstd-1.5.7/tests/fuzz/zstd_frame_info.c:22","Info: CLibFuzzer integration found: tests/internal/fuzzers/aws_credentials_fuzzer.c:100","Info: CLibFuzzer integration found: tests/internal/fuzzers/aws_util_fuzzer.c:38","Info: CLibFuzzer integration found: tests/internal/fuzzers/base64_fuzzer.c:6","Info: CLibFuzzer integration found: tests/internal/fuzzers/cmetrics_decode_fuzz.c:25","Info: CLibFuzzer integration found: tests/internal/fuzzers/cmetrics_decode_prometheus.c:24","Info: CLibFuzzer integration found: tests/internal/fuzzers/config_fuzzer.c:321","Info: CLibFuzzer integration found: tests/internal/fuzzers/config_map_fuzzer.c:156","Info: CLibFuzzer integration found: tests/internal/fuzzers/config_random_fuzzer.c:25","Info: CLibFuzzer integration found: tests/internal/fuzzers/config_yaml_fuzzer.c:31","Info: CLibFuzzer integration found: tests/internal/fuzzers/ctrace_fuzzer.c:6","Info: CLibFuzzer integration found: tests/internal/fuzzers/engine_fuzzer.c:17","Info: CLibFuzzer integration found: tests/internal/fuzzers/filter_stdout_fuzzer.c:24","Info: CLibFuzzer integration found: tests/internal/fuzzers/flb_json_fuzzer.c:24","Info: CLibFuzzer integration found: tests/internal/fuzzers/flb_mp_fuzzer.c:26","Info: CLibFuzzer integration found: tests/internal/fuzzers/fstore_fuzzer.c:38","Info: CLibFuzzer integration found: tests/internal/fuzzers/http_fuzzer.c:17","Info: CLibFuzzer integration found: tests/internal/fuzzers/input_fuzzer.c:40","Info: CLibFuzzer integration found: tests/internal/fuzzers/local_test.c:35","Info: CLibFuzzer integration found: tests/internal/fuzzers/local_test.c:81","Info: CLibFuzzer integration found: tests/internal/fuzzers/msgpack_parse_fuzzer.c:6","Info: CLibFuzzer integration found: tests/internal/fuzzers/msgpack_to_gelf_fuzzer.c:6","Info: CLibFuzzer integration found: tests/internal/fuzzers/multiline_fuzzer.c:130","Info: CLibFuzzer integration found: tests/internal/fuzzers/pack_json_state_fuzzer.c:5","Info: CLibFuzzer integration found: tests/internal/fuzzers/parse_json_fuzzer.c:25","Info: CLibFuzzer integration found: tests/internal/fuzzers/parse_logfmt_fuzzer.c:7","Info: CLibFuzzer integration found: tests/internal/fuzzers/parse_ltsv_fuzzer.c:7","Info: CLibFuzzer integration found: tests/internal/fuzzers/parser_fuzzer.c:30","Info: CLibFuzzer integration found: tests/internal/fuzzers/record_ac_fuzzer.c:11","Info: CLibFuzzer integration found: tests/internal/fuzzers/signv4_fuzzer.c:16","Info: CLibFuzzer integration found: tests/internal/fuzzers/strp_fuzzer.c:16","Info: CLibFuzzer integration found: tests/internal/fuzzers/utils_fuzzer.c:33"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/pr-compile-check.yaml:14"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"CI-Tests","score":10,"reason":"12 out of 12 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: statements must be separated by \u0026, ; or a newline: dockerfiles/Dockerfile.windows:51-77","Info: Possibly incomplete results: error parsing shell code: \"foo(\" must be followed by ): dockerfiles/Dockerfile.windows:83-103","Info: Possibly incomplete results: error parsing shell code: \"foo(\" must be followed by ): dockerfiles/Dockerfile.windows:113-134","Info: Possibly incomplete results: error parsing shell code: @ cannot be followed by a word: lib/jemalloc-5.3.0/test/test.sh.in:0","Info: Possibly incomplete results: error parsing shell code: \"done\" can only be used to end a loop: lib/librdkafka-2.10.1/tests/cleanup-checker-tests.sh:0","Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: ': .github/workflows/build-master-packages.yaml:26","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-legacy-branch.yaml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/build-legacy-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:340: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:400: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:408: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-images.yaml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-linux-packages.yaml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-linux-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-macos.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-macos.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-macos.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-macos.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-macos.yaml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-macos.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-macos.yaml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-macos.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-macos.yaml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-macos.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-macos.yaml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-macos.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:208: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-build-windows.yaml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-build-windows.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-integration-image-build.yaml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-integration-image-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:190: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:237: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:263: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-run-integration-test.yaml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-run-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-test-images.yaml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-images.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-test-packages.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-test-packages.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-windows-unit-tests.yaml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-windows-unit-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-windows-unit-tests.yaml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-windows-unit-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/call-windows-unit-tests.yaml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-windows-unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-windows-unit-tests.yaml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-windows-unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-windows-unit-tests.yaml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-windows-unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/call-windows-unit-tests.yaml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/call-windows-unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-scorecards-analysis.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-scorecards-analysis.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-scorecards-analysis.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-scorecards-analysis.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-scorecards-analysis.yaml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-scorecards-analysis.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-stale.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-stale.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-trivy.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-trivy.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-trivy.yaml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-trivy.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-trivy.yaml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-trivy.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-trivy.yaml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-trivy.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-trivy.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-trivy.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-unstable-build.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-unstable-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-unstable-build.yaml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-unstable-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-unstable-build.yaml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-unstable-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cron-unstable-build.yaml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-unstable-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-unstable-build.yaml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/cron-unstable-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-closed-docker.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-closed-docker.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-commit-message.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-commit-message.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-compile-check.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-compile-check.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-compile-check.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-compile-check.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-compile-check.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-compile-check.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-compile-check.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-compile-check.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-compile-check.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-compile-check.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-fuzz.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-fuzz.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-fuzz.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-fuzz.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-fuzz.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-fuzz.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-fuzz.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-fuzz.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-image-tests.yaml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-image-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-install-script.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-install-script.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-integration-test.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-integration-test.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-integration-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-labels.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-labels.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-lint.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-lint.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-lint.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-lint.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-lint.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-lint.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-lint.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-lint.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-lint.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-lint.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-package-tests.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-package-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-package-tests.yaml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-package-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-perf-test.yaml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-perf-test.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-perf-test.yaml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-perf-test.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-perf-test.yaml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/pr-perf-test.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-build.yaml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-build.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-build.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-build.yaml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-build.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1015: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1021: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1027: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1033: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1039: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1045: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1051: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1058: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:1072: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:338: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:773: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:785: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:797: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:809: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:821: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:833: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:905: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:913: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:921: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:929: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:937: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:945: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:953: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:981: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:462: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:468: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:584: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:609: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:636: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:639: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:645: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:699: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:730: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:752: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:213: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/staging-release.yaml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/staging-release.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/unit-tests.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-dockerhub.yaml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/update-dockerhub.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-dockerhub.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/fluent/fluent-bit/update-dockerhub.yaml/master?enable=pin","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:19","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:20","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:22","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:67","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:117","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:180","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:211","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.centos7:4: pin your Docker image by updating centos:7 to centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.windows:17","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.windows:150","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.windows:189","Warn: containerImage not pinned by hash: examples/kafka_filter/Dockerfile:1","Warn: containerImage not pinned by hash: examples/kafka_filter/Dockerfile:40","Warn: containerImage not pinned by hash: lib/nghttp2-1.65.0/Dockerfile.android:15: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: lib/nghttp2-1.65.0/third-party/mruby/Dockerfile:1: pin your Docker image by updating ruby:3.2.2-bullseye to ruby:3.2.2-bullseye@sha256:7cfc1394f44b0c22abc91d35d2a069731ab4bb31c3acb91d14eeca1ee2ccd21c","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/.devcontainer/Dockerfile:7","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.compile:4: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8feb4d8ca5354def3d8fce243717141ce31e2c428701f6682bd2fafe15388214","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.cpu:4","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.cpu:31: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.nvidia-gpu:4","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.nvidia-gpu:32","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.tpu:4","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.vx-delegate:4","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/product-mini/platforms/zephyr/simple/Dockerfile:3: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/Dockerfile:1: pin your Docker image by updating python:3.5 to python:3.5@sha256:42a37d6b8c00b186bdfb2b620fa8023eb775b3eb3a768fd3c2e421964eee9665","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/server/Dockerfile:1: pin your Docker image by updating python:3.5 to python:3.5@sha256:42a37d6b8c00b186bdfb2b620fa8023eb775b3eb3a768fd3c2e421964eee9665","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/wamr-ide/WASM-Debug-Server/Docker/Dockerfile:4","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/wamr-ide/WASM-Debug-Server/Docker/Dockerfile:24: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/wamr-ide/WASM-Toolchain/Docker/Dockerfile:5","Warn: containerImage not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/wamr-ide/WASM-Toolchain/Docker/Dockerfile:51: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: packaging/distros/almalinux/Dockerfile:10","Warn: containerImage not pinned by hash: packaging/distros/almalinux/Dockerfile:13","Warn: containerImage not pinned by hash: packaging/distros/almalinux/Dockerfile:28","Warn: containerImage not pinned by hash: packaging/distros/almalinux/Dockerfile:47","Warn: containerImage not pinned by hash: packaging/distros/almalinux/Dockerfile:62","Warn: containerImage not pinned by hash: packaging/distros/almalinux/Dockerfile:83","Warn: containerImage not pinned by hash: packaging/distros/amazonlinux/Dockerfile:10","Warn: containerImage not pinned by hash: packaging/distros/amazonlinux/Dockerfile:13","Warn: containerImage not pinned by hash: packaging/distros/amazonlinux/Dockerfile:37","Warn: containerImage not pinned by hash: packaging/distros/amazonlinux/Dockerfile:64","Warn: containerImage not pinned by hash: packaging/distros/amazonlinux/Dockerfile:89","Warn: containerImage not pinned by hash: packaging/distros/amazonlinux/Dockerfile:118","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:10","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:13","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:46","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:86","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:123","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:165","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:192","Warn: containerImage not pinned by hash: packaging/distros/centos/Dockerfile:230","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:10","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:13","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:42","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:73","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:97","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:123","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:147","Warn: containerImage not pinned by hash: packaging/distros/debian/Dockerfile:174","Warn: containerImage not pinned by hash: packaging/distros/raspbian/Dockerfile:9","Warn: containerImage not pinned by hash: packaging/distros/raspbian/Dockerfile:25","Warn: containerImage not pinned by hash: packaging/distros/raspbian/Dockerfile:38","Warn: containerImage not pinned by hash: packaging/distros/raspbian/Dockerfile:52","Warn: containerImage not pinned by hash: packaging/distros/rockylinux/Dockerfile:10","Warn: containerImage not pinned by hash: packaging/distros/rockylinux/Dockerfile:13","Warn: containerImage not pinned by hash: packaging/distros/rockylinux/Dockerfile:28","Warn: containerImage not pinned by hash: packaging/distros/rockylinux/Dockerfile:47","Warn: containerImage not pinned by hash: packaging/distros/rockylinux/Dockerfile:62","Warn: containerImage not pinned by hash: packaging/distros/rockylinux/Dockerfile:83","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:10","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:13","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:45","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:77","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:111","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:135","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:161","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:185","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:211","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:235","Warn: containerImage not pinned by hash: packaging/distros/ubuntu/Dockerfile:262","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2:23","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2:27","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2:46","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2022:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2022:23","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2022:27","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2022:46","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos7:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos7:24","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos7:28","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos7:47","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos8:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos8:26","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos8:30","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos8:53","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos9:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos9:22","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos9:26","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos9:45","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian10:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian10:24","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian10:28","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian10:48","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian11:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian11:23","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian11:27","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian11:47","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian12:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian12:23","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian12:27","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian12:47","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu1804:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu1804:24","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu1804:28","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu1804:50","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2004:8","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2004:24","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2004:28","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2004:48","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2204:4","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2204:13","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2204:17","Warn: containerImage not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2204:34","Warn: pipCommand not pinned by hash: lib/nghttp2-1.65.0/third-party/mruby/Dockerfile:11","Warn: downloadThenRun not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/.devcontainer/Dockerfile:38-44","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/.devcontainer/Dockerfile:123-124","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/.devcontainer/Dockerfile:123-124","Warn: downloadThenRun not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/.devcontainer/Dockerfile:135","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/core/iwasm/libraries/wasi-nn/test/Dockerfile.compile:24","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/product-mini/platforms/zephyr/simple/Dockerfile:29","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/product-mini/platforms/zephyr/simple/Dockerfile:35","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/IoT-APP-Store-Demo/wasm_django/Dockerfile:7","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/test-tools/wamr-ide/WASM-Toolchain/Docker/Dockerfile:33","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2:17","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.amazonlinux2022:17","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos7:18","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos8:20","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.centos9:16","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian10:18","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian11:17","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.debian12:17","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu1804:18","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2004:18","Warn: downloadThenRun not pinned by hash: packaging/testing/smoke/packages/Dockerfile.ubuntu2204:7","Warn: pipCommand not pinned by hash: lib/librdkafka-2.10.1/tests/autotest.sh:24","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/wamr-sdk/menuconfig.sh:128","Warn: pipCommand not pinned by hash: lib/wasm-micro-runtime-WAMR-1.3.3/wamr-sdk/menuconfig.sh:131","Warn: downloadThenRun not pinned by hash: .github/workflows/pr-lint.yaml:34","Info:   0 out of  94 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of 111 third-party GitHubAction dependencies pinned","Info:   0 out of  14 downloadThenRun dependencies pinned","Info:   2 out of 125 containerImage dependencies pinned","Info:   0 out of  11 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":0,"reason":"25 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: RUSTSEC-2020-0159","Warn: Project is vulnerable to: RUSTSEC-2024-0436","Warn: Project is vulnerable to: RUSTSEC-2022-0092 / GHSA-255r-3prx-mf99","Warn: Project is vulnerable to: RUSTSEC-2020-0071 / GHSA-wcg3-cvx6-7396","Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h","Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6","Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf","Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc","Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f","Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm","Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52","Warn: Project is vulnerable to: PYSEC-2020-73","Warn: Project is vulnerable to: CVE-2025-7207","Warn: Project is vulnerable to: OSV-2022-599","Warn: Project is vulnerable to: OSV-2022-652","Warn: Project is vulnerable to: OSV-2022-679","Warn: Project is vulnerable to: GHSA-6f62-3596-g6w7","Warn: Project is vulnerable to: GHSA-r995-q44h-hr64","Warn: Project is vulnerable to: GHSA-8mq4-9jjh-9xrc","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: GHSA-gjh7-xx4r-x345","Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6","Warn: Project is vulnerable to: OSV-2022-1277","Warn: Project is vulnerable to: OSV-2022-834"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"Contributors","score":10,"reason":"project has 32 contributing companies or organizations","details":["Info: found contributions from: AOSC-Dev, AOSC-Tracking, KLab, SAP, agilicus incorporated, amazon, arm, aws, barco, calyptia, camptocamp, chronosphere, chronosphereio, comovamos, conda-forge, fluent, fluent-plugins-nursery, fluentdo, google, googlers, haroonga, https://adalogics.com, klab, macports, monkey, mroonga, mruby-esp32, neomutt, openstack-exporter, ranguba, ruby-gnome, sap"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}}]},"last_synced_at":"2025-08-18T13:32:10.037Z","repository_id":26481990,"created_at":"2025-08-18T13:32:10.037Z","updated_at":"2025-08-18T13:32:10.037Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30635165,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-17T22:38:22.569Z","status":"ssl_error","status_checked_at":"2026-03-17T22:38:11.804Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"repo_metadata_updated_at":"2026-03-18T02:08:51.361Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":5.23548160009902,"dependent_packages_count":4.905882785242946,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":5.070682192670983},"purl":"pkg:golang/github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/fluent/fluent-bit/tests/runtime_shell/go_plugins/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2026-03-17T23:00:47.785Z","issues_count":1803,"pull_requests_count":2642,"avg_time_to_close_issue":13589740.162615256,"avg_time_to_close_pull_request":3403203.0599230346,"issues_closed_count":1191,"pull_requests_closed_count":1818,"pull_request_authors_count":410,"issue_authors_count":1332,"avg_comments_per_issue":4.249029395452024,"avg_comments_per_pull_request":1.979560938682816,"merged_pull_requests_count":1507,"bot_issues_count":2,"bot_pull_requests_count":141,"past_year_issues_count":295,"past_year_pull_requests_count":676,"past_year_avg_time_to_close_issue":2811752.3289473685,"past_year_avg_time_to_close_pull_request":468890.78985507245,"past_year_issues_closed_count":76,"past_year_pull_requests_closed_count":414,"past_year_pull_request_authors_count":101,"past_year_issue_authors_count":209,"past_year_avg_comments_per_issue":1.3152542372881355,"past_year_avg_comments_per_pull_request":1.1582840236686391,"past_year_bot_issues_count":2,"past_year_bot_pull_requests_count":28,"past_year_merged_pull_requests_count":345,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/fluent%2Ffluent-bit/issues","maintainers":[{"login":"edsiper","count":446,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/edsiper"},{"login":"leonardo-albertovich","count":237,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/leonardo-albertovich"},{"login":"nokute78","count":102,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/nokute78"},{"login":"niedbalski","count":56,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/niedbalski"},{"login":"agup006","count":20,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/agup006"},{"login":"erikbledsoe","count":5,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/erikbledsoe"},{"login":"adiforluls","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/adiforluls"},{"login":"patrick-stephens","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/patrick-stephens"},{"login":"methane","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/methane"},{"login":"benjaminhuo","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/benjaminhuo"},{"login":"RicardoAAD","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/RicardoAAD"},{"login":"Armelsteve1","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Armelsteve1"},{"login":"fujimotos","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/fujimotos"},{"login":"wenchajun","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/wenchajun"},{"login":"koleini","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/koleini"},{"login":"qingling128","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/qingling128"},{"login":"rlJzr","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/rlJzr"}],"active_maintainers":[{"login":"edsiper","count":169,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/edsiper"},{"login":"leonardo-albertovich","count":37,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/leonardo-albertovich"},{"login":"agup006","count":18,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/agup006"},{"login":"niedbalski","count":12,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/niedbalski"},{"login":"patrick-stephens","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/patrick-stephens"},{"login":"Armelsteve1","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Armelsteve1"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Ffluent%2Ffluent-bit%2Ftests%2Fruntime_shell%2Fgo_plugins/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Ffluent%2Ffluent-bit%2Ftests%2Fruntime_shell%2Fgo_plugins/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Ffluent%2Ffluent-bit%2Ftests%2Fruntime_shell%2Fgo_plugins/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Ffluent%2Ffluent-bit%2Ftests%2Fruntime_shell%2Fgo_plugins/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Ffluent%2Ffluent-bit%2Ftests%2Fruntime_shell%2Fgo_plugins/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Ffluent%2Ffluent-bit%2Ftests%2Fruntime_shell%2Fgo_plugins/codemeta","maintainers":[]}