{"id":13449170,"url":"https://github.com/kserve/kserve","last_synced_at":"2026-07-15T04:01:07.975Z","repository":{"id":37009327,"uuid":"178075572","full_name":"kserve/kserve","owner":"kserve","description":"Standardized Distributed Generative and Predictive AI Inference Platform for Scalable, Multi-Framework Deployment on Kubernetes","archived":false,"fork":false,"pushed_at":"2026-07-08T20:56:59.000Z","size":497428,"stargazers_count":5667,"open_issues_count":603,"forks_count":1563,"subscribers_count":69,"default_branch":"master","last_synced_at":"2026-07-08T22:33:23.575Z","etag":null,"topics":["artificial-intelligence","cncf","genai","hacktoberfest","istio","k8s","knative","kserve","kubeflow","kubernetes","llm-inference","machine-learning","mlops","model-interpretability","model-serving","pytorch","service-mesh","tensorflow","vllm","xgboost"],"latest_commit_sha":null,"homepage":"https://kserve.github.io/website/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kserve.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":"ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.md","copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-03-27T21:14:14.000Z","updated_at":"2026-07-08T21:43:19.000Z","dependencies_parsed_at":"2023-01-17T13:01:17.246Z","dependency_job_id":"e6fcdb30-5adb-481e-85a7-dd879ab6173c","html_url":"https://github.com/kserve/kserve","commit_stats":{"total_commits":1567,"total_committers":271,"mean_commits":5.782287822878229,"dds":0.845564773452457,"last_synced_commit":"e7353d19a2b407a0573f879d67e39b9cd4a3de68"},"previous_names":["kubeflow/kfserving","kserve/kfserving"],"tags_count":63,"template":false,"template_full_name":null,"purl":"pkg:github/kserve/kserve","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kserve%2Fkserve","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kserve%2Fkserve/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kserve%2Fkserve/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kserve%2Fkserve/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kserve","download_url":"https://codeload.github.com/kserve/kserve/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kserve%2Fkserve/sbom","scorecard":{"id":571262,"data":{"date":"2025-08-11","repo":{"name":"github.com/kserve/kserve","commit":"b5e3d533eb7e2f5b6a02b9d4c01a6baa00fc0eb0"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: Passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/agent-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/artexplainer-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/automated-release.yml:1","Warn: no topLevel permission defined: .github/workflows/comment-cherry-pick.yml:1","Warn: no topLevel permission defined: .github/workflows/custom-model-grpc-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/e2e-test.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/go.yml:15","Warn: topLevel 'contents' permission set to 'write': .github/workflows/helm-publish.yml:15","Warn: topLevel 'packages' permission set to 'write': .github/workflows/helm-publish.yml:16","Warn: no topLevel permission defined: .github/workflows/huggingface-cpu-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/huggingface-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/huggingface-vllm-docker-publish-manual.yml:1","Warn: no topLevel permission defined: .github/workflows/kserve-controller-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/kserve-localmodel-agent-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/kserve-localmodel-controller-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/lightgbm-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/paddle-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/pmml-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/precommit-check.yml:1","Warn: no topLevel permission defined: .github/workflows/prow-github.yml:1","Warn: no topLevel permission defined: .github/workflows/prow-pr-automerge.yml:1","Warn: no topLevel permission defined: .github/workflows/prow-pr-remove-lgtm.yml:1","Warn: no topLevel permission defined: .github/workflows/python-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/python-test.yml:1","Warn: no topLevel permission defined: .github/workflows/qpext-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/re-run-actions.yml:1","Warn: no topLevel permission defined: .github/workflows/router-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/scheduled-go-security-scan.yml:1","Warn: no topLevel permission defined: .github/workflows/scheduled-image-scan.yml:1","Warn: no topLevel permission defined: .github/workflows/sklearnserver-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/storage-initializer-docker-publisher.yml:1","Warn: no topLevel permission defined: .github/workflows/tf2openapi-docker-publisher.yml:1","Warn: no topLevel permission defined: .github/workflows/transformer-docker-publish.yml:1","Warn: no topLevel permission defined: .github/workflows/xgbserver-docker-publisher.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.15.2 not signed: https://api.github.com/repos/kserve/kserve/releases/221159788","Warn: release artifact v0.15.1 not signed: https://api.github.com/repos/kserve/kserve/releases/218883092","Warn: release artifact v0.15.0 not signed: https://api.github.com/repos/kserve/kserve/releases/209313203","Warn: release artifact v0.15.0-rc1 not signed: https://api.github.com/repos/kserve/kserve/releases/204413011","Warn: release artifact v0.15.0-rc0 not signed: https://api.github.com/repos/kserve/kserve/releases/197032140","Warn: release artifact v0.15.2 does not have provenance: https://api.github.com/repos/kserve/kserve/releases/221159788","Warn: release artifact v0.15.1 does not have provenance: https://api.github.com/repos/kserve/kserve/releases/218883092","Warn: release artifact v0.15.0 does not have provenance: https://api.github.com/repos/kserve/kserve/releases/209313203","Warn: release artifact v0.15.0-rc1 does not have provenance: https://api.github.com/repos/kserve/kserve/releases/204413011","Warn: release artifact v0.15.0-rc0 does not have provenance: https://api.github.com/repos/kserve/kserve/releases/197032140"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/agent-docker-publish.yml:44"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":10,"reason":"SAST tool detected","details":["Info: SAST configuration detected: Snyk","Info: SAST configuration detected: Snyk","Info: SAST configuration detected: Snyk","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"101 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-8gq9-2x98-w8hf","Warn: Project is vulnerable to: GHSA-8qvm-5x2c-j2w7","Warn: Project is vulnerable to: GHSA-g7vv-2v7x-gj9p","Warn: Project is vulnerable to: PYSEC-2020-107 / GHSA-jjw5-xxj6-pcv5","Warn: Project is vulnerable to: PYSEC-2024-110 / GHSA-jw8x-6495-233v","Warn: Project is vulnerable to: PYSEC-2020-108 / GHSA-jxfp-4rvq-9h9m","Warn: Project is vulnerable to: GHSA-79v4-65xg-pq4g","Warn: Project is vulnerable to: GHSA-cjgq-5qmw-rcj6","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-2c2j-9gv5-cj73","Warn: Project is vulnerable to: GHSA-9356-575x-2w9m","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: GHSA-48p4-8xcf-vxj5","Warn: Project is vulnerable to: GHSA-3vp4-m3rf-835h","Warn: Project is vulnerable to: GO-2023-1737 / GHSA-2c4m-59x9-fr2g","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h","Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6","Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf","Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc","Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f","Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm","Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52","Warn: Project is vulnerable to: GHSA-3c5c-7235-994j","Warn: Project is vulnerable to: GHSA-3f63-hfp8-52jq","Warn: Project is vulnerable to: PYSEC-2021-41 / GHSA-3wvg-mj6g-m9cv","Warn: Project is vulnerable to: PYSEC-2020-77 / GHSA-3xv8-3j54-hgrp","Warn: Project is vulnerable to: PYSEC-2020-80 / GHSA-43fq-w8qq-v88h","Warn: Project is vulnerable to: GHSA-44wm-f244-xhp3","Warn: Project is vulnerable to: GHSA-4fx9-vc88-q2xc","Warn: Project is vulnerable to: PYSEC-2021-35 / GHSA-57h3-9rgr-c24m","Warn: Project is vulnerable to: PYSEC-2020-172 / GHSA-5gm3-px64-rw72","Warn: Project is vulnerable to: PYSEC-2021-331 / GHSA-7534-mm45-c74v","Warn: Project is vulnerable to: PYSEC-2021-92 / GHSA-7r7m-5h27-29hp","Warn: Project is vulnerable to: PYSEC-2020-78 / GHSA-8843-m7mw-mxqm","Warn: Project is vulnerable to: PYSEC-2023-227 / GHSA-8ghj-p4vj-mr35","Warn: Project is vulnerable to: PYSEC-2014-87 / GHSA-8m9x-pxwq-j236","Warn: Project is vulnerable to: PYSEC-2022-10 / GHSA-8vj2-vxx3-667w","Warn: Project is vulnerable to: PYSEC-2021-36 / GHSA-8xjq-8fcg-g5hw","Warn: Project is vulnerable to: PYSEC-2016-6 / GHSA-8xjv-v9xq-m5h9","Warn: Project is vulnerable to: PYSEC-2021-42 / GHSA-95q3-8gr9-gm8w","Warn: Project is vulnerable to: PYSEC-2022-168 / GHSA-9j59-75qj-795w","Warn: Project is vulnerable to: PYSEC-2014-10 / GHSA-cfmr-38g9-f2h7","Warn: Project is vulnerable to: PYSEC-2020-76 / GHSA-cqhg-xjhh-p8hf","Warn: Project is vulnerable to: PYSEC-2021-40 / GHSA-f4w8-cv6p-x6r5","Warn: Project is vulnerable to: PYSEC-2021-69 / GHSA-f5g8-5qq7-938w","Warn: Project is vulnerable to: PYSEC-2021-139 / GHSA-g6rj-rv7j-xwp4","Warn: Project is vulnerable to: PYSEC-2015-16 / GHSA-h5rf-vgqx-wjv2","Warn: Project is vulnerable to: PYSEC-2016-5 / GHSA-hggx-3h72-49ww","Warn: Project is vulnerable to: PYSEC-2020-84 / GHSA-hj69-c76v-86wr","Warn: Project is vulnerable to: PYSEC-2016-7 / GHSA-hvr8-466p-75rh","Warn: Project is vulnerable to: PYSEC-2015-15 / GHSA-j6f7-g425-4gmx","Warn: Project is vulnerable to: GHSA-j7hp-h8jx-5ppr","Warn: Project is vulnerable to: PYSEC-2019-110 / GHSA-j7mj-748x-7p78","Warn: Project is vulnerable to: GHSA-jgpv-4h4c-xhw3","Warn: Project is vulnerable to: PYSEC-2022-42979 / GHSA-m2vv-5vj5-2hm7","Warn: Project is vulnerable to: PYSEC-2021-37 / GHSA-mvg9-xffr-p774","Warn: Project is vulnerable to: PYSEC-2020-83 / GHSA-p49h-hjvm-jg3h","Warn: Project is vulnerable to: PYSEC-2022-8 / GHSA-pw3c-h7wp-cvhx","Warn: Project is vulnerable to: PYSEC-2021-93 / GHSA-q5hq-fp76-qmrc","Warn: Project is vulnerable to: PYSEC-2020-82 / GHSA-r7rm-8j6h-r933","Warn: Project is vulnerable to: PYSEC-2014-23 / GHSA-r854-96gq-rfg3","Warn: Project is vulnerable to: PYSEC-2016-8 / GHSA-rwr3-c2q8-gm56","Warn: Project is vulnerable to: PYSEC-2020-81 / GHSA-vcqg-3p29-xw73","Warn: Project is vulnerable to: PYSEC-2020-79 / GHSA-vj42-xq3r-hr3r","Warn: Project is vulnerable to: PYSEC-2021-70 / GHSA-vqcj-wrf2-7v73","Warn: Project is vulnerable to: PYSEC-2016-9 / GHSA-w4vg-rf63-f3j3","Warn: Project is vulnerable to: PYSEC-2014-22 / GHSA-x895-2wrm-hvp7","Warn: Project is vulnerable to: PYSEC-2022-9 / GHSA-xrcv-f9gm-v42c","Warn: Project is vulnerable to: PYSEC-2021-137","Warn: Project is vulnerable to: PYSEC-2021-138","Warn: Project is vulnerable to: PYSEC-2021-317","Warn: Project is vulnerable to: PYSEC-2021-38","Warn: Project is vulnerable to: PYSEC-2021-39","Warn: Project is vulnerable to: PYSEC-2021-94","Warn: Project is vulnerable to: PYSEC-2023-175","Warn: Project is vulnerable to: PYSEC-2022-48 / GHSA-77rm-9x9h-xj3g","Warn: Project is vulnerable to: PYSEC-2017-65 / GHSA-jwvw-v7c5-m82h","Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg","Warn: Project is vulnerable to: PYSEC-2023-299 / GHSA-282v-666c-3fvg","Warn: Project is vulnerable to: GHSA-37mw-44qp-f5jm","Warn: Project is vulnerable to: GHSA-37q5-v5qm-c9v8","Warn: Project is vulnerable to: PYSEC-2023-300 / GHSA-3863-2447-669p","Warn: Project is vulnerable to: GHSA-6rvg-6v2m-4j46","Warn: Project is vulnerable to: GHSA-fpwr-67px-3qhx","Warn: Project is vulnerable to: PYSEC-2024-229 / GHSA-hxxf-235m-72v3","Warn: Project is vulnerable to: GHSA-jjph-296x-mrcr","Warn: Project is vulnerable to: GHSA-phhr-52qp-3mj4","Warn: Project is vulnerable to: GHSA-q2wp-rjmx-x6x9","Warn: Project is vulnerable to: PYSEC-2025-40 / GHSA-qq3j-4f4f-9583","Warn: Project is vulnerable to: PYSEC-2024-227 / GHSA-qxrp-vhvm-j765","Warn: Project is vulnerable to: PYSEC-2023-301 / GHSA-v68g-wm8c-6x7j","Warn: Project is vulnerable to: PYSEC-2024-228 / GHSA-wrfc-pvp9-mr9g","Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/agent-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/agent-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/agent-docker-publish.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/agent-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/agent-docker-publish.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/agent-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/agent-docker-publish.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/agent-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/artexplainer-docker-publish.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/artexplainer-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/automated-release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/automated-release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/automated-release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/automated-release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/automated-release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/automated-release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/comment-cherry-pick.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/comment-cherry-pick.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/comment-cherry-pick.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/comment-cherry-pick.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/custom-model-grpc-publish.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/custom-model-grpc-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:351: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:357: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:362: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:376: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:383: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:389: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:395: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:431: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:434: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:456: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:463: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:469: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:239: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:295: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:314: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:510: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:515: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:532: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:538: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:544: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:550: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:556: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:596: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:602: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:606: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:625: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:662: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:665: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:670: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:717: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:723: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:728: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:746: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:752: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:758: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:764: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:975: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:981: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:985: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:999: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:256: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:269: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:277: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:832: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:838: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:843: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:859: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:866: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:872: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:1034: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:1040: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:1045: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:1069: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:1092: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:916: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:922: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:926: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-test.yml:940: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/e2e-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/helm-publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/helm-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/helm-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/helm-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/helm-publish.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/helm-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-cpu-docker-publish.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-cpu-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-docker-publish.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/huggingface-vllm-docker-publish-manual.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-vllm-docker-publish-manual.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-vllm-docker-publish-manual.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-vllm-docker-publish-manual.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-vllm-docker-publish-manual.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-vllm-docker-publish-manual.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/huggingface-vllm-docker-publish-manual.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/huggingface-vllm-docker-publish-manual.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kserve-controller-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-controller-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kserve-controller-docker-publish.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-controller-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-controller-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-controller-docker-publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-controller-docker-publish.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-controller-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-agent-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-agent-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-agent-docker-publish.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-agent-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-agent-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-agent-docker-publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-agent-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-agent-docker-publish.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-agent-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-controller-docker-publish.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-controller-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-controller-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-controller-docker-publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-controller-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-controller-docker-publish.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-controller-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kserve-localmodel-controller-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/kserve-localmodel-controller-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lightgbm-docker-publish.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/lightgbm-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/paddle-docker-publish.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/paddle-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pmml-docker-publish.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/pmml-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/precommit-check.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/precommit-check.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/precommit-check.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/precommit-check.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/precommit-check.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/precommit-check.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prow-github.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/prow-github.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prow-pr-automerge.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/prow-pr-automerge.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/prow-pr-remove-lgtm.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/prow-pr-remove-lgtm.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-publish.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:208: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/python-test.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/python-test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qpext-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/qpext-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/qpext-docker-publish.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/qpext-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/qpext-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/qpext-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/qpext-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/qpext-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/qpext-docker-publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/qpext-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/qpext-docker-publish.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/qpext-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/re-run-actions.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/re-run-actions.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/router-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/router-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/router-docker-publish.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/router-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/router-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/router-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/router-docker-publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/router-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/router-docker-publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/router-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/router-docker-publish.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/router-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-go-security-scan.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-go-security-scan.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scheduled-go-security-scan.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-go-security-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-go-security-scan.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-go-security-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scheduled-image-scan.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/scheduled-image-scan.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sklearnserver-docker-publish.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/sklearnserver-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/storage-initializer-docker-publisher.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/storage-initializer-docker-publisher.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tf2openapi-docker-publisher.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/tf2openapi-docker-publisher.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tf2openapi-docker-publisher.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/tf2openapi-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tf2openapi-docker-publisher.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/tf2openapi-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tf2openapi-docker-publisher.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/tf2openapi-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tf2openapi-docker-publisher.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/tf2openapi-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tf2openapi-docker-publisher.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/tf2openapi-docker-publisher.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/transformer-docker-publish.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/transformer-docker-publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/xgbserver-docker-publisher.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/kserve/kserve/xgbserver-docker-publisher.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:2","Warn: containerImage not pinned by hash: Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: agent.Dockerfile:2","Warn: containerImage not pinned by hash: agent.Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: docs/apis/Dockerfile:1: pin your Docker image by updating golang:1.24 to golang:1.24@sha256:e155b5162f701b7ab2e6e7ea51cec1e5f6deffb9ab1b295cf7a697e81069b050","Warn: containerImage not pinned by hash: docs/kfp/Dockerfile:1: pin your Docker image by updating python:3.9-slim-bullseye to python:3.9-slim-bullseye@sha256:b9e06687fbfc57f6fe563e94e4c8751e39513dde89afc120dc6f56afe5ffc761","Warn: containerImage not pinned by hash: docs/samples/explanation/aif/germancredit/server/Dockerfile:3: pin your Docker image by updating python:3.10-slim to python:3.10-slim@sha256:420fbb0e468d3eaf0f7e93ea6f7a48792cbcadc39d43ac95b96bee2afe4367da","Warn: containerImage not pinned by hash: docs/samples/explanation/aix/mnist/rfserver/rf.Dockerfile:1: pin your Docker image by updating python:3.7 to python:3.7@sha256:eedf63967cdb57d8214db38ce21f105003ed4e4d0358f02bedc057341bcf92a0","Warn: containerImage not pinned by hash: docs/samples/graph/bgtest/Dockerfile:1","Warn: containerImage not pinned by hash: docs/samples/kafka/transformer.Dockerfile:1: pin your Docker image by updating python:3.9-slim to python:3.9-slim@sha256:914169c7c8398b1b90c0b0ff921c8027445e39d7c25dc440337e56ce0f2566e6","Warn: containerImage not pinned by hash: docs/samples/v1beta1/custom/paddleserving/Dockerfile:1: pin your Docker image by updating registry.baidubce.com/paddlepaddle/serving:0.5.0-devel to registry.baidubce.com/paddlepaddle/serving:0.5.0-devel@sha256:177b13ee46dc9fb7672ff071ae13abbf05886cc7fa1af1e6d3ef64e17f2937dc","Warn: containerImage not pinned by hash: docs/samples/v1beta1/custom/torchserve/torchserve-image/Dockerfile:21","Warn: containerImage not pinned by hash: docs/samples/v1beta1/custom/torchserve/torchserve-image/Dockerfile:55","Warn: containerImage not pinned by hash: docs/samples/v1beta1/torchserve/model-archiver/model-archiver-image/Dockerfile:1: pin your Docker image by updating ubuntu:18.04 to ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98","Warn: containerImage not pinned by hash: docs/samples/v1beta1/transformer/feast/driver_transformer.Dockerfile:1: pin your Docker image by updating python:3.9-slim to python:3.9-slim@sha256:914169c7c8398b1b90c0b0ff921c8027445e39d7c25dc440337e56ce0f2566e6","Warn: containerImage not pinned by hash: docs/samples/v1beta1/transformer/feast/feast_server.Dockerfile:1: pin your Docker image by updating python:3.9-slim to python:3.9-slim@sha256:914169c7c8398b1b90c0b0ff921c8027445e39d7c25dc440337e56ce0f2566e6","Warn: containerImage not pinned by hash: docs/samples/v1beta1/transformer/feast/feature_store_initializer.Dockerfile:1: pin your Docker image by updating python:3.9-slim to python:3.9-slim@sha256:914169c7c8398b1b90c0b0ff921c8027445e39d7c25dc440337e56ce0f2566e6","Warn: containerImage not pinned by hash: docs/samples/v1beta1/triton/fastertransformer/transformer/Dockerfile:1: pin your Docker image by updating python:3.9-slim-bullseye to python:3.9-slim-bullseye@sha256:b9e06687fbfc57f6fe563e94e4c8751e39513dde89afc120dc6f56afe5ffc761","Warn: containerImage not pinned by hash: hack/kserve_migration/Dockerfile:1: pin your Docker image by updating alpine:latest to alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: llmisvc-controller.Dockerfile:2","Warn: containerImage not pinned by hash: llmisvc-controller.Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: localmodel-agent.Dockerfile:2","Warn: containerImage not pinned by hash: localmodel-agent.Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: localmodel.Dockerfile:2","Warn: containerImage not pinned by hash: localmodel.Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: python/aiffairness.Dockerfile:5","Warn: containerImage not pinned by hash: python/aiffairness.Dockerfile:45","Warn: containerImage not pinned by hash: python/artexplainer.Dockerfile:5","Warn: containerImage not pinned by hash: python/artexplainer.Dockerfile:44","Warn: containerImage not pinned by hash: python/custom_model.Dockerfile:5","Warn: containerImage not pinned by hash: python/custom_model.Dockerfile:48","Warn: containerImage not pinned by hash: python/custom_model_grpc.Dockerfile:5","Warn: containerImage not pinned by hash: python/custom_model_grpc.Dockerfile:48","Warn: containerImage not pinned by hash: python/custom_tokenizer.Dockerfile:5","Warn: containerImage not pinned by hash: python/custom_tokenizer.Dockerfile:49","Warn: containerImage not pinned by hash: python/custom_transformer.Dockerfile:5","Warn: containerImage not pinned by hash: python/custom_transformer.Dockerfile:48","Warn: containerImage not pinned by hash: python/custom_transformer_grpc.Dockerfile:5","Warn: containerImage not pinned by hash: python/custom_transformer_grpc.Dockerfile:48","Warn: containerImage not pinned by hash: python/error_404_isvc.Dockerfile:5","Warn: containerImage not pinned by hash: python/error_404_isvc.Dockerfile:40","Warn: containerImage not pinned by hash: python/huggingface_server.Dockerfile:8","Warn: containerImage not pinned by hash: python/huggingface_server.Dockerfile:52","Warn: containerImage not pinned by hash: python/huggingface_server.Dockerfile:115","Warn: containerImage not pinned by hash: python/huggingface_server_cpu.Dockerfile:4","Warn: containerImage not pinned by hash: python/huggingface_server_cpu.Dockerfile:32","Warn: containerImage not pinned by hash: python/huggingface_server_cpu.Dockerfile:122","Warn: containerImage not pinned by hash: python/lgb.Dockerfile:5","Warn: containerImage not pinned by hash: python/lgb.Dockerfile:43","Warn: containerImage not pinned by hash: python/paddle.Dockerfile:7","Warn: containerImage not pinned by hash: python/paddle.Dockerfile:45","Warn: containerImage not pinned by hash: python/pmml.Dockerfile:6","Warn: containerImage not pinned by hash: python/pmml.Dockerfile:53","Warn: containerImage not pinned by hash: python/sklearn.Dockerfile:5","Warn: containerImage not pinned by hash: python/sklearn.Dockerfile:44","Warn: containerImage not pinned by hash: python/storage-initializer.Dockerfile:5","Warn: containerImage not pinned by hash: python/storage-initializer.Dockerfile:48","Warn: containerImage not pinned by hash: python/success_200_isvc.Dockerfile:5","Warn: containerImage not pinned by hash: python/success_200_isvc.Dockerfile:40","Warn: containerImage not pinned by hash: python/xgb.Dockerfile:5","Warn: containerImage not pinned by hash: python/xgb.Dockerfile:41","Warn: containerImage not pinned by hash: qpext/qpext.Dockerfile:2","Warn: containerImage not pinned by hash: qpext/qpext.Dockerfile:24: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: router.Dockerfile:2","Warn: containerImage not pinned by hash: router.Dockerfile:25: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: containerImage not pinned by hash: tools/tf2openapi/Dockerfile:2","Warn: containerImage not pinned by hash: tools/tf2openapi/Dockerfile:22: pin your Docker image by updating gcr.io/distroless/static:nonroot to gcr.io/distroless/static:nonroot@sha256:cdf4daaf154e3e27cfffc799c16f343a384228f38646928a1513d925f473cb46","Warn: goCommand not pinned by hash: Dockerfile:19","Warn: goCommand not pinned by hash: agent.Dockerfile:19","Warn: pipCommand not pinned by hash: docs/kfp/Dockerfile:5-7","Warn: pipCommand not pinned by hash: docs/samples/explanation/aif/germancredit/server/Dockerfile:10","Warn: pipCommand not pinned by hash: docs/samples/explanation/aix/mnist/rfserver/rf.Dockerfile:4","Warn: pipCommand not pinned by hash: docs/samples/explanation/aix/mnist/rfserver/rf.Dockerfile:4","Warn: pipCommand not pinned by hash: docs/samples/explanation/aix/mnist/rfserver/rf.Dockerfile:5","Warn: pipCommand not pinned by hash: docs/samples/kafka/transformer.Dockerfile:4","Warn: pipCommand not pinned by hash: docs/samples/kafka/transformer.Dockerfile:4","Warn: pipCommand not pinned by hash: docs/samples/kafka/transformer.Dockerfile:6","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/custom/paddleserving/Dockerfile:5","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/custom/torchserve/torchserve-image/Dockerfile:50","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/custom/torchserve/torchserve-image/Dockerfile:52","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/torchserve/model-archiver/model-archiver-image/Dockerfile:24","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/transformer/feast/driver_transformer.Dockerfile:5","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/transformer/feast/driver_transformer.Dockerfile:6","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/transformer/feast/feast_server.Dockerfile:2","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/transformer/feast/feast_server.Dockerfile:2","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/transformer/feast/feature_store_initializer.Dockerfile:2","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/transformer/feast/feature_store_initializer.Dockerfile:2","Warn: pipCommand not pinned by hash: docs/samples/v1beta1/triton/fastertransformer/transformer/Dockerfile:4","Warn: goCommand not pinned by hash: llmisvc-controller.Dockerfile:19","Warn: goCommand not pinned by hash: localmodel-agent.Dockerfile:19","Warn: goCommand not pinned by hash: localmodel.Dockerfile:19","Warn: downloadThenRun not pinned by hash: python/aiffairness.Dockerfile:12-13","Warn: pipCommand not pinned by hash: python/aiffairness.Dockerfile:40","Warn: downloadThenRun not pinned by hash: python/artexplainer.Dockerfile:12-13","Warn: pipCommand not pinned by hash: python/artexplainer.Dockerfile:39","Warn: downloadThenRun not pinned by hash: python/custom_model.Dockerfile:17-18","Warn: pipCommand not pinned by hash: python/custom_model.Dockerfile:44","Warn: downloadThenRun not pinned by hash: python/custom_model_grpc.Dockerfile:17-18","Warn: pipCommand not pinned by hash: python/custom_model_grpc.Dockerfile:44","Warn: downloadThenRun not pinned by hash: python/custom_tokenizer.Dockerfile:17-18","Warn: pipCommand not pinned by hash: python/custom_tokenizer.Dockerfile:44","Warn: downloadThenRun not pinned by hash: python/custom_transformer.Dockerfile:17-18","Warn: pipCommand not pinned by hash: python/custom_transformer.Dockerfile:44","Warn: downloadThenRun not pinned by hash: python/custom_transformer_grpc.Dockerfile:17-18","Warn: pipCommand not pinned by hash: python/custom_transformer_grpc.Dockerfile:44","Warn: downloadThenRun not pinned by hash: python/error_404_isvc.Dockerfile:11-12","Warn: pipCommand not pinned by hash: python/error_404_isvc.Dockerfile:37","Warn: downloadThenRun not pinned by hash: python/huggingface_server.Dockerfile:28-29","Warn: pipCommand not pinned by hash: python/huggingface_server.Dockerfile:84","Warn: pipCommand not pinned by hash: python/huggingface_server.Dockerfile:87","Warn: pipCommand not pinned by hash: python/huggingface_server.Dockerfile:94-105","Warn: pipCommand not pinned by hash: python/huggingface_server.Dockerfile:94-105","Warn: downloadThenRun not pinned by hash: python/huggingface_server_cpu.Dockerfile:35-36","Warn: pipCommand not pinned by hash: python/huggingface_server_cpu.Dockerfile:77-79","Warn: pipCommand not pinned by hash: python/huggingface_server_cpu.Dockerfile:118","Warn: downloadThenRun not pinned by hash: python/lgb.Dockerfile:12-13","Warn: pipCommand not pinned by hash: python/lgb.Dockerfile:39","Warn: downloadThenRun not pinned by hash: python/paddle.Dockerfile:14-15","Warn: pipCommand not pinned by hash: python/paddle.Dockerfile:41","Warn: downloadThenRun not pinned by hash: python/pmml.Dockerfile:22-23","Warn: downloadThenRun not pinned by hash: python/sklearn.Dockerfile:12-13","Warn: pipCommand not pinned by hash: python/sklearn.Dockerfile:39","Warn: downloadThenRun not pinned by hash: python/storage-initializer.Dockerfile:11-12","Warn: pipCommand not pinned by hash: python/storage-initializer.Dockerfile:45","Warn: downloadThenRun not pinned by hash: python/success_200_isvc.Dockerfile:11-12","Warn: pipCommand not pinned by hash: python/success_200_isvc.Dockerfile:37","Warn: downloadThenRun not pinned by hash: python/xgb.Dockerfile:12-13","Warn: pipCommand not pinned by hash: python/xgb.Dockerfile:37","Warn: goCommand not pinned by hash: qpext/qpext.Dockerfile:19","Warn: goCommand not pinned by hash: router.Dockerfile:19","Warn: goCommand not pinned by hash: tools/tf2openapi/Dockerfile:16","Warn: pipCommand not pinned by hash: python/huggingfaceserver/tests/setup_vllm.sh:25","Warn: pipCommand not pinned by hash: python/huggingfaceserver/tests/setup_vllm.sh:30","Warn: pipCommand not pinned by hash: python/huggingfaceserver/tests/setup_vllm.sh:34","Warn: pipCommand not pinned by hash: test/scripts/aws/post-e2e-tests.sh:28","Warn: pipCommand not pinned by hash: test/scripts/aws/run-e2e-tests.sh:36","Warn: downloadThenRun not pinned by hash: test/scripts/aws/run-e2e-tests.sh:42","Warn: downloadThenRun not pinned by hash: test/scripts/aws/run-e2e-tests.sh:48","Warn: pipCommand not pinned by hash: test/scripts/aws/run-e2e-tests.sh:132","Warn: pipCommand not pinned by hash: test/scripts/aws/run-e2e-tests.sh:134","Warn: downloadThenRun not pinned by hash: test/scripts/gh-actions/setup-deps.sh:50","Warn: pipCommand not pinned by hash: test/scripts/gh-actions/setup-kserve-helm.sh:37","Warn: pipCommand not pinned by hash: test/scripts/gh-actions/setup-uv.sh:24","Warn: pipCommand not pinned by hash: .github/workflows/python-test.yml:36","Warn: pipCommand not pinned by hash: .github/workflows/python-test.yml:263","Warn: pipCommand not pinned by hash: .github/workflows/python-test.yml:265","Info:   0 out of 154 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of 126 third-party GitHubAction dependencies pinned","Info:   0 out of  67 containerImage dependencies pinned","Info:   1 out of   9 goCommand dependencies pinned","Info:   0 out of  51 pipCommand dependencies pinned","Info:   0 out of  20 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}}]},"last_synced_at":"2025-08-20T16:24:49.201Z","repository_id":37009327,"created_at":"2025-08-20T16:24:49.201Z","updated_at":"2025-08-20T16:24:49.201Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35489696,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-15T02:00:06.706Z","response_time":131,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["artificial-intelligence","cncf","genai","hacktoberfest","istio","k8s","knative","kserve","kubeflow","kubernetes","llm-inference","machine-learning","mlops","model-interpretability","model-serving","pytorch","service-mesh","tensorflow","vllm","xgboost"],"created_at":"2024-07-31T06:00:32.586Z","updated_at":"2026-07-15T04:01:07.965Z","avatar_url":"https://github.com/kserve.png","language":"Go","funding_links":[],"categories":["Model Serving \u0026 Inference","Jsonnet","Python","🎯 Tool Categories","Large Scale Deployment","ML Platforms","Ecosystem Projects","Uncategorized","其他_机器学习与深度学习","Go","Deployment and Serving","Model Deployment","artificial-intelligence","AI \u0026 Machine Learning Platforms","🔧 More by capability (cross-cutting)","🚀 MLOps","GPU and AI Compute","8. MLOps / LLMOps \u0026 Production","AI Serving and Inference Operations","Inference","Production Tools","*Ops for AI","Model Serving"],"sub_categories":["Model Serving Frameworks","🏆 Top Serving Platforms","ML Platforms","Uncategorized","☸️ Kubernetes-native \u0026 inference infra","Tools","Ray vs. Dask vs. Spark vs. Flink","Inference Platform","Model Serving \u0026 Inference"],"readme":"# KServe\n[![go.dev reference](https://img.shields.io/badge/go.dev-reference-007d9c?logo=go\u0026logoColor=white)](https://pkg.go.dev/github.com/kserve/kserve)\n[![Go Report Card](https://goreportcard.com/badge/github.com/kserve/kserve)](https://goreportcard.com/report/github.com/kserve/kserve)\n[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6643/badge)](https://bestpractices.coreinfrastructure.org/projects/6643)\n[![Releases](https://img.shields.io/github/release-pre/kserve/kserve.svg?sort=semver)](https://github.com/kserve/kserve/releases)\n[![LICENSE](https://img.shields.io/github/license/kserve/kserve.svg)](https://github.com/kserve/kserve/blob/master/LICENSE)\n[![Slack Status](https://img.shields.io/badge/slack-join_chat-white.svg?logo=slack\u0026style=social)](https://github.com/kserve/community/blob/main/README.md#questions-and-issues)\n[![Gurubase](https://img.shields.io/badge/Gurubase-Ask%20KServe%20Guru-006BFF)](https://gurubase.io/g/kserve)\n\nKServe is a standardized distributed generative and predictive AI inference platform for scalable, multi-framework deployment on Kubernetes.\n\nKServe is being [used by many organizations](https://kserve.github.io/website/docs/community/adopters) and is a [Cloud Native Computing Foundation (CNCF)](https://www.cncf.io/) incubating project.\n\nFor more details, visit the [KServe website](https://kserve.github.io/website/).\n\n![KServe](/docs/diagrams/kserve_new.png)\n\n### Why KServe?\n\nSingle platform that unifies Generative and Predictive AI inference on Kubernetes. Simple enough for quick deployments, yet powerful enough to handle enterprise-scale AI workloads with advanced features.\n\n### Features\n\n**Generative AI**\n  * 🧮 **Optimized Backends**: Support for vLLM and llm-d for optimized performance for serving LLMs\n  * 📌 **Standardization**: OpenAI-compatible inference protocol for seamless integration with LLMs\n  * 🚅 **GPU Acceleration**: High-performance serving with GPU support and optimized memory management for large models\n  * 💾 **Model Caching**: Intelligent model caching to reduce loading times and improve response latency for frequently used models\n  * 🗂️ **KV Cache Offloading**: Advanced memory management with KV cache offloading to CPU/disk for handling longer sequences efficiently\n  * 📈 **Autoscaling**: Request-based autoscaling capabilities optimized for generative workload patterns\n  * 🔧 **Hugging Face Ready**: Native support for Hugging Face models with streamlined deployment workflows\n\n**Predictive AI**\n  * 🧮 **Multi-Framework**: Support for TensorFlow, PyTorch, scikit-learn, XGBoost, ONNX, and more\n  * 🔀 **Intelligent Routing**: Seamless request routing between predictor, transformer, and explainer components with automatic traffic management\n  * 🔄 **Advanced Deployments**: Canary rollouts, inference pipelines, and ensembles with InferenceGraph\n  * ⚡ **Autoscaling**: Request-based autoscaling with scale-to-zero for predictive workloads\n  * 🔍 **Model Explainability**: Built-in support for model explanations and feature attribution to understand prediction reasoning\n  * 📊 **Advanced Monitoring**: Enables payload logging, outlier detection, adversarial detection, and drift detection\n  * 💰 **Cost Efficient**: Scale-to-zero on expensive resources when not in use, reducing infrastructure costs\n\n### Learn More\nTo learn more about KServe, how to use various supported features, and how to participate in the KServe community, \nplease follow the [KServe website documentation](https://kserve.github.io/website). \nAdditionally, we have compiled a list of [presentations and demos](https://kserve.github.io/website/docs/community/presentations) to dive through various details.\n\n### :hammer_and_wrench: Installation\n\n#### Standalone Installation\n- **[Standard Kubernetes Installation](https://kserve.github.io/website/docs/admin-guide/overview#raw-kubernetes-deployment)**: Compared to Serverless Installation, this is a more **lightweight** installation. However, this option does not support canary deployment and request based autoscaling with scale-to-zero.\n- **[Knative Installation](https://kserve.github.io/website/docs/admin-guide/overview#serverless-deployment)**: KServe by default installs Knative for **serverless deployment** for InferenceService.\n- **[ModelMesh Installation](https://kserve.github.io/website/docs/admin-guide/overview#modelmesh-deployment)**: You can optionally install ModelMesh to enable **high-scale**, **high-density** and **frequently-changing model serving** use cases. \n- **[Quick Installation](https://kserve.github.io/website/docs/getting-started/quickstart-guide)**: Install KServe on your local machine.\n\n#### Kubeflow Installation\nKServe is an important addon component of Kubeflow, please learn more from the [Kubeflow KServe documentation](https://www.kubeflow.org/docs/external-add-ons/kserve/kserve). Check out the following guides for running [on AWS](https://awslabs.github.io/kubeflow-manifests/main/docs/component-guides/kserve) or [on OpenShift Container Platform](https://github.com/kserve/kserve/blob/master/docs/OPENSHIFT_GUIDE.md).\n\n### :flight_departure: [Create your first InferenceService](https://kserve.github.io/website/docs/getting-started/genai-first-isvc)\n\n### :bulb: [Roadmap](./ROADMAP.md)\n\n### :blue_book: [InferenceService API Reference](https://kserve.github.io/website/docs/reference/crd-api)\n\n### :toolbox: [Developer Guide](https://kserve.github.io/website/docs/developer-guide)\n\n### :writing_hand: [Contributor Guide](https://kserve.github.io/website/docs/developer-guide/contribution)\n\n### :handshake: [Adopters](https://kserve.github.io/website/docs/community/adopters)\n\n### Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=kserve/kserve\u0026type=Date)](https://www.star-history.com/#kserve/kserve\u0026Date)\n\n### Contributors\n\nThanks to all of our amazing contributors!\n\n\u003ca href=\"https://github.com/kserve/kserve/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=kserve/kserve\" /\u003e\n\u003c/a\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkserve%2Fkserve","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkserve%2Fkserve","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkserve%2Fkserve/lists"}