fix: add output-filefor sarif

lotharking · lotharking · commit f1ab44411c15 · 2025-06-24T01:38:26.000-05:00
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -8,6 +8,10 @@ on:
       - 'core/**'
       - '.github/workflows/**'
 
+concurrency:
+  group: security-scan-${{ github.ref }}
+  cancel-in-progress: true
+
 env:
   OPENJPEG_VERSION: 2.5
 
diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
@@ -8,6 +8,10 @@ on:
     branches: [main]
   workflow_dispatch:
 
+concurrency:
+  group: security-scan-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   validate:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
@@ -49,10 +49,11 @@ jobs:
         with:
           path: "./lib"
           output-format: sarif
+          output-file: grype-report.sarif
           fail-build: true
           severity-cutoff: critical
       - name: Upload SARIF report
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: ${{ steps.grype.outputs.sarif }}
 
