Question 058

### When using GitHub Actions as your CI system and a third party tool to run code scanning, how can you upload the SARIF results to GitHub? > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions 1. [x] By using the `github/codeql-action/upload-sarif` GitHub Action 1. [ ] When using GitHub Actions the SARIF results are automatically uploaded to GitHub. 1. [ ] You can only use CodeQL when running code scanning in GitHub Actions. Third party code scanning tools are not supported. 1. [ ] By using the `actions/upload-artifact` GitHub Action