From fce4f689dd50ca3ef8ec68683ee6f6a138bad24a Mon Sep 17 00:00:00 2001
From: David Waltermire <david.waltermire@nist.gov>
Date: Tue, 26 Sep 2023 15:03:49 -0400
Subject: [PATCH] Adjusted sarif upload to use the analysis action instead.

---
 .github/workflows/build.yml | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 2404967a3..f8bd0616a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -79,11 +79,8 @@ jobs:
     - name: Perform CodeQL Analysis
       if: github.event_name == 'push'
       uses: github/codeql-action/analyze@6a28655e3dcb49cb0840ea372fd6d17733edd8a4
-    - name: Upload CodeQL SARIF file
-      uses: github/codeql-action/upload-sarif@a09933a12a80f87b87005513f0abb1494c27a716
-      if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop'
       with:
-        token: ${{ secrets.COMMIT_TOKEN }}
+        upload: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop' && 'always' || 'never' }}
     - name: Test Website
       run: |
         # this needs to be run as a second build to ensure source is fully generated by the previous step