✅ Replaced Code Scanning Upload:
- Removed github/codeql-action/upload-sarif (requires Code Scanning)
- Added actions/upload-artifact for Trivy results
- SARIF report saved as artifact (30 days retention)
- No more 'Code scanning not enabled' errors
🎯 Benefits:
- Trivy results still available as downloadable artifact
- No dependency on GitHub Advanced Security
- Clean CI/CD pipeline without errors
- Security reports accessible via Actions tab
10f76bd991