v2

Make the Jenkins Security Scan work for pull requests from forks by using the github/codeql-action/upload-sarif action instead of the GitHub API (#3, #5).

Since the scan results are now attached to a different "tool", this is not just an update of v1, but a new version. v1 is now a branch for backwards compatibility with early adopters. Please update to v2.

This tag will occasionally be updated with changes but we intend to keep the API for the workflow stable for this tag, so you can safely specify jenkins-infra/jenkins-security-scan/.github/workflows/jenkins-security-scan.yaml@v2 as the workflow to run.