ci: use a fixed security scan category to avoid upload issues (#116)

Author: Djaytan

.github/workflows/ci.yml

@@ -101,6 +101,13 @@ jobs:
         uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
         with:
           sarif_file: results.sarif
-          # This is required to avoid scan results to be overridden by other types of workflows (e.g., maintenance release)
-          # See https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#uploading-more-than-one-sarif-file-for-a-commit
-          category: ${{ github.workflow }}
+          # Use a fixed category to ensure consistent configuration across all SARIF uploads.
+          #
+          # This prevents the GitHub warning: "Code scanning cannot determine the alerts introduced by this pull request,
+          # because 1 configuration present on refs/heads/main was not found".
+          # The warning occurs when different workflows use different categories for SARIF files on the same branch.
+          #
+          # Using a single, consistent category (e.g., 'trivy') ensures all uploads are correctly associated.
+          #
+          # Additional details: https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#uploading-more-than-one-sarif-file-for-a-commit
+          category: trivy