b88eb6ee15
- Changed security-events permission from write to read - Disabled automatic SARIF upload in CodeQL analysis - Removed Trivy SARIF upload step that was causing permission errors - Added artifact uploads for all security scan results (CodeQL, Trivy secrets, SBOM) - Reports are now available for download as workflow artifacts for local review