github
diff --git a/‎.github/workflows/__quality-queries.yml
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/__quality-queries.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎lib/analyze-action.js
Lines changed: 1 addition & 1 deletion b/‎lib/analyze-action.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/analyze-action.js.map
Lines changed: 1 addition & 1 deletion b/‎lib/analyze-action.js.map
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/analyze.js
Lines changed: 3 additions & 2 deletions b/‎lib/analyze.js
Lines changed: 3 additions & 2 deletions
diff --git a/‎lib/analyze.js.map
Lines changed: 1 addition & 1 deletion b/‎lib/analyze.js.map
Lines changed: 1 addition & 1 deletion
diff --git a/‎pr-checks/checks/quality-queries.yml
Lines changed: 3 additions & 3 deletions b/‎pr-checks/checks/quality-queries.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/analyze-action.ts
Lines changed: 1 addition & 1 deletion b/‎src/analyze-action.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/analyze.ts
Lines changed: 4 additions & 2 deletions b/‎src/analyze.ts
Lines changed: 4 additions & 2 deletions
@@ -15,18 +15,18 @@ steps:
     uses: actions/upload-artifact@v4
     with:
       name: config-export-${{ matrix.os }}-${{ matrix.version }}.sarif.json
-      path: "${{ runner.temp }}/results/javascript.sarif"
+      path: "${{ runner.temp }}/results/security/javascript.sarif"
       retention-days: 7
   - name: Upload quality SARIF
     uses: actions/upload-artifact@v4
     with:
       name: config-export-${{ matrix.os }}-${{ matrix.version }}.quality.sarif.json
-      path: "${{ runner.temp }}/results/javascript.quality.sarif"
+      path: "${{ runner.temp }}/results/quality/javascript.sarif"
       retention-days: 7
   - name: Check config properties appear in SARIF
     uses: actions/github-script@v7
     env:
-      SARIF_PATH: "${{ runner.temp }}/results/javascript.quality.sarif"
+      SARIF_PATH: "${{ runner.temp }}/results/quality/javascript.sarif"
     with:
       script: |
         const fs = require('fs');
 
@@ -322,7 +322,7 @@ async function run() {
     const uploadInput = actionsUtil.getOptionalInput("upload");
     if (runStats && actionsUtil.getUploadValue(uploadInput) === "always") {
       uploadResult = await uploadLib.uploadFiles(
-        outputDir,
+        path.join(outputDir, `security`),
         actionsUtil.getRequiredInput("checkout_path"),
         actionsUtil.getOptionalInput("category"),
         features,
 
@@ -602,7 +602,7 @@ export async function runQueries(
 
   for (const language of config.languages) {
     try {
-      const sarifFile = path.join(sarifFolder, `${language}.sarif`);
+      const sarifFile = path.join(sarifFolder, `security`, `${language}.sarif`);
 
       // The work needed to generate the query suites
       // is done in the CLI. We just need to make a single
@@ -630,7 +630,8 @@ export async function runQueries(
         logger.info(`Interpreting quality results for ${language}`);
         const qualitySarifFile = path.join(
           sarifFolder,
-          `${language}.quality.sarif`,
+          `quality`,
+          `${language}.sarif`,
         );
         const qualityAnalysisSummary = await runInterpretResults(
           language,
@@ -651,6 +652,7 @@ export async function runQueries(
       logger.info(analysisSummary);
 
       if (await features.getValue(Feature.QaTelemetryEnabled)) {
+        // NOTE: This is OK, since this SARIF file contains all alerts
         const perQueryAlertCounts = getPerQueryAlertCounts(sarifFile);
 
         const perQueryAlertCountEventReport: EventReport = {