Default workflow file uses deprecated sarif action

[walbourn]

When using this action via the Marketplace, it includes:

      # Upload SARIF file to GitHub Code Scanning Alerts
      - name: Upload SARIF to GitHub
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: ${{ steps.run-analysis.outputs.sarif }}

This needs to be upgraded to github/codeql-action/upload-sarif@v3.

https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/