From 0b7fc5664842c1a6bb23c4ef64b85438afcb76c5 Mon Sep 17 00:00:00 2001
From: "Michael B. Gale" <mbg@github.com>
Date: Fri, 26 Sep 2025 17:47:38 +0100
Subject: [PATCH 1/2] Fix `upload-sarif` not uploading non-`.sarif` files

---
 lib/upload-sarif-action.js | 2 +-
 src/upload-sarif-action.ts | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/upload-sarif-action.js b/lib/upload-sarif-action.js
index 341b173e0d..59c660b275 100644
--- a/lib/upload-sarif-action.js
+++ b/lib/upload-sarif-action.js
@@ -93424,7 +93424,7 @@ async function findAndUpload(logger, features, sarifPath, pathStats, checkoutPat
       sarifPath,
       analysis.sarifPredicate
     );
-  } else if (pathStats.isFile() && analysis.sarifPredicate(sarifPath)) {
+  } else if (pathStats.isFile() && (analysis.sarifPredicate(sarifPath) || analysis.kind === "code-scanning" /* CodeScanning */ && !CodeQuality.sarifPredicate(sarifPath))) {
     sarifFiles = [sarifPath];
   } else {
     return void 0;
diff --git a/src/upload-sarif-action.ts b/src/upload-sarif-action.ts
index aa1a5a4443..4da0427490 100644
--- a/src/upload-sarif-action.ts
+++ b/src/upload-sarif-action.ts
@@ -61,7 +61,12 @@ async function findAndUpload(
       sarifPath,
       analysis.sarifPredicate,
     );
-  } else if (pathStats.isFile() && analysis.sarifPredicate(sarifPath)) {
+  } else if (
+    pathStats.isFile() &&
+    (analysis.sarifPredicate(sarifPath) ||
+      (analysis.kind === analyses.AnalysisKind.CodeScanning &&
+        !analyses.CodeQuality.sarifPredicate(sarifPath)))
+  ) {
     sarifFiles = [sarifPath];
   } else {
     return undefined;

From 8e34f2f3bf0f3f0b192913b0e0f234372329699b Mon Sep 17 00:00:00 2001
From: "Michael B. Gale" <mbg@github.com>
Date: Fri, 26 Sep 2025 17:52:17 +0100
Subject: [PATCH 2/2] Add changelog

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d2e5bd94af..6e2575a489 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 ## [UNRELEASED]
 
-No user facing changes.
+- We fixed a bug that was introduced in `3.30.4` with `upload-sarif` which resulted in files without a `.sarif` extension not getting uploaded. [#3160](https://github.com/github/codeql-action/pull/3160)
 
 ## 3.30.4 - 25 Sep 2025