We have code related to generating sarif security scans and uploading them to Github which has seemingly never been used and which relies on a dependency which has a CVE

We should remove this code as it is unused, can cause confusion, and requires maintenance

See #533