When the action is configured to run in pull request, although it do not try to publish results (since 2.0.4), it tries to upload the results to Github's code scanning dashboard and returns an error (https://github.com/systemd/systemd/actions/runs/3276042271/jobs/5391618343).

I've manually disable it using the following configuration:

 # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
        if: ${{ github.event_name != 'pull_request' }}
        uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26
        with:
          sarif_file: results.sarif

I think the best solution is to avoid uploading the results to the security dashboard if it is a pull request, what do you think? I can suggest the PR with the changes if so.