# Code scanning

You can display the results of the Meterian analysis directly on your repository on GitHub via the Static Analysis Results Interchange Format (SARIF) report. Here is how it's done with [our GitHub action](https://github.com/marketplace/actions/meterian-scanner).

Request the generation of a SARIF report from the Meterian GitHub action

```
uses: MeterianHQ/meterian-github-action@v1.0.17
with:
  cli_args: "--report-sarif=report.sarif"
```

Upload the report via GitHub's official action [upload-sarif](https://github.com/github/codeql-action/tree/v3/upload-sarif)

```
uses: github/codeql-action/upload-sarif@v3
if: success() || failure()
with:
  sarif_file: report.sarif
```

{% hint style="info" %}
In the above example we are using the workflow step special functions `success()` and `failure()` to ensure the upload always takes place 
{% endhint %}

Once the upload is completed, GitHub will create code scanning alerts in your repository using information from the SARIF report we have just uploaded as part of the code scanning experience. 

View the results in the Security tab of your repository under the Vulnerability alerts section

<figure><img src="https://3502151236-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M-naNCUtT6Gw1tfDjRR%2Fuploads%2Fp0r4SwmFFYpoMK1PeWbQ%2Fimage.png?alt=media&#x26;token=fa0ec7b4-f0d1-4cc1-99b4-32794d973f59" alt=""><figcaption></figcaption></figure>