Bump github/codeql-action from 2.1.27 to 2.1.28 (#36961)

Author: dependabot[bot]

.github/workflows/scorecards-analysis.yml

@@ -65,6 +65,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100
+        uses: github/codeql-action/upload-sarif@cc7986c02bac29104a72998e67239bb5ee2ee110
         with:
           sarif_file: results.sarif