diff --git a/.github/workflows/dotnet-snyk.yml b/.github/workflows/snyk-code.yml
similarity index 70%
rename from .github/workflows/dotnet-snyk.yml
rename to .github/workflows/snyk-code.yml
index f338cb2..1fcc10e 100644
--- a/.github/workflows/dotnet-snyk.yml
+++ b/.github/workflows/snyk-code.yml
@@ -16,6 +16,10 @@ on: # yamllint disable-line rule:truthy
 jobs:
   security:
     runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
     steps:
       - uses: actions/checkout@master
       - uses: snyk/actions/setup@master
@@ -26,9 +30,16 @@ jobs:
       - name: Restore dependencies
         run: dotnet restore algorithm-exercises-csharp.sln
       - name: Run Snyk to check for vulnerabilities
+        continue-on-error: true # To make sure that SARIF upload gets called
         run: >
           snyk test
           algorithm-exercises-csharp/
+          algorithm-exercises-csharp-base/
           algorithm-exercises-csharp-test/
+          --sarif-file-output=snyk-code.sarif
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: snyk-code.sarif
diff --git a/algorithm-exercises-csharp-base/algorithm-exercises-csharp-base.csproj b/algorithm-exercises-csharp-base/algorithm-exercises-csharp-base.csproj
index 1fa1884..418d63c 100644
--- a/algorithm-exercises-csharp-base/algorithm-exercises-csharp-base.csproj
+++ b/algorithm-exercises-csharp-base/algorithm-exercises-csharp-base.csproj
@@ -25,6 +25,7 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.0" />
     <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="8.0.0" />
+    <PackageReference Include="System.Text.Json" Version="8.0.4" />
   </ItemGroup>