diff --git a/README.md b/README.md
index 639abddd..f085ed50 100644
--- a/README.md
+++ b/README.md
@@ -92,8 +92,6 @@ jobs:
       - id: ShellCheck
         name: Differential ShellCheck
         uses: redhat-plumbers-in-action/differential-shellcheck@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
 
       - if: ${{ always() }}
         name: Upload artifact with ShellCheck defects in SARIF format
@@ -101,6 +99,12 @@ jobs:
         with:
           name: Differential ShellCheck SARIF
           path: ${{ steps.ShellCheck.outputs.sarif }}
+
+      - if: ${{ always() }}
+        name: Upload SARIF to GitHub using github/codeql-action/upload-sarif
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ steps.ShellCheck.outputs.sarif }}
 ```
 
 > **Warning**: _`fetch-depth: 0` is required to run `differential-shellcheck` successfully. It fetches all git history._
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 9ea8083e..1d582a48 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -5,6 +5,7 @@
 * `grep` - do not escape `#` and `!` in patterns
 * Utilize `DEBUG` to run `grep` without `--silent` option
 * Update `csutils` (`csdiff`) to 3.0.0
+* Update example - suggest `github/codeql-action/upload-sarif` as default way how to upload SARIF
 
 ## v4.0.2