Dependency Scanning External tool import not working

I'am exporting a 3rd party tool dependency scanner's SCA findings in SARIF format, converting them using sarif-converter (https://gitlab.com/ignis-build/sarif-converter) and trying to import them to GitLab Security using the below format. Findings are not getting imported correctly.

Note that I could import SAST findings to same way and it works as expected.

  artifacts:
    access: developer
    reports:
      sast: gl-sast-report.json
      dependency_scanning: gl-dependency-scanning-report.json
      secret_detection: gl-secrets-scanning-report.json