ci: fix benchmark-action SHA typo and SBOM format in security workflow

Lenvanderhof · Lenvanderhof · commit a59dfdf544e5 · 2026-01-03T20:15:52.000+01:00
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
@@ -98,7 +98,7 @@ jobs:
         continue-on-error: true
 
       - name: Store benchmark results
-        uses: benchmark-action/github-action-benchmark@4bdcce38bc94cec68da58d012ac24b7b1155efe8b # v1.20.7
+        uses: benchmark-action/github-action-benchmark@4bdcce38c94cec68da58d012ac24b7b1155efe8b # v1.20.7
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'
         with:
           tool: "cargo"
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -208,7 +208,7 @@ jobs:
         run: cargo install cargo-sbom
 
       - name: Generate SBOM (CycloneDX)
-        run: cargo sbom --output-format cyclonedx_json_1_4 > sbom-cyclonedx.json
+        run: cargo sbom --output-format cyclone_dx_json_1_4 > sbom-cyclonedx.json
 
       - name: Generate SBOM (SPDX)
         run: cargo sbom --output-format spdx_json_2_3 > sbom-spdx.json
