diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
index 9577f6a0..0d6c54b8 100644
--- a/.github/workflows/dependency-review.yaml
+++ b/.github/workflows/dependency-review.yaml
@@ -22,5 +22,5 @@ jobs:
     - name: Dependency Review
       uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
       with:
-        fail-on-scope: runtime,unknown
+        fail-on-scopes: runtime,unknown
         comment-summary-in-pr: on-failure
diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml
index dab10db8..790c2b50 100644
--- a/.github/workflows/release-docker.yml
+++ b/.github/workflows/release-docker.yml
@@ -118,7 +118,7 @@ jobs:
         for tag in ${TAGS}; do
           image="${tag}@${DIGEST}"
           cosign sign --recursive --yes --key "${COSIGN_PRIVATE_KEY}" "${image}"
-          cosign attest --recursive --yes --key "${COSIGN_PRIVATE_KEY} --predicate "crud-service-sbom.spdx.json" --type="spdxjson" "${image}"
+          cosign attest --recursive --yes --key "${COSIGN_PRIVATE_KEY}" --predicate "crud-service-sbom.spdx.json" --type="spdxjson" "${image}"
         done
       env:
         TAGS: |