Fix refs used for code scanning results

Author: alcaeus

.github/workflows/release.yml

@@ -166,7 +166,7 @@ jobs:
       - name: "Generate SARIF report from code scanning alerts"
         uses: mongodb-labs/drivers-github-tools/code-scanning-export@v2
         with:
-          ref: ${{ inputs.version }}
+          ref: refs/tags/${{ inputs.version }}
           output-file: ${{ env.S3_ASSETS }}/code-scanning-alerts.json
 
       - name: "Generate compliance report"

.github/workflows/static-analysis.yml

@@ -47,3 +47,4 @@ jobs:
         uses: "github/codeql-action/upload-sarif@v3"
         with:
           sarif_file: psalm.sarif
+          ref: ${{ github.event_name == 'workflow_dispatch' && inputs.ref || github.ref }}