There's a ton of advantages, but some very real disadvantages as well. No lsposed and incompatibility with certain magisk modules are probably the biggest for me personally.
None, for our holy Savior Daniel M'kay and grapheneOS have saved my soul. For even mentioning magisk I clearly deserve a public flogging, maybe even an execution. Obviously. RoOt iS iNsEcUrE
Sets himself up for the Grapheneos fanboys flogging. I'm using Grapheneos myself, and i agree they are not very... Tactful in addressing some specific usecases. I agree with the doctrine of not weakening the system, but an option should exist for people that understand the consequences, and still need a different use than the one envisioned by the developers. I'm not talking about root, there's more decisions that are made for you without your saying. For your safety. But still.
Using a device with no vendor-provided firmware security patches doesn't seem like a good idea to me. Also, the Pixel 8a gets 7 years of updates. That's plenty of time, and most people get a new phone after a much shorter time.
Calyx is pretty insecure by default, it removes some default AOSP security features and is very slow to push security patches. And it doesn't include any of the GrapheneOS security features like hardened SELinux, a hardened kernel, secure app spawning, hardened Chromium browser and WebView or hardware-based integrity attestation. It also uses a very flawed Google Play services implementation (microG) which requires root and has worse app compatibility.