diff --git a/copilot/pipelines/react-app-pipeline/buildspec.yml b/copilot/pipelines/react-app-pipeline/buildspec.yml
index 32355d3..19c7e12 100644
--- a/copilot/pipelines/react-app-pipeline/buildspec.yml
+++ b/copilot/pipelines/react-app-pipeline/buildspec.yml
@@ -8,8 +8,13 @@ phases:
       # Download the copilot linux binary.
       - wget -q https://ecs-cli-v2-release.s3.amazonaws.com/copilot-linux-v1.32.0 -O copilot-linux
       - chmod +x ./copilot-linux
-      # Download trivy.
-      - docker pull ghcr.io/aquasecurity/trivy:canary
+      # Download trivy. https://aquasecurity.github.io/trivy/v0.48/getting-started/installation/
+      - apt-get install wget apt-transport-https gnupg lsb-release
+      - wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
+      - echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
+      - apt-get update
+      - apt-get install trivy
+
   build:
     commands:
       - echo "Run your tests"
@@ -66,7 +71,7 @@ phases:
         done;
       - ls -lah ./infrastructure
       # Run trivy scan on the docker images.
-      - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock ghcr.io/aquasecurity/trivy:canary image --vuln-type os --no-progress --format table -o container-scanning-report.txt --severity CRITICAL,HIGH $(jq -r '.services[].image' ./infrastructure/manifest.json)
+      - trivy image --vuln-type os --no-progress --format table -o container-scanning-report.txt --severity CRITICAL,HIGH $(jq -r '.services[].image' ./infrastructure/manifest.json)
       - cat container-scanning-report.txt
 artifacts:
   files:
diff --git a/docker_test.sh b/docker_test.sh
index 9abb17e..3730dbb 100755
--- a/docker_test.sh
+++ b/docker_test.sh
@@ -7,8 +7,8 @@
 # Author: Ryosuke Tomita
 # Date: 2023/12/06
 ##########################################################################
-#docker rmi react-app:latest -f
+docker rmi react-app:latest -f
 docker build -t react-app:latest . --no-cache
-docker run --rm -p 8080:80 react-app:latest # -p containerport:localport
+docker run -p 80:8080 react-app:latest # -p localport:containerport
 
 # open your browser and go to `localhost:80`.
diff --git a/sca-report.sarif b/sca-report.sarif
deleted file mode 100644
index e95f38e..0000000
--- a/sca-report.sarif
+++ /dev/null
@@ -1,80 +0,0 @@
-{
-  "version": "2.1.0",
-  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
-  "runs": [
-    {
-      "tool": {
-        "driver": {
-          "fullName": "Trivy Vulnerability Scanner",
-          "informationUri": "https://github.com/aquasecurity/trivy",
-          "name": "Trivy",
-          "rules": [
-            {
-              "id": "CVE-2021-3803",
-              "name": "LanguageSpecificPackageVulnerability",
-              "shortDescription": {
-                "text": "inefficient regular expression complexity"
-              },
-              "fullDescription": {
-                "text": "nth-check is vulnerable to Inefficient Regular Expression Complexity"
-              },
-              "defaultConfiguration": {
-                "level": "error"
-              },
-              "helpUri": "https://avd.aquasec.com/nvd/cve-2021-3803",
-              "help": {
-                "text": "Vulnerability CVE-2021-3803\nSeverity: HIGH\nPackage: nth-check\nFixed Version: 2.0.1\nLink: [CVE-2021-3803](https://avd.aquasec.com/nvd/cve-2021-3803)\nnth-check is vulnerable to Inefficient Regular Expression Complexity",
-                "markdown": "**Vulnerability CVE-2021-3803**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|nth-check|2.0.1|[CVE-2021-3803](https://avd.aquasec.com/nvd/cve-2021-3803)|\n\nnth-check is vulnerable to Inefficient Regular Expression Complexity"
-              },
-              "properties": {
-                "precision": "very-high",
-                "security-severity": "7.5",
-                "tags": [
-                  "vulnerability",
-                  "security",
-                  "HIGH"
-                ]
-              }
-            }
-          ],
-          "version": "0.47.0"
-        }
-      },
-      "results": [
-        {
-          "ruleId": "CVE-2021-3803",
-          "ruleIndex": 0,
-          "level": "error",
-          "message": {
-            "text": "Package: nth-check\nInstalled Version: 1.0.2\nVulnerability CVE-2021-3803\nSeverity: HIGH\nFixed Version: 2.0.1\nLink: [CVE-2021-3803](https://avd.aquasec.com/nvd/cve-2021-3803)"
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "package-lock.json",
-                  "uriBaseId": "ROOTPATH"
-                },
-                "region": {
-                  "startLine": 15755,
-                  "startColumn": 1,
-                  "endLine": 15762,
-                  "endColumn": 1
-                }
-              },
-              "message": {
-                "text": "package-lock.json: nth-check@1.0.2"
-              }
-            }
-          ]
-        }
-      ],
-      "columnKind": "utf16CodeUnits",
-      "originalUriBaseIds": {
-        "ROOTPATH": {
-          "uri": "file:///home/tomita/devsecops-demo-aws-ecs/"
-        }
-      }
-    }
-  ]
-}