diff --git a/.github/workflows/react-dependency-check.yaml b/.github/workflows/react-dependency-check.yaml
index 452cccd..0f9f7c2 100644
--- a/.github/workflows/react-dependency-check.yaml
+++ b/.github/workflows/react-dependency-check.yaml
@@ -26,7 +26,7 @@ jobs:
             format: table
             output: 'sca-report.sarif'
             severity: CRITICAL,HIGH
-            input: 'package.json'
+            scan-ref: '.'
         - name: upload result
           uses: github/codeql-action/upload-sarif@v2
           with:
diff --git a/sca-report.txt b/sca-report.txt
new file mode 100644
index 0000000..e69de29