diff --git a/.github/workflows/build-n-publish.yaml b/.github/workflows/build-n-publish.yaml
index ea688a9..fbeca60 100644
--- a/.github/workflows/build-n-publish.yaml
+++ b/.github/workflows/build-n-publish.yaml
@@ -44,14 +44,14 @@ jobs:
         run: |
           wget https://github.com/google/osv-scanner/releases/download/v1.2.0/osv-scanner_1.2.0_linux_amd64
           chmod +x ./osv-scanner_1.2.0_linux_amd64
-          ./osv-scanner_1.2.0_linux_amd64 -r .
+          ./osv-scanner_1.2.0_linux_amd64 requirements.txt
 
       - name: Scan for vulnerabilities
         working-directory: ./epl-board
         run: |
           wget https://github.com/google/osv-scanner/releases/download/v1.2.0/osv-scanner_1.2.0_linux_amd64
           chmod +x ./osv-scanner_1.2.0_linux_amd64
-          ./osv-scanner_1.2.0_linux_amd64 -r .
+          ./osv-scanner_1.2.0_linux_amd64 requirements.txt
 
       - name: Publish package
         uses: pypa/gh-action-pypi-publish@v1.8.1