We just disclosed a widespread critical vulnerability called Zip Slip. It may affect you –
Snyk supports testing and monitoring Python projects that have their dependencies managed by pip and expressed in a requirements.txt file. Python support is available for GitHub repositories, and via the Snyk CLI.
We scan Python projects by examining your requirements.txt file to compare the specific versions of every direct and deep dependency in your project against our Python vulnerability database.