pipenv installas Snyk needs this to create the
pipenv graphwhich is then used for the dependency scan to fulfil itself.
setup.pyfile, and detects packages listed in the
requirements.txtby installing the packages into a virtual environment and then running
poetry.lockfiles. Note both these files must be present for Snyk to identify Poetry dependencies and test for issues.
requirements.txtfile, and so you must have this file in your repository before importing.
requirements.txtfiles (for example, if you have renamed a file to
requirements-dev.txt), we try to import every file that follows the
**/*req*.txtconvention as a Python project.
requirements/requirements.txt) we try to import every file that follows the
**/requirements/*.txtconvention as a Python project.
requirements.txt, then either convert or import (depending on the package manager/supported files) the manifest file to the
.snykfile to a project repository, and specify the desired version.
.snykfile must be in the same directory as the project manifest file.
.snykfile, Snyk detects the major version specified, and uses this to control whether the project is tested with Python 2 or Python 3. It does not use the exact version specified.