When a series of python files (.py) with import statements are scanned , third party components are not getting detected.
For third-party component detection, python dependencies are gathered by the analyzer from the following files: requirements.txt and setup.py. One of these files should be present in the folder that is scanned. The requirements.txt file will have versions details of the components which are crucial for getting CVE info.
- Check whether requirements.txt and setup.py are part of the analysis.