DS analyzer: Python support - Manifest scanning: requirements.txt scanning

Description

This implementation issue covers adding requirements.txt manifest scanning capabilities to the Dependency Scanning (DS) analyzer. This manifest scanning will serve as a fallback mechanism when lock files are not available

Scope

Objective: Implement manifest scanning functionality for Python requirements.txt files

Key Components:

Add requirements.txt file detection and parsing logic
Implement dependency extraction from Python manifest files
Integrate with existing DS analyzer workflow as a fallback option
Ensure compatibility with current dependency scanning pipeline

Acceptance Criteria:

DS analyzer successfully detects and processes requirements.txt manifest files
Dependencies are correctly extracted and reported

Related MR: gitlab-org/security-products/analyzers/dependency-scanning!427 (diffs)

Edited Feb 03, 2026 by Orin Naaman

DS analyzer: Python support - Manifest scanning: requirements.txt scanning

Description

Scope

Related Issues