Security vulnerability alerts for Python

Last year, security alerts were introduced to monitor vulnerabilities in Ruby and JavaScript packages, leading to millions of identified vulnerabilities and numerous patches. Building on this success, Python support has now been launched, allowing Python users to access dependency graphs and receive alerts for known security vulnerabilities in their packages. The initial launch includes a limited set of recent vulnerabilities, with plans to expand the database with historical vulnerabilities over the coming weeks. The platform will continuously monitor the NVD feed and other sources to alert users of any newly disclosed Python vulnerabilities. To utilize these alerts, users must ensure that a requirements.txt or Pipfile.lock file is checked into their repositories. Public repositories automatically have the service enabled, while private ones require opting in through settings. Admins receive alerts by default and can add additional recipients or configure notification preferences through their profile settings. More detailed guidance is available in the documentation.