Running bandit and pip-audit directly — or using the official focused actions (PyCQA/bandit-action and pypa/gh-action-pip-audit) — is a reasonable and common approach. Those tools and actions are fine ...
A new feature proposal for the Python programming language wants to add "transparency" to the runtime and let security and auditing tools view when Python may be running potentially dangerous ...