I'm using https://pdm-project.org/latest/ which has lock file like poetry but named "pdm.lock"
When I change the filename and run the scanner some vulnerabilities had been found. Generating a requirements.txt and using this one will fail.