Code hosting service GitHub added Python to the list of programming languages that it is able to auto-scan for known vulnerabilities.
In October 2017, GitHub introduced the Dependency Graph, a feature that lists all the libraries used by a project, and all the projects that rely on a certain project. The feature supports JavaScript and Ruby. GitHub is now extending this feature to include Python code. This feature allows developers to receive alerts when including certain flawed software libraries in their projects, and provide advice on how to address the issue.
Code scanning is enabled by default on public repositories.
Read more about it here.