docs: emphasize Python 3.11 requirement for Python dep analysis (#825)

Signed-off-by: behnazh-w <[email protected]>
oracle · Aug 13, 2024 · ac8de70 · ac8de70
1 parent 58ae2c9
commit ac8de70
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/docs/source/pages/tutorials/detect_malicious_package.rst b/docs/source/pages/tutorials/detect_malicious_package.rst
@@ -168,7 +168,11 @@ Analyzing django with dependencies
 Macaron supports analyzing a package's dependencies and performs the same set of checks on them as it does on the main target package. To analyze the dependencies of ``[email protected]`` Python package, you can either :ref:`generate an SBOM <python-sbom>` yourself or :ref:`point Macaron to a virtual environment <python-venv-deps>` where ``django`` is installed.
 
 
-Let's assume ``/tmp/.django_venv`` is the virtual environment where ``[email protected]`` is installed. Run Macaron as follows to analyze ``django`` and its dependencies.
+Let's assume ``/tmp/.django_venv`` is the virtual environment where ``[email protected]`` is installed.
+
+.. note:: If you want Macaron to analyze the virtual environment directly to identify the dependencies, we require Python 3.11 to be used to install the package. Alternatively, you can generate the SBOM as instructed :ref:`here <python-sbom>` and pass it to Macaron as input.
+
+Run Macaron as follows to analyze ``django`` and its dependencies.
 
 .. code-block:: shell