I'm working on Software Bill-of-Materials (SBOM) and attempting to solve the "phantom dependency" problem for Python packages.
As always, I try to work in public, so if you'd like to follow along you can do so:
https://discuss.python.org/t/sboms-for-python-packages-project/70261