Since snyk cannot scan wheels we decided to move forward without using it in our pipeline. We really should use snyk but use it against the sdist that we get from pypi. These results should not result in a denied build - we should only produce the results and make them available. Maybe we would want to implement some gating in the future around this but we will cross that bridge when we get to it.