diff --git a/go.mod b/go.mod
index 91a51f63bd..04f479b739 100644
--- a/go.mod
+++ b/go.mod
@@ -9,8 +9,8 @@ require (
 	github.com/Microsoft/hcsshim v0.9.2 // indirect
 	github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46
 	github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986
-	github.com/aquasecurity/fanal v0.0.0-20220221141823-58a5d668e45f
-	github.com/aquasecurity/go-dep-parser v0.0.0-20211224170007-df43bca6b6ff
+	github.com/aquasecurity/fanal v0.0.0-20220225095822-ef150f781751
+	github.com/aquasecurity/go-dep-parser v0.0.0-20220224134419-e4f58c60089e
 	github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce
 	github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798
 	github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46
diff --git a/go.sum b/go.sum
index 4d25375e89..233791a3e5 100644
--- a/go.sum
+++ b/go.sum
@@ -248,10 +248,10 @@ github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30
 github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8=
 github.com/aquasecurity/defsec v0.12.1 h1:QZI94PCiprRiX0775tO05R4uREVOI5s2g3K6q0hZnoI=
 github.com/aquasecurity/defsec v0.12.1/go.mod h1:ePT+j44TFfUwgIZ6yx5FPHgYk2aTXAqsMf/WnE78ujg=
-github.com/aquasecurity/fanal v0.0.0-20220221141823-58a5d668e45f h1:yIGImJ9ugi+FkxDL7kOErVTNjj7QrWRMExQ7NivG95c=
-github.com/aquasecurity/fanal v0.0.0-20220221141823-58a5d668e45f/go.mod h1:yYI49KiuvA0EYL1v2hs9xAzGaFL7O9djgPkelqHd5sE=
-github.com/aquasecurity/go-dep-parser v0.0.0-20211224170007-df43bca6b6ff h1:JCKEV3TgUNh9fn+8hXyIdsF9yErA0rUbCkgt2flRKt4=
-github.com/aquasecurity/go-dep-parser v0.0.0-20211224170007-df43bca6b6ff/go.mod h1:8fJ//Ob6/03lxbn4xa1F+G/giVtiVLxnZNpBp5xOxNk=
+github.com/aquasecurity/fanal v0.0.0-20220225095822-ef150f781751 h1:5/MrYu8gbHZsNSN2FmCWtIqtE9UZudkdH8RkX28UCIo=
+github.com/aquasecurity/fanal v0.0.0-20220225095822-ef150f781751/go.mod h1:IDIXfsyFi+lhoKtwrbE4HPku72dizwopUsQ4XRz4aXo=
+github.com/aquasecurity/go-dep-parser v0.0.0-20220224134419-e4f58c60089e h1:NXHfUPuyfZOurJJtnEFo0JlFopMNlPgID3BpgEwoTUU=
+github.com/aquasecurity/go-dep-parser v0.0.0-20220224134419-e4f58c60089e/go.mod h1:XxIz2s4UymZBcg9WwAc2km77lFt9rVE/LmKJe2YVOtY=
 github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM=
 github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce/go.mod h1:HXgVzOPvXhVGLJs4ZKO817idqr/xhwsTcj17CLYY74s=
 github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 h1:eveqE9ivrt30CJ7dOajOfBavhZ4zPqHcZe/4tKp0alc=
@@ -1754,6 +1754,7 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
 go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
 go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ=
 go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
+go.uber.org/zap v1.20.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
 go.uber.org/zap v1.21.0 h1:WefMeulhovoZ2sYXz7st6K0sLj7bBhpiFaud4r4zST8=
 go.uber.org/zap v1.21.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw=
 go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
diff --git a/integration/fs_test.go b/integration/fs_test.go
index f4524e8285..67cc7b7375 100644
--- a/integration/fs_test.go
+++ b/integration/fs_test.go
@@ -22,6 +22,7 @@ func TestFilesystem(t *testing.T) {
 		ignoreIDs      []string
 		policyPaths    []string
 		namespaces     []string
+		listAllPkgs    bool
 		input          string
 	}
 	tests := []struct {
@@ -41,6 +42,7 @@ func TestFilesystem(t *testing.T) {
 			name: "pip",
 			args: args{
 				securityChecks: "vuln",
+				listAllPkgs:    true,
 				input:          "testdata/fixtures/fs/pip",
 			},
 			golden: "testdata/pip.json.golden",
@@ -129,6 +131,10 @@ func TestFilesystem(t *testing.T) {
 				outputFile = tt.golden
 			}
 
+			if tt.args.listAllPkgs {
+				osArgs = append(osArgs, "--list-all-pkgs")
+			}
+
 			osArgs = append(osArgs, "--output", outputFile)
 			osArgs = append(osArgs, tt.args.input)
 
diff --git a/integration/testdata/fixtures/fs/pip/requirements.txt b/integration/testdata/fixtures/fs/pip/requirements.txt
index da45028f72..83c457b801 100644
--- a/integration/testdata/fixtures/fs/pip/requirements.txt
+++ b/integration/testdata/fixtures/fs/pip/requirements.txt
@@ -4,3 +4,5 @@ itsdangerous==2.0.0
 Jinja2==3.0.0
 MarkupSafe>2.0.0
 Werkzeug==0.11
+oauth2-client==4.0.0
+python-gitlab==2.0.0
diff --git a/integration/testdata/pip.json.golden b/integration/testdata/pip.json.golden
index 3469cf0971..3adbd88a00 100644
--- a/integration/testdata/pip.json.golden
+++ b/integration/testdata/pip.json.golden
@@ -19,6 +19,43 @@
       "Target": "requirements.txt",
       "Class": "lang-pkgs",
       "Type": "pip",
+      "Packages": [
+        {
+          "Name": "Flask",
+          "Version": "2.0.0",
+          "Layer": {}
+        },
+        {
+          "Name": "Jinja2",
+          "Version": "3.0.0",
+          "Layer": {}
+        },
+        {
+          "Name": "Werkzeug",
+          "Version": "0.11",
+          "Layer": {}
+        },
+        {
+          "Name": "click",
+          "Version": "8.0.0",
+          "Layer": {}
+        },
+        {
+          "Name": "itsdangerous",
+          "Version": "2.0.0",
+          "Layer": {}
+        },
+        {
+          "Name": "oauth2-client",
+          "Version": "4.0.0",
+          "Layer": {}
+        },
+        {
+          "Name": "python-gitlab",
+          "Version": "2.0.0",
+          "Layer": {}
+        }
+      ],
       "Vulnerabilities": [
         {
           "VulnerabilityID": "CVE-2019-14806",