The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
The editable option is being deprecated, and we use it in at least one of our CI jobs as well as our development instructions:
https://github.com/pypa/pip/issues/11457
Not sure what the best solution for us is yet, feel free to chime in if you have opinions.