diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml
index 87127f039fa1a260b726188f5bd56c9deb742478..96783a02cbc5898b0ae17954dd30beb608342d64 100644
--- a/templates/gitlab-ci-python.yml
+++ b/templates/gitlab-ci-python.yml
@@ -923,7 +923,7 @@ py-lint:
     - install_requirements
     - _pip install pylint_gitlab # codeclimate reports
     # run pylint and generate reports all at once
-    - _run pylint --ignore=.cache --output-format=colorized,pylint_gitlab.GitlabCodeClimateReporter:reports/py-lint.codeclimate.json,parseable:reports/py-lint.parseable.txt ${PYLINT_ARGS} ${PYLINT_FILES:-$(find -type f -name "*.py")}
+    - _run pylint --output-format=colorized,pylint_gitlab.GitlabCodeClimateReporter:reports/py-lint.codeclimate.json,parseable:reports/py-lint.parseable.txt ${PYLINT_ARGS} ${PYLINT_FILES:-$(find -type f -name "*.py" -not -path "./.cache/*")}
   artifacts:
     name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
     expire_in: 1 day
@@ -969,7 +969,7 @@ py-isort:
   script:
     - install_requirements
     - _pip install isort
-    - _run isort . --check-only
+    - _run isort . --check-only --extend-skip .cache
   rules:
     # exclude if $PYTHON_ISORT_ENABLED not set
     - if: '$PYTHON_ISORT_ENABLED != "true"'
@@ -1169,7 +1169,6 @@ py-trivy:
   dependencies: []
   script:
     - mkdir -p -m 777 reports
-    - install_requirements
     - |
       if [[ -z "$PYTHON_TRIVY_DIST_URL" ]]
       then
@@ -1190,15 +1189,17 @@ py-trivy:
         mv ./trivy $python_trivy
       fi  
     - |
-      if [[ "$PYTHON_BUILD_SYSTEM" == poetry* ]]
-      then
-        # When using Poetry, `pip freeze` outputs a requirements.txt with @file URLs for each wheel
-        # These @file URLs in requirements.txt are not supported by Trivy
-        # So instead of simply using pip freeze, we use `poetry export`
-        poetry export -f requirements.txt --without-hashes --output reports/requirements.txt
-      else
-        _pip freeze | tee ./reports/requirements.txt
-      fi
+      case "$PYTHON_BUILD_SYSTEM" in
+        poetry*|pipenv*)
+          log_info "$PYTHON_BUILD_SYSTEM build system (\\e[32muse lock file\\e[0m)"
+          cp poetry.lock Pipfile.lock ./reports 2>/dev/null || true
+          ;;
+        *)
+          log_info "$PYTHON_BUILD_SYSTEM build system used (\\e[32mmust generate pinned requirements.txt\\e[0m)"
+          install_requirements
+          _pip freeze | tee ./reports/requirements.txt
+          ;;
+      esac
       if [[ -f "./requirements.txt" ]]
       then
         sort -u ./requirements.txt | grep -v "^[  ]*$" > ./requirements.txt.sorted
@@ -1208,7 +1209,7 @@ py-trivy:
           log_warn "The ./requirements.txt file does not match the ./reports/requirements.txt file generated via pip freeze. Make sure to include all dependencies with pinned versions in ./requirements.txt and re-commit the file."
         fi
       fi
-      if [ $($python_trivy fs ${PYTHON_TRIVY_ARGS} --format table --exit-code 0 ./reports/ | grep -c "Number of language-specific files: 0") -eq 1 ]; then
+      if [ $($python_trivy fs ${PYTHON_TRIVY_ARGS} --format table --exit-code 0 ./reports/ 2>&1 | grep -ic "Number of language-specific files[^0-9]*0$" ) -eq 1 ]; then
         log_error "Could not find a file listing all dependencies with their versions."
         exit 1
       fi
@@ -1238,10 +1239,14 @@ py-sbom:
   needs: []
   script:
     - mkdir -p -m 777 reports
-    - install_requirements
     - |
       case "$PYTHON_BUILD_SYSTEM" in
-        setuptools*|reqfile)
+        poetry*|pipenv*)
+          log_info "$PYTHON_BUILD_SYSTEM build system (\\e[32muse lock file\\e[0m)"
+          ;;
+        *)
+          log_info "$PYTHON_BUILD_SYSTEM build system used (\\e[32mmust generate pinned requirements.txt\\e[0m)"
+          install_requirements
           _pip freeze > "${PYTHON_REQS_FILE}"
           ;;
       esac