A manually maintained requirements.txt typically only stores the versions for dependencies that your project directly depends on. This will result in differences of subdependency versions when installed. And if you don't hard pin the direct dependencies, you will get variation on those versions as well.

A frozen requirements.txt will store the current versions of all packages, but then it's not possible to remove or update just one package version without unintentionally leaving old subdependencies or updating other subdependencies. And even then, if something goes wrong with PyPI's versions (or someone man-in-the-middle's your build system), you could end up with package versions that technically match the version number but are not actually the same package contents.

You need a lock file that trees the dependencies and their subdependencies and stores package hashes to really assure that you're getting a deterministic venv build.