It is a convention for projects using python. It definitely isn't required but there are some features that come for free when using that filename.
https://github.blog/2018-07-12-security-vulnerability-alerts-for-python/
and
https://help.github.com/en/github/visualizing-repository-data-with-graphs/listing-the-packages-that-a-repository-depends-on
You can also get more insight from github into dependencies and dependents.
example: https://github.com/tianocore/edk2-pytool-extensions/network/dependencies
I did notice on the example from above that github picked up the requirements.publisher.txt so i don't know what their pattern matching does exactly.