Enable/disable SBOM generation for specific language types

[ramanan-ravi]

Fixes #840

Example command to exclude a language cataloger

syft packages alpine:latest --exclude-cataloger go-module-binary-cataloger --exclude-cataloger go-mod-file-cataloger

[kzantow]

@ramanan-ravi this looks very useful. I wonder, though, would it make more sense to enable a specific cataloger? It would seem like someone using Syft knows the ecosystem - say, NPM - and they just want to scan a single node project. I wonder if the ergonomics would be better suited to do the opposite of this -- by default all catalogers are enabled, unless someone explicitly enables one or more, like --enable-cataloger npm --enable-cataloger dpkg. This would also ensure that if more catalogers are added, they are not run if someone is trying to run just some specific ones. I'm curious the motivation for this, is it just performance? Or are there false positives in Grype because of catalogers picking up things they shouldn't?

[ramanan-ravi]

@kzantow Motivation behind this is performance and time, especially when the user knows the ecosystem of the image being scanned.

by default all catalogers are enabled, unless someone explicitly enables one or more, like --enable-cataloger npm --enable-cataloger dpkg

Sure, that works too. I'll make the change.

[ramanan-ravi]

@kzantow Opened a new pull request here