Option to enable specific language or ecosystem cataloger

README.md

@@ -367,6 +367,24 @@ package:
     # same as -s ; SYFT_PACKAGE_CATALOGER_SCOPE env var
     scope: "squashed"
 
+  # enable specific language or ecosystem cataloger
+  # default: all catalogers are enabled by default
+  # enable-cataloger:
+  # - "ruby-gemfile-cataloger"
+  # - "ruby-gemspec-cataloger"
+  # - "python-index-cataloger"
+  # - "python-package-cataloger"
+  # - "javascript-lock-cataloger"
+  # - "javascript-package-cataloger"
+  # - "php-composer-installed-cataloger"
+  # - "php-composer-lock-cataloger"
+  # - "dpkgdb-cataloger"
+  # - "rpmdb-cataloger"
+  # - "java-cataloger"
+  # - "apkdb-cataloger"
+  # - "go-module-binary-cataloger"
+  enable-cataloger:
+
 # cataloging file classifications is exposed through the power-user subcommand
 file-classification:
   cataloger:

cmd/syft/cli/options/packages.go

@@ -56,6 +56,9 @@ func (o *PackagesOptions) AddFlags(cmd *cobra.Command, v *viper.Viper) error {
 	cmd.PersistentFlags().StringArrayVarP(&o.Exclude, "exclude", "", nil,
 		"exclude paths from being scanned using a glob expression")
 
+	cmd.PersistentFlags().StringArrayP("enable-cataloger", "", nil,
+		"enable specific language or ecosystem cataloger")
+
 	cmd.PersistentFlags().BoolVarP(&o.OverwriteExistingImage, "overwrite-existing-image", "", false,
 		"overwrite an existing image during the upload to Anchore Enterprise")
 
@@ -80,6 +83,10 @@ func bindPackageConfigOptions(flags *pflag.FlagSet, v *viper.Viper) error {
 		return err
 	}
 
+	if err := v.BindPFlag("package.enable-cataloger", flags.Lookup("enable-cataloger")); err != nil {
+		return err
+	}
+
 	if err := v.BindPFlag("output", flags.Lookup("output")); err != nil {
 		return err
 	}

internal/config/pkg.go

@@ -9,6 +9,7 @@ type pkg struct {
 	Cataloger               catalogerOptions `yaml:"cataloger" json:"cataloger" mapstructure:"cataloger"`
 	SearchUnindexedArchives bool             `yaml:"search-unindexed-archives" json:"search-unindexed-archives" mapstructure:"search-unindexed-archives"`
 	SearchIndexedArchives   bool             `yaml:"search-indexed-archives" json:"search-indexed-archives" mapstructure:"search-indexed-archives"`
+	EnabledCatalogers       []string         `yaml:"enable-cataloger" json:"enable-cataloger" mapstructure:"enable-cataloger"`
 }
 
 func (cfg pkg) loadDefaultValues(v *viper.Viper) {
@@ -29,5 +30,6 @@ func (cfg pkg) ToConfig() cataloger.Config {
 			IncludeUnindexedArchives: cfg.SearchUnindexedArchives,
 			Scope:                    cfg.Cataloger.ScopeOpt,
 		},
+		EnabledCatalogers: cfg.EnabledCatalogers,
 	}
 }

syft/pkg/cataloger/cataloger.go

@@ -11,7 +11,7 @@ import (
 	"github.com/anchore/syft/syft/pkg/cataloger/apkdb"
 	"github.com/anchore/syft/syft/pkg/cataloger/dart"
 	"github.com/anchore/syft/syft/pkg/cataloger/deb"
-	"github.com/anchore/syft/syft/pkg/cataloger/dotnet"
+	//"github.com/anchore/syft/syft/pkg/cataloger/dotnet"
 	"github.com/anchore/syft/syft/pkg/cataloger/golang"
 	"github.com/anchore/syft/syft/pkg/cataloger/java"
 	"github.com/anchore/syft/syft/pkg/cataloger/javascript"
@@ -35,7 +35,7 @@ type Cataloger interface {
 
 // ImageCatalogers returns a slice of locally implemented catalogers that are fit for detecting installations of packages.
 func ImageCatalogers(cfg Config) []Cataloger {
-	return []Cataloger{
+	return filterCatalogers([]Cataloger{
 		ruby.NewGemSpecCataloger(),
 		python.NewPythonPackageCataloger(),
 		php.NewPHPComposerInstalledCataloger(),
@@ -45,13 +45,13 @@ func ImageCatalogers(cfg Config) []Cataloger {
 		java.NewJavaCataloger(cfg.Java()),
 		apkdb.NewApkdbCataloger(),
 		golang.NewGoModuleBinaryCataloger(),
-		dotnet.NewDotnetDepsCataloger(),
-	}
+		//dotnet.NewDotnetDepsCataloger(),
+	}, cfg.EnabledCatalogers)
 }
 
 // DirectoryCatalogers returns a slice of locally implemented catalogers that are fit for detecting packages from index files (and select installations)
 func DirectoryCatalogers(cfg Config) []Cataloger {
-	return []Cataloger{
+	return filterCatalogers([]Cataloger{
 		ruby.NewGemFileLockCataloger(),
 		python.NewPythonIndexCataloger(),
 		python.NewPythonPackageCataloger(),
@@ -65,13 +65,13 @@ func DirectoryCatalogers(cfg Config) []Cataloger {
 		golang.NewGoModFileCataloger(),
 		rust.NewCargoLockCataloger(),
 		dart.NewPubspecLockCataloger(),
-		dotnet.NewDotnetDepsCataloger(),
-	}
+		//dotnet.NewDotnetDepsCataloger(),
+	}, cfg.EnabledCatalogers)
 }
 
 // AllCatalogers returns all implemented catalogers
 func AllCatalogers(cfg Config) []Cataloger {
-	return []Cataloger{
+	return filterCatalogers([]Cataloger{
 		ruby.NewGemFileLockCataloger(),
 		ruby.NewGemSpecCataloger(),
 		python.NewPythonIndexCataloger(),
@@ -86,6 +86,29 @@ func AllCatalogers(cfg Config) []Cataloger {
 		golang.NewGoModFileCataloger(),
 		rust.NewCargoLockCataloger(),
 		dart.NewPubspecLockCataloger(),
-		dotnet.NewDotnetDepsCataloger(),
+		//dotnet.NewDotnetDepsCataloger(),
+	}, cfg.EnabledCatalogers)
+}
+
+func filterCatalogers(catalogers []Cataloger, enabledCatalogers []string) []Cataloger {
+	// if enable-cataloger is not set, all applicable catalogers are enabled by default
+	if len(enabledCatalogers) == 0 {
+		return catalogers
+	}
+	var filteredCatalogers []Cataloger
+	for _, cataloger := range catalogers {
+		if contains(enabledCatalogers, cataloger.Name()) {
+			filteredCatalogers = append(filteredCatalogers, cataloger)
+		}
+	}
+	return filteredCatalogers
+}
+
+func contains(catalogers []string, str string) bool {
+	for _, cataloger := range catalogers {
+		if cataloger == str {
+			return true
+		}
 	}
+	return false
 }

syft/pkg/cataloger/config.go

@@ -5,7 +5,8 @@ import (
 )
 
 type Config struct {
-	Search SearchConfig
+	Search            SearchConfig
+	EnabledCatalogers []string
 }
 
 func DefaultConfig() Config {