Add new flag --select-detectors

davidkopp · davidkopp · commit 7ed88bc3c562 · 2025-09-24T17:55:49.000+02:00
diff --git a/TODOS.md b/TODOS.md
@@ -3,7 +3,6 @@
 - Rename CLI flag '--only-container-info' to '--only-source-info'
 - Publish package to PyPI
 - Add host_info_detector (similar to docker_info_detector)
-- Add CLI flag to select a subset of detectors (see how Syft does it: <https://github.com/anchore/syft/wiki/package-cataloger-selection>)
 - Extend the set of supported package managers with the common ones for Go, PHP and Java
 - Add Dockerfile
 - Add support for Podman
diff --git a/dependency_resolver/__main__.py b/dependency_resolver/__main__.py
@@ -37,6 +37,7 @@ def parse_arguments() -> argparse.Namespace:
   %(prog)s --debug                                # Enable debug output
   %(prog)s --skip-system-scope                    # Skip system scope package managers
   %(prog)s --skip-hash-collection                 # Skip hash collection for improved performance
+  %(prog)s --select-detectors "pip,dpkg"          # Use only pip and dpkg detectors
         """,
     )
 
@@ -85,6 +86,12 @@ def parse_arguments() -> argparse.Namespace:
         help="Skip hash collection for packages and project locations to improve performance",
     )
 
+    parser.add_argument(
+        "--select-detectors",
+        type=str,
+        help="Comma-separated list of detectors to use (e.g., 'pip,dpkg'). Available: pip, npm, dpkg, apk, maven, docker-info",
+    )
+
     return parser.parse_args()
 
 
@@ -133,6 +140,7 @@ def main() -> None:
             skip_system_scope=args.skip_system_scope,
             venv_path=args.venv_path,
             skip_hash_collection=args.skip_hash_collection,
+            selected_detectors=args.select_detectors,
         )
         dependencies = orchestrator.resolve_dependencies(executor, args.working_dir, args.only_container_info)
         formatter = OutputFormatter(debug=args.debug)
diff --git a/dependency_resolver/core/orchestrator.py b/dependency_resolver/core/orchestrator.py
@@ -17,13 +17,14 @@ def __init__(
         skip_system_scope: bool = False,
         venv_path: str | None = None,
         skip_hash_collection: bool = False,
+        selected_detectors: str | None = None,
     ):
         self.debug = debug
         self.skip_system_scope = skip_system_scope
         self.skip_hash_collection = skip_hash_collection
 
-        # Create detector instances
-        self.detectors: list[PackageManagerDetector] = [
+        # Create all detector instances
+        all_detectors: list[PackageManagerDetector] = [
             DockerInfoDetector(),
             DpkgDetector(),
             ApkDetector(),
@@ -32,6 +33,26 @@ def __init__(
             NpmDetector(debug=debug),
         ]
 
+        # Filter detectors based on selection
+        if selected_detectors:
+            selected_names = [name.strip() for name in selected_detectors.split(",")]
+            available_names = {detector.NAME for detector in all_detectors}
+
+            # Validate detector names
+            invalid_names = [name for name in selected_names if name not in available_names]
+            if invalid_names:
+                raise ValueError(
+                    f"Invalid detector names: {', '.join(invalid_names)}. Available detectors: {', '.join(sorted(available_names))}"
+                )
+
+            # Filter to only selected detectors
+            self.detectors = [detector for detector in all_detectors if detector.NAME in selected_names]
+            if self.debug:
+                selected_detector_names = [detector.NAME for detector in self.detectors]
+                print(f"Selected detectors: {', '.join(selected_detector_names)}")
+        else:
+            self.detectors = all_detectors
+
     def resolve_dependencies(
         self, executor: EnvironmentExecutor, working_dir: Optional[str] = None, only_container_info: bool = False
     ) -> dict[str, Any]:
diff --git a/docs/guides/troubleshooting.md b/docs/guides/troubleshooting.md
@@ -171,9 +171,10 @@ npm --version
 
 1. Use `--skip-system-scope` to skip system package managers
 2. Use `--skip-hash-collection` to skip hash generation for packages and locations
-3. Use `--only-container-info` for Docker metadata only
-4. Specify working directory to limit scope
-5. Check if system has many installed packages
+3. Use `--select-detectors` to analyze only specific package managers (e.g., `--select-detectors "pip,npm"`)
+4. Use `--only-container-info` for Docker metadata only
+5. Specify working directory to limit scope
+6. Check if system has many installed packages
 
 ## Getting Help
 
diff --git a/docs/usage/cli-guide.md b/docs/usage/cli-guide.md
@@ -46,8 +46,35 @@ python3 -m dependency_resolver --skip-system-scope
 
 # Skip hash collection for improved performance
 python3 -m dependency_resolver --skip-hash-collection
+
+# Select specific detectors to run
+python3 -m dependency_resolver --select-detectors "pip,dpkg"
 ```
 
+## Detector Selection
+
+Control which package managers are analyzed with the `--select-detectors` flag:
+
+```bash
+# Use only pip and dpkg detectors
+python3 -m dependency_resolver --select-detectors "pip,dpkg"
+
+# Use only npm detector for Node.js projects
+python3 -m dependency_resolver --select-detectors "npm"
+
+# Use multiple detectors with debug output
+python3 -m dependency_resolver --select-detectors "pip,npm,maven" --debug
+```
+
+**Available detectors:**
+
+- `pip` - Python packages (pip/PyPI)
+- `npm` - Node.js packages (npm/yarn)
+- `dpkg` - Debian/Ubuntu system packages
+- `apk` - Alpine Linux system packages
+- `maven` - Java Maven dependencies
+- `docker-info` - Docker container metadata
+
 ## Common Usage Patterns
 
 ### Analyzing a Specific Project
@@ -60,6 +87,9 @@ python3 -m dependency_resolver --working-dir /path/to/python/project
 
 # Analyze Node.js project
 python3 -m dependency_resolver --working-dir /path/to/nodejs/project
+
+# Analyze only Python dependencies in a project
+python3 -m dependency_resolver --working-dir /path/to/python/project --select-detectors "pip"
 ```
 
 ### Comprehensive Docker Analysis
diff --git a/docs/usage/programmatic-api.md b/docs/usage/programmatic-api.md
@@ -68,7 +68,12 @@ from dependency_resolver import Orchestrator, HostExecutor, DockerExecutor, Outp
 
 # Host system analysis with custom settings
 executor = HostExecutor()
-orchestrator = Orchestrator(debug=True, skip_system_scope=True, skip_hash_collection=True)
+orchestrator = Orchestrator(
+    debug=True,
+    skip_system_scope=True,
+    skip_hash_collection=True,
+    selected_detectors="pip,npm"  # Only analyze Python and Node.js dependencies
+)
 dependencies = orchestrator.resolve_dependencies(executor)
 
 # Format output
@@ -84,7 +89,12 @@ from dependency_resolver import Orchestrator, DockerExecutor, OutputFormatter
 # Docker container analysis
 container_id = "nginx"
 executor = DockerExecutor(container_id)
-orchestrator = Orchestrator(debug=False, skip_system_scope=False, skip_hash_collection=False)
+orchestrator = Orchestrator(
+    debug=False,
+    skip_system_scope=False,
+    skip_hash_collection=False,
+    selected_detectors="dpkg,docker-info"  # Analyze system packages and container info only
+)
 
 dependencies = orchestrator.resolve_dependencies(executor, working_dir="/app")
 
@@ -115,10 +125,30 @@ orchestrator = Orchestrator(
     debug=True,                    # Enable debug output
     skip_system_scope=False,       # Skip system-wide package managers
     venv_path="/path/to/venv",     # Specify Python virtual environment path
-    skip_hash_collection=False     # Skip hash collection for improved performance
+    skip_hash_collection=False,    # Skip hash collection for improved performance
+    selected_detectors="pip,npm"   # Use only specific detectors
 )
 ```
 
+### Detector Selection
+
+Control which package managers are analyzed by specifying the `selected_detectors` parameter:
+
+```python
+from dependency_resolver import Orchestrator, HostExecutor
+
+# Use only Python pip detector
+orchestrator = Orchestrator(selected_detectors="pip")
+
+# Use multiple specific detectors
+orchestrator = Orchestrator(selected_detectors="pip,npm,maven")
+
+# Use all detectors (default behavior)
+orchestrator = Orchestrator(selected_detectors=None)
+```
+
+**Available detectors:** `pip`, `npm`, `dpkg`, `apk`, `maven`, `docker-info`
+
 ### Executor Options
 
 ```python
diff --git a/tests/core/test_orchestrator.py b/tests/core/test_orchestrator.py
@@ -0,0 +1,97 @@
+import pytest
+from pytest import CaptureFixture
+from dependency_resolver.core.orchestrator import Orchestrator
+
+
+class TestOrchestrator:
+    """Test cases for the Orchestrator class."""
+
+    def test_orchestrator_default_detectors(self) -> None:
+        """Test that orchestrator initializes with all detectors by default."""
+        orchestrator = Orchestrator()
+
+        # Should have all 6 detectors
+        assert len(orchestrator.detectors) == 6
+
+        detector_names = {detector.NAME for detector in orchestrator.detectors}
+        expected_names = {"docker-info", "dpkg", "apk", "maven", "pip", "npm"}
+        assert detector_names == expected_names
+
+    def test_orchestrator_select_valid_detectors(self) -> None:
+        """Test selecting valid detectors."""
+        orchestrator = Orchestrator(selected_detectors="pip,dpkg")
+
+        # Should have only 2 detectors
+        assert len(orchestrator.detectors) == 2
+
+        detector_names = {detector.NAME for detector in orchestrator.detectors}
+        expected_names = {"pip", "dpkg"}
+        assert detector_names == expected_names
+
+    def test_orchestrator_select_single_detector(self) -> None:
+        """Test selecting a single detector."""
+        orchestrator = Orchestrator(selected_detectors="npm")
+
+        # Should have only 1 detector
+        assert len(orchestrator.detectors) == 1
+        assert orchestrator.detectors[0].NAME == "npm"
+
+    def test_orchestrator_select_all_detectors(self) -> None:
+        """Test selecting all detectors explicitly."""
+        orchestrator = Orchestrator(selected_detectors="pip,npm,dpkg,apk,maven,docker-info")
+
+        # Should have all 6 detectors
+        assert len(orchestrator.detectors) == 6
+
+        detector_names = {detector.NAME for detector in orchestrator.detectors}
+        expected_names = {"docker-info", "dpkg", "apk", "maven", "pip", "npm"}
+        assert detector_names == expected_names
+
+    def test_orchestrator_invalid_detector_name(self) -> None:
+        """Test that invalid detector names raise ValueError."""
+        with pytest.raises(ValueError) as exc_info:
+            Orchestrator(selected_detectors="pip,invalid-detector")
+
+        error_message = str(exc_info.value)
+        assert "Invalid detector names: invalid-detector" in error_message
+        assert "Available detectors:" in error_message
+
+    def test_orchestrator_multiple_invalid_detector_names(self) -> None:
+        """Test that multiple invalid detector names are reported."""
+        with pytest.raises(ValueError) as exc_info:
+            Orchestrator(selected_detectors="pip,invalid1,invalid2")
+
+        error_message = str(exc_info.value)
+        assert "Invalid detector names: invalid1, invalid2" in error_message
+
+    def test_orchestrator_whitespace_handling(self) -> None:
+        """Test that whitespace in detector names is handled correctly."""
+        orchestrator = Orchestrator(selected_detectors=" pip , dpkg ")
+
+        # Should have 2 detectors despite whitespace
+        assert len(orchestrator.detectors) == 2
+
+        detector_names = {detector.NAME for detector in orchestrator.detectors}
+        expected_names = {"pip", "dpkg"}
+        assert detector_names == expected_names
+
+    def test_orchestrator_empty_selection(self) -> None:
+        """Test that empty string selection uses all detectors."""
+        orchestrator = Orchestrator(selected_detectors="")
+
+        # Should have all 6 detectors (empty string is falsy)
+        assert len(orchestrator.detectors) == 6
+
+    def test_orchestrator_none_selection(self) -> None:
+        """Test that None selection uses all detectors."""
+        orchestrator = Orchestrator(selected_detectors=None)
+
+        # Should have all 6 detectors
+        assert len(orchestrator.detectors) == 6
+
+    def test_orchestrator_debug_output_for_selected_detectors(self, capsys: CaptureFixture[str]) -> None:
+        """Test that debug output shows selected detectors."""
+        Orchestrator(debug=True, selected_detectors="pip,npm")
+
+        captured = capsys.readouterr()
+        assert "Selected detectors: pip, npm" in captured.out
diff --git a/tests/integration/test_cli.py b/tests/integration/test_cli.py
@@ -38,3 +38,21 @@ def test_create_docker_executor_without_identifier_fails(self) -> None:
         """Test docker executor creation fails without identifier."""
         with pytest.raises(SystemExit):
             create_executor("docker", None)
+
+    def test_select_detectors_argument(self) -> None:
+        """Test --select-detectors argument parsing."""
+        with patch.object(sys, "argv", ["dependency_resolver", "--select-detectors", "pip,dpkg"]):
+            args = parse_arguments()
+            assert args.select_detectors == "pip,dpkg"
+
+    def test_select_detectors_single(self) -> None:
+        """Test --select-detectors with single detector."""
+        with patch.object(sys, "argv", ["dependency_resolver", "--select-detectors", "npm"]):
+            args = parse_arguments()
+            assert args.select_detectors == "npm"
+
+    def test_select_detectors_default_none(self) -> None:
+        """Test --select-detectors defaults to None."""
+        with patch.object(sys, "argv", ["dependency_resolver"]):
+            args = parse_arguments()
+            assert args.select_detectors is None
