Remove the power-user command and related catalogers

DEVELOPING.md

@@ -84,8 +84,6 @@ They are registered in `syft/cli/commands/go`.
     │   ├── options/
     │   ├── packages/
     │   ├── packages.go
-    │   ├── poweruser/
-    │   ├── poweruser.go
     │   └── version.go
     └── main.go
 ```

README.md

@@ -656,14 +656,13 @@ python:
    # when given an arbitrary constraint will be used (even if that version may not be available/published).
    guess-unpinned-requirements: false
 
-# cataloging file contents is exposed through the power-user subcommand
 file-contents:
   cataloger:
-    # enable/disable cataloging of secrets
+    # enable/disable cataloging of file contents
     # SYFT_FILE_CONTENTS_CATALOGER_ENABLED env var
     enabled: true
 
-    # the search space to look for secrets (options: all-layers, squashed)
+    # the search space to look for file contents (options: all-layers, squashed)
     # SYFT_FILE_CONTENTS_CATALOGER_SCOPE env var
     scope: "squashed"
 
@@ -675,7 +674,6 @@ file-contents:
   # SYFT_FILE_CONTENTS_GLOBS env var
   globs: []
 
-# cataloging file metadata is exposed through the power-user subcommand
 file-metadata:
   cataloger:
     # enable/disable cataloging of file metadata
@@ -693,37 +691,6 @@ file-metadata:
 # maximum number of workers used to process the list of package catalogers in parallel
 parallelism: 1
 
-# cataloging secrets is exposed through the power-user subcommand
-secrets:
-  cataloger:
-    # enable/disable cataloging of secrets
-    # SYFT_SECRETS_CATALOGER_ENABLED env var
-    enabled: true
-
-    # the search space to look for secrets (options: all-layers, squashed)
-    # SYFT_SECRETS_CATALOGER_SCOPE env var
-    scope: "all-layers"
-
-  # show extracted secret values in the final JSON report
-  # SYFT_SECRETS_REVEAL_VALUES env var
-  reveal-values: false
-
-  # skip searching a file entirely if it is above the given size (default = 1MB; unit = bytes)
-  # SYFT_SECRETS_SKIP_FILES_ABOVE_SIZE env var
-  skip-files-above-size: 1048576
-
-  # name-regex pairs to consider when searching files for secrets. Note: the regex must match single line patterns
-  # but may also have OPTIONAL multiline capture groups. Regexes with a named capture group of "value" will
-  # use the entire regex to match, but the secret value will be assumed to be entirely contained within the
-  # "value" named capture group.
-  additional-patterns: {}
-
-  # names to exclude from the secrets search, valid values are: "aws-access-key", "aws-secret-key", "pem-private-key",
-  # "docker-config-auth", and "generic-api-key". Note: this does not consider any names introduced in the
-  # "secrets.additional-patterns" config option.
-  # SYFT_SECRETS_EXCLUDE_PATTERN_NAMES env var
-  exclude-pattern-names: []
-
 # options that apply to all scan sources
 source:
   # alias name for the source

cmd/syft/cli/cli.go

@@ -17,9 +17,8 @@ import (
 	"github.com/anchore/syft/internal/redact"
 )
 
-// Application constructs the `syft packages` command, aliases the root command to `syft packages`,
-// and constructs the `syft power-user` command. It is also responsible for
-// organizing flag usage and injecting the application config for each command.
+// Application constructs the `syft packages` command and aliases the root command to `syft packages`.
+// It is also responsible for organizing flag usage and injecting the application config for each command.
 // It also constructs the syft attest command and the syft version command.
 // `RunE` is the earliest that the complete application configuration can be loaded.
 func Application(id clio.Identification) clio.Application {
@@ -86,7 +85,6 @@ func create(id clio.Identification, out io.Writer) (clio.Application, *cobra.Com
 	// add sub-commands
 	rootCmd.AddCommand(
 		packagesCmd,
-		commands.PowerUser(app),
 		commands.Attest(app),
 		commands.Convert(app),
 		clio.VersionCommand(id),

cmd/syft/cli/commands/packages.go

@@ -12,6 +12,7 @@ import (
 	"github.com/anchore/syft/cmd/syft/cli/options"
 	"github.com/anchore/syft/cmd/syft/internal/ui"
 	"github.com/anchore/syft/internal"
+	"github.com/anchore/syft/internal/bus"
 	"github.com/anchore/syft/internal/file"
 	"github.com/anchore/syft/internal/log"
 	"github.com/anchore/syft/syft/artifact"
@@ -157,6 +158,9 @@ func runPackages(id clio.Identification, opts *packagesOptions, userInput string
 	)
 
 	if err != nil {
+		if userInput == "power-user" {
+			bus.Notify("Note: the 'power-user' command has been removed.")
+		}
 		return fmt.Errorf("failed to construct source from user input %q: %w", userInput, err)
 	}
 

cmd/syft/cli/eventloop/tasks.go

@@ -8,7 +8,6 @@ import (
 	"github.com/anchore/syft/syft/file/cataloger/filecontent"
 	"github.com/anchore/syft/syft/file/cataloger/filedigest"
 	"github.com/anchore/syft/syft/file/cataloger/filemetadata"
-	"github.com/anchore/syft/syft/file/cataloger/secrets"
 	"github.com/anchore/syft/syft/sbom"
 	"github.com/anchore/syft/syft/source"
 )
@@ -22,7 +21,6 @@ func Tasks(opts *options.Catalog) ([]Task, error) {
 		generateCatalogPackagesTask,
 		generateCatalogFileMetadataTask,
 		generateCatalogFileDigestsTask,
-		generateCatalogSecretsTask,
 		generateCatalogContentsTask,
 	}
 
@@ -110,38 +108,6 @@ func generateCatalogFileDigestsTask(opts *options.Catalog) (Task, error) {
 	return task, nil
 }
 
-func generateCatalogSecretsTask(opts *options.Catalog) (Task, error) {
-	if !opts.Secrets.Cataloger.Enabled {
-		return nil, nil
-	}
-
-	patterns, err := secrets.GenerateSearchPatterns(secrets.DefaultSecretsPatterns, opts.Secrets.AdditionalPatterns, opts.Secrets.ExcludePatternNames)
-	if err != nil {
-		return nil, err
-	}
-
-	secretsCataloger, err := secrets.NewCataloger(patterns, opts.Secrets.RevealValues, opts.Secrets.SkipFilesAboveSize) //nolint:staticcheck
-	if err != nil {
-		return nil, err
-	}
-
-	task := func(results *sbom.Artifacts, src source.Source) ([]artifact.Relationship, error) {
-		resolver, err := src.FileResolver(opts.Secrets.Cataloger.GetScope())
-		if err != nil {
-			return nil, err
-		}
-
-		result, err := secretsCataloger.Catalog(resolver)
-		if err != nil {
-			return nil, err
-		}
-		results.Secrets = result
-		return nil, nil
-	}
-
-	return task, nil
-}
-
 func generateCatalogContentsTask(opts *options.Catalog) (Task, error) {
 	if !opts.FileContents.Cataloger.Enabled {
 		return nil, nil

cmd/syft/cli/options/catalog.go

@@ -21,25 +21,23 @@ import (
 )
 
 type Catalog struct {
-	Catalogers                      []string           `yaml:"catalogers" json:"catalogers" mapstructure:"catalogers"`
-	Package                         pkg                `yaml:"package" json:"package" mapstructure:"package"`
-	Golang                          golang             `yaml:"golang" json:"golang" mapstructure:"golang"`
-	Java                            java               `yaml:"java" json:"java" mapstructure:"java"`
-	LinuxKernel                     linuxKernel        `yaml:"linux-kernel" json:"linux-kernel" mapstructure:"linux-kernel"`
-	Python                          python             `yaml:"python" json:"python" mapstructure:"python"`
-	FileMetadata                    fileMetadata       `yaml:"file-metadata" json:"file-metadata" mapstructure:"file-metadata"`
-	FileClassification              fileClassification `yaml:"file-classification" json:"file-classification" mapstructure:"file-classification"`
-	FileContents                    fileContents       `yaml:"file-contents" json:"file-contents" mapstructure:"file-contents"`
-	Secrets                         secrets            `yaml:"secrets" json:"secrets" mapstructure:"secrets"`
-	Registry                        registry           `yaml:"registry" json:"registry" mapstructure:"registry"`
-	Exclusions                      []string           `yaml:"exclude" json:"exclude" mapstructure:"exclude"`
-	Platform                        string             `yaml:"platform" json:"platform" mapstructure:"platform"`
-	Name                            string             `yaml:"name" json:"name" mapstructure:"name"`
-	Source                          sourceCfg          `yaml:"source" json:"source" mapstructure:"source"`
-	Parallelism                     int                `yaml:"parallelism" json:"parallelism" mapstructure:"parallelism"`                                                                         // the number of catalog workers to run in parallel
-	DefaultImagePullSource          string             `yaml:"default-image-pull-source" json:"default-image-pull-source" mapstructure:"default-image-pull-source"`                               // specify default image pull source
-	BasePath                        string             `yaml:"base-path" json:"base-path" mapstructure:"base-path"`                                                                               // specify base path for all file paths
-	ExcludeBinaryOverlapByOwnership bool               `yaml:"exclude-binary-overlap-by-ownership" json:"exclude-binary-overlap-by-ownership" mapstructure:"exclude-binary-overlap-by-ownership"` // exclude synthetic binary packages owned by os package files
+	Catalogers                      []string     `yaml:"catalogers" json:"catalogers" mapstructure:"catalogers"`
+	Package                         pkg          `yaml:"package" json:"package" mapstructure:"package"`
+	Golang                          golang       `yaml:"golang" json:"golang" mapstructure:"golang"`
+	Java                            java         `yaml:"java" json:"java" mapstructure:"java"`
+	LinuxKernel                     linuxKernel  `yaml:"linux-kernel" json:"linux-kernel" mapstructure:"linux-kernel"`
+	Python                          python       `yaml:"python" json:"python" mapstructure:"python"`
+	FileMetadata                    fileMetadata `yaml:"file-metadata" json:"file-metadata" mapstructure:"file-metadata"`
+	FileContents                    fileContents `yaml:"file-contents" json:"file-contents" mapstructure:"file-contents"`
+	Registry                        registry     `yaml:"registry" json:"registry" mapstructure:"registry"`
+	Exclusions                      []string     `yaml:"exclude" json:"exclude" mapstructure:"exclude"`
+	Platform                        string       `yaml:"platform" json:"platform" mapstructure:"platform"`
+	Name                            string       `yaml:"name" json:"name" mapstructure:"name"`
+	Source                          sourceCfg    `yaml:"source" json:"source" mapstructure:"source"`
+	Parallelism                     int          `yaml:"parallelism" json:"parallelism" mapstructure:"parallelism"`                                                                         // the number of catalog workers to run in parallel
+	DefaultImagePullSource          string       `yaml:"default-image-pull-source" json:"default-image-pull-source" mapstructure:"default-image-pull-source"`                               // specify default image pull source
+	BasePath                        string       `yaml:"base-path" json:"base-path" mapstructure:"base-path"`                                                                               // specify base path for all file paths
+	ExcludeBinaryOverlapByOwnership bool         `yaml:"exclude-binary-overlap-by-ownership" json:"exclude-binary-overlap-by-ownership" mapstructure:"exclude-binary-overlap-by-ownership"` // exclude synthetic binary packages owned by os package files
 }
 
 var _ interface {
@@ -52,9 +50,7 @@ func DefaultCatalog() Catalog {
 		Package:                         defaultPkg(),
 		LinuxKernel:                     defaultLinuxKernel(),
 		FileMetadata:                    defaultFileMetadata(),
-		FileClassification:              defaultFileClassification(),
 		FileContents:                    defaultFileContents(),
-		Secrets:                         defaultSecrets(),
 		Source:                          defaultSourceCfg(),
 		Parallelism:                     1,
 		ExcludeBinaryOverlapByOwnership: true,