fix: only enable enricher when required extractor is enabled

Author: G-Rath

cmd/osv-scanner/scan/source/__snapshots__/command_test.snap

@@ -4975,6 +4975,16 @@ Total 1 package affected by 4 known vulnerabilities (2 Critical, 1 High, 1 Mediu
 
 ---
 
+[TestCommand_Transitive/transitive_requirements_enricher_requires_enabled_requirements_extractor - 1]
+Scanning dir ./testdata/locks-requirements/requirements-transitive.txt
+
+---
+
+[TestCommand_Transitive/transitive_requirements_enricher_requires_enabled_requirements_extractor - 2]
+No package sources found, --help for usage information.
+
+---
+
 [TestCommand_Transitive/uses_native_data_source_for_requirements.txt - 1]
 Scanning dir ./testdata/locks-requirements/requirements.txt
 Scanned <rootdir>/testdata/locks-requirements/requirements.txt file and found 3 packages

cmd/osv-scanner/scan/source/command_test.go

@@ -1197,6 +1197,11 @@ func TestCommand_Transitive(t *testing.T) {
 			Args: []string{"", "source", "--no-resolve", "./testdata/locks-requirements/requirements-transitive.txt"},
 			Exit: 1,
 		},
+		{
+			Name: "transitive_requirements_enricher_requires_enabled_requirements_extractor",
+			Args: []string{"", "source", "--experimental-disable-plugins=python/requirements", "./testdata/locks-requirements/requirements-transitive.txt"},
+			Exit: 128,
+		},
 	}
 
 	for _, tt := range tests {

pkg/osvscanner/scan.go

@@ -15,6 +15,7 @@ import (
 	transitivedependencyrequirements "github.com/google/osv-scalibr/enricher/transitivedependency/requirements"
 	"github.com/google/osv-scalibr/extractor"
 	"github.com/google/osv-scalibr/extractor/filesystem/language/java/pomxmlnet"
+	"github.com/google/osv-scalibr/extractor/filesystem/language/python/requirements"
 	"github.com/google/osv-scalibr/fs"
 	"github.com/google/osv-scalibr/inventory"
 	"github.com/google/osv-scalibr/plugin"
@@ -47,6 +48,18 @@ func configurePlugins(plugins []plugin.Plugin, accessors ExternalAccessors, acti
 	}
 }
 
+func isRequirementsExtractorEnabled(plugins []plugin.Plugin) bool {
+	for _, plug := range plugins {
+		_, ok := plug.(*requirements.Extractor)
+
+		if ok {
+			return true
+		}
+	}
+
+	return false
+}
+
 func getPlugins(defaultPlugins []string, accessors ExternalAccessors, actions ScannerActions) []plugin.Plugin {
 	if !actions.PluginsNoDefaults {
 		actions.PluginsEnabled = append(actions.PluginsEnabled, defaultPlugins...)
@@ -62,7 +75,8 @@ func getPlugins(defaultPlugins []string, accessors ExternalAccessors, actions Sc
 
 	plugins := scalibrplugin.Resolve(actions.PluginsEnabled, actions.PluginsDisabled)
 
-	if accessors.DependencyClients[osvschema.EcosystemPyPI] != nil {
+	// todo: use Enricher.RequiredPlugins to check this generically
+	if accessors.DependencyClients[osvschema.EcosystemPyPI] != nil && isRequirementsExtractorEnabled(plugins) {
 		plugins = append(plugins, transitivedependencyrequirements.NewEnricher(accessors.DependencyClients[osvschema.EcosystemPyPI]))
 	}