Promote the Dockerfile, Docker Compose, and Helm Detectors to Experimental Status#1803
Open
Promote the Dockerfile, Docker Compose, and Helm Detectors to Experimental Status#1803
Conversation
…ental status Co-authored-by: Copilot <copilot@github.com>
JamieMagee
approved these changes
May 1, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This PR promotes the Dockerfile, Docker Compose, and Helm detectors from DefaultOff to Experimental so they run by default during scans (with results excluded from the final scan output unless explicitly enabled), and updates detector documentation to reflect the new status.
Changes:
- Update Helm, Dockerfile, and Docker Compose detector implementations to implement
IExperimentalDetectorinstead ofIDefaultOffComponentDetector. - Update detector documentation pages to describe the new Experimental behavior.
- Update the detectors README status tables to mark these detectors as Experimental.
Show a summary per file
| File | Description |
|---|---|
| src/Microsoft.ComponentDetection.Detectors/helm/HelmComponentDetector.cs | Switch Helm detector to IExperimentalDetector. |
| src/Microsoft.ComponentDetection.Detectors/dockerfile/DockerfileComponentDetector.cs | Switch Dockerfile detector to IExperimentalDetector. |
| src/Microsoft.ComponentDetection.Detectors/dockercompose/DockerComposeComponentDetector.cs | Switch Docker Compose detector to IExperimentalDetector. |
| docs/detectors/helm.md | Update Helm detector status/behavior text to Experimental. |
| docs/detectors/dockerfile.md | Update Dockerfile detector status/behavior text to Experimental. |
| docs/detectors/dockercompose.md | Update Docker Compose detector status/behavior text to Experimental. |
| docs/detectors/README.md | Mark the three detectors as Experimental in the status tables. |
Copilot's findings
Comments suppressed due to low confidence (3)
docs/detectors/dockerfile.md:29
- Known limitations mentions experimental output suppression but doesn’t mention the opt-in path to include results. Please add guidance on using --DetectorArgs DockerReference=Enable (or EnableIfDefaultOff) to include output when needed.
- **Experimental Status**: This detector runs automatically but its output is not included in scan results
docs/detectors/dockercompose.md:45
- Known limitations should mention how to opt-in to include detector output (e.g., --DetectorArgs DockerCompose=Enable / EnableIfDefaultOff), otherwise users have no documented way to get results from an experimental detector.
- **Experimental Status**: This detector runs automatically but its output is not included in scan results
docs/detectors/helm.md:48
- Similar to the overview section, the Known limitations entry says experimental output is not included, but doesn’t explain how to opt-in to include results. Please add a note that passing --DetectorArgs Helm=Enable (or EnableIfDefaultOff) will treat it as a normal detector and include its output.
- **Experimental Status**: This detector runs automatically but its output is not included in scan results
- Files reviewed: 7/7 changed files
- Comments generated: 3
…ile, dockercompose, and helm docs Agent-Logs-Url: https://github.com/microsoft/component-detection/sessions/c1b52ac3-7a11-4689-b324-b61c26014208 Co-authored-by: jpinz <8357054+jpinz@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request updates the status of the Docker Compose, Dockerfile, and Helm component detectors from "DefaultOff" to "Experimental" across both documentation and code. As a result, these detectors now run automatically during scans, but their output is not included in the final scan results. The changes also update the documentation to reflect the new "Experimental" status and clarify how these detectors behave.
Example Run with Detectors Enabled
Components were successfully registered