archsight 0.1.4 → 0.2.0

data/docs/licenses.md

@@ -0,0 +1,307 @@
+# License Scanning
+
+The repository import automatically detects and analyzes software licenses for each imported repository. This produces a "Layer 1 Licensing Profile" that characterizes license usage across your portfolio.
+
+## Overview
+
+When the `repository` handler imports a git repository, it runs license analysis alongside code metrics and git history analysis. The license analyzer:
+
+1. **Detects the repository's own license** from LICENSE/COPYING files, SPDX headers, and package manifests
+2. **Scans dependency licenses** using language-specific tools (when available) or falls back to manifest-based counting
+3. **Classifies risk** based on copyleft presence and unknown license ratios
+
+Results are stored as `license/*` annotations on the TechnologyArtifact resource.
+
+## How License Detection Works
+
+The analyzer uses a priority-based detection strategy:
+
+### 1. SPDX-License-Identifier Headers (highest priority)
+
+Source files are scanned for standardized SPDX headers:
+
+```go
+// SPDX-License-Identifier: Apache-2.0
+package main
+```
+
+This is the most reliable signal and takes priority over all other methods.
+
+### 2. LICENSE / COPYING Files
+
+The analyzer searches for these files in the repository root (in order):
+
+- `LICENSE`, `LICENSE.md`, `LICENSE.txt`
+- `LICENCE`, `LICENCE.md`, `LICENCE.txt`
+- `COPYING`, `COPYING.md`, `COPYING.txt`
+
+File content is matched against known license patterns for:
+
+| License | Category |
+|---------|----------|
+| Apache-2.0 | permissive |
+| MIT | permissive |
+| BSD-3-Clause, BSD-2-Clause | permissive |
+| ISC | permissive |
+| Unlicense, CC0-1.0, BSL-1.0 | permissive |
+| GPL-3.0, GPL-2.0, AGPL-3.0 | copyleft |
+| LGPL-3.0, LGPL-2.1 | weak-copyleft |
+| MPL-2.0, EUPL-1.2 | weak-copyleft |
+
+### 3. Package Manifest Fallback (lowest priority)
+
+If no LICENSE file is found, the analyzer checks manifest files:
+
+- `package.json` `"license"` field (Node.js)
+- `*.gemspec` `spec.license` (Ruby)
+- `Cargo.toml` `license` key (Rust)
+- `pyproject.toml` `license` key (Python)
+
+## Dependency License Scanning
+
+### Supported Ecosystems
+
+The analyzer detects ecosystems from manifest files and attempts to scan dependencies:
+
+| Ecosystem | Detected By | External Tool | Fallback |
+|-----------|-------------|---------------|----------|
+| Go | `go.mod` | `go-licenses` | Count `go.sum` entries |
+| Python | `requirements.txt`, `pyproject.toml`, `Pipfile` | `pip-licenses` | Count requirements entries |
+| Ruby | `Gemfile`, `Gemfile.lock` | `license_finder` | Count lockfile entries |
+| Java | `pom.xml`, `build.gradle` | Maven license plugin | Count `<dependency>` blocks |
+| Node.js | `package.json` | `license-checker` | Count dependency keys |
+| Rust | `Cargo.toml` | `cargo-license` | Count `Cargo.lock` packages |
+
+### External Tools (Soft Dependencies)
+
+When external tools are available, they provide per-dependency license identification. The analyzer tries multiple command variants for each ecosystem and falls back gracefully:
+
+| Ecosystem | Direct command | Runner fallback |
+|-----------|---------------|-----------------|
+| Go | `go-licenses` | — |
+| Python | `pip-licenses` | `python -m piplicenses` / `python3 -m piplicenses` |
+| Ruby | `license_finder` | `gem exec license_finder` |
+| Node.js | `license-checker` | — |
+| Rust | `cargo-license` | `cargo license` |
+
+For Python projects, the analyzer also checks for `pip-licenses` inside `.venv/` or `venv/` virtual environments before trying system commands.
+
+If no tool is available, the analyzer falls back to counting dependencies from lockfiles and manifests. These dependencies are recorded with an "unknown" license type.
+
+### Performance
+
+The license analyzer is optimized for batch imports of many repositories:
+
+- **Command caching**: The first repository probes which tool variant works for each ecosystem. All subsequent repositories reuse the cached result instantly — no repeated failed process spawns.
+- **No download-on-demand**: Runners like `npx --yes` or `go run ...@latest` that download/compile tools are not used, as they add 10-30s per repo. Install tools globally instead.
+- **Parallel execution**: License analysis and team matching run concurrently in the repository handler.
+- **Fast fallback**: When no external tool is found, manifest-based dependency counting is near-instant (file reads only).
+
+To get the best results, pre-install tools globally:
+
+```bash
+go install github.com/google/go-licenses@latest  # Go
+pip install pip-licenses                           # Python
+gem install license_finder                         # Ruby
+npm install -g license-checker                     # Node.js
+cargo install cargo-license                        # Rust
+```
+
+### Risk Classification
+
+Dependency risk is assessed based on detected license types:
+
+| Risk Level | Criteria |
+|------------|----------|
+| **low** | All dependency licenses are permissive |
+| **medium** | Weak-copyleft licenses present (LGPL, MPL, EUPL) but no strong copyleft |
+| **high** | Strong copyleft (GPL, AGPL) present, or majority of licenses are unknown |
+| **unknown** | No dependency license data available |
+
+## License Normalization
+
+Dependency tools return messy license strings — copyright notices, long-form names, leading parentheses, dual licenses, and domain names. The analyzer normalizes these into canonical SPDX identifiers in five phases:
+
+### 1. Proprietary Detection
+
+Before any cleanup, the raw string is checked for proprietary markers. If matched, the result is `proprietary`:
+
+| Pattern | Examples |
+|---------|----------|
+| Copyright notice | `Copyright (C) 2024 Acme Corp`, `(c) 1&1 IONOS Cloud GmbH` |
+| Proprietary keyword | `Proprietary License`, `UNLICENSED` |
+| Internal marker | `IONOS internal`, `internal` |
+| Custom URL prefix | `Custom: https://example.com/license` |
+| Domain-as-license | `ionos.com`, `profitbricks.com`, `example.io` |
+
+### 2. Clean
+
+Strip leading `("(`, trailing `,;)"*`, and surrounding whitespace. This handles messy tool output like `"MIT`, `(GPL-2.0`, `Apache*`.
+
+### 3. Dual License Split
+
+If the string contains `/` or ` OR `, it is split and the first recognized SPDX ID is returned:
+
+| Input | Output |
+|-------|--------|
+| `MIT/Apache-2.0` | `MIT` |
+| `(MIT OR CC0-1.0)` | `MIT` |
+
+### 4. Long-form Pattern Matching
+
+Common long-form names and aliases are mapped to canonical SPDX IDs:
+
+| Input | Output |
+|-------|--------|
+| `Apache License, Version 2.0` / `Apache 2.0` / `Apache` | `Apache-2.0` |
+| `The MIT License` | `MIT` |
+| `New BSD` | `BSD-3-Clause` |
+| `Simplified BSD` / `BSD 2-Clause` | `BSD-2-Clause` |
+| `0BSD` | `0BSD` |
+| `GNU General Public License v2` / `GPLv2` | `GPL-2.0` |
+| `GNU LGPL 3` / `GNU Lesser General Public License` | `LGPL-3.0` / `LGPL-2.1` |
+| `CDDL + GPLv2 with classpath exception` | `CDDL-1.0` |
+| `UNKNOWN` | `unknown` |
+| `ruby` | `Ruby` |
+
+### 5. Fallback
+
+If no pattern matches, the cleaned string is returned as-is.
+
+## Generated Annotations
+
+The license analyzer produces these annotations on TechnologyArtifact resources:
+
+### Repository License
+
+| Annotation | Description | Example |
+|------------|-------------|---------|
+| `license/spdx` | SPDX license identifier | `Apache-2.0` |
+| `license/file` | Detected license file name | `LICENSE` |
+| `license/category` | License category | `permissive` |
+
+### Dependency Licenses
+
+| Annotation | Description | Example |
+|------------|-------------|---------|
+| `license/dependencies/count` | Total dependency count | `142` |
+| `license/dependencies/ecosystems` | Detected ecosystems (comma-separated) | `go,python` |
+| `license/dependencies/licenses` | Unique license types found | `Apache-2.0,BSD-3-Clause,MIT` |
+| `license/dependencies/copyleft` | Whether copyleft deps exist | `false` |
+| `license/dependencies/risk` | Overall risk level | `low` |
+| `license/dependencies/*/count` | Per-license-type count | `license/dependencies/MIT/count: 80` |
+
+## Querying License Data
+
+Use the search and query system to find repositories by license characteristics:
+
+```
+# Find all repositories with copyleft licenses
+TechnologyArtifact: license/category == "copyleft"
+
+# Find repos with high dependency risk
+TechnologyArtifact: license/dependencies/risk == "high"
+
+# Find repos with copyleft dependencies
+TechnologyArtifact: license/dependencies/copyleft == "true"
+
+# Find repos using a specific license
+TechnologyArtifact: license/spdx == "MIT"
+
+# Find repos with Go dependencies
+TechnologyArtifact: license/dependencies/ecosystems *= "go"
+```
+
+## Aggregating License Profiles
+
+Use [computed annotations](/doc/computed_annotations) to build a licensing profile across products or services. For example, on an ApplicationComponent that groups multiple repositories:
+
+```ruby
+# Count repos per license category
+computed_annotation 'computed/license_permissive_count',
+                    title: 'Permissive License Repos',
+                    type: Integer do
+  artifacts = outgoing_transitive('TechnologyArtifact: license/category == "permissive"')
+  count(artifacts)
+end
+
+# Detect if any copyleft dependencies exist in the portfolio
+computed_annotation 'computed/license_copyleft_present',
+                    title: 'Copyleft Dependencies',
+                    filter: :word do
+  artifacts = outgoing_transitive('TechnologyArtifact: license/dependencies/copyleft == "true"')
+  count(artifacts).positive? ? "true" : "false"
+end
+
+# Collect all unique dependency licenses across the portfolio
+computed_annotation 'computed/license_types',
+                    title: 'All License Types',
+                    filter: :list,
+                    list: true do
+  collect(outgoing_transitive(:TechnologyArtifact), 'license/dependencies/licenses')
+end
+
+# Highest dependency risk across all repos
+computed_annotation 'computed/license_max_risk',
+                    title: 'Max License Risk',
+                    filter: :word do
+  risks = collect(outgoing_transitive(:TechnologyArtifact), 'license/dependencies/risk')
+  %w[high medium low unknown].find { |r| risks.include?(r) }
+end
+```
+
+## Example Output
+
+After importing a Go repository with an Apache-2.0 license:
+
+```yaml
+apiVersion: architecture/v1alpha1
+kind: TechnologyArtifact
+metadata:
+  name: "Repo:my-service"
+  annotations:
+    artifact/type: repo
+    repository/git: git@github.com:org/my-service.git
+    license/spdx: Apache-2.0
+    license/file: LICENSE
+    license/category: permissive
+    license/dependencies/count: "87"
+    license/dependencies/ecosystems: go
+    license/dependencies/licenses: Apache-2.0,BSD-3-Clause,MIT
+    license/dependencies/copyleft: "false"
+    license/dependencies/risk: low
+    license/dependencies/MIT/count: "42"
+    license/dependencies/Apache-2.0/count: "30"
+    license/dependencies/BSD-3-Clause/count: "15"
+spec:
+  suppliedBy:
+    technologyComponents:
+      - "Git:Github"
+```
+
+## Web UI
+
+License information is displayed in the TechnologyArtifact detail view with:
+
+- A color-coded badge for the repository license (green = permissive, yellow = weak-copyleft, red = copyleft)
+- Dependency count and ecosystem badges
+- Risk level indicator
+- Expandable per-license-type breakdown with counts
+
+## Troubleshooting
+
+### License Not Detected
+
+If a repository shows `NOASSERTION` for its license:
+
+1. Verify the LICENSE file exists in the repository root
+2. Check that the license text matches a known pattern (some custom licenses won't match)
+3. Add an SPDX header to a source file for reliable detection
+
+### All Dependencies Show "unknown" License
+
+This means no external scanning tool was available. The analyzer fell back to counting dependencies from manifest/lockfiles. Install the appropriate tool for the ecosystem (see [External Tools](#external-tools) above).
+
+### High Risk Due to Unknown Licenses
+
+A high proportion of "unknown" licenses triggers a "high" risk classification. This is by design - unknown licenses should be investigated. Install ecosystem-specific tools to resolve unknowns into actual license identifiers.

data/lib/archsight/analysis/executor.rb

@@ -79,9 +79,6 @@ module Archsight
         # Filter by name pattern if provided
         analyses = analyses.select { |a| filter.match?(a.name) } if filter
 
-        # Filter to enabled analyses
-        analyses = analyses.select { |a| analysis_enabled?(a) }
-
         analyses.map { |analysis| execute(analysis) }
       end
 
@@ -100,13 +97,6 @@ module Archsight
 
         DEFAULT_TIMEOUT
       end
-
-      # Check if analysis is enabled
-      # @param analysis [Object] Analysis instance
-      # @return [Boolean] true if enabled
-      def analysis_enabled?(analysis)
-        analysis.annotations["analysis/enabled"] != "false"
-      end
     end
   end
 end

data/lib/archsight/annotations/annotation.rb

@@ -4,7 +4,7 @@ require_relative "email_recipient"
 
 # Annotation represents a single annotation definition with its schema and behavior
 class Archsight::Annotations::Annotation
-  attr_reader :key, :description, :filter, :format, :enum, :sidebar, :type, :list
+  attr_reader :key, :description, :filter, :format, :enum, :sidebar, :type, :list, :editor
 
   def initialize(key, options = {})
     @key = key
@@ -14,6 +14,7 @@ class Archsight::Annotations::Annotation
     @enum = options[:enum]
     @sidebar = options.fetch(:sidebar, true)
     @list = options.fetch(:list, false)
+    @editor = options.fetch(:editor, true)
     @type = options[:type]
 
     # Auto-add filter if enum present
@@ -80,43 +81,12 @@ class Archsight::Annotations::Annotation
 
   # Validate a value and return array of error messages (empty if valid)
   def validate(value)
-    errors = []
+    errors = [] #: Array[String]
     return errors if value.nil?
 
-    # Check enum constraint
-    if @enum
-      values = list? ? value.to_s.split(",").map(&:strip) : [value.to_s]
-      invalid_values = values.reject { |v| @enum.include?(v) }
-      invalid_values.each do |v|
-        errors << "invalid value '#{v}'. Expected one of: #{@enum.join(", ")}"
-      end
-    end
-
-    # Check type constraint
-    if @type.is_a?(Class) && errors.empty?
-      values_to_check = list? ? value.to_s.split(/,|\n/).map(&:strip).reject(&:empty?) : [value.to_s]
-
-      values_to_check.each do |string_value|
-        valid = case @type.to_s
-                when "Integer"
-                  string_value.match?(/\A-?\d+\z/)
-                when "Float"
-                  string_value.match?(/\A-?\d+(\.\d+)?\z/)
-                when "URI"
-                  begin
-                    URI.parse(string_value)
-                    string_value.match?(%r{\Ahttps?://})
-                  rescue URI::InvalidURIError
-                    false
-                  end
-                when "Archsight::Annotations::EmailRecipient"
-                  Archsight::Annotations::EmailRecipient.valid?(string_value)
-                else
-                  true
-                end
-        errors << "invalid value '#{string_value}'. #{type_error_message}" unless valid
-      end
-    end
+    validate_enum(value, errors)
+    validate_type(value, errors) if errors.empty?
+    validate_code(value, errors) if errors.empty?
 
     errors
   end
@@ -130,6 +100,18 @@ class Archsight::Annotations::Annotation
     @format == :markdown
   end
 
+  def code?
+    @format == :ruby
+  end
+
+  def multiline?
+    @format == :multiline
+  end
+
+  def code_language
+    @format if code?
+  end
+
   # Example value for templates
   def example_value
     if @enum
@@ -155,6 +137,49 @@ class Archsight::Annotations::Annotation
     end
   end
 
+  def validate_enum(value, errors)
+    return unless @enum
+
+    values = list? ? value.to_s.split(",").map(&:strip) : [value.to_s]
+    invalid_values = values.reject { |v| @enum.include?(v) }
+    invalid_values.each do |v|
+      errors << "invalid value '#{v}'. Expected one of: #{@enum.join(", ")}"
+    end
+  end
+
+  def validate_type(value, errors)
+    return unless @type.is_a?(Class)
+
+    values_to_check = list? ? value.to_s.split(/,|\n/).map(&:strip).reject(&:empty?) : [value.to_s]
+    values_to_check.each do |string_value|
+      errors << "invalid value '#{string_value}'. #{type_error_message}" unless valid_type_value?(string_value)
+    end
+  end
+
+  def valid_type_value?(string_value)
+    case @type.to_s
+    when "Integer" then string_value.match?(/\A-?\d+\z/)
+    when "Float" then string_value.match?(/\A-?\d+(\.\d+)?\z/)
+    when "URI" then valid_uri?(string_value)
+    when "Archsight::Annotations::EmailRecipient" then Archsight::Annotations::EmailRecipient.valid?(string_value)
+    else true
+    end
+  end
+
+  def valid_uri?(string_value)
+    URI.parse(string_value)
+    string_value.match?(%r{\Ahttps?://})
+  rescue URI::InvalidURIError
+    false
+  end
+
+  def validate_code(value, errors)
+    return unless code? && !value.to_s.strip.empty?
+
+    syntax_error = validate_code_syntax(value.to_s)
+    errors << syntax_error if syntax_error
+  end
+
   def derive_format
     case @filter
     when :word then :tag_word
@@ -165,4 +190,28 @@ class Archsight::Annotations::Annotation
   def build_regex
     Regexp.new("^#{Regexp.escape(key).gsub('\*', ".+")}$")
   end
+
+  # Validate code syntax based on format
+  # @param code [String] The code to validate
+  # @return [String, nil] Error message or nil if valid
+  def validate_code_syntax(code)
+    case @format
+    when :ruby
+      validate_ruby_syntax(code)
+    end
+  end
+
+  # Validate Ruby syntax using RubyVM
+  # @param code [String] Ruby code to validate
+  # @return [String, nil] Error message or nil if valid
+  def validate_ruby_syntax(code)
+    # steep:ignore:start
+    RubyVM::InstructionSequence.compile(code)
+    # steep:ignore:end
+    nil
+  rescue SyntaxError => e
+    # Extract just the error message without the full backtrace
+    message = e.message.lines.first&.strip || "Syntax error"
+    "Ruby syntax error: #{message}"
+  end
 end

data/lib/archsight/annotations/architecture_annotations.rb

@@ -9,12 +9,8 @@ module Archsight::Annotations::Architecture
       annotation "architecture/abbr",
                  description: "Abbreviation or short name",
                  title: "Abbreviation"
-      annotation "architecture/evidence",
-                 description: "Supporting evidence or notes",
-                 title: "Evidence",
-                 format: :markdown
       annotation "architecture/description",
-                 description: "Textual description of the interface",
+                 description: "Textual description of the resource",
                  title: "Description",
                  format: :markdown
       annotation "architecture/documentation",
@@ -25,35 +21,6 @@ module Archsight::Annotations::Architecture
                  description: "Comma-separated tags",
                  filter: :list,
                  title: "Tags"
-      annotation "architecture/encoding",
-                 description: "Data encoding format",
-                 filter: :list,
-                 title: "Encoding"
-      annotation "architecture/title",
-                 description: "Interface title",
-                 title: "Title"
-      annotation "architecture/openapi",
-                 description: "OpenAPI specification version",
-                 filter: :word,
-                 title: "OpenAPI"
-      annotation "architecture/version",
-                 description: "API or interface version",
-                 filter: :word,
-                 title: "Version",
-                 sidebar: false
-      annotation "architecture/status",
-                 description: "Lifecycle status (General-Availability, Early-Access, Development)",
-                 filter: :word,
-                 title: "Status"
-      annotation "architecture/visibility",
-                 description: "API visibility (public, private, internal)",
-                 filter: :word,
-                 enum: %w[public private internal],
-                 title: "Visibility"
-      annotation "architecture/applicationSets",
-                 description: "Related ArgoCD ApplicationSets",
-                 title: "ApplicationSets",
-                 format: :markdown
     end
   end
 end

data/lib/archsight/annotations/computed.rb

@@ -212,7 +212,7 @@ class Archsight::Annotations::ComputedManager
     @computing.add(cache_key)
     begin
       evaluator = Archsight::Annotations::ComputedEvaluator.new(instance, @database, self)
-      value = evaluator.instance_eval(&definition.block)
+      value = evaluator.instance_eval(&definition.block) # steep:ignore BlockTypeMismatch
 
       # Apply type coercion if specified
       value = coerce_value(value, definition.type) if definition.type

data/lib/archsight/annotations/generated_annotations.rb

@@ -7,15 +7,18 @@ module Archsight::Annotations::Generated
       annotation "generated/script",
                  description: "Name of the script that generated this resource",
                  title: "Generated By",
-                 sidebar: false
+                 sidebar: false,
+                 editor: false
       annotation "generated/at",
                  description: "Timestamp when this resource was generated (ISO8601)",
                  title: "Generated At",
-                 sidebar: false
+                 sidebar: false,
+                 editor: false
       annotation "generated/configHash",
                  description: "Hash of configuration used to generate this resource (for change detection)",
                  title: "Config Hash",
-                 sidebar: false
+                 sidebar: false,
+                 editor: false
     end
   end
 end

data/lib/archsight/annotations/git_annotations.rb

@@ -6,16 +6,20 @@ module Archsight::Annotations::Git
     base.class_eval do
       annotation "git/updatedAt",
                  description: "Date when the resource was last updated",
-                 title: "Updated At"
+                 title: "Updated At",
+                 editor: false
       annotation "git/updatedBy",
                  description: "Email of person who last updated the resource",
-                 title: "Updated By"
+                 title: "Updated By",
+                 editor: false
       annotation "git/reviewedAt",
                  description: "Date when the resource was last reviewed",
-                 title: "Reviewed At"
+                 title: "Reviewed At",
+                 editor: false
       annotation "git/reviewedBy",
                  description: "Email of person who last reviewed the resource",
-                 title: "Reviewed By"
+                 title: "Reviewed By",
+                 editor: false
     end
   end
 end

data/lib/archsight/annotations/interface_annotations.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+# Interface module adds interface-specific annotations to resource classes
+module Archsight::Annotations::Interface
+  def self.included(base)
+    base.class_eval do
+      annotation "architecture/encoding",
+                 description: "Data encoding format",
+                 filter: :list,
+                 title: "Encoding"
+      annotation "architecture/title",
+                 description: "Interface title",
+                 title: "Title"
+      annotation "architecture/openapi",
+                 description: "OpenAPI specification version",
+                 filter: :word,
+                 title: "OpenAPI"
+      annotation "architecture/version",
+                 description: "API or interface version",
+                 filter: :word,
+                 title: "Version",
+                 sidebar: false
+      annotation "architecture/status",
+                 description: "Lifecycle status",
+                 filter: :word,
+                 enum: %w[General-Availability Early-Access Development],
+                 title: "Status"
+      annotation "architecture/visibility",
+                 description: "API visibility (public, private, internal)",
+                 filter: :word,
+                 enum: %w[public private internal],
+                 title: "Visibility"
+    end
+  end
+end

data/lib/archsight/cli.rb

@@ -19,6 +19,7 @@ module Archsight
     option :production, type: :boolean, default: false, desc: "Run in production mode"
     option :disable_reload, type: :boolean, default: false, desc: "Disable the reload button in the UI"
     option :enable_logging, type: :boolean, default: nil, desc: "Enable request logging (default: false in dev, true in prod)"
+    option :inline_edit, type: :boolean, default: false, desc: "Enable inline editing (save directly to source files)"
     def web
       configure_resources
       require "archsight/web/application"
@@ -26,6 +27,7 @@ module Archsight
       env = options[:production] ? :production : :development
       Archsight::Web::Application.configure_environment!(env, logging: options[:enable_logging])
       Archsight::Web::Application.set :reload_enabled, !options[:disable_reload]
+      Archsight::Web::Application.set :inline_edit_enabled, options[:inline_edit]
       Archsight::Web::Application.setup_mcp!
       Archsight::Web::Application.run!(port: options[:port], bind: options[:host])
     rescue Archsight::ResourceError => e
@@ -102,7 +104,7 @@ module Archsight
 
       # Create database that loads from resources directory
       # Only load Import resources to avoid validation errors on incomplete resources
-      db = Archsight::Database.new(resources_dir, verbose: options[:verbose], only_kinds: ["Import"], verify: false)
+      db = Archsight::Database.new(resources_dir, verbose: options[:verbose], only_kinds: %w[Import BusinessActor], verify: false)
 
       if options[:dry_run]
         puts "Execution Plan:"
@@ -191,7 +193,7 @@ module Archsight
     def filter_analyses(db)
       analyses = db.instances_by_kind("Analysis").values
       analyses = analyses.select { |a| Regexp.new(options[:filter], Regexp::IGNORECASE).match?(a.name) } if options[:filter]
-      analyses.reject { |a| a.annotations["analysis/enabled"] == "false" }
+      analyses
     end
 
     def print_analysis_dry_run(analyses)