PyPI - woolly - Versions diffs - 0.3.0__py3-none-any.whl → 0.5.0__py3-none-any.whl - Mend

woolly 0.3.0py3-none-any.whl → 0.5.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

woolly/cache.py +21 -6
woolly/commands/check.py +264 -82
woolly/http.py +22 -3
woolly/languages/base.py +187 -10
woolly/languages/python.py +221 -8
woolly/languages/rust.py +59 -1
woolly/reporters/__init__.py +15 -1
woolly/reporters/base.py +25 -0
woolly/reporters/json.py +102 -3
woolly/reporters/markdown.py +83 -9
woolly/reporters/stdout.py +171 -38
woolly/reporters/template.py +245 -0
{woolly-0.3.0.dist-info → woolly-0.5.0.dist-info}/METADATA +3 -1
woolly-0.5.0.dist-info/RECORD +26 -0
woolly-0.3.0.dist-info/RECORD +0 -25
{woolly-0.3.0.dist-info → woolly-0.5.0.dist-info}/WHEEL +0 -0
{woolly-0.3.0.dist-info → woolly-0.5.0.dist-info}/entry_points.txt +0 -0
{woolly-0.3.0.dist-info → woolly-0.5.0.dist-info}/licenses/LICENSE +0 -0

woolly/languages/base.py CHANGED Viewed

@@ -30,7 +30,10 @@ from typing import Literal, Optional
 from pydantic import BaseModel, Field
 from woolly.cache import FEDORA_CACHE_TTL, read_cache, write_cache
-from woolly.debug import log_cache_hit, log_cache_miss, log_command_output
+from woolly.debug import log, log_cache_hit, log_cache_miss, log_command_output
+# Default timeout (seconds) for dnf repoquery subprocess calls.
+_DNF_TIMEOUT = 60
 class PackageInfo(BaseModel):
@@ -41,6 +44,7 @@ class PackageInfo(BaseModel):
     description: Optional[str] = None
     homepage: Optional[str] = None
     repository: Optional[str] = None
+    license: Optional[str] = None
 class Dependency(BaseModel):
@@ -50,6 +54,14 @@ class Dependency(BaseModel):
     version_requirement: str
     optional: bool = False
     kind: Literal["normal", "dev", "build"] = "normal"
+    group: Optional[str] = None
+class FeatureInfo(BaseModel):
+    """Information about a feature flag (Rust) or extra (Python)."""
+    name: str
+    dependencies: list[str] = Field(default_factory=list)
 class FedoraPackageStatus(BaseModel):
@@ -82,6 +94,10 @@ class LanguageProvider(ABC):
     fedora_provides_prefix: str
     cache_namespace: str
+    # Optional Fedora targeting attributes (set at runtime)
+    fedora_release: Optional[str] = None
+    fedora_repos: Optional[list[str]] = None
     # ----------------------------------------------------------------
     # Abstract methods - MUST be implemented by subclasses
     # ----------------------------------------------------------------
@@ -113,6 +129,20 @@ class LanguageProvider(ABC):
         """
         pass
+    @abstractmethod
+    def fetch_features(self, package_name: str, version: str) -> list[FeatureInfo]:
+        """
+        Fetch feature flags (Rust) or extras (Python) for a specific package version.
+        Args:
+            package_name: The name of the package.
+            version: The specific version to get features for.
+        Returns:
+            List of FeatureInfo objects.
+        """
+        pass
     # ----------------------------------------------------------------
     # Concrete methods - shared implementation for all providers
     # ----------------------------------------------------------------
@@ -164,6 +194,92 @@ class LanguageProvider(ABC):
             if d.kind == "normal" and (include_optional or not d.optional)
         ]
+    def get_dev_dependencies(
+        self,
+        package_name: str,
+        version: Optional[str] = None,
+    ) -> list[Dependency]:
+        """
+        Get dev dependencies for a package.
+        Args:
+            package_name: The name of the package.
+            version: Specific version, or None for latest.
+        Returns:
+            List of Dependency objects with kind='dev'.
+        """
+        if version is None:
+            version = self.get_latest_version(package_name)
+            if version is None:
+                return []
+        deps = self.fetch_dependencies(package_name, version)
+        return [d for d in deps if d.kind == "dev"]
+    def get_build_dependencies(
+        self,
+        package_name: str,
+        version: Optional[str] = None,
+    ) -> list[Dependency]:
+        """
+        Get build dependencies for a package.
+        Args:
+            package_name: The name of the package.
+            version: Specific version, or None for latest.
+        Returns:
+            List of Dependency objects with kind='build'.
+        """
+        if version is None:
+            version = self.get_latest_version(package_name)
+            if version is None:
+                return []
+        deps = self.fetch_dependencies(package_name, version)
+        return [d for d in deps if d.kind == "build"]
+    def get_all_dependencies(
+        self,
+        package_name: str,
+        version: Optional[str] = None,
+        include_optional: bool = False,
+    ) -> tuple[list[tuple[str, str, bool]], list[Dependency], list[Dependency]]:
+        """
+        Fetch all dependencies in a single call and partition by kind.
+        This avoids repeated ``fetch_dependencies`` (and its cache reads)
+        when the caller needs normal, dev, and build dependencies for the
+        same package/version.
+        Args:
+            package_name: The name of the package.
+            version: Specific version, or None for latest.
+            include_optional: If True, include optional normal dependencies.
+        Returns:
+            Tuple of (normal_deps, dev_deps, build_deps) where
+            normal_deps is a list of ``(name, version_requirement, is_optional)``
+            tuples, and dev/build_deps are lists of :class:`Dependency`.
+        """
+        if version is None:
+            version = self.get_latest_version(package_name)
+            if version is None:
+                return ([], [], [])
+        deps = self.fetch_dependencies(package_name, version)
+        normal = [
+            (d.name, d.version_requirement, d.optional)
+            for d in deps
+            if d.kind == "normal" and (include_optional or not d.optional)
+        ]
+        dev = [d for d in deps if d.kind == "dev"]
+        build = [d for d in deps if d.kind == "build"]
+        return (normal, dev, build)
     def get_fedora_provides_pattern(self, package_name: str) -> str:
         """
         Get the Fedora provides pattern for this package.
@@ -214,6 +330,44 @@ class LanguageProvider(ABC):
     # Fedora repository query methods - shared implementation
     # ----------------------------------------------------------------
+    def _fedora_cache_suffix(self) -> str:
+        """
+        Build a cache-key suffix that incorporates the targeted
+        Fedora release and repo selection so that results for different
+        targets are cached independently.
+        Returns:
+            A string suffix (may be empty when no targeting is set).
+        """
+        parts: list[str] = []
+        if self.fedora_release:
+            parts.append(f"rel={self.fedora_release}")
+        if self.fedora_repos:
+            parts.append(f"repos={','.join(sorted(self.fedora_repos))}")
+        return ":".join(parts)
+    def _build_dnf_repoquery_cmd(self, extra_args: list[str]) -> list[str]:
+        """
+        Build the base ``dnf repoquery`` command, injecting
+        ``--releasever`` and ``--repo`` flags when Fedora targeting
+        attributes are set.
+        Args:
+            extra_args: Additional arguments appended after the base
+                command (e.g. ``["--whatprovides", pattern]``).
+        Returns:
+            Full command list ready for :func:`subprocess.check_output`.
+        """
+        cmd = ["dnf", "repoquery"]
+        if self.fedora_release:
+            cmd.append(f"--releasever={self.fedora_release}")
+        if self.fedora_repos:
+            for repo in self.fedora_repos:
+                cmd.extend(["--repo", repo])
+        cmd.extend(extra_args)
+        return cmd
     def _repoquery_package(
         self, package_name: str
     ) -> tuple[bool, list[str], list[str]]:
@@ -226,7 +380,10 @@ class LanguageProvider(ABC):
         Returns:
             Tuple of (is_packaged, versions_list, package_names)
         """
+        suffix = self._fedora_cache_suffix()
         cache_key = f"repoquery:{self.name}:{package_name}"
+        if suffix:
+            cache_key += f":{suffix}"
         cached = read_cache("fedora", cache_key, FEDORA_CACHE_TTL)
         if cached is not None:
             log_cache_hit("fedora", cache_key)
@@ -234,14 +391,14 @@ class LanguageProvider(ABC):
         log_cache_miss("fedora", cache_key)
         provide_pattern = self.get_fedora_provides_pattern(package_name)
-        cmd = [
-            "dnf",
-            "repoquery",
-            "--whatprovides",
-            provide_pattern,
-            "--queryformat",
-            "%{NAME}|%{VERSION}",
-        ]
+        cmd = self._build_dnf_repoquery_cmd(
+            [
+                "--whatprovides",
+                provide_pattern,
+                "--queryformat",
+                "%{NAME}|%{VERSION}",
+            ]
+        )
         try:
             out = (
@@ -249,6 +406,7 @@ class LanguageProvider(ABC):
                     cmd,
                     stdin=subprocess.DEVNULL,
                     stderr=subprocess.DEVNULL,
+                    timeout=_DNF_TIMEOUT,
                 )
                 .decode()
                 .strip()
@@ -272,6 +430,11 @@ class LanguageProvider(ABC):
             result = (True, sorted(versions), sorted(packages))
             write_cache("fedora", cache_key, [result[0], result[1], result[2]])
             return result
+        except subprocess.TimeoutExpired:
+            log(" ".join(cmd), level="warning", reason="timeout")
+            result = (False, [], [])
+            write_cache("fedora", cache_key, list(result))
+            return result
         except subprocess.CalledProcessError as e:
             log_command_output(" ".join(cmd), "", exit_code=e.returncode)
             result = (False, [], [])
@@ -288,7 +451,10 @@ class LanguageProvider(ABC):
         Returns:
             List of version strings provided by Fedora packages.
         """
+        suffix = self._fedora_cache_suffix()
         cache_key = f"provides:{self.name}:{package_name}"
+        if suffix:
+            cache_key += f":{suffix}"
         cached = read_cache("fedora", cache_key, FEDORA_CACHE_TTL)
         if cached is not None:
             log_cache_hit("fedora", cache_key)
@@ -297,7 +463,13 @@ class LanguageProvider(ABC):
         log_cache_miss("fedora", cache_key)
         provide_pattern = self.get_fedora_provides_pattern(package_name)
         normalized = self.normalize_package_name(package_name)
-        cmd = ["dnf", "repoquery", "--provides", "--whatprovides", provide_pattern]
+        cmd = self._build_dnf_repoquery_cmd(
+            [
+                "--provides",
+                "--whatprovides",
+                provide_pattern,
+            ]
+        )
         try:
             out = (
@@ -305,6 +477,7 @@ class LanguageProvider(ABC):
                     cmd,
                     stdin=subprocess.DEVNULL,
                     stderr=subprocess.DEVNULL,
+                    timeout=_DNF_TIMEOUT,
                 )
                 .decode()
                 .strip()
@@ -329,6 +502,10 @@ class LanguageProvider(ABC):
             result = sorted(versions)
             write_cache("fedora", cache_key, result)
             return result
+        except subprocess.TimeoutExpired:
+            log(" ".join(cmd), level="warning", reason="timeout")
+            write_cache("fedora", cache_key, [])
+            return []
         except subprocess.CalledProcessError as e:
             log_command_output(" ".join(cmd), "", exit_code=e.returncode)
             write_cache("fedora", cache_key, [])

woolly/languages/python.py CHANGED Viewed

@@ -16,7 +16,7 @@ from woolly.debug import (
     log_cache_hit,
     log_cache_miss,
 )
-from woolly.languages.base import Dependency, LanguageProvider, PackageInfo
+from woolly.languages.base import Dependency, FeatureInfo, LanguageProvider, PackageInfo
 PYPI_API = "https://pypi.org/pypi"
@@ -44,6 +44,7 @@ class PythonProvider(LanguageProvider):
                 description=cached["info"].get("summary"),
                 homepage=cached["info"].get("home_page"),
                 repository=cached["info"].get("project_url"),
+                license=self._extract_license(cached["info"]),
             )
         log_cache_miss(self.cache_namespace, cache_key)
@@ -69,8 +70,46 @@ class PythonProvider(LanguageProvider):
             description=data["info"].get("summary"),
             homepage=data["info"].get("home_page"),
             repository=data["info"].get("project_url"),
+            license=self._extract_license(data["info"]),
         )
+    def _fetch_version_data(self, package_name: str, version: str) -> Optional[dict]:
+        """
+        Fetch the raw PyPI JSON response for a specific package version.
+        The result is cached under a ``version_data`` key so that both
+        :meth:`fetch_dependencies` and :meth:`fetch_features` can share
+        the same HTTP response without duplicating the request.
+        Args:
+            package_name: The name of the package.
+            version: The specific version to fetch.
+        Returns:
+            Parsed JSON dict, or None on failure.
+        """
+        cache_key = f"version_data:{package_name}:{version}"
+        cached = read_cache(self.cache_namespace, cache_key, DEFAULT_CACHE_TTL)
+        if cached is not None:
+            log_cache_hit(self.cache_namespace, cache_key)
+            if cached is False:  # Explicit "not found" cache
+                return None
+            return cached
+        log_cache_miss(self.cache_namespace, cache_key)
+        url = f"{PYPI_API}/{package_name}/{version}/json"
+        log_api_request("GET", url)
+        r = http.get(url)
+        log_api_response(r.status_code, r.text[:500] if r.text else None)
+        if r.status_code != 200:
+            write_cache(self.cache_namespace, cache_key, False)
+            return None
+        data = r.json()
+        write_cache(self.cache_namespace, cache_key, data)
+        return data
     def fetch_dependencies(self, package_name: str, version: str) -> list[Dependency]:
         """
         Fetch dependencies for a specific package version.
@@ -87,21 +126,17 @@ class PythonProvider(LanguageProvider):
                     version_requirement=d["version_requirement"],
                     optional=d.get("optional", False),
                     kind=d.get("kind", "normal"),
+                    group=d.get("group"),
                 )
                 for d in cached
             ]
         log_cache_miss(self.cache_namespace, cache_key)
-        url = f"{PYPI_API}/{package_name}/{version}/json"
-        log_api_request("GET", url)
-        r = http.get(url)
-        log_api_response(r.status_code, r.text[:500] if r.text else None)
-        if r.status_code != 200:
+        data = self._fetch_version_data(package_name, version)
+        if data is None:
             write_cache(self.cache_namespace, cache_key, [])
             return []
-        data = r.json()
         requires_dist = data["info"].get("requires_dist") or []
         deps = []
@@ -117,6 +152,7 @@ class PythonProvider(LanguageProvider):
                 "version_requirement": d.version_requirement,
                 "optional": d.optional,
                 "kind": d.kind,
+                "group": d.group,
             }
             for d in deps
         ]
@@ -124,6 +160,180 @@ class PythonProvider(LanguageProvider):
         return deps
+    def fetch_features(self, package_name: str, version: str) -> list[FeatureInfo]:
+        """
+        Fetch extras (groups) for a specific Python package version.
+        PyPI provides extras via `provides_extra` and links dependencies
+        to extras via `requires_dist` markers.
+        """
+        cache_key = f"features:{package_name}:{version}"
+        cached = read_cache(self.cache_namespace, cache_key, DEFAULT_CACHE_TTL)
+        if cached is not None:
+            log_cache_hit(self.cache_namespace, cache_key)
+            return [
+                FeatureInfo(name=f["name"], dependencies=f["dependencies"])
+                for f in cached
+            ]
+        log_cache_miss(self.cache_namespace, cache_key)
+        data = self._fetch_version_data(package_name, version)
+        if data is None:
+            write_cache(self.cache_namespace, cache_key, [])
+            return []
+        provides_extra = data["info"].get("provides_extra") or []
+        requires_dist = data["info"].get("requires_dist") or []
+        # Build a mapping of extra -> dependencies
+        extras_map: dict[str, list[str]] = {extra: [] for extra in provides_extra}
+        for req in requires_dist:
+            extra_name = self._extract_extra_name(req)
+            if extra_name and extra_name in extras_map:
+                # Extract just the package name from the requirement
+                parsed = self._parse_requirement(req)
+                if parsed:
+                    extras_map[extra_name].append(parsed.name)
+        features = [
+            FeatureInfo(name=name, dependencies=sorted(deps))
+            for name, deps in sorted(extras_map.items())
+        ]
+        # Cache as dicts
+        cache_data = [
+            {"name": f.name, "dependencies": f.dependencies} for f in features
+        ]
+        write_cache(self.cache_namespace, cache_key, cache_data)
+        return features
+    def _extract_extra_name(self, req_string: str) -> Optional[str]:
+        """
+        Extract the extra name from a PEP 508 requirement string.
+        Examples:
+            "PySocks>=1.5.6; extra == 'socks'" -> "socks"
+            "requests>=2.20.0" -> None
+        """
+        match = re.search(r"""extra\s*==\s*['"]([\w-]+)['"]""", req_string)
+        if match:
+            return match.group(1)
+        return None
+    # Well-known classifier suffix -> short SPDX-like name
+    _CLASSIFIER_LICENSE_MAP: dict[str, str] = {
+        "MIT License": "MIT",
+        "BSD License": "BSD",
+        "ISC License (ISCL)": "ISC",
+        "Apache Software License": "Apache-2.0",
+        "GNU General Public License v2 (GPLv2)": "GPL-2.0",
+        "GNU General Public License v2 or later (GPLv2+)": "GPL-2.0-or-later",
+        "GNU General Public License v3 (GPLv3)": "GPL-3.0",
+        "GNU General Public License v3 or later (GPLv3+)": "GPL-3.0-or-later",
+        "GNU Lesser General Public License v2 (LGPLv2)": "LGPL-2.0",
+        "GNU Lesser General Public License v2 or later (LGPLv2+)": "LGPL-2.0-or-later",
+        "GNU Lesser General Public License v3 (LGPLv3)": "LGPL-3.0",
+        "GNU Lesser General Public License v3 or later (LGPLv3+)": "LGPL-3.0-or-later",
+        "GNU Affero General Public License v3": "AGPL-3.0",
+        "GNU Affero General Public License v3 or later (AGPLv3+)": "AGPL-3.0-or-later",
+        "Mozilla Public License 2.0 (MPL 2.0)": "MPL-2.0",
+        "Eclipse Public License 1.0 (EPL-1.0)": "EPL-1.0",
+        "Eclipse Public License 2.0 (EPL-2.0)": "EPL-2.0",
+        "The Unlicense (Unlicense)": "Unlicense",
+        "Public Domain": "Public Domain",
+        "Python Software Foundation License": "PSF",
+        "Zope Public License": "ZPL",
+        "Academic Free License (AFL)": "AFL",
+        "Artistic License": "Artistic",
+        "Boost Software License 1.0 (BSL-1.0)": "BSL-1.0",
+        "European Union Public Licence 1.1 (EUPL 1.1)": "EUPL-1.1",
+        "European Union Public Licence 1.2 (EUPL 1.2)": "EUPL-1.2",
+    }
+    @staticmethod
+    def _looks_like_license_name(value: str) -> bool:
+        """
+        Heuristic check: does this look like a short license name/identifier
+        rather than the full license text?
+        A short license name is typically under 100 characters, fits on a
+        single line, and does not contain common full-text markers like
+        "Permission is hereby granted" or "THE SOFTWARE IS PROVIDED".
+        """
+        if len(value) > 100:
+            return False
+        if "\n" in value:
+            return False
+        # Common full-text markers
+        full_text_markers = [
+            "permission is hereby granted",
+            "the software is provided",
+            "redistribution and use",
+            "licensed under the",
+            "this software",
+            "copyright (c)",
+            "all rights reserved",
+            'provided "as is"',
+            "provided 'as is'",
+        ]
+        lower = value.lower()
+        return not any(marker in lower for marker in full_text_markers)
+    def _license_from_classifiers(self, info: dict) -> Optional[str]:
+        """
+        Try to derive a short license name from the trove classifiers.
+        PyPI classifiers follow the pattern::
+            License :: OSI Approved :: MIT License
+        Returns the first match mapped to a short identifier, or the
+        classifier suffix as-is if no mapping exists.
+        """
+        classifiers = info.get("classifiers") or []
+        for clf in classifiers:
+            if clf.startswith("License :: OSI Approved :: "):
+                suffix = clf.split(" :: ")[-1]
+                return self._CLASSIFIER_LICENSE_MAP.get(suffix, suffix)
+            if clf.startswith("License :: "):
+                suffix = clf.split(" :: ")[-1]
+                return self._CLASSIFIER_LICENSE_MAP.get(suffix, suffix)
+        return None
+    def _extract_license(self, info: dict) -> Optional[str]:
+        """
+        Extract a *short* license identifier from PyPI package info.
+        Resolution order:
+        1. ``license_expression`` (PEP 639) – always a proper SPDX expression.
+        2. ``license`` field, **only** when it looks like a short name
+           (not the full license text that older packages sometimes embed).
+        3. Trove classifiers (``License :: …``).
+        Args:
+            info: The ``info`` dict from the PyPI API response.
+        Returns:
+            Short license string, or None if unavailable.
+        """
+        # 1. PEP 639 license expression – best source
+        license_expr = info.get("license_expression")
+        if license_expr and license_expr.strip():
+            return license_expr.strip()
+        # 2. license field, only if it looks like a short identifier
+        license_val = info.get("license")
+        if license_val and license_val.strip():
+            cleaned = license_val.strip()
+            if self._looks_like_license_name(cleaned):
+                return cleaned
+        # 3. Fall back to classifiers
+        return self._license_from_classifiers(info)
     def _parse_requirement(self, req_string: str) -> Optional[Dependency]:
         """
         Parse a PEP 508 requirement string.
@@ -136,11 +346,13 @@ class PythonProvider(LanguageProvider):
         # Check if this is an optional/extra dependency
         is_optional = False
         kind = "normal"
+        group = None
         if "extra ==" in req_string or "extra==" in req_string:
             is_optional = True
             # Keep kind as "normal" so optional dependencies can be included
             # when --optional flag is used
+            group = self._extract_extra_name(req_string)
         # Extract the package name and version requirement
         # Handle environment markers (everything after ';')
@@ -166,6 +378,7 @@ class PythonProvider(LanguageProvider):
             version_requirement=version_req or "*",
             optional=is_optional,
             kind=kind,
+            group=group,
         )
     def normalize_package_name(self, package_name: str) -> str:

woolly/languages/rust.py CHANGED Viewed

@@ -15,7 +15,7 @@ from woolly.debug import (
     log_cache_hit,
     log_cache_miss,
 )
-from woolly.languages.base import Dependency, LanguageProvider, PackageInfo
+from woolly.languages.base import Dependency, FeatureInfo, LanguageProvider, PackageInfo
 CRATES_API = "https://crates.io/api/v1/crates"
@@ -29,6 +29,25 @@ class RustProvider(LanguageProvider):
     fedora_provides_prefix = "crate"
     cache_namespace = "crates"
+    @staticmethod
+    def _extract_license(data: dict) -> Optional[str]:
+        """Extract license from crates.io API response.
+        Some crates have ``license: null`` at the crate level but include the
+        license in the ``versions`` array.  Fall back to the latest version's
+        license when the crate-level field is missing.
+        """
+        license_val = data.get("crate", {}).get("license")
+        if license_val:
+            return license_val
+        # Fall back to the latest version's license (versions are newest-first)
+        versions = data.get("versions") or []
+        if versions:
+            return versions[0].get("license")
+        return None
     def fetch_package_info(self, package_name: str) -> Optional[PackageInfo]:
         """Fetch crate information from crates.io."""
         cache_key = f"info:{package_name}"
@@ -43,6 +62,7 @@ class RustProvider(LanguageProvider):
                 description=cached["crate"].get("description"),
                 homepage=cached["crate"].get("homepage"),
                 repository=cached["crate"].get("repository"),
+                license=self._extract_license(cached),
             )
         log_cache_miss(self.cache_namespace, cache_key)
@@ -68,6 +88,7 @@ class RustProvider(LanguageProvider):
             description=data["crate"].get("description"),
             homepage=data["crate"].get("homepage"),
             repository=data["crate"].get("repository"),
+            license=self._extract_license(data),
         )
     def fetch_dependencies(self, package_name: str, version: str) -> list[Dependency]:
@@ -110,6 +131,43 @@ class RustProvider(LanguageProvider):
             for d in deps
         ]
+    def fetch_features(self, package_name: str, version: str) -> list[FeatureInfo]:
+        """Fetch feature flags for a specific crate version from crates.io."""
+        cache_key = f"features:{package_name}:{version}"
+        cached = read_cache(self.cache_namespace, cache_key, DEFAULT_CACHE_TTL)
+        if cached is not None:
+            log_cache_hit(self.cache_namespace, cache_key)
+            return [
+                FeatureInfo(name=f["name"], dependencies=f["dependencies"])
+                for f in cached
+            ]
+        log_cache_miss(self.cache_namespace, cache_key)
+        url = f"{CRATES_API}/{package_name}/{version}"
+        log_api_request("GET", url)
+        r = http.get(url)
+        log_api_response(r.status_code, r.text[:500] if r.text else None)
+        if r.status_code != 200:
+            write_cache(self.cache_namespace, cache_key, [])
+            return []
+        data = r.json()
+        features_dict = data.get("version", {}).get("features", {})
+        features = [
+            FeatureInfo(name=name, dependencies=deps)
+            for name, deps in sorted(features_dict.items())
+        ]
+        # Cache as dicts
+        cache_data = [
+            {"name": f.name, "dependencies": f.dependencies} for f in features
+        ]
+        write_cache(self.cache_namespace, cache_key, cache_data)
+        return features
     def get_alternative_names(self, package_name: str) -> list[str]:
         """
         Get alternative names to try for crate lookup.

woolly 0.3.0__py3-none-any.whl → 0.5.0__py3-none-any.whl

woolly 0.3.0py3-none-any.whl → 0.5.0py3-none-any.whl