From c2c2be9be0481eb8966884bb33c0153e58e1800f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicki=20K=C5=99=C3=AD=C5=BEek?= Date: Wed, 20 May 2026 14:34:02 +0000 Subject: [PATCH] Restrict cross-test jinja2 includes to _common/ The previous loader was a FileSystemLoader rooted at $srcdir, which allowed any system test to include any other test's templates -- a wider scope than intended. Every existing cross-test include already targets _common/, so make that the only path. ChoiceLoader + PrefixLoader keeps the existing '_common/foo.j2' path convention working without changes to call sites. The '_common/' prefix is deliberately kept rather than dropping it by rooting the FileSystemLoader at _common/ directly: - It signals at the include site that the file is a shared template, not a sibling of the current test; readers don't need to know the loader configuration to understand where the file lives. - It prevents shadowing: a test-local 'controls.conf.j2' would not collide with the shared one, and the unqualified name keeps its test-local meaning. - It makes the dependency greppable: 'grep -rl _common/' identifies every test that consumes shared snippets. Assisted-by: Claude:claude-opus-4-7 --- bin/tests/system/isctest/template.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/bin/tests/system/isctest/template.py b/bin/tests/system/isctest/template.py index 6c6b628b94..83e6ce8691 100644 --- a/bin/tests/system/isctest/template.py +++ b/bin/tests/system/isctest/template.py @@ -40,10 +40,16 @@ class TemplateEngine: self.directory = Path(directory) self.env_vars = dict(env_vars) self.j2env = jinja2.Environment( - loader=jinja2.FileSystemLoader( + loader=jinja2.ChoiceLoader( [ - str(self.directory), - str(ALL["srcdir"]), # to allow _common/ includes + jinja2.FileSystemLoader(self.directory), + jinja2.PrefixLoader( + { + "_common": jinja2.FileSystemLoader( + Path(ALL["srcdir"]) / "_common" + ), + } + ), ] ), undefined=jinja2.StrictUndefined,