Check cross-template dependencies using liquid test YAML files

[BenjaminLangenakenSF]

Description

Check cross-template dependencies using liquid test YAML files.
Currently only implemented for RTs.

Testing Instructions

Steps:

1. You can copy/paste a reconciliation_texts folder into the repo for testing purposes
2. Run check_liquid_test_dependencies in the terminal (Cursor can assist with this)

Author Checklist

• Skip bumping the CLI version

Reviewer Checklist

• PR has a clear title and description
• Manually tested the changes that the PR introduces
• Changes introduced are covered by tests of acceptable quality

[coderabbitai]

Walkthrough

The changes add two new utility functions to fsUtils.js for analyzing liquid test dependencies: findTemplatesWithLiquidTests identifies templates containing liquid test YAML files, and check_liquid_test_dependencies determines which templates depend on a specified handle. Comprehensive test suites cover both functions.

Changes

Cohort / File(s)	Summary
Core utility functions lib/utils/fsUtils.js	Added findTemplatesWithLiquidTests() to identify templates with liquid test YAML files under reconciliation_texts (files ending with _liquid_test.yml, excluding variant suffixes). Added check_liquid_test_dependencies(target_handle) to detect template dependencies by parsing _liquid_test.yml files and inspecting data subtrees. Introduced yaml parsing dependency. Exported both new functions.
Test coverage for check_liquid_test_dependencies tests/lib/utils/checkLiquidTestDependencies.test.js	New test suite with 9+ test cases covering: empty results when no references exist, string and key-based references in data subtree, data vs. context/expectation distinction, filtering by liquid test files, multiple test cases aggregation, nested structures/arrays, YAML parsing error resilience, and multi-template handling.
Test coverage for findTemplatesWithLiquidTests tests/lib/utils/findTemplatesWithLiquidTests.test.js	New test suite covering: empty directory behavior, no test files scenario, template detection, exclusion of variant files (TY suffix patterns), reconciliation_texts scope (ignoring account_templates), templates without tests subdirectories, non-directory entries, and mixed template aggregation.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~30 minutes

• lib/utils/fsUtils.js: New utility functions with YAML parsing logic and recursive dependency detection require careful validation of correctness
• Test files: Two comprehensive test suites with multiple edge cases and assertions require verification of coverage completeness
• Mixed complexity with moderate file spread and new logic patterns

Possibly related issues

• Check template dependencies #213: Directly implements the same feature — adding liquid test dependency detection functions (findTemplatesWithLiquidTests and check_liquid_test_dependencies) to determine template dependencies from Liquid test YAML files.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically summarizes the main change: implementing a feature to check cross-template dependencies using liquid test YAML files, which directly matches the PR's core purpose.
Description check	✅ Passed	The description includes all required template sections: problem context (fixing cross-template dependencies for RTs), clear testing instructions with steps, and both author and reviewer checklists completed as appropriate.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch check_liquid_test_dependencies

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

lib/utils/fsUtils.js (2)

418-476: Consider renaming to camelCase for consistency.

The function check_liquid_test_dependencies uses snake_case naming, which is inconsistent with the rest of the codebase where camelCase is used (e.g., findTemplatesWithLiquidTests, getAllTemplatesOfAType, listSharedPartsUsedInTemplate).

Apply this diff to rename the function:

-function check_liquid_test_dependencies(target_handle) {
+function checkLiquidTestDependencies(targetHandle) {
   const dependentHandles = [];
   const allHandlesWithTests = findTemplatesWithLiquidTests();
 
   // Recursively check if target_handle appears in the data subtree
   const containsHandle = (obj, handle) => {

And update the export and parameter name:

-  check_liquid_test_dependencies,
+  checkLiquidTestDependencies,

---

453-453: Add documentation explaining the increased maxAliasCount setting.

The maxAliasCount: 10000 is intentionally set higher than the default (100) to support parsing of legitimate liquid test YAML files—this was increased from 1000 in a prior fix when real test files exceeded that limit. While the security concern regarding YAML bombs is valid, the risk is mitigated here since these files are internal tests, not untrusted input.

Consider adding an inline comment explaining this trade-off (e.g., // maxAliasCount increased to 10000 to support liquid test files with many reusable YAML anchors).

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8b45685 and fac6bae.

📒 Files selected for processing (3)

• lib/utils/fsUtils.js (3 hunks)
• tests/lib/utils/checkLiquidTestDependencies.test.js (1 hunks)
• tests/lib/utils/findTemplatesWithLiquidTests.test.js (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (2)

tests/lib/utils/findTemplatesWithLiquidTests.test.js (1)

lib/utils/fsUtils.js (6)

• fs (1-1)
• require (4-4)
• path (2-2)
• templateDir (373-373)
• handle (239-239)
• handle (267-267)

tests/lib/utils/checkLiquidTestDependencies.test.js (1)

lib/utils/fsUtils.js (4)

• fs (1-1)
• require (4-4)
• path (2-2)
• templateDir (373-373)

🔇 Additional comments (3)

tests/lib/utils/findTemplatesWithLiquidTests.test.js (1)

1-196: LGTM! Comprehensive test coverage.

The test suite thoroughly validates the findTemplatesWithLiquidTests function across multiple scenarios including empty directories, variant file exclusion, directory filtering, and edge cases. The setup and teardown logic properly isolates each test using temporary directories.

lib/utils/fsUtils.js (1)

359-410: LGTM! Well-implemented template discovery.

The findTemplatesWithLiquidTests function correctly identifies templates with liquid test files, properly excludes variant suffixes (e.g., _TY21, _AB123), and handles edge cases like non-directory entries. The regex patterns are appropriate for the use case.

tests/lib/utils/checkLiquidTestDependencies.test.js (1)

1-403: LGTM! Excellent test coverage for dependency checking.

The test suite comprehensively validates check_liquid_test_dependencies across numerous scenarios including:

• Detection of handle references in data as both keys and values
• Proper scoping to only the data subtree (excluding context and expectation)
• Handling of nested structures and arrays
• Graceful error handling for invalid YAML
• Multiple test cases and uniqueness validation

The tests provide strong confidence in the implementation's correctness.

Note: If the function is renamed to checkLiquidTestDependencies (as suggested in the implementation review), remember to update the test imports and calls accordingly.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Update the yaml package to version 2.8.2 or later to address known vulnerabilities.

The yaml library version 2.2.1 is outdated and contains known security vulnerabilities. Upgrade to version 2.8.2 or later, as 2.8.2 is the latest non-vulnerable version.

🤖 Prompt for AI Agents

In lib/utils/fsUtils.js at line 3 the project imports the outdated yaml package
(currently 2.2.1); update the dependency in package.json to "yaml": ">=2.8.2",
run npm install (or yarn install) to refresh node_modules and the lockfile
(package-lock.json or yarn.lock), run the test suite and lint to ensure no
breaking API changes, and commit the updated package.json and lockfile so the
project uses yaml v2.8.2 or later to address the security vulnerability.