Restrict subdirectory imports to main.kcl (#7094)

Signed-off-by: Nick Cameron <nrc@ncameron.org>
2025-05-20 18:13:17 +12:00
parent 38a245f2fc
commit 651181e62c
6 changed files with 67 additions and 19 deletions
--- a/rust/kcl-lib/src/parsing/parser.rs
+++ b/rust/kcl-lib/src/parsing/parser.rs
@ -1729,7 +1729,7 @@ fn glob(i: &mut TokenSlice) -> PResult<Token> {
        .parse_next(i)
 }

-fn import_stmt(i: &mut TokenSlice) -> PResult<BoxNode<ImportStatement>> {
+pub(super) fn import_stmt(i: &mut TokenSlice) -> PResult<BoxNode<ImportStatement>> {
    let (visibility, visibility_token) = opt(terminated(item_visibility, whitespace))
        .parse_next(i)?
        .map_or((ItemVisibility::Default, None), |pair| (pair.0, Some(pair.1)));
@ -1867,7 +1867,7 @@ fn validate_path_string(path_string: String, var_name: bool, path_range: SourceR
            return Err(ErrMode::Cut(
                CompilationError::fatal(
                    path_range,
-                    "import path may only contain alphanumeric characters, underscore, hyphen, and period. KCL files in other directories are not yet supported.",
+                    "import path may only contain alphanumeric characters, `_`, `-`, `.`, `/`, and `\\`.",
                )
                .into(),
            ));
@ -1894,6 +1894,15 @@ fn validate_path_string(path_string: String, var_name: bool, path_range: SourceR
            ));
        }

+        if (path_string.contains('/') || path_string.contains('\\'))
+            && !(path_string.ends_with("/main.kcl") || path_string.ends_with("\\main.kcl"))
+        {
+            return Err(ErrMode::Cut(
+                CompilationError::fatal(path_range, "import path to a subdirectory must only refer to main.kcl.")
+                    .into(),
+            ));
+        }
+
        ImportPath::Kcl {
            filename: TypedPath::new(&path_string),
        }
@ -4569,9 +4578,14 @@ e
        );
        assert_err(
            r#"import cube from "C:\cube.kcl""#,
-            "import path may only contain alphanumeric characters, underscore, hyphen, and period. KCL files in other directories are not yet supported.",
+            "import path may only contain alphanumeric characters, `_`, `-`, `.`, `/`, and `\\`.",
            [17, 30],
        );
+        assert_err(
+            r#"import cube from "cube/cube.kcl""#,
+            "import path to a subdirectory must only refer to main.kcl.",
+            [17, 32],
+        );
        assert_err(
            r#"import * as foo from "dsfs""#,
            "as is not the 'from' keyword",