Fix #760, Disables MiniJinja auto-escaping on filename

[jerbly]

Fixes #760

💥 BREAKING CHANGE 💥

Auto-escaping is now off by default (none) for all templates, regardless of file extension. To opt in, set auto_escape: html or auto_escape: json per template in weaver.yaml. Within a template, {% autoescape false %} blocks can selectively disable escaping for sections. Use |tojson for explicit JSON/YAML value escaping where needed.

See: https://docs.rs/minijinja/latest/minijinja/fn.default_auto_escape_callback.html

Also fixed the order of precedence for template and format usage:

1. filesystem template
2. embedded template
3. builtin

This allows you to have a yaml target even though yaml is now a builtin.

[codecov]

Codecov Report

❌ Patch coverage is 87.50000% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.3%. Comparing base (d225148) to head (41bda81).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
crates/weaver_forge/src/output_processor.rs	86.9%	3 Missing ⚠️
crates/weaver_forge/src/config.rs	60.0%	2 Missing ⚠️
crates/weaver_forge/src/file_loader.rs	88.8%	1 Missing ⚠️

Additional details and impacted files

@@          Coverage Diff          @@
##            main   #1239   +/-   ##
=====================================
  Coverage   80.3%   80.3%           
=====================================
  Files        110     110           
  Lines       8984    9009   +25     
=====================================
+ Hits        7222    7243   +21     
- Misses      1762    1766    +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[jsuereth]

Should this include markdown, java, or not?

I'm wondering if we should make this configurable...

[jerbly]

From the docs:

The default logic for auto escaping based on file extension.

Html: .html, .htm, .xml
Json: .json, .json5, .js, .yaml, .yml
None: all others

It seems highly unlikely that you want escaping if you're building a yaml file in the context of weaver. But, yeah we could prevent the breaking change and make this a config option instead if you think that's better?

[jerbly]

@jsuereth - I made this per template configurable in the weaver.yaml. This now has the added benefit that, regardless of file extension, you can enable auto escaping.

[jsuereth]

WOOT! Thank you