Guard against invalid source links #1084
Description
Problem
SourceLocationInfo can point outside the repository root. When that happens we still populate the “path relative to root” field, and the generated pages link to non-existent files.
Proposed solution
- Add a guard in the extraction step: if a location sits outside the configured root, leave the relative-path field blank.
- Audit existing call sites to ensure they respect the empty field and do not try to build a link anyway.
- Add a test case covering an out-of-tree include so the guard stays in place.
Requirements
- Locations outside the root no longer produce broken links.
- Tests cover both in-tree and out-of-tree files.
- Documentation (or inline comments) notes the guard.