#feature-request - Improve security and performance in CleanCommand

Co-authored-by: dermatz <6103201+dermatz@users.noreply.github.com>

Author: Copilot

src/Console/Command/Static/CleanCommand.php

@@ -102,10 +102,14 @@ private function processCleanThemes(array $themeCodes): int
 
         $this->io->title(sprintf('Cleaning static files for %d theme(s)', $totalThemes));
 
+        // Get themes list once for validation
+        $installedThemes = $this->themeList->getAllThemes();
+        $installedThemeCodes = array_map(fn($theme) => $theme->getCode(), $installedThemes);
+
         foreach ($themeCodes as $themeCode) {
             $this->io->section(sprintf('Cleaning theme: %s', $themeCode));
 
-            if (!$this->validateTheme($themeCode)) {
+            if (!in_array($themeCode, $installedThemeCodes, true)) {
                 $failureList[] = $themeCode;
                 $this->io->error("Theme $themeCode is not installed.");
                 continue;
@@ -126,25 +130,6 @@ private function processCleanThemes(array $themeCodes): int
         return Cli::RETURN_SUCCESS;
     }
 
-    /**
-     * Validate if theme exists
-     *
-     * @param string $themeCode
-     * @return bool
-     */
-    private function validateTheme(string $themeCode): bool
-    {
-        $themes = $this->themeList->getAllThemes();
-
-        foreach ($themes as $theme) {
-            if ($theme->getCode() === $themeCode) {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
     /**
      * Clean theme files from var/view_preprocessed and pub/static
      *
@@ -278,21 +263,34 @@ private function removeDirectory(string $dir): bool
                 return false;
             }
 
-            $files = array_diff(scandir($dir), ['.', '..']);
+            // Check if directory is writable
+            if (!is_writable($dir)) {
+                throw new \RuntimeException(sprintf('Directory is not writable: %s', $dir));
+            }
+
+            $files = scandir($dir);
+            if ($files === false) {
+                throw new \RuntimeException(sprintf('Failed to scan directory: %s', $dir));
+            }
+
+            $files = array_diff($files, ['.', '..']);
             foreach ($files as $file) {
                 $path = $dir . DIRECTORY_SEPARATOR . $file;
                 if (is_dir($path)) {
                     if (!$this->removeDirectory($path)) {
                         throw new \RuntimeException(sprintf('Failed to remove directory: %s', $path));
                     }
                 } else {
-                    if (!@unlink($path)) {
+                    if (!is_writable($path)) {
+                        throw new \RuntimeException(sprintf('File is not writable: %s', $path));
+                    }
+                    if (!unlink($path)) {
                         throw new \RuntimeException(sprintf('Failed to remove file: %s', $path));
                     }
                 }
             }
 
-            if (!@rmdir($dir)) {
+            if (!rmdir($dir)) {
                 throw new \RuntimeException(sprintf('Failed to remove directory: %s', $dir));
             }