Address code review feedback: improve error handling and security

Copilot · dermatz · Copilot · commit ded1e9cd609c · 2025-12-05T12:45:58.000Z
Co-authored-by: dermatz &lt;6103201+dermatz@users.noreply.github.com&gt;
diff --git a/src/Console/Command/Hyva/TokensCommand.php b/src/Console/Command/Hyva/TokensCommand.php
@@ -86,10 +86,11 @@ protected function executeCommand(InputInterface $input, OutputInterface $output
 
             try {
                 $themeCode = $themeCodePrompt->prompt();
-                \Laravel\Prompts\Prompt::terminal()->restoreTty();
             } catch (\Exception $e) {
                 $this->io->error('Interactive mode failed: ' . $e->getMessage());
                 return Command::FAILURE;
+            } finally {
+                \Laravel\Prompts\Prompt::terminal()->restoreTty();
             }
         }
 
diff --git a/src/Service/HyvaTokens/ConfigReader.php b/src/Service/HyvaTokens/ConfigReader.php
@@ -25,6 +25,7 @@ public function __construct(
      *
      * @param string $themePath
      * @return array
+     * @throws \Exception
      */
     public function getConfig(string $themePath): array
     {
@@ -40,7 +41,12 @@ public function getConfig(string $themePath): array
 
         if ($this->fileDriver->isExists($configPath)) {
             $configContent = $this->fileDriver->fileGetContents($configPath);
-            $jsonConfig = json_decode($configContent, true);
+            
+            try {
+                $jsonConfig = json_decode($configContent, true, 512, JSON_THROW_ON_ERROR);
+            } catch (\JsonException $e) {
+                throw new \Exception("Invalid JSON in configuration file: " . $e->getMessage());
+            }
 
             if (isset($jsonConfig['tokens'])) {
                 $tokensConfig = $jsonConfig['tokens'];
diff --git a/src/Service/HyvaTokens/CssGenerator.php b/src/Service/HyvaTokens/CssGenerator.php
@@ -50,7 +50,7 @@ public function write(string $content, string $outputPath): bool
         // Ensure the directory exists
         $directory = dirname($outputPath);
         if (!$this->fileDriver->isDirectory($directory)) {
-            $this->fileDriver->createDirectory($directory, 0755);
+            $this->fileDriver->createDirectory($directory, 0750);
         }
 
         try {
diff --git a/src/Service/HyvaTokens/TokenParser.php b/src/Service/HyvaTokens/TokenParser.php
@@ -33,15 +33,16 @@ public function parse(?string $filePath, ?array $inlineValues, string $format):
         }
 
         // Otherwise, read from file
-        if ($filePath === null || !$this->fileDriver->isExists($filePath)) {
+        if ($filePath === null || !$this->fileDriver->isFile($filePath)) {
             throw new \Exception("Token source file not found: " . ($filePath ?? 'null'));
         }
 
         $content = $this->fileDriver->fileGetContents($filePath);
-        $tokens = json_decode($content, true);
-
-        if (json_last_error() !== JSON_ERROR_NONE) {
-            throw new \Exception("Invalid JSON in token file: " . json_last_error_msg());
+        
+        try {
+            $tokens = json_decode($content, true, 512, JSON_THROW_ON_ERROR);
+        } catch (\JsonException $e) {
+            throw new \Exception("Invalid JSON in token file: " . $e->getMessage());
         }
 
         return $this->normalizeTokens($tokens, $format);

Original file line number	Diff line number	Diff line change
`@@ -86,10 +86,11 @@ protected function executeCommand(InputInterface $input, OutputInterface $output`
`86`	`86`
`87`	`87`	`try {`
`88`	`88`	`$themeCode = $themeCodePrompt->prompt();`
`89`		`- \Laravel\Prompts\Prompt::terminal()->restoreTty();`
`90`	`89`	`} catch (\Exception $e) {`
`91`	`90`	`$this->io->error('Interactive mode failed: ' . $e->getMessage());`
`92`	`91`	`return Command::FAILURE;`
	`92`	`+ } finally {`
	`93`	`+ \Laravel\Prompts\Prompt::terminal()->restoreTty();`
`93`	`94`	`}`
`94`	`95`	`}`
`95`	`96`
Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@ public function write(string $content, string $outputPath): bool`
`50`	`50`	`// Ensure the directory exists`
`51`	`51`	`$directory = dirname($outputPath);`
`52`	`52`	`if (!$this->fileDriver->isDirectory($directory)) {`
`53`		`- $this->fileDriver->createDirectory($directory, 0755);`
	`53`	`+ $this->fileDriver->createDirectory($directory, 0750);`
`54`	`54`	`}`
`55`	`55`
`56`	`56`	`try {`
Original file line number	Diff line number	Diff line change
`@@ -33,15 +33,16 @@ public function parse(?string $filePath, ?array $inlineValues, string $format):`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	`// Otherwise, read from file`
`36`		`- if ($filePath === null \|\| !$this->fileDriver->isExists($filePath)) {`
	`36`	`+ if ($filePath === null \|\| !$this->fileDriver->isFile($filePath)) {`
`37`	`37`	`throw new \Exception("Token source file not found: " . ($filePath ?? 'null'));`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`$content = $this->fileDriver->fileGetContents($filePath);`
`41`		`- $tokens = json_decode($content, true);`
`42`		`-`
`43`		`- if (json_last_error() !== JSON_ERROR_NONE) {`
`44`		`- throw new \Exception("Invalid JSON in token file: " . json_last_error_msg());`
	`41`	`+`
	`42`	`+ try {`
	`43`	`+ $tokens = json_decode($content, true, 512, JSON_THROW_ON_ERROR);`
	`44`	`+ } catch (\JsonException $e) {`
	`45`	`+ throw new \Exception("Invalid JSON in token file: " . $e->getMessage());`
`45`	`46`	`}`
`46`	`47`
`47`	`48`	`return $this->normalizeTokens($tokens, $format);`