gscan 6.0.2 → 6.1.0

package/lib/checker.js

@@ -32,6 +32,7 @@ function loadChecks() {
  * @param {string} [options.themeName] name of the checked theme
  * @param {Object=} [options.labs] object containing boolean flags for enabled labs features
  * @param {boolean} [options.skipChecks] flag to allow reading theme without incurring check costs
+ * @param {Object=} [options.limits] zip extraction size limits
  * @returns {Promise<Object>}
  */
 const check = async function checkAll(themePath, options = {}) {
@@ -105,7 +106,7 @@ const checkZip = async function checkZip(path, options) {
 
     try {
         const readZip = require('./read-zip');
-        ({path: extractedZipPath} = await readZip(zip));
+        ({path: extractedZipPath} = await readZip(zip, {limits: options.limits}));
         return await check(extractedZipPath, Object.assign({themeName: zip.name}, options));
     } catch (error) {
         if (!errors.utils.isGhostError(error)) {

package/lib/read-theme.js

@@ -11,6 +11,9 @@ const ignore = [
     '.DS_Store',
     '.git',
     '.svn',
+    '.claude',
+    'CLAUDE.md',
+    'AGENTS.md',
     'Thumbs.db',
     '.yarn-cache'
 ];

package/lib/read-zip.js

@@ -7,6 +7,10 @@ const {extract} = require('@tryghost/zip');
 const errors = require('@tryghost/errors');
 const _ = require('lodash');
 
+const isKnownZipError = (err) => {
+    return errors.utils.isGhostError(err);
+};
+
 const resolveBaseDir = async (zipPath) => {
     let matches = [];
 
@@ -25,12 +29,17 @@ const resolveBaseDir = async (zipPath) => {
     return zipPath;
 };
 
-const readZip = (zip) => {
+const readZip = (zip, options = {}) => {
     const tempUuid = randomUUID();
     const tempPath = os.tmpdir() + '/' + tempUuid;
+    const extractOptions = {};
+
+    if (options.limits) {
+        extractOptions.limits = options.limits;
+    }
 
     debug('Reading Zip', zip.path, 'into', tempPath);
-    return extract(zip.path, tempPath)
+    return extract(zip.path, tempPath, extractOptions)
         .then(async () => {
             let resolvedPath = await resolveBaseDir(tempPath);
             zip.origPath = tempPath;
@@ -41,6 +50,10 @@ const readZip = (zip) => {
         }).catch((err) => {
             debug('Zip extraction error', err);
 
+            if (isKnownZipError(err)) {
+                throw err;
+            }
+
             throw new errors.ValidationError({
                 message: 'Failed to read zip file',
                 help: 'Your zip file might be corrupted, try unzipping and zipping again.',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gscan",
-  "version": "6.0.2",
+  "version": "6.1.0",
   "description": "Scans Ghost themes looking for errors, deprecations, features and compatibility",
   "keywords": [
     "ghost",
@@ -46,12 +46,12 @@
     "@sentry/node": "10.52.0",
     "@tryghost/config": "2.2.0",
     "@tryghost/debug": "2.2.0",
-    "@tryghost/errors": "3.2.0",
-    "@tryghost/logging": "4.2.0",
+    "@tryghost/errors": "3.2.1",
+    "@tryghost/logging": "4.2.1",
     "@tryghost/nql": "0.12.10",
     "@tryghost/pretty-cli": "3.2.0",
-    "@tryghost/server": "2.2.0",
-    "@tryghost/zip": "3.2.0",
+    "@tryghost/server": "2.2.1",
+    "@tryghost/zip": "3.3.1",
     "chalk": "5.6.2",
     "express": "5.2.1",
     "express-handlebars": "8.0.1",
@@ -75,7 +75,7 @@
   },
   "resolutions": {
     "node-loggly-bulk": "4.0.2",
-    "node-loggly-bulk/axios": "1.15.2",
+    "node-loggly-bulk/axios": "1.16.0",
     "**/handlebars": "4.7.9"
   },
   "files": [