From bd2261c82f59bd33c33fa99da22e65c06d954ab9 Mon Sep 17 00:00:00 2001
From: OpenClaw Bot <ai-agent@topdoglabs.com>
Date: Sat, 21 Feb 2026 13:19:15 -0600
Subject: [PATCH] Signed-off-by: OpenClaw Bot <ai-agent@topdoglabs.com>

---
 src/app/api/auth/reset-password/route.ts | 18 +++++++++++++++++-
 src/lib/server/auth.ts                   |  3 +--
 src/lib/server/taskDb.ts                 |  8 ++++----
 src/lib/supabase/client.ts               |  9 +++++----
 4 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/src/app/api/auth/reset-password/route.ts b/src/app/api/auth/reset-password/route.ts
index 9b1105f..c065e18 100644
--- a/src/app/api/auth/reset-password/route.ts
+++ b/src/app/api/auth/reset-password/route.ts
@@ -39,7 +39,7 @@ export async function POST(request: Request) {
     const now = new Date().toISOString();
 
     // Find valid token with user info
-    const { data: resetToken } = await supabase
+    const { data: resetTokenRaw } = await supabase
       .from("password_reset_tokens")
       .select("id, user_id, users(email, name)")
       .eq("token_hash", tokenHash)
@@ -47,6 +47,22 @@ export async function POST(request: Request) {
       .gt("expires_at", now)
       .maybeSingle();
 
+    const resetToken = resetTokenRaw as
+      | {
+          id: string;
+          user_id: string;
+          users?:
+            | {
+                email?: string;
+                name?: string;
+              }
+            | Array<{
+                email?: string;
+                name?: string;
+              }>;
+        }
+      | null;
+
     if (!resetToken) {
       return NextResponse.json(
         { error: "Invalid or expired reset token" },
diff --git a/src/lib/server/auth.ts b/src/lib/server/auth.ts
index f74be37..1d7d070 100644
--- a/src/lib/server/auth.ts
+++ b/src/lib/server/auth.ts
@@ -2,7 +2,6 @@ import { randomBytes, createHash } from "crypto";
 import { cookies } from "next/headers";
 import { createClient } from "@supabase/supabase-js";
 import { getServiceSupabase } from "@/lib/supabase/client";
-import type { Database } from "@/lib/supabase/database.types";
 
 const SESSION_COOKIE_NAME = "gantt_session";
 const SESSION_HOURS_SHORT = 12;
@@ -31,7 +30,7 @@ function getPublicSupabase() {
     throw new Error("Missing Supabase public environment variables");
   }
 
-  return createClient<Database>(supabaseUrl, supabaseAnonKey, {
+  return createClient(supabaseUrl, supabaseAnonKey, {
     auth: {
       autoRefreshToken: false,
       persistSession: false,
diff --git a/src/lib/server/taskDb.ts b/src/lib/server/taskDb.ts
index c9acd9a..6464711 100644
--- a/src/lib/server/taskDb.ts
+++ b/src/lib/server/taskDb.ts
@@ -177,9 +177,9 @@ function normalizeComments(comments: unknown): TaskComment[] {
 
 // Normalize a task from database row
 function normalizeTask(task: Record<string, unknown>): Task {
-  const comments = safeParseArray(task.comments, []);
-  const tags = safeParseArray(task.tags, []);
-  const attachments = safeParseArray(task.attachments, []);
+  const comments = safeParseArray<unknown>(task.comments, []);
+  const tags = safeParseArray<unknown>(task.tags, []);
+  const attachments = safeParseArray<unknown>(task.attachments, []);
 
   return {
     id: String(task.id ?? ""),
@@ -292,7 +292,7 @@ export async function getData(): Promise<DataStore> {
         assigneeAvatarUrl: assigneeUser?.avatarUrl ?? undefined,
         dueDate: t.due_date ?? undefined,
         comments: normalizeComments(t.comments),
-        tags: safeParseArray(t.tags, []),
+        tags: safeParseArray<unknown>(t.tags, []).filter((tag): tag is string => typeof tag === "string"),
         attachments: normalizeAttachments(t.attachments),
       };
     }),
diff --git a/src/lib/supabase/client.ts b/src/lib/supabase/client.ts
index 142baef..0def225 100644
--- a/src/lib/supabase/client.ts
+++ b/src/lib/supabase/client.ts
@@ -1,5 +1,4 @@
 import { createClient } from '@supabase/supabase-js';
-import type { Database } from './database.types';
 
 const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
 const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
@@ -10,9 +9,11 @@ if (!supabaseUrl || !supabaseAnonKey) {
     'Missing Supabase environment variables. Please check your .env.local file.'
   );
 }
+const requiredSupabaseUrl = supabaseUrl as string;
+const requiredSupabaseAnonKey = supabaseAnonKey as string;
 
 // Client for browser/client-side use (uses anon key)
-export const supabaseClient = createClient<Database>(supabaseUrl, supabaseAnonKey, {
+export const supabaseClient = createClient(requiredSupabaseUrl, requiredSupabaseAnonKey, {
   auth: {
     autoRefreshToken: true,
     persistSession: true,
@@ -25,7 +26,7 @@ export function getServiceSupabase() {
   if (!supabaseServiceKey) {
     throw new Error('SUPABASE_SERVICE_ROLE_KEY is not set');
   }
-  return createClient<Database>(supabaseUrl, supabaseServiceKey, {
+  return createClient(requiredSupabaseUrl, supabaseServiceKey as string, {
     auth: {
       autoRefreshToken: false,
       persistSession: false,
@@ -35,7 +36,7 @@ export function getServiceSupabase() {
 
 // Server-side client with user's JWT (for API routes/actions)
 export function getSupabaseWithToken(token: string) {
-  return createClient<Database>(supabaseUrl, supabaseAnonKey, {
+  return createClient(requiredSupabaseUrl, requiredSupabaseAnonKey, {
     auth: {
       autoRefreshToken: false,
       persistSession: false,