Signed-off-by: OpenClaw Bot <ai-agent@topdoglabs.com>

src/app/api/auth/reset-password/route.ts

@@ -39,7 +39,7 @@ export async function POST(request: Request) {
     const now = new Date().toISOString();
 
     // Find valid token with user info
-    const { data: resetToken } = await supabase
+    const { data: resetTokenRaw } = await supabase
       .from("password_reset_tokens")
       .select("id, user_id, users(email, name)")
       .eq("token_hash", tokenHash)
@@ -47,6 +47,22 @@ export async function POST(request: Request) {
       .gt("expires_at", now)
       .maybeSingle();
 
+    const resetToken = resetTokenRaw as
+      | {
+          id: string;
+          user_id: string;
+          users?:
+            | {
+                email?: string;
+                name?: string;
+              }
+            | Array<{
+                email?: string;
+                name?: string;
+              }>;
+        }
+      | null;
+
     if (!resetToken) {
       return NextResponse.json(
         { error: "Invalid or expired reset token" },

src/lib/server/auth.ts

@@ -2,7 +2,6 @@ import { randomBytes, createHash } from "crypto";
 import { cookies } from "next/headers";
 import { createClient } from "@supabase/supabase-js";
 import { getServiceSupabase } from "@/lib/supabase/client";
-import type { Database } from "@/lib/supabase/database.types";
 
 const SESSION_COOKIE_NAME = "gantt_session";
 const SESSION_HOURS_SHORT = 12;
@@ -31,7 +30,7 @@ function getPublicSupabase() {
     throw new Error("Missing Supabase public environment variables");
   }
 
-  return createClient<Database>(supabaseUrl, supabaseAnonKey, {
+  return createClient(supabaseUrl, supabaseAnonKey, {
     auth: {
       autoRefreshToken: false,
       persistSession: false,

src/lib/server/taskDb.ts

@@ -177,9 +177,9 @@ function normalizeComments(comments: unknown): TaskComment[] {
 
 // Normalize a task from database row
 function normalizeTask(task: Record<string, unknown>): Task {
-  const comments = safeParseArray(task.comments, []);
+  const comments = safeParseArray<unknown>(task.comments, []);
-  const tags = safeParseArray(task.tags, []);
+  const tags = safeParseArray<unknown>(task.tags, []);
-  const attachments = safeParseArray(task.attachments, []);
+  const attachments = safeParseArray<unknown>(task.attachments, []);
 
   return {
     id: String(task.id ?? ""),
@@ -292,7 +292,7 @@ export async function getData(): Promise<DataStore> {
         assigneeAvatarUrl: assigneeUser?.avatarUrl ?? undefined,
         dueDate: t.due_date ?? undefined,
         comments: normalizeComments(t.comments),
-        tags: safeParseArray(t.tags, []),
+        tags: safeParseArray<unknown>(t.tags, []).filter((tag): tag is string => typeof tag === "string"),
         attachments: normalizeAttachments(t.attachments),
       };
     }),

src/lib/supabase/client.ts

@@ -1,5 +1,4 @@
 import { createClient } from '@supabase/supabase-js';
-import type { Database } from './database.types';
 
 const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
 const supabaseAnonKey = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
@@ -10,9 +9,11 @@ if (!supabaseUrl || !supabaseAnonKey) {
     'Missing Supabase environment variables. Please check your .env.local file.'
   );
 }
+const requiredSupabaseUrl = supabaseUrl as string;
+const requiredSupabaseAnonKey = supabaseAnonKey as string;
 
 // Client for browser/client-side use (uses anon key)
-export const supabaseClient = createClient<Database>(supabaseUrl, supabaseAnonKey, {
+export const supabaseClient = createClient(requiredSupabaseUrl, requiredSupabaseAnonKey, {
   auth: {
     autoRefreshToken: true,
     persistSession: true,
@@ -25,7 +26,7 @@ export function getServiceSupabase() {
   if (!supabaseServiceKey) {
     throw new Error('SUPABASE_SERVICE_ROLE_KEY is not set');
   }
-  return createClient<Database>(supabaseUrl, supabaseServiceKey, {
+  return createClient(requiredSupabaseUrl, supabaseServiceKey as string, {
     auth: {
       autoRefreshToken: false,
       persistSession: false,
@@ -35,7 +36,7 @@ export function getServiceSupabase() {
 
 // Server-side client with user's JWT (for API routes/actions)
 export function getSupabaseWithToken(token: string) {
-  return createClient<Database>(supabaseUrl, supabaseAnonKey, {
+  return createClient(requiredSupabaseUrl, requiredSupabaseAnonKey, {
     auth: {
       autoRefreshToken: false,
       persistSession: false,