fix(backend): remove any usages from profiles.ts to improve type safety

[Satvik-art-creator]

Summary

This PR improves type safety in the profile routes by removing the remaining usages of any in apps/backend/src/routes/profiles.ts. By leveraging existing Fastify request typings and Prisma error classes, this makes the route handlers and error handling logic safer and more maintainable.

This issue is solved under GSSoC '26.

Closes #552

---

Type of Change

• Bug fix
• New feature
• Refactor (no functional change)
• UI / Design change
• Tests only
• Documentation
• Infrastructure / DevOps
• Security

---

What Changed

• apps/backend/src/routes/profiles.ts: Replaced request.server as any and (app as any).authenticate with properly typed Fastify instance property access (request.server and app.authenticate), leveraging the existing FastifyInstance augmentation in fastify.d.ts.
• apps/backend/src/routes/profiles.ts: Replaced all instances of (request.user as any).id with request.user.id, utilizing the native JWT authentication typings.
• apps/backend/src/routes/profiles.ts: Replaced unsafe catch (err: any) with catch (err: unknown) and utilized Prisma.PrismaClientKnownRequestError to safely trap P2002 (unique constraint) errors.

---

How to Test

1. Check out this branch locally: git checkout fix/profile-ts-types
2. Ensure you have the backend dependencies installed and Prisma generated: cd apps/backend && npm install
3. Run the TypeScript compiler to ensure there are no implicit any errors: npm run typecheck
4. Optionally, start the backend and update a profile/link to verify authentication and database calls work exactly as before.

---

Checklist

• My code follows the project's coding style (pnpm -r run lint passes).
• TypeScript compiles without errors (pnpm -r run typecheck).
• I have added or updated tests for the changes I made. (N/A - Type updates only)
• All tests pass locally (pnpm -r run test).
• I have updated documentation where necessary. (N/A)
• No new console.log or debug statements left in the code.
• Breaking changes are documented in this PR description. (N/A)

---

Additional Context

No application behavior or logic has been altered. This PR simply removes TS-compiler overrides to improve the codebase quality and safety.

[vercel]

@Satvik-art-creator is attempting to deploy a commit to the Prashantkumar Khatri's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

Hi @Satvik-art-creator,

Thanks for opening this pull request.

This PR has been automatically classified based on the files modified.

Applied Labels

• gssoc:approved
• backend

Primary Review Area

• backend

Reviewer

@Harxhit has been identified as the primary reviewer for this pull request.

If you have any questions regarding the affected area or implementation details, feel free to reach out to the assigned reviewer.

Thank you for your contribution!

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

This PR tightens type safety in the profiles routes by removing any casts, using typed request.user, and improving Prisma error handling for unique-constraint conflicts.

Changes:

• Replace (request.user as any).id with request.user.id across profile endpoints.
• Update error handling to catch unknown and narrow Prisma errors via PrismaClientKnownRequestError.
• Remove any usage around authenticate access on request.server / app.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

CI — All Checks Passed

Backend — PASS

Check	Result
Lint	PASS
Test	PASS
Typecheck	PASS

Mobile — SKIP

Check	Result
Lint	-
Test	-

Web — SKIP

Check	Result
Build	-

---

Last updated: Wed, 17 Jun 2026 01:36:19 GMT

[Harxhit]

Clean, well-scoped refactor — the any removals are all correct against the existing fastify.d.ts augmentation (request.user is typed as AuthenticatedUser, and FastifyInstance.authenticate is declared), so request.user.id and app.authenticate type-check without casts. Replacing err: any + err?.code === 'P2002' with err instanceof Prisma.PrismaClientKnownRequestError && err.code === 'P2002' is the right pattern, and the unused getProfileUrl / getErrorMessage imports were correctly dropped. A couple of small inline notes below.

[Harxhit]

ProfileUpdateResponse is now suppressed with an eslint-disable for being unused rather than removed. The PR description says no behavior changes and this type isn't referenced anywhere — prefer deleting the dead type outright over silencing the linter. If it's intentionally kept as living API documentation, a one-line comment saying so would be clearer than the bare disable.

[Harxhit]

Now that the casts are gone, the typing makes the redundancy here visible: request.server is the app instance, so the server?.authenticate branch (line 25) and this app.authenticate branch are the same decorator — and FastifyInstance.authenticate is now declared non-optional in fastify.d.ts, so the typeof === 'function' guards and the jwtVerify fallback are effectively dead code. Out of scope for a pure type-safety PR, but worth a follow-up to collapse this to a single await app.authenticate(request, reply).

[Harxhit]

Good change. Since Prisma is now imported solely for this guard, just confirm @prisma/client is generated in CI before typecheck/lint runs (the import resolves to generated types) — otherwise lint/typecheck could fail on a clean checkout.

[Harxhit]

LGTM. Approving

[github-actions]

Congratulations @Satvik-art-creator on getting PR #589 merged!

Thank you for your contribution to the project.

To receive the appropriate GSSoC labels and recognition, please mention @Harxhit in the #get-labels channel on our Discord server and share your merged PR link.