Skip to content

fix: replace .single() with .maybeSingle() in 5 API routes #475

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
tankgxy wants to merge 1 commit into from
Closed

fix: replace .single() with .maybeSingle() in 5 API routes #475

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions src/app/api/applications/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
.from("gigs")
.select("poster_id, status, title, poster:profiles!poster_id(full_name, username)")
.eq("id", gig_id)
.single();
.maybeSingle();

if (!gig) {
return NextResponse.json({ error: "Gig not found" }, { status: 404 });
Expand Down Expand Up @@ -76,7 +76,7 @@
.select("id")
.eq("gig_id", gig_id)
.eq("applicant_id", user.id)
.single();
.maybeSingle();

if (existingApplication) {
return NextResponse.json(
Expand All @@ -94,7 +94,7 @@
...applicationData,
})
.select()
.single();
.maybeSingle();

if (error) {
return NextResponse.json({ error: error.message }, { status: 400 });
Expand All @@ -121,7 +121,7 @@
.from("profiles")
.select("full_name, username")
.eq("id", user.id)
.single();
.maybeSingle();

const applicantName = applicantProfile?.full_name || applicantProfile?.username || "A candidate";
const posterName = poster?.full_name || poster?.username || "there";
Expand All @@ -131,7 +131,7 @@
applicantName,
gigTitle: gig.title,
gigId: gig_id,
applicationId: application.id,

Check failure on line 134 in src/app/api/applications/route.ts

View workflow job for this annotation

GitHub Actions / build 

'application' is possibly 'null'.
coverLetterPreview: applicationData.cover_letter,
});

Expand All @@ -152,7 +152,7 @@

// Dispatch webhook to gig poster
dispatchWebhookAsync(gig.poster_id, "application.new", {
application_id: application.id,

Check failure on line 155 in src/app/api/applications/route.ts

View workflow job for this annotation

GitHub Actions / build 

'application' is possibly 'null'.
gig_id,
gig_title: gig.title,
applicant_id: user.id,
Expand Down
16 changes: 8 additions & 8 deletions src/app/api/conversations/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ export async function POST(request: NextRequest) {
.from("profiles")
.select("id")
.eq("id", recipient_id)
.single();
.maybeSingle();

if (!recipient) {
return NextResponse.json(
Expand All @@ -159,7 +159,7 @@ export async function POST(request: NextRequest) {
.from("gigs")
.select("id, poster_id")
.eq("id", gig_id)
.single();
.maybeSingle();

if (!gig) {
return NextResponse.json({ error: "Gig not found" }, { status: 404 });
Expand All @@ -175,7 +175,7 @@ export async function POST(request: NextRequest) {
.select("id")
.eq("gig_id", gig_id)
.eq("applicant_id", user.id)
.single();
.maybeSingle();

isApplicant = !!application;
}
Expand All @@ -193,7 +193,7 @@ export async function POST(request: NextRequest) {
.select("*")
.eq("gig_id", gig_id)
.contains("participant_ids", participantIds)
.single();
.maybeSingle();

if (existingConv) {
return NextResponse.json({ data: existingConv });
Expand All @@ -207,7 +207,7 @@ export async function POST(request: NextRequest) {
gig_id,
})
.select()
.single();
.maybeSingle();

if (error) {
return NextResponse.json({ error: error.message }, { status: 400 });
Expand Down Expand Up @@ -236,7 +236,7 @@ export async function POST(request: NextRequest) {
gig_id: null,
})
.select()
.single();
.maybeSingle();

if (error) {
return NextResponse.json({ error: error.message }, { status: 400 });
Expand Down Expand Up @@ -277,7 +277,7 @@ export async function PATCH(request: NextRequest) {
.select("id, participant_ids")
.eq("id", conversation_id)
.contains("participant_ids", [user.id])
.single();
.maybeSingle();

if (!conv) {
return NextResponse.json(
Expand All @@ -293,7 +293,7 @@ export async function PATCH(request: NextRequest) {
})
.eq("id", conversation_id)
.select()
.single();
.maybeSingle();

if (error) {
return NextResponse.json({ error: error.message }, { status: 400 });
Expand Down
12 changes: 6 additions & 6 deletions src/app/api/gigs/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
)
.eq("status", "active");

// Apply filters â€use textSearch or individual filters to prevent PostgREST filter injection (#71)
// Apply filters �use textSearch or individual filters to prevent PostgREST filter injection (#71)
Comment on lines 73 to +76

@greptile-apps greptile-apps Bot Jun 14, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Comment encoding corruption (em dash → ?)

Three comments in this file had their em dash character () corrupted to ? (e.g., // Apply filters ?use textSearch…, // No filter ?return both types, // Apply pagination ?ensure non-negative offset…). These are likely a text-encoding side-effect of the PR tooling. The comments should be restored to their original readable form.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

if (search) {
// Sanitize: escape PostgREST special chars and SQL wildcards
const safeSearch = search
Expand Down Expand Up @@ -113,7 +113,7 @@

// Default to 'hiring' unless explicitly requesting for_hire or 'all'
if (listing_type === "all") {
// No filter â€return both types
// No filter �return both types
} else if (listing_type) {
query = query.eq("listing_type", listing_type);
} else {
Expand All @@ -139,7 +139,7 @@
query = query.order("created_at", { ascending: false });
}

// Apply pagination â€ensure non-negative offset (#69)
// Apply pagination �ensure non-negative offset (#69)
const offset = Math.max(0, (page - 1) * limit);
query = query.range(offset, offset + limit - 1);

Expand Down Expand Up @@ -222,7 +222,7 @@
.from("subscriptions")
.select("plan")
.eq("user_id", user.id)
.single();
.maybeSingle();

if (!subscription || subscription.plan === "free") {
const { data: usage } = await supabase
Expand All @@ -231,7 +231,7 @@
.eq("user_id", user.id)
.eq("month", month)
.eq("year", year)
.single();
.maybeSingle();

if (usage && usage.posts_count >= 10) {
return NextResponse.json(
Expand All @@ -254,7 +254,7 @@
...validationResult.data,
})
.select()
.single();
.maybeSingle();

if (error) {
return NextResponse.json({ error: error.message }, { status: 400 });
Expand Down Expand Up @@ -283,16 +283,16 @@

// Fire reputation receipt
getUserDid(supabase, user.id).then((did) => {
if (did) onGigPosted(did, gig.id);

Check failure on line 286 in src/app/api/gigs/route.ts

View workflow job for this annotation

GitHub Actions / build 

'gig' is possibly 'null'.
}).catch(() => {});

// Log activity
void logActivity(supabase, {
userId: user.id,
activityType: "gig_posted",
referenceId: gig.id,

Check failure on line 293 in src/app/api/gigs/route.ts

View workflow job for this annotation

GitHub Actions / build 

'gig' is possibly 'null'.
referenceType: "gig",
metadata: { gig_title: gig.title },

Check failure on line 295 in src/app/api/gigs/route.ts

View workflow job for this annotation

GitHub Actions / build 

'gig' is possibly 'null'.
});

return NextResponse.json({ gig }, { status: 201 });
Expand Down
10 changes: 5 additions & 5 deletions src/app/api/messages/send/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ export async function POST(request: NextRequest) {
.from("profiles")
.select("id, full_name, username, last_active_at")
.eq("username", recipient)
.single();
.maybeSingle();

if (recipientError || !recipientProfile) {
return NextResponse.json(
Expand All @@ -67,7 +67,7 @@ export async function POST(request: NextRequest) {
.select("id, participant_ids")
.is("gig_id", null)
.contains("participant_ids", participantIds)
.single();
.maybeSingle();

let conversationId: string;

Expand All @@ -82,7 +82,7 @@ export async function POST(request: NextRequest) {
gig_id: null,
})
.select("id")
.single();
.maybeSingle();

if (createError || !newConversation) {
return NextResponse.json(
Expand Down Expand Up @@ -114,7 +114,7 @@ export async function POST(request: NextRequest) {
)
`
)
.single();
.maybeSingle();

if (messageError || !message) {
return NextResponse.json(
Expand All @@ -134,7 +134,7 @@ export async function POST(request: NextRequest) {
.from("profiles")
.select("full_name, username")
.eq("id", user.id)
.single();
.maybeSingle();

const senderName =
senderProfile?.full_name || senderProfile?.username || "Someone";
Expand Down
10 changes: 5 additions & 5 deletions src/app/api/profile/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@
.from("profiles")
.select("*")
.eq("id", user.id)
.single();
.maybeSingle();

if (error) {
if (error || !profile) {
return NextResponse.json({ error: error.message }, { status: 400 });

Check failure on line 24 in src/app/api/profile/route.ts

View workflow job for this annotation

GitHub Actions / build 

'error' is possibly 'null'.
}
Comment on lines +23 to 25

@greptile-apps greptile-apps Bot Jun 14, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Null dereference on error.message when profile not found

With .maybeSingle(), when the query returns no rows, error is null and profile is null. The guard if (error || !profile) correctly catches the "no profile" case, but then error.message throws a TypeError because error is null. This uncaught exception propagates to the catch block, returning a generic 500 "An unexpected error occurred" response instead of the intended 400. The same pattern is broken in the PUT handler at line 125–129.


return NextResponse.json({ profile });
Expand Down Expand Up @@ -100,7 +100,7 @@
.from("profiles")
.select("did, resume_url")
.eq("id", user.id)
.single();
.maybeSingle();

// Check if profile is complete
const isComplete = Boolean(
Expand All @@ -120,12 +120,12 @@
.update(updateData)
.eq("id", user.id)
.select()
.single();
.maybeSingle();

if (error) {
if (error || !profile) {
console.error("Profile update error:", error);
console.error("Error details:", JSON.stringify(error, null, 2));
return NextResponse.json({ error: error.message }, { status: 400 });

Check failure on line 128 in src/app/api/profile/route.ts

View workflow job for this annotation

GitHub Actions / build 

'error' is possibly 'null'.
}

// Log profile update activity
Expand Down
Loading