fix(dashboard): normalize route id params for express 5 typings

backend/scripts/predev-migrate.cjs

@@ -24,7 +24,10 @@ const resolveDatabaseUrl = (rawUrl) => {
 
   const absolutePath = path.isAbsolute(filePath)
     ? filePath
-    : path.resolve(hasLeadingPrismaDir ? backendRoot : prismaDir, normalizedRelative);
+    : path.resolve(
+        hasLeadingPrismaDir ? backendRoot : prismaDir,
+        normalizedRelative,
+      );
 
   return `file:${absolutePath}`;
 };
@@ -91,7 +94,15 @@ const backupDbIfPresent = () => {
 const isNonProd = nodeEnv !== "production";
 const isFileDb = databaseUrl.startsWith("file:");
 
-const deploy = runCapture("npx prisma migrate deploy");
+let deploy = runCapture("npx prisma migrate deploy");
+
+if (!deploy.ok) {
+  console.warn(
+    `[predev] Prisma migrate deploy failed. Attempting pnpm exec...`,
+  );
+  deploy = runCapture("pnpm exec prisma migrate deploy");
+}
+
 if (deploy.ok) {
   if (deploy.stdout) process.stdout.write(deploy.stdout);
 } else {
@@ -111,7 +122,16 @@ if (deploy.ok) {
         `  If you need to preserve local data, restore the backup and baseline manually.`,
     );
 
-    run("npx prisma migrate reset --force --skip-seed");
+    // check for npx, if not present try pnpm exec
+    try {
+      console.log(
+        `[predev] Running: npx prisma migrate reset --force --skip-seed`,
+      );
+      run("npx prisma migrate reset --force --skip-seed");
+    } catch {
+      console.warn(`[predev] npx not found, trying pnpm exec...`);
+      run("pnpm exec prisma migrate reset --force --skip-seed");
+    }
   } else {
     throw deploy.error;
   }

backend/src/routes/dashboard/collections.ts

@@ -2,6 +2,14 @@ import express from "express";
 import { DashboardRouteDeps } from "./types";
 import { getUserTrashCollectionId, isTrashCollectionId } from "./trash";
 
+const getRouteIdParam = (value: string | string[] | undefined): string | null => {
+  if (typeof value === "string" && value.trim().length > 0) return value;
+  if (Array.isArray(value) && typeof value[0] === "string" && value[0].trim().length > 0) {
+    return value[0];
+  }
+  return null;
+};
+
 export const registerCollectionRoutes = (
   app: express.Express,
   deps: DashboardRouteDeps
@@ -59,7 +67,8 @@ export const registerCollectionRoutes = (
   app.put("/collections/:id", requireAuth, asyncHandler(async (req, res) => {
     if (!req.user) return res.status(401).json({ error: "Unauthorized" });
 
-    const { id } = req.params;
+    const id = getRouteIdParam(req.params.id);
+    if (!id) return res.status(400).json({ error: "Validation error", message: "Invalid id parameter" });
     if (isTrashCollectionId(id, req.user.id)) {
       return res.status(400).json({
         error: "Validation error",
@@ -99,7 +108,8 @@ export const registerCollectionRoutes = (
   app.delete("/collections/:id", requireAuth, asyncHandler(async (req, res) => {
     if (!req.user) return res.status(401).json({ error: "Unauthorized" });
 
-    const { id } = req.params;
+    const id = getRouteIdParam(req.params.id);
+    if (!id) return res.status(400).json({ error: "Validation error", message: "Invalid id parameter" });
     if (isTrashCollectionId(id, req.user.id)) {
       return res.status(400).json({
         error: "Validation error",

backend/src/routes/dashboard/drawings.ts

@@ -8,6 +8,14 @@ import {
   toPublicTrashCollectionId,
 } from "./trash";
 
+const getRouteIdParam = (value: string | string[] | undefined): string | null => {
+  if (typeof value === "string" && value.trim().length > 0) return value;
+  if (Array.isArray(value) && typeof value[0] === "string" && value[0].trim().length > 0) {
+    return value[0];
+  }
+  return null;
+};
+
 export const registerDrawingRoutes = (
   app: express.Express,
   deps: DashboardRouteDeps
@@ -172,7 +180,8 @@ export const registerDrawingRoutes = (
   app.get("/drawings/:id", requireAuth, asyncHandler(async (req, res) => {
     if (!req.user) return res.status(401).json({ error: "Unauthorized" });
 
-    const { id } = req.params;
+    const id = getRouteIdParam(req.params.id);
+    if (!id) return res.status(400).json({ error: "Validation error", message: "Invalid id parameter" });
     const drawing = await prisma.drawing.findFirst({
       where: {
         id,
@@ -255,7 +264,8 @@ export const registerDrawingRoutes = (
   app.put("/drawings/:id", requireAuth, asyncHandler(async (req, res) => {
     if (!req.user) return res.status(401).json({ error: "Unauthorized" });
 
-    const { id } = req.params;
+    const id = getRouteIdParam(req.params.id);
+    if (!id) return res.status(400).json({ error: "Validation error", message: "Invalid id parameter" });
     const existingDrawing = await prisma.drawing.findFirst({
       where: { id, userId: req.user.id },
     });
@@ -352,7 +362,8 @@ export const registerDrawingRoutes = (
 
   app.delete("/drawings/:id", requireAuth, asyncHandler(async (req, res) => {
     if (!req.user) return res.status(401).json({ error: "Unauthorized" });
-    const { id } = req.params;
+    const id = getRouteIdParam(req.params.id);
+    if (!id) return res.status(400).json({ error: "Validation error", message: "Invalid id parameter" });
 
     const drawing = await prisma.drawing.findFirst({ where: { id, userId: req.user.id } });
     if (!drawing) return res.status(404).json({ error: "Drawing not found" });
@@ -382,7 +393,8 @@ export const registerDrawingRoutes = (
   app.post("/drawings/:id/duplicate", requireAuth, asyncHandler(async (req, res) => {
     if (!req.user) return res.status(401).json({ error: "Unauthorized" });
 
-    const { id } = req.params;
+    const id = getRouteIdParam(req.params.id);
+    if (!id) return res.status(400).json({ error: "Validation error", message: "Invalid id parameter" });
     const original = await prisma.drawing.findFirst({ where: { id, userId: req.user.id } });
     if (!original) return res.status(404).json({ error: "Original drawing not found" });
     let duplicatedCollectionId = original.collectionId;