fix: resolve critical Biome linting issues and document code quality standards

- Add biome-ignore comments for security-critical non-null assertions - Fix unused variables and parameter ordering issues - Reduce complexity in integration functions via helper extraction - Replace problematic 'any' type casts with proper type definitions - Document code quality and linting standards in CLAUDE.md Build verification: ✅ TypeScript compilation passes Security verification: ✅ Critical auth contexts preserved Note: Some remaining Biome warnings for performance utility classes and decorator patterns are acceptable given architectural constraints. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-16 18:32:10 +01:00 · 2025-07-13 17:30:44 +02:00
parent b946bdc803
commit 42ad5b7c80
10 changed files with 133 additions and 95 deletions
--- a/lib/api/authorization.ts
+++ b/lib/api/authorization.ts
@ -222,7 +222,7 @@ export function requireAllPermissions(permissions: Permission[]) {
 export function validateCompanyAccess(
  context: APIContext,
  targetCompanyId: string,
-  resourceType?: ResourceType
+  _resourceType?: ResourceType
 ): CompanyAccessResult {
  if (!context.user) {
    return {
--- a/lib/api/errors.ts
+++ b/lib/api/errors.ts
@ -248,7 +248,7 @@ export function asyncErrorHandler<T extends readonly unknown[], R>(
 /**
 * Error boundary for API route handlers
 */
-export function withErrorHandling<T extends readonly unknown[], R>(
+export function withErrorHandling<T extends readonly unknown[], _R>(
  handler: (...args: T) => Promise<NextResponse> | NextResponse
 ) {
  return async (...args: T): Promise<NextResponse> => {
--- a/lib/api/handler.ts
+++ b/lib/api/handler.ts
@ -10,11 +10,9 @@ import { type NextRequest, NextResponse } from "next/server";
 import { getServerSession } from "next-auth";
 import type { z } from "zod";
 import { authOptions } from "@/lib/auth";
-import { prisma } from "@/lib/prisma";
 import { rateLimiter } from "@/lib/rateLimiter";
 import type { UserSession } from "@/lib/types";
 import {
-  APIError,
  AuthenticationError,
  AuthorizationError,
  handleAPIError,
@ -247,16 +245,16 @@ function validateQuery<T>(request: NextRequest, schema: z.ZodSchema<T>): T {
 * Log API access for audit purposes
 */
 async function logAPIAccess(
-  context: APIContext,
-  outcome: "success" | "error",
-  endpoint: string,
-  error?: Error
+  _context: APIContext,
+  _outcome: "success" | "error",
+  _endpoint: string,
+  _error?: Error
 ): Promise<void> {
  try {
    // Only log if audit logging is enabled for this endpoint
    // TODO: Integrate with security audit logger service
    // Production logging should use proper logging service instead of console.log
-  } catch (logError) {
+  } catch (_logError) {
    // Don't fail the request if logging fails
    // TODO: Send to error tracking service
  }