fix(server): handle Express 5 req.params type union

[itsmylife44]

Summary

Fixes TypeScript compilation errors caused by Express 5's changed req.params type signature.

Problem

Express 5 changed req.params values from string to string | string[] to support array parameter patterns (:param+, :param*). This causes TypeScript errors:

Type 'string | string[]' is not assignable to parameter of type 'string'.
  Type 'string[]' is not assignable to type 'string'.

Solution

Explicitly access and assert the parameter type instead of using object destructuring:

// Before (fails with Express 5 types)
const { sessionId } = req.params;

// After (works with Express 5 types)
const sessionId = req.params.sessionId as string;

This is safe because these routes use simple :param patterns, not array patterns.

Changes

• apps/server/src/routes/sessions/routes/archive.ts
• apps/server/src/routes/sessions/routes/delete.ts
• apps/server/src/routes/sessions/routes/unarchive.ts
• apps/server/src/routes/sessions/routes/update.ts
• apps/server/src/routes/terminal/routes/session-delete.ts
• apps/server/src/routes/terminal/routes/session-resize.ts

Testing

• TypeScript compiles without errors
• Server builds successfully
• Routes function correctly at runtime

Summary by CodeRabbit

• Chores
  • Improved internal type safety in request parameter handling for session and terminal routes.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[gemini-code-assist]

Summary of Changes

Hello @itsmylife44, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a critical type compatibility issue arising from the upgrade to Express 5, where the req.params type signature was expanded to include string[]. By explicitly casting route parameters to string instead of using object destructuring, the server's TypeScript compilation errors are resolved, ensuring the application remains type-safe and functional with the updated Express version for routes expecting single string parameters.

Highlights

• TypeScript Type Compatibility: Updated parameter extraction from req.params to explicitly assert string type, resolving compilation errors introduced by Express 5's broadened req.params type signature (string | string[]).
• Express 5 Adaptation: Modified route handlers across several files to correctly handle the new req.params type union in Express 5, ensuring continued functionality and type safety for routes expecting simple string parameters.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

📝 Walkthrough

Walkthrough

Refactoring parameter extraction in 6 route handlers from destructuring to explicit property access with TypeScript type assertions, consistently enforcing string types for sessionId and id request parameters across sessions and terminal routes.

Changes

Cohort / File(s)	Summary
Session Routes Parameter Extraction apps/server/src/routes/sessions/routes/archive.ts, delete.ts, unarchive.ts, update.ts	Replaced destructuring of sessionId from req.params with explicit property access and string type assertion: const sessionId = req.params.sessionId as string;
Terminal Routes Parameter Extraction apps/server/src/routes/terminal/routes/session-delete.ts, session-resize.ts	Replaced destructuring of id from req.params with explicit property access and string type assertion: const id = req.params.id as string;

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 Hop, hop, as strings cast bright,
Types asserted, oh what delight!
Six routes harmonize, unified and clean,
The finest refactoring ever seen! 🎉

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: addressing Express 5 req.params type union issues by replacing destructuring with explicit type assertions across multiple route files.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request addresses a TypeScript compilation issue with Express 5 by changing how request parameters are accessed. The use of as string type assertions is a quick fix, but it's not fully type-safe. I've suggested a more robust approach using runtime checks to validate the parameter type. This ensures that if the parameter is not a string (e.g., it's undefined or an array), the server responds with a 400 Bad Request instead of potentially causing a runtime error or unexpected behavior. This improvement has been suggested for all modified route handlers.

[gemini-code-assist]

Using a type assertion with as string bypasses TypeScript's type safety and can hide runtime errors if req.params.sessionId is not a string (e.g., undefined or string[]). A runtime check is a more robust approach. This ensures the input is validated and invalid requests are handled gracefully with a 400 Bad Request response.

      const sessionId = req.params.sessionId;
      if (typeof sessionId !== 'string') {
        res.status(400).json({ success: false, error: 'Invalid sessionId parameter' });
        return;
      }

[gemini-code-assist]

Using a type assertion with as string bypasses TypeScript's type safety and can hide runtime errors if req.params.sessionId is not a string (e.g., undefined or string[]). A runtime check is a more robust approach. This ensures the input is validated and invalid requests are handled gracefully with a 400 Bad Request response.

      const sessionId = req.params.sessionId;
      if (typeof sessionId !== 'string') {
        res.status(400).json({ success: false, error: 'Invalid sessionId parameter' });
        return;
      }

[gemini-code-assist]

Using a type assertion with as string bypasses TypeScript's type safety and can hide runtime errors if req.params.sessionId is not a string (e.g., undefined or string[]). A runtime check is a more robust approach. This ensures the input is validated and invalid requests are handled gracefully with a 400 Bad Request response.

      const sessionId = req.params.sessionId;
      if (typeof sessionId !== 'string') {
        res.status(400).json({ success: false, error: 'Invalid sessionId parameter' });
        return;
      }

[gemini-code-assist]

Using a type assertion with as string bypasses TypeScript's type safety and can hide runtime errors if req.params.sessionId is not a string (e.g., undefined or string[]). A runtime check is a more robust approach. This ensures the input is validated and invalid requests are handled gracefully with a 400 Bad Request response.

      const sessionId = req.params.sessionId;
      if (typeof sessionId !== 'string') {
        res.status(400).json({ success: false, error: 'Invalid sessionId parameter' });
        return;
      }

[gemini-code-assist]

Using a type assertion with as string bypasses TypeScript's type safety and can hide runtime errors if req.params.id is not a string (e.g., undefined or string[]). A runtime check is a more robust approach. This ensures the input is validated and invalid requests are handled gracefully with a 400 Bad Request response.

    const id = req.params.id;
    if (typeof id !== 'string') {
      res.status(400).json({ success: false, error: 'Invalid id parameter' });
      return;
    }

[gemini-code-assist]

Using a type assertion with as string bypasses TypeScript's type safety and can hide runtime errors if req.params.id is not a string (e.g., undefined or string[]). A runtime check is a more robust approach. This ensures the input is validated and invalid requests are handled gracefully with a 400 Bad Request response.

    const id = req.params.id;
    if (typeof id !== 'string') {
      res.status(400).json({ success: false, error: 'Invalid id parameter' });
      return;
    }