improvement(types): enforce outside just hooks dir and update CI checks

Author: icecrasher321

apps/sim/app/(auth)/login/login-form.tsx

@@ -15,6 +15,8 @@ import {
   ModalDescription,
   ModalHeader,
 } from '@/components/emcn'
+import { requestJson } from '@/lib/api/client/request'
+import { forgetPasswordContract } from '@/lib/api/contracts'
 import { client } from '@/lib/auth/auth-client'
 import { getEnv, isFalsy, isTruthy } from '@/lib/core/config/env'
 import { validateCallbackUrl } from '@/lib/core/security/input-validation'
@@ -282,20 +284,16 @@ export default function LoginPage({
       setIsSubmittingReset(true)
       setResetStatus({ type: null, message: '' })
 
-      const response = await fetch('/api/auth/forget-password', {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        body: JSON.stringify({
-          email: forgotPasswordEmail,
-          redirectTo: `${getBaseUrl()}/reset-password`,
-        }),
-      })
-
-      if (!response.ok) {
-        const errorData = await response.json()
-        let errorMessage = errorData.message || 'Failed to request password reset'
+      try {
+        await requestJson(forgetPasswordContract, {
+          body: {
+            email: forgotPasswordEmail,
+            redirectTo: `${getBaseUrl()}/reset-password`,
+          },
+        })
+      } catch (requestError) {
+        let errorMessage =
+          requestError instanceof Error ? requestError.message : 'Failed to request password reset'
 
         if (
           errorMessage.includes('Invalid body parameters') ||

apps/sim/app/(auth)/oauth/consent/page.tsx

@@ -44,6 +44,7 @@ export default function OAuthConsentPage() {
       return
     }
 
+    // boundary-raw-fetch: better-auth catch-all OAuth client lookup, no app-level contract
     fetch(`/api/auth/oauth2/client/${encodeURIComponent(clientId)}`, { credentials: 'include' })
       .then(async (res) => {
         if (!res.ok) return
@@ -65,6 +66,7 @@ export default function OAuthConsentPage() {
 
       setSubmitting(true)
       try {
+        // boundary-raw-fetch: better-auth catch-all OAuth consent submission, no app-level contract
         const res = await fetch('/api/auth/oauth2/consent', {
           method: 'POST',
           headers: { 'Content-Type': 'application/json' },
@@ -100,6 +102,7 @@ export default function OAuthConsentPage() {
   const handleSwitchAccount = useCallback(async () => {
     if (!consentCode) return
 
+    // boundary-raw-fetch: route handler not yet contract-backed (uses safeParse, not parseRequest)
     const res = await fetch(`/api/auth/oauth2/authorize-params?consent_code=${consentCode}`, {
       credentials: 'include',
     })

apps/sim/app/(auth)/reset-password/reset-password-content.tsx

@@ -4,6 +4,8 @@ import { Suspense, useState } from 'react'
 import { createLogger } from '@sim/logger'
 import Link from 'next/link'
 import { useRouter, useSearchParams } from 'next/navigation'
+import { requestJson } from '@/lib/api/client/request'
+import { resetPasswordContract } from '@/lib/api/contracts'
 import { SetNewPasswordForm } from '@/app/(auth)/reset-password/reset-password-form'
 
 const logger = createLogger('ResetPasswordPage')
@@ -27,26 +29,18 @@ function ResetPasswordContent() {
     : null
 
   const handleResetPassword = async (password: string) => {
+    if (!token) return
     try {
       setIsSubmitting(true)
       setStatusMessage({ type: null, text: '' })
 
-      const response = await fetch('/api/auth/reset-password', {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        body: JSON.stringify({
+      await requestJson(resetPasswordContract, {
+        body: {
           token,
           newPassword: password,
-        }),
+        },
       })
 
-      if (!response.ok) {
-        const errorData = await response.json()
-        throw new Error(errorData.message || 'Failed to reset password')
-      }
-
       setStatusMessage({
         type: 'success',
         text: 'Password reset successful! Redirecting to login...',

apps/sim/app/(landing)/components/auth-modal/auth-modal.tsx

@@ -49,6 +49,7 @@ const SOCIAL_BTN =
 
 function fetchProviderStatus(): Promise<ProviderStatus> {
   if (fetchPromise) return fetchPromise
+  // boundary-raw-fetch: /api/auth/providers route has no parseRequest contract (zero-input GET, no boundary contract exists)
   fetchPromise = fetch('/api/auth/providers')
     .then((r) => {
       if (!r.ok) throw new Error(`HTTP ${r.status}`)

apps/sim/app/(landing)/components/contact/contact-form.tsx

@@ -60,6 +60,7 @@ interface SubmitContactRequestInput extends ContactRequestPayload {
 }
 
 async function submitContactRequest(payload: SubmitContactRequestInput) {
+  // boundary-raw-fetch: payload includes turnstile captcha + honeypot fields not in submitContactContract body
   const response = await fetch('/api/contact', {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },

apps/sim/app/(landing)/components/demo-request/demo-request-modal.tsx

@@ -14,10 +14,12 @@ import {
   Textarea,
 } from '@/components/emcn'
 import { Check } from '@/components/emcn/icons'
+import { requestJson } from '@/lib/api/client/request'
 import {
   DEMO_REQUEST_COMPANY_SIZE_OPTIONS,
   type DemoRequestPayload,
   demoRequestSchema,
+  submitDemoRequestContract,
 } from '@/lib/api/contracts/demo-requests'
 import { flattenFieldErrors } from '@/lib/api/contracts/primitives'
 import { captureClientEvent } from '@/lib/posthog/client'
@@ -56,22 +58,7 @@ const LANDING_INPUT =
   'h-[32px] rounded-[5px] border border-[var(--border-1)] bg-[var(--surface-5)] px-2.5 font-[430] font-season text-[13.5px] text-[var(--text-primary)] transition-colors placeholder:text-[var(--text-muted)] outline-none'
 
 async function submitDemoRequest(payload: DemoRequestPayload) {
-  const response = await fetch('/api/demo-requests', {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify(payload),
-  })
-
-  const result = (await response.json().catch(() => null)) as {
-    error?: string
-    message?: string
-  } | null
-
-  if (!response.ok) {
-    throw new Error(result?.error || 'Failed to submit demo request')
-  }
-
-  return result
+  return requestJson(submitDemoRequestContract, { body: payload })
 }
 
 export function DemoRequestModal({ children, theme = 'dark' }: DemoRequestModalProps) {

apps/sim/app/(landing)/integrations/components/request-integration-modal.tsx

@@ -12,6 +12,8 @@ import {
   ModalHeader,
   Textarea,
 } from '@/components/emcn'
+import { requestJson } from '@/lib/api/client/request'
+import { integrationRequestContract } from '@/lib/api/contracts/common'
 
 type SubmitStatus = 'idle' | 'submitting' | 'success' | 'error'
 
@@ -46,18 +48,14 @@ export function RequestIntegrationModal() {
       setStatus('submitting')
 
       try {
-        const res = await fetch('/api/help/integration-request', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify({
+        await requestJson(integrationRequestContract, {
+          body: {
             integrationName: integrationName.trim(),
             email: email.trim(),
             useCase: useCase.trim() || undefined,
-          }),
+          },
         })
 
-        if (!res.ok) throw new Error('Request failed')
-
         setStatus('success')
         setTimeout(() => setOpen(false), 1500)
       } catch {

apps/sim/app/_shell/providers/session-provider.tsx

@@ -92,6 +92,7 @@ export function SessionProvider({ children }: { children: React.ReactNode }) {
       }
 
       try {
+        // boundary-raw-fetch: GET route handler not yet contract-backed (no GET contract for /api/organizations)
         const response = await fetch('/api/organizations')
         if (!response.ok) {
           return

apps/sim/app/api/auth/sso/providers/route.ts

@@ -2,7 +2,8 @@ import { db, member, ssoProvider } from '@sim/db'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
-import { ssoProvidersQuerySchema } from '@/lib/api/contracts/auth'
+import { listSsoProvidersContract } from '@/lib/api/contracts/auth'
+import { parseRequest } from '@/lib/api/server'
 import { getSession } from '@/lib/auth'
 import { REDACTED_MARKER } from '@/lib/core/security/redaction'
 import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
@@ -12,11 +13,9 @@ const logger = createLogger('SSOProvidersRoute')
 export const GET = withRouteHandler(async (request: NextRequest) => {
   try {
     const session = await getSession()
-    const { searchParams } = new URL(request.url)
-    const query = ssoProvidersQuerySchema.parse({
-      organizationId: searchParams.get('organizationId') || undefined,
-    })
-    const { organizationId } = query
+    const parsed = await parseRequest(listSsoProvidersContract, request, undefined)
+    if (!parsed.success) return parsed.response
+    const { organizationId } = parsed.data.query
 
     let providers
     if (session?.user?.id) {

apps/sim/app/api/templates/[id]/og-image/route.ts

@@ -3,8 +3,8 @@ import { templates } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
-import { updateTemplateOgImageBodySchema } from '@/lib/api/contracts/templates'
-import { parseJsonBody } from '@/lib/api/server'
+import { updateTemplateOgImageContract } from '@/lib/api/contracts/templates'
+import { parseRequest } from '@/lib/api/server'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { getBaseUrl } from '@/lib/core/utils/urls'
@@ -21,9 +21,9 @@ const logger = createLogger('TemplateOGImageAPI')
  * Accepts base64-encoded image data in the request body.
  */
 export const PUT = withRouteHandler(
-  async (request: NextRequest, { params }: { params: Promise<{ id: string }> }) => {
+  async (request: NextRequest, context: { params: Promise<{ id: string }> }) => {
     const requestId = generateRequestId()
-    const { id } = await params
+    const { id } = await context.params
 
     try {
       const session = await getSession()
@@ -42,14 +42,9 @@ export const PUT = withRouteHandler(
         return NextResponse.json({ error }, { status: status || 403 })
       }
 
-      const parsedBody = await parseJsonBody(request)
-      const bodyResult = parsedBody.success
-        ? updateTemplateOgImageBodySchema.safeParse(parsedBody.data)
-        : null
-      const body = bodyResult?.success
-        ? bodyResult.data
-        : ({ imageData: undefined } as { imageData?: string })
-      const { imageData } = body
+      const parsed = await parseRequest(updateTemplateOgImageContract, request, context)
+      if (!parsed.success) return parsed.response
+      const { imageData } = parsed.data.body
 
       if (!imageData || typeof imageData !== 'string') {
         return NextResponse.json(