fix(regressions): client-bundle ioredis + Drizzle ANY() array bindings

Two regressions from yesterday's audit-tier-0 work that broke the dev
server and every clients API call.

- baseListQuerySchema lived in route-helpers.ts, which was made
  server-only by the rate-limit import. Every validator imported it,
  pulling ioredis (and dns/net/tls/fs/node:async_hooks) into the client
  bundle — every form/detail page returned 500 in dev. Extracted the
  schema to src/lib/api/list-query.ts and updated all 14 validators.
- clients.service.listClients and email-compose used raw SQL
  ANY(\${jsArray}) which Drizzle binds as JSON — Postgres rejects with
  42809 "op ANY/ALL (array) requires array on right side". Switched to
  the inArray helper.

GET /api/v1/clients now returns 200 again. Affects every form/detail
page that imports a validator.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

src/lib/api/list-query.ts

@@ -0,0 +1,15 @@
+import { z } from 'zod';
+
+export const baseListQuerySchema = z.object({
+  page: z.coerce.number().int().min(1).default(1),
+  limit: z.coerce.number().int().min(1).max(100).default(25),
+  sort: z.string().optional(),
+  order: z.enum(['asc', 'desc']).default('desc'),
+  search: z.string().optional(),
+  includeArchived: z
+    .enum(['true', 'false'])
+    .transform((v) => v === 'true')
+    .default('false'),
+});
+
+export type BaseListQuery = z.infer<typeof baseListQuerySchema>;

src/lib/api/route-helpers.ts

@@ -8,23 +8,6 @@ import {
   type RateLimiterName,
 } from '@/lib/rate-limit';
 
-/**
- * Base list query schema shared by all paginated list endpoints.
- */
-export const baseListQuerySchema = z.object({
-  page: z.coerce.number().int().min(1).default(1),
-  limit: z.coerce.number().int().min(1).max(100).default(25),
-  sort: z.string().optional(),
-  order: z.enum(['asc', 'desc']).default('desc'),
-  search: z.string().optional(),
-  includeArchived: z
-    .enum(['true', 'false'])
-    .transform((v) => v === 'true')
-    .default('false'),
-});
-
-export type BaseListQuery = z.infer<typeof baseListQuerySchema>;
-
 /**
  * Parses URL search params against a Zod schema.
  * Throws a ZodError on validation failure (caught by `errorResponse`).

src/lib/services/clients.service.ts

@@ -158,7 +158,7 @@ export async function listClients(portId: string, query: ListClientsInput) {
           is_primary  AS "isPrimary",
           created_at  AS "createdAt"
         FROM client_contacts
-        WHERE client_id = ANY(${ids})
+        WHERE ${inArray(clientContacts.clientId, ids)}
           AND channel IN ('email', 'phone')
         ORDER BY client_id, channel, is_primary DESC, created_at DESC
       `),

src/lib/services/email-compose.service.ts

@@ -1,5 +1,5 @@
 import nodemailer from 'nodemailer';
-import { and, eq, sql } from 'drizzle-orm';
+import { and, eq, inArray, sql } from 'drizzle-orm';
 
 import { db } from '@/lib/db';
 import { emailAccounts, emailMessages, emailThreads } from '@/lib/db/schema/email';
@@ -295,7 +295,7 @@ async function sendSystem(
     const matchingDocs = await db
       .select({ id: documents.id, signedFileId: documents.signedFileId })
       .from(documents)
-      .where(and(eq(documents.portId, portId), sql`${documents.signedFileId} = ANY(${fileIds})`));
+      .where(and(eq(documents.portId, portId), inArray(documents.signedFileId, fileIds)));
 
     for (const doc of matchingDocs) {
       await db.insert(documentEvents).values({

src/lib/validators/berths.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 import { BERTH_STATUSES } from '@/lib/constants';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 
 // ─── Create Berth ────────────────────────────────────────────────────────────
 

src/lib/validators/clients.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import {
   optionalCountryIsoSchema,
   optionalIanaTimezoneSchema,

src/lib/validators/companies.ts

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import { optionalCountryIsoSchema, optionalSubdivisionIsoSchema } from '@/lib/validators/i18n';
 
 export const createCompanySchema = z.object({

src/lib/validators/document-templates.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import { VALID_MERGE_TOKENS } from '@/lib/templates/merge-fields';
 
 const mergeFieldsSchema = z

src/lib/validators/documents.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import { DOCUMENT_TYPES, DOCUMENT_STATUSES } from '@/lib/constants';
 
 export const createDocumentSchema = z.object({

src/lib/validators/expenses.ts

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import { EXPENSE_CATEGORIES, PAYMENT_METHODS } from '@/lib/constants';
 
 /**

src/lib/validators/files.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 
 export const uploadFileSchema = z.object({
   filename: z.string().min(1).max(255),

src/lib/validators/interests.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import { PIPELINE_STAGES, LEAD_CATEGORIES } from '@/lib/constants';
 import {
   optionalCountryIsoSchema,

src/lib/validators/invoices.ts

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 
 export const INVOICE_KINDS = ['general', 'deposit'] as const;
 export type InvoiceKind = (typeof INVOICE_KINDS)[number];

src/lib/validators/reminders.ts

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 
 export const createReminderSchema = z.object({
   title: z.string().min(1).max(300),

src/lib/validators/reservations.ts

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 
 export const RESERVATION_STATUSES = ['pending', 'active', 'ended', 'cancelled'] as const;
 export const TENURE_TYPES = ['permanent', 'fixed_term', 'seasonal'] as const;

src/lib/validators/residential.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import {
   optionalCountryIsoSchema,
   optionalIanaTimezoneSchema,

src/lib/validators/webhooks.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 import { WEBHOOK_EVENTS } from '@/lib/services/webhook-event-map';
 
 // ─── SSRF guards ──────────────────────────────────────────────────────────────

src/lib/validators/yachts.ts

@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { baseListQuerySchema } from '@/lib/api/route-helpers';
+import { baseListQuerySchema } from '@/lib/api/list-query';
 
 export const ownerRefSchema = z.object({
   type: z.enum(['client', 'company']),