chore: minor review followups on recent main commits (#9163)

.github/workflows/release.yml

@@ -177,8 +177,10 @@ jobs:
           fi
 
           # Count PR links in both files
-          RAW_COUNT=$(grep -coP '\[#\d+\]' "$RAW_PATH" || true)
-          FINAL_COUNT=$(grep -coP '\[#\d+\]' "$FINAL" || true)
+          RAW_COUNT=$(grep -coP '\[#\d+\]' "$RAW_PATH" 2>/dev/null || true)
+          RAW_COUNT=${RAW_COUNT:-0}
+          FINAL_COUNT=$(grep -coP '\[#\d+\]' "$FINAL" 2>/dev/null || true)
+          FINAL_COUNT=${FINAL_COUNT:-0}
 
           if [ "$FINAL_COUNT" -lt "$RAW_COUNT" ]; then
             echo "::warning::AI output has fewer PR links ($FINAL_COUNT) than raw ($RAW_COUNT). Falling back to raw notes."

docs/app/api/enterprise/contact/route.ts

@@ -23,7 +23,10 @@ export async function POST(request: Request) {
 
 	try {
 		// honeypot - bots fill hidden fields
-		const raw = body as Record<string, unknown>;
+		const raw =
+			typeof body === "object" && body !== null
+				? (body as Record<string, unknown>)
+				: {};
 		if (typeof raw._hp === "string" && raw._hp) {
 			return NextResponse.json({});
 		}

packages/better-auth/src/plugins/two-factor/two-factor.test.ts

@@ -2385,10 +2385,9 @@ describe("2FA enforcement on non-credential sign-in paths", async () => {
 
 		const url = new URL(magicLinkURL);
 		const token = url.searchParams.get("token")!;
-		const callbackURL = url.searchParams.get("callbackURL")!;
 
 		const verifyRes = await auth.api.magicLinkVerify({
-			query: { token, callbackURL },
+			query: { token },
 			headers: new Headers(),
 			asResponse: true,
 		});