This is a bounty to fix a bug in the SecureBananaLabs bug bounty platform where proposal creation allows records to be saved even if the 'estimated duration' field is missing. The task is to implement a validation to ensure this field is always present, as described in an earlier issue.
A starter prompt for Claude Code, what you'll need, and how to reach them.
You are an expert full-stack developer. The task is to fix a bug in the `SecureBananaLabs/bug-bounty` GitHub repository (issue #1739). The bug allows proposal creation to accept records where the 'estimated duration' field is missing. The goal is to implement server-side validation to make this field mandatory for proposal creation, and if feasible, add client-side validation for better UX. The preferred stack for new features and fixes aligns with common web development practices, assume a modern Node.js backend with a database (e.g., PostgreSQL) and a frontend (e.g., React/Next.js) unless the existing codebase indicates otherwise. Your steps should include: 1. Clone the repository and set up the development environment. 2. Identify the specific file(s) and function(s) responsible for proposal creation. 3. Implement robust server-side validation to ensure 'estimated duration' is present and valid (e.g., a positive number) before saving. Return appropriate error responses if validation fails. 4. If the frontend is easily accessible and modifiable, add client-side validation and feedback for the user. 5. Write or extend existing unit/integration tests to cover the new validation logic. 6. Provide clear instructions on how to run tests and demonstrate the fix. Focus on delivering a production-ready, secure, and performant solution. Prioritize server-side validation.
Bounty (amount on the issue). Please track this issue for low-hanging-fruit meta-bounty eligibility. This issue is a duplicate of #1683 to allow me to claim and implement the solution as described in #743.
Standard for any GitHub-based development work.
Standard for Next.js/React development.
Standard for version control with GitHub.
New codebase requires understanding their specific framework/libraries for proposal management - ~0.5-1 day.
Learn it: Search getting-started ↗
Comment on GitHub issue #1739, then open a draft pull request to the SecureBananaLabs/bug-bounty repository once a solution is started.
“I've started working on a fix for issue #1739, addressing the missing 'estimated duration' validation. I'll open a draft PR shortly to share progress and ensure alignment with your team's architecture.”
Open the original ↗