This is a bounty to fix a bug in a job creation schema where `budgetMax` can be lower than `budgetMin`, leading to invalid job records. The fix involves adding validation logic to reject such inverted budget ranges during job creation and partial updates. This is a clear, paid task for a specific client.
A starter prompt for Claude Code, what you'll need, and how to reach them.
You are an expert full-stack developer. Your task is to implement a bug fix for the `SecureBananaLabs/bug-bounty` GitHub repository, specifically addressing issue #2827. The core problem is that `createJobSchema` and potentially job update schemas accept inverted budget ranges (e.g., `budgetMax` < `budgetMin`).
Your goal is to add validation to reject such payloads. Use Next.js 16 App Router, React 19, Tailwind v4, and Node.js for any backend logic if applicable, but focus primarily on the existing validation framework within the target repository. Assume the validation framework is a common one like Joi, Yup, or Zod.
Here's the plan:
1. **Understand the existing validation:** Identify where `createJobSchema` and any partial job update schemas are defined and what validation library they use.
2. **Implement validation logic:** Add a custom validation rule or a `when` clause that checks if both `budgetMin` and `budgetMax` are present. If so, ensure `budgetMax` is greater than or equal to `budgetMin`. If `budgetMax` is less than `budgetMin`, the validation should fail.
3. **Ensure existing valid ranges parse:** Verify that already correctly ordered ranges continue to pass validation.
4. **Create tests:** Write new unit tests for the validation logic. Include tests for:
* Valid range (e.g., 100-500)
* Equal min/max (e.g., 500-500)
* Invalid inverted range (e.g., 500-100)
* Cases where only `budgetMin` or `budgetMax` is present (should pass if the other is absent).
**MVP Slice:** Focus first on identifying `createJobSchema` and adding the basic `budgetMax >= budgetMin` validation rule, along with a simple failing test for an inverted range and a passing test for a valid range. This confirms you've targeted the correct schema and logic point.
**Build/Verify Gate:** The solution is complete when the validation rejects inverted budget ranges during job creation and updates, and all existing and new tests pass.Bounty (amount on the issue). ## Bug `createJobSchema` currently accepts payloads where `budgetMax` is lower than `budgetMin`. That creates invalid job records such as a USD 500-100 budget range and can break client-side filtering, sorting, and display assumptions. ## Expected behavior - Job creation should reject inverted budget ranges. - Partial job updates should reject the same invalid range when both budget fields are present. - Existing valid ordered ranges should continue to parse successfully. This issue is limited only to the creator of this issue. This means that only the issue author can attempt to solve this issue. If you would like to work on it, please create another issue with the same contents and refer to issue #743 for more information. Parent bounty: #743
Standard for any GitHub-based development.
Standard for Next.js/React development.
Common in modern web development.
Create another issue with the same contents on the SecureBananaLabs/bug-bounty repo, referring to issue #743 for information on how to participate in bounties. Then, submit a pull request.
“I've identified the issue with inverted budget ranges and can implement the necessary schema validation. I'll create a new issue as requested and can submit a PR with a fix and tests, ensuring the problem is resolved cleanly and robustly.”
Open the original ↗