bulltrackers-module 1.0.786 → 1.0.787

package/functions/computation-system-v3/framework/adapters/StateRepository.js

@@ -251,6 +251,43 @@ class StateRepository {
 
         await batch.commit();
     }
+
+    async findZombies(thresholdMinutes) {
+        const thresholdDate = new Date(Date.now() - (thresholdMinutes * 60000));
+        try {
+            // NOTE: Requires Composite Index on (status, lastUpdated)
+            const snapshot = await this.firestore.collection(this.collections.checkpoints)
+                .where('status', '==', 'running')
+                .where('lastUpdated', '<', thresholdDate)
+                .limit(50)
+                .get();
+
+            const zombies = [];
+            snapshot.forEach(doc => {
+                const data = doc.data();
+                zombies.push({
+                    checkpointId: doc.id,
+                    name: data.computationName,
+                    date: data.date,
+                    attempts: data.attempts || 0
+                });
+            });
+            return zombies;
+        } catch (e) {
+            this.logger.error(`[StateRepo] findZombies failed: ${e.message}`);
+            return [];
+        }
+    }
+
+    async claimZombie(checkpointId) {
+        const docRef = this.firestore.collection(this.collections.checkpoints).doc(checkpointId);
+        await docRef.set({
+            status: 'recovering',
+            lastUpdated: new Date(),
+            // Uses atomic increment to track retry count
+            attempts: FieldValue.increment(1)
+        }, { merge: true });
+    }
 }
 
 module.exports = { StateRepository };

package/functions/computation-system-v3/framework/adapters/bigquery/QueryBuilder.js

@@ -148,7 +148,7 @@ class QueryBuilder {
             this._validateIdentifier(entityField);
             conditions.push(`${entityField} IN UNNEST(@entities)`);
             
-            // Type safety for entity list
+            // [FIX] Ensure _isNumericType exists before calling
             const entityColumn = schema.columns.find(c => c.name === entityField);
             if (entityColumn && this._isNumericType(entityColumn.type)) {
                 params.entities = entities.map(e => parseInt(e, 10));
@@ -157,12 +157,10 @@ class QueryBuilder {
             }
         }
 
-        // 4. Additional WHERE conditions (The Vulnerable Spot)
+        // 4. Additional WHERE conditions
         let whereIndex = 0;
         for (const [column, value] of Object.entries(where)) {
-            // 🔒 SECURITY FIX: Validate identifier before injection
             this._validateIdentifier(column);
-            
             const paramName = `where_${whereIndex++}`;
 
             if (Array.isArray(value)) {
@@ -188,7 +186,6 @@ class QueryBuilder {
         let orderClause = '';
         if (orderBy) {
             this._validateIdentifier(orderBy);
-            // Validate order direction strictly
             const safeDir = ['ASC', 'DESC'].includes(orderDir.toUpperCase()) ? orderDir.toUpperCase() : 'DESC';
             orderClause = `ORDER BY ${orderBy} ${safeDir}`;
         }
@@ -207,15 +204,18 @@ class QueryBuilder {
         return { sql, params, table, spec };
     }
 
-    /**
-     * Security helper to prevent SQL injection in identifiers.
-     * Allows alphanumerics, underscores, and dots (for structs).
-     */
     _validateIdentifier(id) {
         if (typeof id !== 'string' || !/^[a-zA-Z0-9_.]+$/.test(id)) {
             throw new Error(`[QueryBuilder] Security Violation: Invalid identifier format '${id}'`);
         }
     }
+
+    // [FIX] Added missing helper method
+    _isNumericType(type) {
+        if (!type) return false;
+        const t = type.toUpperCase();
+        return ['INT64', 'INTEGER', 'FLOAT64', 'FLOAT', 'NUMERIC', 'BIGNUMERIC'].includes(t);
+    }
 }
 
-module.exports = { QueryBuilder };
+module.exports = { QueryBuilder };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "bulltrackers-module",
-  "version": "1.0.786",
+  "version": "1.0.787",
   "description": "Helper Functions for Bulltrackers.",
   "main": "index.js",
   "files": [