Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(use-case-compiler): MC-based compliance questionnaires with scoring
Build + Deploy / build-admin-compliance (push) Successful in 2m46s
Details
Build + Deploy / build-backend-compliance (push) Successful in 26s
Details
Build + Deploy / build-ai-sdk (push) Successful in 52s
Details
Build + Deploy / build-developer-portal (push) Successful in 22s
Details
Build + Deploy / build-tts (push) Successful in 16s
Details
Build + Deploy / build-document-crawler (push) Successful in 12s
Details
Build + Deploy / build-dsms-gateway (push) Successful in 20s
Details
Build + Deploy / build-dsms-node (push) Successful in 16s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / loc-budget (push) Failing after 18s
Details
CI / secret-scan (push) Has been skipped
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Successful in 3m16s
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / test-go (push) Successful in 1m0s
Details
CI / test-python-backend (push) Successful in 41s
Details
CI / test-python-document-crawler (push) Successful in 29s
Details
CI / test-python-dsms-gateway (push) Successful in 23s
Details
CI / validate-canonical-controls (push) Successful in 16s
Details
Build + Deploy / trigger-orca (push) Successful in 2m36s
Details

Browse Source 
Implements the Use-Case Compiler that turns Master Controls into
interactive compliance audits. 5 templates (Vendor Check, SAST/DAST,
DSGVO, NIS2, CRA), deterministic + LLM question generation, scoring
engine with regulation/severity breakdown, and gap detection.

- Backend: 9 API endpoints, 22 unit tests (all pass)
- Frontend: Template selector, questionnaire, result dashboard
- Migration 027: usecase_audits + usecase_answers tables

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-12 13:49:16 +02:00
parent 74f00bbb0f
commit 06bfbd1dca
22 changed files with 3157 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ai-compliance-sdk/internal/usecase/scoring.go
+92
View File
@@ -0,0 +1,92 @@
package usecase
// Score calculates a compliance score from answers and questions.
func Score(audit *Audit, answers []Answer) *ScoreResult {
result := &ScoreResult{
AuditID: audit.ID,
TotalQuestions: len(audit.Questions),
ByRegulation: make(map[string]RegulationScore),
BySeverity: make(map[string]SeverityScore),
}
answerMap := make(map[string]Answer)
for _, a := range answers {
answerMap[a.QuestionID] = a
}
for _, q := range audit.Questions {
a, answered := answerMap[q.ID]
if !answered {
continue
}
result.Answered++
passed := isPassed(a)
switch a.Status {
case AnswerStatusSkipped:
result.Skipped++
default:
if passed {
result.Passed++
} else {
result.Failed++
}
}
// By regulation
if q.Regulation != "" {
rs := result.ByRegulation[q.Regulation]
rs.Total++
if passed {
rs.Passed++
}
result.ByRegulation[q.Regulation] = rs
}
// By severity
sev := q.Severity
if sev == "" {
sev = "MEDIUM"
}
ss := result.BySeverity[sev]
ss.Total++
if passed {
ss.Passed++
} else {
ss.Failed++
}
result.BySeverity[sev] = ss
}
// Calculate scores
if result.Answered > 0 {
answerable := result.Answered - result.Skipped
if answerable > 0 {
result.ComplianceScore = float64(result.Passed) / float64(answerable) * 100
}
}
for reg, rs := range result.ByRegulation {
if rs.Total > 0 {
rs.Score = float64(rs.Passed) / float64(rs.Total) * 100
}
result.ByRegulation[reg] = rs
}
return result
}
// isPassed checks if an answer represents a pass.
func isPassed(a Answer) bool {
switch v := a.Value.(type) {
case bool:
return v
case string:
return v == "yes" || v == "true" || v == "ja"
case float64:
return v > 0
default:
return false
}
}