Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cra): two-lane breadth — CRA-specific corpus + technical depth

Browse Source 
All 6 security use_cases are atom-grain now. Per finding we draw two lanes: the
CRA corpus (use_case=cra, the most on-point CRA obligations) + the technical
depth (code_security for secure-dev, else network_security). Controls merged,
deduped, each tagged with its use_case (shown in the best-practice depth).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-06-14 12:23:37 +02:00
parent a06c64af48
commit 398eaf3c36
4 changed files with 37 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin-compliance/app/sdk/iace/[projectId]/cra/_components/CRACyberView.tsx
+4 -2
View File
@@ -130,12 +130,14 @@ function FindingsTable({ findings }: { findings: CRAFinding[] }) {
{f.regulatory_breadth && f.regulatory_breadth.length > 0 && (
<div className="mt-2">
<p className="text-[10px] text-gray-400 mb-1">
Regulatorische Breite{f.sub_topic ? `${f.sub_topic}` : ''}
{f.breadth_use_case ? ` · ${f.breadth_use_case}` : ''} (NIST/OWASP/ENISA-Quellen)
Regulatorische Breite{f.sub_topic ? `${f.sub_topic}` : ''} (CRA + NIST/OWASP/ENISA-Quellen)
</p>
<ul className="space-y-0.5">
{f.regulatory_breadth.map((c) => (
<li key={c.control_id} className="text-[10px] text-gray-600 dark:text-gray-300">
{c.use_case && (
<span className="inline-block rounded bg-gray-200 text-gray-600 dark:bg-gray-600 dark:text-gray-200 px-1 py-0.5 text-[9px] mr-1">{c.use_case}</span>
)}
<span className="font-mono text-gray-500">{c.control_id}</span> {c.title}
<span className="text-gray-400"> · {c.source_regulation}</span>
</li>
admin-compliance/app/sdk/iace/[projectId]/cra/_hooks/useCRA.ts
-1
View File
@@ -58,7 +58,6 @@ function merge(live: any): CRADemo {
measures: m.measures || [],
evidence_type: m.evidence_type,
sub_topic: m.sub_topic,
breadth_use_case: m.breadth_use_case,
regulatory_breadth: m.regulatory_breadth || [],
priority_tier: m.priority_tier,
priority_score: m.priority_score,
admin-compliance/app/sdk/iace/[projectId]/cra/_hooks/useCRADemo.ts
+2 -3
View File
@@ -28,10 +28,9 @@ export interface CRAFinding {
risk_level: string
measures: string[]
evidence_type?: string // code | process | hybrid | document — drives the remediation-class badge
// regulatory breadth (atom-grain shared Controls-API: network_security / code_security), live only
// regulatory breadth (atom-grain shared Controls-API: cra + code/network_security), live only
sub_topic?: string
breadth_use_case?: string
regulatory_breadth?: { control_id: string; title: string; source_regulation: string; severity?: string }[]
regulatory_breadth?: { control_id: string; title: string; source_regulation: string; severity?: string; use_case?: string }[]
// priority layer (set live by the backend prioritizer; optional in the static fallback)
priority_tier?: string
priority_score?: number