fix: correct canonical control proxy paths to include /compliance prefix

The backend mounts the compliance router at /api/compliance, so canonical
control endpoints are at /api/compliance/v1/canonical/*, not /api/v1/canonical/*.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

admin-compliance/app/api/sdk/v1/canonical/route.ts

@@ -6,11 +6,11 @@ const BACKEND_URL = process.env.BACKEND_URL || 'http://backend-compliance:8002'
  * Proxy: GET /api/sdk/v1/canonical?endpoint=...
  *
  * Routes to backend canonical control endpoints:
- *   endpoint=frameworks   → GET /api/v1/canonical/frameworks
- *   endpoint=controls     → GET /api/v1/canonical/controls(?severity=...&domain=...)
- *   endpoint=control&id=  → GET /api/v1/canonical/controls/{id}
- *   endpoint=sources      → GET /api/v1/canonical/sources
- *   endpoint=licenses     → GET /api/v1/canonical/licenses
+ *   endpoint=frameworks   → GET /api/compliance/v1/canonical/frameworks
+ *   endpoint=controls     → GET /api/compliance/v1/canonical/controls(?severity=...&domain=...)
+ *   endpoint=control&id=  → GET /api/compliance/v1/canonical/controls/{id}
+ *   endpoint=sources      → GET /api/compliance/v1/canonical/sources
+ *   endpoint=licenses     → GET /api/compliance/v1/canonical/licenses
  */
 export async function GET(request: NextRequest) {
   try {
@@ -21,7 +21,7 @@ export async function GET(request: NextRequest) {
 
     switch (endpoint) {
       case 'frameworks':
-        backendPath = '/api/v1/canonical/frameworks'
+        backendPath = '/api/compliance/v1/canonical/frameworks'
         break
 
       case 'controls': {
@@ -31,7 +31,7 @@ export async function GET(request: NextRequest) {
         if (severity) params.set('severity', severity)
         if (domain) params.set('domain', domain)
         const qs = params.toString()
-        backendPath = `/api/v1/canonical/controls${qs ? `?${qs}` : ''}`
+        backendPath = `/api/compliance/v1/canonical/controls${qs ? `?${qs}` : ''}`
         break
       }
 
@@ -40,16 +40,16 @@ export async function GET(request: NextRequest) {
         if (!controlId) {
           return NextResponse.json({ error: 'Missing control id' }, { status: 400 })
         }
-        backendPath = `/api/v1/canonical/controls/${encodeURIComponent(controlId)}`
+        backendPath = `/api/compliance/v1/canonical/controls/${encodeURIComponent(controlId)}`
         break
       }
 
       case 'sources':
-        backendPath = '/api/v1/canonical/sources'
+        backendPath = '/api/compliance/v1/canonical/sources'
         break
 
       case 'licenses':
-        backendPath = '/api/v1/canonical/licenses'
+        backendPath = '/api/compliance/v1/canonical/licenses'
         break
 
       default:
@@ -82,7 +82,7 @@ export async function GET(request: NextRequest) {
 /**
  * Proxy: POST /api/sdk/v1/canonical?endpoint=similarity-check&id=...
  *
- * Routes to: POST /api/v1/canonical/controls/{id}/similarity-check
+ * Routes to: POST /api/compliance/v1/canonical/controls/{id}/similarity-check
  */
 export async function POST(request: NextRequest) {
   try {
@@ -96,7 +96,7 @@ export async function POST(request: NextRequest) {
 
     const body = await request.json()
     const response = await fetch(
-      `${BACKEND_URL}/api/v1/canonical/controls/${encodeURIComponent(controlId)}/similarity-check`,
+      `${BACKEND_URL}/api/compliance/v1/canonical/controls/${encodeURIComponent(controlId)}/similarity-check`,
       {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },

docs-src/services/sdk-modules/canonical-control-library.md

@@ -5,7 +5,7 @@ Unabhaengige Taxonomie — kein Bezug zu proprietaeren Frameworks.
 
 **Prefix:** `CP-CLIB` · **Frontend:** `https://macmini:3007/sdk/control-library`
 **Provenance Wiki:** `https://macmini:3007/sdk/control-provenance`
-**Proxy:** `/api/sdk/v1/canonical` → `backend-compliance:8002/api/v1/canonical/...`
+**Proxy:** `/api/sdk/v1/canonical` → `backend-compliance:8002/api/compliance/v1/canonical/...`
 
 ---