feat(ai-sdk): searchControls — deep dense pull recalls control sources on implementation questions
CI / detect-changes (pull_request) Successful in 8s
CI / branch-name (pull_request) Successful in 2s
CI / guardrail-integrity (pull_request) Successful in 6s
CI / secret-scan (pull_request) Successful in 8s
CI / dep-audit (pull_request) Failing after 55s
CI / sbom-scan (pull_request) Failing after 1m1s
CI / build-sha-integrity (pull_request) Successful in 11s
CI / validate-canonical-controls (pull_request) Successful in 5s
CI / loc-budget (pull_request) Successful in 16s
CI / go-lint (pull_request) Successful in 50s
CI / python-lint (pull_request) Failing after 15s
CI / nodejs-lint (pull_request) Failing after 1m8s
CI / nodejs-build (pull_request) Successful in 3m1s
CI / test-go (pull_request) Successful in 59s
CI / iace-gt-coverage (pull_request) Successful in 15s
CI / test-python-backend (pull_request) Successful in 27s
CI / test-python-document-crawler (pull_request) Successful in 13s
CI / test-python-dsms-gateway (pull_request) Successful in 10s
CI / detect-changes (pull_request) Successful in 8s
CI / branch-name (pull_request) Successful in 2s
CI / guardrail-integrity (pull_request) Successful in 6s
CI / secret-scan (pull_request) Successful in 8s
CI / dep-audit (pull_request) Failing after 55s
CI / sbom-scan (pull_request) Failing after 1m1s
CI / build-sha-integrity (pull_request) Successful in 11s
CI / validate-canonical-controls (pull_request) Successful in 5s
CI / loc-budget (pull_request) Successful in 16s
CI / go-lint (pull_request) Successful in 50s
CI / python-lint (pull_request) Failing after 15s
CI / nodejs-lint (pull_request) Failing after 1m8s
CI / nodejs-build (pull_request) Successful in 3m1s
CI / test-go (pull_request) Successful in 59s
CI / iace-gt-coverage (pull_request) Successful in 15s
CI / test-python-backend (pull_request) Successful in 27s
CI / test-python-document-crawler (pull_request) Successful in 13s
CI / test-python-dsms-gateway (pull_request) Successful in 10s
Measured (raw dense, top-500, "Welche Controls passen zu Security Updates?"): NIST at dense rank 9 (115 chunks), CRA Annex at rank 8 — both shallow, just below the client's small top-K, so the rank layer (#38) never saw them. OWASP: absent from the corpus (separate ingest). Add searchControls: on an explicit implementation question (queryWantsControls) pull a deep dense pool (depth 60, no filter), classify each hit's role in code, and keep only the four control-pool roles (operational/procedural requirement, control standard, implementation guidance) — no source_role tagging of the corpus. Merge-dedup into the pool; the existing rerank + applyControlRoles then order them (op_req > procedural > standard > guidance). So CRA Annex I (operational_requirement) lands Top-1 and NIST (control_standard) enters Top-3/5, while ENISA stays visible. Norm questions (no control intent) are untouched. Tested: isControlPoolRole, controlRoleOf payload classification (NIST/CRA-Annex/DORA). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -107,6 +107,15 @@ func (c *LegalRAGClient) searchInternal(ctx context.Context, collection string,
|
||||
hits = mergeDedupHits(hits, bindingHits)
|
||||
}
|
||||
|
||||
// Control-Augmentation: bei expliziter Umsetzungsfrage einen tiefen dense-Pool ziehen und
|
||||
// nur die Control-Pool-Rollen behalten — so werden NIST/CRA-Anhang (dense rank ~8-9, unter
|
||||
// dem kleinen top-K) Kandidaten. Re-Rank/applyControlRoles ordnen sie danach.
|
||||
if queryWantsControls(query) {
|
||||
if controlHits, cErr := c.searchControls(ctx, collection, embedding); cErr == nil {
|
||||
hits = mergeDedupHits(hits, controlHits)
|
||||
}
|
||||
}
|
||||
|
||||
// Graph-Augmentation: verbundene Normen (references_out/in) der Top-Hits ueber die
|
||||
// praezise Zitations-Kante in den Pool ziehen — z.B. Art. 13 CRA zieht Anhang I (die
|
||||
// eigentliche Pflichtquelle). Pool-Augmentation only; Re-Rank + topK bleiben.
|
||||
|
||||
Reference in New Issue
Block a user