Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cra): route secure-dev breadth to code_security (atom-grain)

Browse Source 
Both network_security and code_security are now atom-grain. Per-sub_topic
use_case routing: secure_development -> code_security (best for secure-dev
findings), everything else -> network_security. Findings carry breadth_use_case
so the source context (which atom corpus) is visible under the best-practice depth.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-06-14 11:04:24 +02:00
parent c7845f67d6
commit a06c64af48
4 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin-compliance/app/sdk/iace/[projectId]/cra/_components/CRACyberView.tsx
+2 -1
View File
@@ -130,7 +130,8 @@ function FindingsTable({ findings }: { findings: CRAFinding[] }) {
{f.regulatory_breadth && f.regulatory_breadth.length > 0 && (
<div className="mt-2">
<p className="text-[10px] text-gray-400 mb-1">
Regulatorische Breite{f.sub_topic ? `${f.sub_topic}` : ''} (NIST/ENISA/ISO-Quellen)
Regulatorische Breite{f.sub_topic ? `${f.sub_topic}` : ''}
{f.breadth_use_case ? ` · ${f.breadth_use_case}` : ''} (NIST/OWASP/ENISA-Quellen)
</p>
<ul className="space-y-0.5">
{f.regulatory_breadth.map((c) => (
admin-compliance/app/sdk/iace/[projectId]/cra/_hooks/useCRA.ts
+1
View File
@@ -58,6 +58,7 @@ function merge(live: any): CRADemo {
measures: m.measures || [],
evidence_type: m.evidence_type,
sub_topic: m.sub_topic,
breadth_use_case: m.breadth_use_case,
regulatory_breadth: m.regulatory_breadth || [],
priority_tier: m.priority_tier,
priority_score: m.priority_score,
admin-compliance/app/sdk/iace/[projectId]/cra/_hooks/useCRADemo.ts
+2 -1
View File
@@ -28,8 +28,9 @@ export interface CRAFinding {
risk_level: string
measures: string[]
evidence_type?: string // code | process | hybrid | document — drives the remediation-class badge
// network_security regulatory breadth (atom-grain shared Controls-API), live only
// regulatory breadth (atom-grain shared Controls-API: network_security / code_security), live only
sub_topic?: string
breadth_use_case?: string
regulatory_breadth?: { control_id: string; title: string; source_regulation: string; severity?: string }[]
// priority layer (set live by the backend prioritizer; optional in the static fallback)
priority_tier?: string