Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add verification method, categories, and dedup UI to control library
All checks were successful
CI/CD / go-lint (push) Has been skipped
Details
CI/CD / python-lint (push) Has been skipped
Details
CI/CD / nodejs-lint (push) Has been skipped
Details
CI/CD / test-go-ai-compliance (push) Successful in 44s
Details
CI/CD / test-python-backend-compliance (push) Successful in 40s
Details
CI/CD / test-python-document-crawler (push) Successful in 22s
Details
CI/CD / test-python-dsms-gateway (push) Successful in 17s
Details
CI/CD / validate-canonical-controls (push) Successful in 10s
Details
CI/CD / Deploy (push) Successful in 4s
Details

Browse Source 
- Migration 047: verification_method + category columns, 17 category lookup table
- Backend: new filters, GET /categories, GET /controls/{id}/similar (embedding-based)
- Frontend: filter dropdowns, badges, dedup UI in ControlDetail with merge workflow
- ControlForm: verification method + category selects
- Provenance: verification methods, categories, master library strategy sections
- Fix UUID cast syntax in generator routes (::uuid -> CAST)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-03-14 07:55:22 +01:00
parent 8a05fcc2f0
commit b6e6ffaaee
10 changed files with 577 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
backend-compliance/migrations/047_verification_method_category.sql Normal file
View File

@@ -0,0 +1,40 @@
-- Migration 047: Add verification_method and category to canonical_controls
-- verification_method: How a control is verified (code_review, document, tool, hybrid)
-- category: Thematic grouping for customer-facing filters
ALTER TABLE canonical_controls ADD COLUMN IF NOT EXISTS
verification_method VARCHAR(20) DEFAULT NULL
CHECK (verification_method IN ('code_review', 'document', 'tool', 'hybrid'));
ALTER TABLE canonical_controls ADD COLUMN IF NOT EXISTS
category VARCHAR(50) DEFAULT NULL;
CREATE INDEX IF NOT EXISTS idx_cc_verification ON canonical_controls(verification_method);
CREATE INDEX IF NOT EXISTS idx_cc_category ON canonical_controls(category);
CREATE TABLE IF NOT EXISTS canonical_control_categories (
category_id VARCHAR(50) PRIMARY KEY,
label_de VARCHAR(100) NOT NULL,
label_en VARCHAR(100) NOT NULL,
sort_order INTEGER DEFAULT 0
);
INSERT INTO canonical_control_categories VALUES
('encryption', 'Verschluesselung & Kryptographie', 'Encryption & Cryptography', 1),
('authentication', 'Authentisierung & Zugriffskontrolle', 'Authentication & Access Control', 2),
('network', 'Netzwerksicherheit', 'Network Security', 3),
('data_protection', 'Datenschutz & Datensicherheit', 'Data Protection & Security', 4),
('logging', 'Logging & Monitoring', 'Logging & Monitoring', 5),
('incident', 'Vorfallmanagement', 'Incident Management', 6),
('continuity', 'Notfall & Wiederherstellung', 'Continuity & Recovery', 7),
('compliance', 'Compliance & Audit', 'Compliance & Audit', 8),
('supply_chain', 'Lieferkettenmanagement', 'Supply Chain Management', 9),
('physical', 'Physische Sicherheit', 'Physical Security', 10),
('personnel', 'Personal & Schulung', 'Personnel & Training', 11),
('application', 'Anwendungssicherheit', 'Application Security', 12),
('system', 'Systemhaertung & -betrieb', 'System Hardening & Operations', 13),
('risk', 'Risikomanagement', 'Risk Management', 14),
('governance', 'Sicherheitsorganisation', 'Security Governance', 15),
('hardware', 'Hardware & Plattformsicherheit', 'Hardware & Platform Security', 16),
('identity', 'Identitaetsmanagement', 'Identity Management', 17)
ON CONFLICT DO NOTHING;