Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs+tests: Phase 2 RAG audit — missing tests, dev docs, SDK flow page
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 33s
Details
CI / test-python-backend-compliance (push) Successful in 27s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 16s
Details

Browse Source 
- Add rag-query.test.ts (7 Jest tests for shared queryRAG utility)
- Add test_routes_legal_context.py (3 tests for ?include_legal_context param)
- Update ARCHITECTURE.md with multi-collection RAG section (3.3)
- Update DEVELOPER.md with RAG usage examples, collection table, error tolerance
- Add SDK flow page with updated requirements + DSFA RAG descriptions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-03-02 09:26:57 +01:00
parent 14a99322eb
commit d9f819e5be
6 changed files with 2090 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
docs-src/services/ai-compliance-sdk/ARCHITECTURE.md
View File

@@ -144,53 +144,88 @@ Das Eskalationssystem routet kritische Assessments zur menschlichen Prüfung.
└─────────────────────────────────────────────────────────────────┘
```
### 3.3 Legal RAG (`internal/llm/legal_rag.go`)
### 3.3 Legal RAG (`internal/ucca/legal_rag.go`)
Semantische Suche in 19 EU-Regulierungen für kontextbasierte Erklärungen.
Semantische Suche in 19 EU-Regulierungen fuer kontextbasierte Erklaerungen.
Unterstuetzt Multi-Collection-Suche fuer unterschiedliche Rechtsgebiete.
```
┌─────────────────────────────────────────────────────────────────┐
│ Legal RAG System │
├─────────────────────────────────────────────────────────────────┤
│ │
Explain Request ──────────────────────────────────────────────>
Search Request (Query + Collection) ────────────────────────── │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Qdrant Vector DB │ │
│ │ Collection: bp_legal_corpus │ │
│ │ 2,274 Chunks, 1024-dim BGE-M3 │ │
│ │ 6 Collections, 1024-dim BGE-M3 │ │
│ ├─────────────────────────────────────────────────────────────┤ │
│ │ │ │
│ │ EU-Verordnungen: │ │
│ │ ├── DSGVO (128) ├── AI Act (96) ├── NIS2 (128) │ │
│ │ ── CRA (256) ├── Data Act (256) ├── DSA (256) │ │
│ │ ├── DGA (32) ├── EUCSA (32) ├── DPF (714) │ │
│ │ └── ... │ │
│ │ bp_compliance_ce (Default) │ │
│ │ ├── DSGVO, AI Act, NIS2, CRA, Data Act, DSA, DPF, ... │ │
│ │ ── EU-Verordnungen & CE-Regulierungen │ │
│ │ │ │
│ │ Deutsche Gesetze: │ │
│ │ ├── TDDDG (1) ├── SCC (32) ├── ... │ │
│ │ bp_compliance_recht │ │
│ │ ├── BDSG, TDDDG, DDG, UrhG, TMG, TKG │ │
│ │ └── Deutsche Gesetze │ │
│ │ │ │
│ │ BSI-Standards: │ │
│ │ ├── TR-03161-1 (6) ├── TR-03161-2 (6) ├── TR-03161-3 │ │
│ │ bp_compliance_gesetze — Regulierungstexte (Modul-Matching) │ │
│ │ bp_compliance_datenschutz — DSGVO Datenschutzmassnahmen │ │
│ │ bp_dsfa_corpus — DSFA Templates & Bewertungskriterien │ │
│ │ bp_legal_templates — Rechtsdokument-Vorlagen │ │
│ │ │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ │ │
│ │ Hybrid Search (Dense + Sparse)
│ │ Re-Ranking (Cross-Encoder) │
│ │ Dense Search (BGE-M3 Embedding)
│ ▼ │
│ Top-K Relevant Passages ─────────────────────────────────────> │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ LLM Explanation │ │
│ │ Provider: Ollama (local) / Anthropic (fallback) │ │
│ │ Prompt: Assessment + Legal Context → Erklärung │ │
│ │ Consumer Modules │ │
│ │ ├── UCCA Explain (LLM-Erklaerung fuer Assessments) │ │
│ │ ├── Requirements AI (interpret + suggest_controls) │ │
│ │ ├── DSFA Drafting v1/v2 (Rechtskontext im Draft) │ │
│ │ └── Requirements API (?include_legal_context=true) │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
```
#### 3.3.1 Multi-Collection Search API
```
POST /sdk/v1/rag/search
{
"query": "DSGVO Art. 35 Datenschutz-Folgenabschaetzung",
"collection": "bp_compliance_recht", // optional, default: bp_compliance_ce
"regulations": ["eu_2016_679"], // optional Filter
"top_k": 5 // optional, default: 5, max: 20
}
Erlaubte Collections (Whitelist):
bp_compliance_ce, bp_compliance_recht, bp_compliance_gesetze,
bp_compliance_datenschutz, bp_dsfa_corpus, bp_legal_templates
```
#### 3.3.2 Collection-Routing (Requirements AI)
Das Python-Backend waehlt automatisch die passende Collection:
| Regulation | Collection |
|------------|-----------|
| DSGVO, GDPR, AI_ACT, NIS2, CRA | `bp_compliance_ce` |
| BDSG, TDDDG, DDG, UrhG, TMG, TKG | `bp_compliance_recht` |
| Unbekannt / Fallback | `bp_compliance_ce` |
#### 3.3.3 Fehlertoleranz
RAG-Ausfaelle brechen **nie** die Hauptfunktion:
- Go SDK: `SearchCollection()` gibt leere Liste bei Fehler
- Python: `ComplianceRAGClient.search()` gibt `[]` zurueck, wirft nie
- TypeScript: `queryRAG()` gibt `''` zurueck, wirft nie
---
## 4. Datenfluss
@@ -943,5 +978,5 @@ policies/obligations/
---
*Dokumentation erstellt: 2026-01-29*
*Version: 2.1.0*
*Dokumentation erstellt: 2026-01-29, aktualisiert: 2026-03-02*
*Version: 2.2.0 (Phase 2: Multi-Collection RAG)*