Sharang Parnerkar
8266c37911
merge: phases 1–5 refactor, CI hardening, docs (coolify → main)
...
Build + Deploy / build-admin-compliance (push) Failing after 47s
Build + Deploy / build-backend-compliance (push) Successful in 11s
Build + Deploy / build-ai-sdk (push) Successful in 34s
Build + Deploy / build-developer-portal (push) Successful in 56s
Build + Deploy / build-tts (push) Successful in 26s
Build + Deploy / build-document-crawler (push) Successful in 15s
Build + Deploy / build-dsms-gateway (push) Successful in 13s
Build + Deploy / trigger-orca (push) Has been skipped
CI/CD / loc-budget (push) Successful in 22s
CI/CD / guardrail-integrity (push) Has been skipped
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been cancelled
CI/CD / test-go-ai-compliance (push) Has been cancelled
CI/CD / test-python-backend-compliance (push) Has been cancelled
CI/CD / test-python-document-crawler (push) Has been cancelled
CI/CD / test-python-dsms-gateway (push) Successful in 28s
CI/CD / sbom-scan (push) Has been cancelled
CI/CD / validate-canonical-controls (push) Successful in 20s
Phase 1: backend-compliance — partial service-layer extraction
Phase 2: ai-compliance-sdk — full hexagonal split; iace/ucca/training handlers
and stores split into focused files; cmd/server/main.go → internal/app/
Phase 3: admin-compliance — types.ts, tom-generator loader, and major page
components split; lib document generators extracted
Phase 4: dsms-gateway, consent-sdk, developer-portal, breakpilot-compliance-sdk
Phase 5 CI hardening:
- loc-budget job now scans whole repo (blocking, no || true)
- sbom-scan / grype blocking on high+ CVEs
- ai-compliance-sdk/.golangci.yml: strict golangci-lint config
- check-loc.sh: skip test_*.py and *.html; loc-exceptions.txt expanded
- deleted stray routes.py.backup (2512 LOC)
Docs:
- root README.md with CI badge, service table, quick start, CI pipeline table
- CONTRIBUTING.md: setup, pre-commit checklist, guardrail marker reference
- CLAUDE.md: First-Time Setup & Claude Code Onboarding section
- all 7 service READMEs updated (stale phase refs, current architecture)
- AGENTS.go/python/typescript.md enhanced with linting, DI, barrel re-export
- .gitignore: dist/, .turbo/, pnpm-lock.yaml added
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-19 16:11:53 +02:00
Sharang Parnerkar
e3a1822883
refactor(admin): split training, control-provenance, iace/verification, training/learner, ControlDetail
...
All 5 files reduced below 500 LOC (hard cap) by extracting sub-components:
- training/page.tsx: 780→278 LOC — imports existing _components/, adds BlocksSection
- control-provenance/page.tsx: 739→145 LOC — extracts provenance-data.ts, ProvenanceHelpers, LicenseMatrix, SourceRegistry
- iace/[projectId]/verification/page.tsx: 673→164 LOC — extracts VerificationForm, CompleteModal, SuggestEvidenceModal, VerificationTable
- training/learner/page.tsx: 560→216 LOC — extracts AssignmentsList, ContentView, QuizView, CertificatesView
- ControlDetail.tsx: 878→311 LOC — adds ControlSourceCitation, ControlTraceability, ControlRegulatorySection, ControlSimilarControls, ControlReviewActions siblings
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-17 12:26:39 +02:00
Sharang Parnerkar
0125199c76
refactor(admin): split controls, training, control-provenance, iace/verification pages
...
Each page.tsx exceeded the 500-LOC hard cap. Extracted components and hooks into
colocated _components/ and _hooks/ directories; page.tsx is now a thin orchestrator.
- controls/page.tsx: 944 → 180 LOC; extracted ControlCard, AddControlForm,
LoadingSkeleton, TransitionErrorBanner, StatsCards, FilterBar, RAGPanel into
_components/ and useControlsData, useRAGSuggestions into _hooks/; types into _types.ts
- training/page.tsx: 780 → 288 LOC; extracted ContentTab (inline content generator tab)
into _components/ContentTab.tsx
- control-provenance/page.tsx: 739 → 122 LOC; extracted MarkdownRenderer, UsageBadge,
PermBadge, LicenseMatrix, SourceRegistry into _components/; PROVENANCE_SECTIONS
static data into _data/provenance-sections.ts
- iace/[projectId]/verification/page.tsx: 673 → 196 LOC; extracted StatusBadge,
VerificationForm, CompleteModal, SuggestEvidenceModal, VerificationTable into _components/
Zero behavior changes; logic relocated verbatim.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-16 22:50:15 +02:00
Benjamin Admin
0d95c3bb44
feat(control-provenance): add filter explanations, badges, and updated taxonomy
...
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Successful in 33s
CI/CD / test-python-backend-compliance (push) Successful in 33s
CI/CD / test-python-document-crawler (push) Successful in 21s
CI/CD / test-python-dsms-gateway (push) Successful in 19s
CI/CD / validate-canonical-controls (push) Successful in 12s
CI/CD / Deploy (push) Successful in 2s
- Add new "Filter in der Control Library" section explaining all 7 dropdowns
- Add "Badges & Lizenzregeln" section explaining Rule 1/2/3 and all badges
- Update taxonomy with actual top-10 domains and counts (~3100+ controls)
- Update Master Library strategy with current numbers
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-15 10:45:21 +01:00
Benjamin Admin
b6e6ffaaee
feat: add verification method, categories, and dedup UI to control library
...
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Successful in 44s
CI/CD / test-python-backend-compliance (push) Successful in 40s
CI/CD / test-python-document-crawler (push) Successful in 22s
CI/CD / test-python-dsms-gateway (push) Successful in 17s
CI/CD / validate-canonical-controls (push) Successful in 10s
CI/CD / Deploy (push) Successful in 4s
- Migration 047: verification_method + category columns, 17 category lookup table
- Backend: new filters, GET /categories, GET /controls/{id}/similar (embedding-based)
- Frontend: filter dropdowns, badges, dedup UI in ControlDetail with merge workflow
- ControlForm: verification method + category selects
- Provenance: verification methods, categories, master library strategy sections
- Fix UUID cast syntax in generator routes (::uuid -> CAST)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-14 07:55:22 +01:00
Benjamin Admin
050f353192
feat(canonical-controls): Canonical Control Library — rechtssichere Security Controls
...
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Successful in 40s
CI/CD / test-python-backend-compliance (push) Successful in 41s
CI/CD / test-python-document-crawler (push) Successful in 26s
CI/CD / test-python-dsms-gateway (push) Successful in 23s
CI/CD / validate-canonical-controls (push) Successful in 18s
CI/CD / deploy-hetzner (push) Successful in 2m26s
Eigenstaendig formulierte Security Controls mit unabhaengiger Taxonomie
und Open-Source-Verankerung (OWASP, NIST, ENISA). Keine BSI-Nomenklatur.
- Migration 044: 5 DB-Tabellen (frameworks, controls, sources, licenses, mappings)
- 10 Seed Controls mit 39 Open-Source-Referenzen
- License Gate: Quellen-Berechtigungspruefung (analysis/excerpt/embeddings/product)
- Too-Close-Detektor: 5 Metriken (exact-phrase, token-overlap, ngram, embedding, LCS)
- REST API: 8 Endpoints unter /v1/canonical/
- Go Loader mit Multi-Index (ID, domain, severity, framework)
- Frontend: Control Library Browser + Provenance Wiki
- CI/CD: validate-controls.py Job (schema, no-leak, open-anchors)
- 67 Tests (8 Go + 59 Python), alle PASS
- MkDocs Dokumentation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-12 19:55:06 +01:00
