Task #17 — Folgegefahren-Modell as Vorbereitungs-Commit (no DB schema
change yet; persistence via separate [migration-approved] commit).
New:
- secondary_harms.go: SecondaryHarm struct + six canonical categories
(consumer_safety, product_liability, food_safety, environmental,
reputation, financial) with DE labels.
- hazard_pattern_types.go: HazardPattern extended with optional
SecondaryHarms field — pattern library can now attach consequential-
damage chains.
- hazard_patterns_secondary_demo.go: two worked examples
- HP2000 Glasbruch carbonated bottling (the "Cola splitter" scenario
from the IACE strategy discussion) with consumer_safety + food_safety
+ reputation chains
- HP2001 Pharma fill-finish cross-contamination with consumer_safety
+ product_liability under AMG §84
Bonus fix:
- compliance_crossover.go AllPatterns() was a duplicate enumeration that
silently drifted from collectAllPatterns() in pattern_registry.go.
Pre-fix: 1058 patterns visible. Post-fix: 1213 patterns. The 155 invisible
patterns included CRA, ISO12100 gaps, robot-cell, CNC extended, VDMA,
textile-agri, GT-bremse — anything added after the original AllPatterns
was authored. Audit-Suite (cmd/iace-audit) now sees the full set.
Next steps for full secondary-harm rollout:
- DB migration: hazards table + secondary_harms array column
- API: surface secondary_harms in /projects/:id/hazards response
- Frontend: collapsible Folgegefahren-Panel in HazardTable
Automatische Erkennung von DSGVO/AI Act/CRA/NIS2/Data Act
Implikationen bei CE-Gefaehrdungen. 50 Trigger-Mappings auf
Hazard-Patterns → Compliance-Module mit Modul-Links.
- compliance_triggers.go: 50 Pattern→Regulation Mappings
- compliance_crossover.go: Engine die Projekt-Hazards gegen Trigger prueft
- iace_handler_compliance.go: GET /compliance-triggers API
- ComplianceAlerts.tsx: Frontend Alert-Panel auf Projekt-Uebersicht
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Benjamin Admin