breakpilot-compliance

Benjamin_Boenisch/breakpilot-compliance

Fork 0

Commit Graph

Author	SHA1	Message	Date
Benjamin Admin	d208a2bde2	feat: Mail-Restrukturierung + B22 Cross-Domain-Doc-Detector CI / validate-canonical-controls (push) Successful in 11s Details CI / loc-budget (push) Successful in 13s Details CI / go-lint (push) Has been skipped Details CI / test-go (push) Has been skipped Details CI / iace-gt-coverage (push) Has been skipped Details CI / detect-changes (push) Successful in 7s Details CI / branch-name (push) Has been skipped Details CI / guardrail-integrity (push) Has been skipped Details CI / secret-scan (push) Has been skipped Details CI / dep-audit (push) Has been skipped Details CI / sbom-scan (push) Has been skipped Details CI / build-sha-integrity (push) Failing after 4s Details CI / python-lint (push) Has been skipped Details CI / nodejs-build (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-python-backend (push) Successful in 30s Details CI / test-python-document-crawler (push) Has been skipped Details CI / test-python-dsms-gateway (push) Has been skipped Details User-Feedback BMW v5: "740 Cookies verschwunden auf 31, Übersicht verloren". Drei Anpassungen: Mail-Restrukturierung (_executive_summary.py + _compose.py): - render_executive_summary(): Top-of-mail TL;DR mit Compliance-Score (gross + farbig), Top-3-Findings nach Severity, Cookie-Statistik (deklariert/Browser/Drittland), Severity-Verteilungs-Chips. - collapsible(): wrapt jeden Block in <details>/<summary>. Mailpit + alle modernen Mail-Clients rendern das nativ. - _compose.py: alle 18+ B-Blöcke + per_doc + per_theme + legacy_html in Akkordeons. NUR Critical-Findings + Sofort- massnahmen sind immer offen — Reviewer sieht ~15 Zeilen Übersicht und klappt selektiv auf. - Cookie-Inventar (742) hat jetzt eigene Sektion ganz oben (Akkordeon "🍪 Cookie-Inventar"), Vendor-Karten parallel. B22 Cross-Domain-Legal-Doc-Detector (cross_domain_doc_check.py): Real-Beispiel User-Feedback: Elli's AGB liegt auf docs.logpay.de statt elli.eco. Detektor erkennt SLD-Mismatch: - HIGH bei agb / widerruf (vertragsrelevant) - MEDIUM bei dse / nutzungsbedingungen - INFO bei cookie / impressum (Best-Practice) Norm: DSGVO Art. 28 (AVV-Pflicht für Hosting) + Art. 13 Abs. 1 lit. e (Empfänger) + § 312i BGB (Cool-URLs). 9/9 Tests grün inkl. Elli/LogPay Pattern. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-06-08 11:35:55 +02:00

Author

SHA1

Message

Date

Benjamin Admin

d208a2bde2

feat: Mail-Restrukturierung + B22 Cross-Domain-Doc-Detector

CI / validate-canonical-controls (push) Successful in 11s

Details

CI / loc-budget (push) Successful in 13s

Details

CI / go-lint (push) Has been skipped

Details

CI / test-go (push) Has been skipped

Details

CI / iace-gt-coverage (push) Has been skipped

Details

CI / detect-changes (push) Successful in 7s

Details

CI / branch-name (push) Has been skipped

Details

CI / guardrail-integrity (push) Has been skipped

Details

CI / secret-scan (push) Has been skipped

Details

CI / dep-audit (push) Has been skipped

Details

CI / sbom-scan (push) Has been skipped

Details

CI / build-sha-integrity (push) Failing after 4s

Details

CI / python-lint (push) Has been skipped

Details

CI / nodejs-build (push) Has been skipped

Details

CI / nodejs-lint (push) Has been skipped

Details

CI / test-python-backend (push) Successful in 30s

Details

CI / test-python-document-crawler (push) Has been skipped

Details

CI / test-python-dsms-gateway (push) Has been skipped

Details

User-Feedback BMW v5: "740 Cookies verschwunden auf 31, Übersicht
verloren". Drei Anpassungen:

Mail-Restrukturierung (_executive_summary.py + _compose.py):
  - render_executive_summary(): Top-of-mail TL;DR mit
    Compliance-Score (gross + farbig), Top-3-Findings nach
    Severity, Cookie-Statistik (deklariert/Browser/Drittland),
    Severity-Verteilungs-Chips.
  - collapsible(): wrapt jeden Block in <details>/<summary>.
    Mailpit + alle modernen Mail-Clients rendern das nativ.
  - _compose.py: alle 18+ B-Blöcke + per_doc + per_theme +
    legacy_html in Akkordeons. NUR Critical-Findings + Sofort-
    massnahmen sind immer offen — Reviewer sieht ~15 Zeilen
    Übersicht und klappt selektiv auf.
  - Cookie-Inventar (742) hat jetzt eigene Sektion ganz oben
    (Akkordeon "🍪 Cookie-Inventar"), Vendor-Karten parallel.

B22 Cross-Domain-Legal-Doc-Detector (cross_domain_doc_check.py):
  Real-Beispiel User-Feedback: Elli's AGB liegt auf docs.logpay.de
  statt elli.eco. Detektor erkennt SLD-Mismatch:
  - HIGH bei agb / widerruf (vertragsrelevant)
  - MEDIUM bei dse / nutzungsbedingungen
  - INFO bei cookie / impressum (Best-Practice)
  Norm: DSGVO Art. 28 (AVV-Pflicht für Hosting) + Art. 13 Abs. 1
  lit. e (Empfänger) + § 312i BGB (Cool-URLs).
  9/9 Tests grün inkl. Elli/LogPay Pattern.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-06-08 11:35:55 +02:00

1 Commits