Both academy and training proxy routes now set default identity headers
so the Go backend RBAC middleware can set the tenant context. Without
these defaults, the browser doesn't send X-User-ID and modules/courses
return empty.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Create server-side health check API that probes actual compliance services
(Backend, AI SDK, Ollama, TTS, Embedding, RAG, Qdrant, Valkey, MinIO)
from within the Docker network. Replaces the non-existent endpoint that
caused all services to show as offline. Also updates ServiceStatus
component to list compliance-relevant services instead of lehrer services.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Drafting Engine: 7-module pipeline with narrative tags, allowed facts governance,
PII sanitizer, prose validator with repair loop, hash-based cache, and terminology
guide. v1 fallback via ?v=1 query param.
IACE: Initial AI-Act Conformity Engine with risk classifier, completeness checker,
hazard library, and PostgreSQL store for AI system assessments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Reduce chat history from 10 to 6 messages to fit context window
- Lower num_predict from 8192 to 2048 for faster responses
- Add Training module link to SDK sidebar navigation
- Add snake_case to camelCase key transformation for reporting API
(Go backend returns snake_case, TypeScript expects camelCase)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements the 4-level GCI scoring model (Module -> Risk-Weighted -> Regulation Area -> Final GCI)
with DSGVO, NIS2, ISO 27001, and EU AI Act integration.
Backend:
- 9 Go files: engine, models, weights, validity, NIS2 roles/scoring, ISO mapping/gap-analysis, mock data
- GCI handlers with 13 API endpoints under /sdk/v1/gci/
- Routes registered in main.go
Frontend:
- TypeScript types, API client, Next.js API proxy
- Dashboard page with 6 tabs (Overview, Breakdown, NIS2, ISO 27001, Matrix, Audit Trail)
- Sidebar navigation entry
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Next.js pages for Academy, Whistleblower, Incidents, Document Crawler,
DSB Portal, Industry Templates, Multi-Tenant and SSO. Add API proxy routes
and TypeScript SDK client libraries. Add server binary to .gitignore.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
