Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
1,198 Commits 11 Branches 1 Tag
4087bb5f185d31bc448fc75ef18db59f9fdff1aa
Commit Graph

4 Commits

Author SHA1 Message Date
Benjamin Admin 2b1fe3713a feat(dsms): tech-file DSMS archive now logs CID into IACE audit trail 
Before: archiveTechFile called dsms.Archive() and discarded the result. The
file was archived to IPFS but no audit-trail entry was written, so there
was no way to later prove "this CE-Akte export went to DSMS with CID X".

After:
- archiveTechFile is now a method on IACEHandler with access to store + gin
  context, and captures the CID from dsms.Archive().
- Writes an AuditAction "tech_file_export" audit entry whose new_values
  JSON carries {cid, filename, size}, mirroring the Python evidence-upload
  pattern.
- Applies to PDF, XLSX, DOCX, and Markdown exports.

Plus dsms package gets 3 unit tests pinning the contract: success-CID
extraction, gateway-unreachable returns nil, 500-response returns nil.

This closes DSMS Stufe 2 (evidence side was already wired; tech-file side
was missing the audit hook). Stufe 3 next: version chains + delta view.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-22 10:02:18 +02:00
Benjamin Admin edbf6d2be5 feat(dsms): Stufe 2+3 — Evidence/TechFile → DSMS + Version Chains + Audit Timeline
Build + Deploy / build-admin-compliance (push) Successful in 1m58s
Details
Build + Deploy / build-backend-compliance (push) Successful in 12s
Details
Build + Deploy / build-ai-sdk (push) Successful in 11s
Details
Build + Deploy / build-developer-portal (push) Successful in 11s
Details
Build + Deploy / build-tts (push) Successful in 21s
Details
Build + Deploy / build-document-crawler (push) Successful in 11s
Details
Build + Deploy / build-dsms-gateway (push) Successful in 14s
Details
Build + Deploy / build-dsms-node (push) Successful in 14s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / loc-budget (push) Failing after 15s
Details
CI / secret-scan (push) Has been skipped
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Successful in 2m40s
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / test-go (push) Successful in 40s
Details
CI / test-python-backend (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 26s
Details
CI / test-python-dsms-gateway (push) Successful in 22s
Details
CI / validate-canonical-controls (push) Successful in 14s
Details
Build + Deploy / trigger-orca (push) Successful in 2m26s
Details 
Stufe 2A: Evidence Upload → automatische DSMS-Archivierung
- Nach SHA-256 Hash → archive_to_dsms(), CID im Audit-Trail
- Evidence mit CID wird automatisch zu E2 (hash-verifiziert) hochgestuft

Stufe 2B: IACE Tech-File Export → DSMS
- PDF/Excel/DOCX/Markdown Exporte werden nach DSMS archiviert
- archiveTechFile() Helper fuer alle 4 Formate

Stufe 3A: DSMS Gateway — parent_cid + History Endpoint
- parent_cid + tenant_id Felder in DocumentMetadata
- GET /documents/{cid}/history — folgt parent_cid-Chain (max 50 deep)

Stufe 3C: Audit Timeline UI
- Neue Seite /sdk/audit-timeline
- Vertikale Timeline mit farbigen Action-Dots
- Filter: Alle, Nachweis, DSMS-Archiv, Control, Dokument, DSFA, VVT, TOM
- CID-Badges fuer DSMS-archivierte Eintraege

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-12 13:55:07 +02:00
Benjamin Admin 89af88ef7d feat: Fortschritts-Tracker + Verifikation-Endpoints + Tech-File Erweiterung 
- Übersicht: Completeness Gates durch Projektfortschritts-Tracker ersetzt
  (6 CE-Prozessschritte mit Status + Naechster-Schritt Empfehlung)
- Verifikation: GET/POST/DELETE /verifications Endpoints + Alias-Handler
- Tech-File: Anhang IV Struktur-Erweiterung
- Maßnahmen: Expandable Details vorbereitet

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-05-08 01:02:41 +02:00
Sharang Parnerkar 3f306fb6f0 refactor(go/handlers): split iace_handler and training_handlers into focused files 
iace_handler.go (2706 LOC) split into 9 files:
- iace_handler.go: struct, constructor, shared helpers (~156 LOC)
- iace_handler_projects.go: project CRUD + InitFromProfile (~310 LOC)
- iace_handler_components.go: components + classification (~387 LOC)
- iace_handler_hazards.go: hazard library, CRUD, risk assessment (~469 LOC)
- iace_handler_mitigations.go: mitigations, evidence, verification plans (~293 LOC)
- iace_handler_techfile.go: CE tech file generation/export (~452 LOC)
- iace_handler_monitoring.go: monitoring events + audit trail (~134 LOC)
- iace_handler_refdata.go: ISO 12100 ref data, patterns, suggestions (~465 LOC)
- iace_handler_rag.go: RAG library search + section enrichment (~142 LOC)

training_handlers.go (1864 LOC) split into 9 files:
- training_handlers.go: struct + constructor (~23 LOC)
- training_handlers_modules.go: module CRUD (~226 LOC)
- training_handlers_matrix.go: CTM matrix endpoints (~95 LOC)
- training_handlers_assignments.go: assignment lifecycle (~243 LOC)
- training_handlers_quiz.go: quiz submit/grade/attempts (~185 LOC)
- training_handlers_content.go: LLM content/audio/video generation (~274 LOC)
- training_handlers_media.go: media, streaming, interactive video (~325 LOC)
- training_handlers_blocks.go: block configs + canonical controls (~280 LOC)
- training_handlers_stats.go: deadlines, escalation, audit, certificates (~290 LOC)

All files remain in package handlers. Zero behavior changes. All exported
function names preserved. All files under 500 LOC hard cap.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-19 09:17:20 +02:00