339 Commits

Author	SHA1	Message	Date
Benjamin Admin	65b4857be5	feat(iace): KI-Vorschlag Button im FMEA-Tab ... - Dropdown: Komponente waehlen → "KI-Vorschlag" klicken - Ruft POST /projects/:id/components/:cid/suggest-fms auf - Zeigt LLM-generierte oder Bibliotheks-FMs als Overlay - Jeder Vorschlag mit Name, Auswirkung, S/O/D, RPZ Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 10:07:10 +02:00
Benjamin Admin	93028b443e	feat(iace): FMEA Bedienungsanleitung — ausklappbare Info-Box ... Erklaert S/O/D Skalen, RPZ + AP Kennzahlen, konkretes Beispiel (SPS Kommunikationsausfall), Workflow-Schritte. Fuer Nicht-Experten. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:54:56 +02:00
Benjamin Admin	6ce5b4bf41	feat(iace): VDA-Format FMEA Excel Export ... - GET /projects/:id/fmea/export → xlsx im VDA-Formblatt - Spalten: Nr, Komponente, Typ, Fehlerart, Fehlerfolge, S, O, D, RPZ, AP, Massnahme - AP-Zellen farbig: H=rot, M=gelb, L=gruen - Dependency: github.com/xuri/excelize/v2 (BSD-3-Clause) - Frontend: "VDA Excel exportieren" Button auf FMEA-Seite Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:45:18 +02:00
Benjamin Admin	ed3ebbc246	fix(compliance-check): send 'documents' instead of 'entries' to backend ... Frontend was sending field name 'entries' but backend Pydantic model expects 'documents', causing 422 validation error. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:25:36 +02:00
Benjamin Admin	4e865d2997	feat(iace): CE-Flag auf Komponenten + AIAG-VDA Action Priority (AP) ... CE-Flag: - Toggle "Bereits CE-gekennzeichnet" im ComponentForm - ce_marked Boolean auf Component (via metadata JSONB, kein DB-Change) - Hinweis "(Nur Schnittstellen bewerten)" im Formular AIAG-VDA Action Priority: - CalculateAP(S,O,D) → H/M/L nach AIAG-VDA FMEA Handbuch 2019 - AP-Spalte in FMEA-Worksheet: H=rot, M=gelb, L=grün - Ergänzt (nicht ersetzt) die bestehende RPZ-Berechnung Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:15:43 +02:00
Benjamin Admin	f5664612ad	feat(iace): Einsatzbereich / Branche — filtert branchenspezifische Patterns ... Neues Feld "Einsatzbereich" auf Interview-Seite (Sektion 7) mit 15 Branchen. Pattern Engine bekommt MachineTypes aus MatchInput → branchenfremde Patterns (Medizin, Aufzug, Bau etc.) feuern nur wenn die Branche ausgewählt ist. Refactoring: iace_handler_init.go aufgeteilt in init + init_helpers (LOC-Limit). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:09:28 +02:00
Benjamin Admin	6586d2cb5e	fix(iace): Delta + FMEA — derive component tags from names when library_id missing ... Auto-created components have no library_id. Delta analysis and FMEA now derive pattern-engine-compatible tags from component names (e.g. "Roboter" → cobot/robot_arm, "SPS" → controller/plc, "Scanner" → sensor). Also: new E2E test file iace-extensions.spec.ts (FMEA, Knowledge Graph, Delta API, Failure Modes API). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 08:26:15 +02:00
Benjamin Admin	df15f6f098	feat(iace): Erweiterung 5 — Safety Knowledge Graph (React Flow) ... Interaktiver Graph: Komponente → Gefaehrdung → Massnahme - 3-Spalten-Layout: Indigo (Komponenten), Rot (Hazards), Gruen (Massnahmen) - Animierte Kanten mit Pfeilmarkern - Zoom, Pan, MiniMap, Controls - Dependency: @xyflow/react v12 (MIT-Lizenz) Alle 5 IACE Phase-5 Erweiterungen jetzt abgeschlossen: 1. Betriebszustand-UI 2. FMEA-Worksheet 3. Delta-Impact-Preview Modal 4. Textil + Landmaschinen Patterns 5. Safety Knowledge Graph Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 07:20:38 +02:00
Benjamin Admin	bcf78c120a	feat(iace): Erweiterungen 2-4 — FMEA Worksheet, Delta Modal, Textil+Agri ... Erweiterung 2: FMEA-Worksheet Tab (/fmea) - Tabelle: Komponente | Typ | Fehlerart | Auswirkung | S | O | D | RPZ | Bewertung - RPZ-Farbcodierung: >200 Kritisch, >100 Handlungsbedarf, >50 Beobachten - Stats: Gesamt, Kritisch, Handlungsbedarf, Akzeptabel Erweiterung 3: DeltaPreviewModal (wiederverwendbar) - Modal zeigt +/- Patterns, Hazards, Massnahmen bei Aenderungen - Nutzt POST /delta-analysis Endpoint - Summary Grid + detaillierte Listen Erweiterung 4: Textilmaschinen (EN ISO 11111) + Landmaschinen (ISO 4254) - 21 neue Patterns: HP1550-HP1559 (Textil), HP1565-HP1575 (Agri) - 23 neue Massnahmen: M452-M460 (Textil), M461-M474 (Agri) - Walzenspalt, Zapfwelle, ROPS, autonomer Traktor, Siloexplosion etc. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 07:08:56 +02:00
Benjamin Admin	1866bb11ae	feat(mc-browser): MC Detail with member controls + phase filter ... Replace ControlDetail (empty for MCs) with MCDetail panel showing: - MC name, ID, total controls count - Phase badges as clickable filters - Member controls list with severity, phase, action, regulation source - Filter by lifecycle phase (definition, implementation, testing, etc.) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 00:24:16 +02:00
Benjamin Admin	f3751a4efa	feat(compliance-check): show business profile + banner check result in UI ... Add two info boxes above the checklist results: - Business profile (B2B/B2C, industry, regulated profession) - Banner check status (CMP detected, violations count, cross-check hint) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 00:19:51 +02:00
Benjamin Admin	66d30568e2	feat(dsms): Stufe 1 — Gap-Analyse Report wird in DSMS archiviert ... - Go DSMS Client (internal/dsms/client.go): Archive() + Verify() - Python DSMS Client (compliance/services/dsms_client.py): archive_to_dsms() + verify_dsms() - Gap-Analyse AnalyzeProject() archiviert Report-JSON nach DSMS - Response enthält dsms_cid wenn Archivierung erfolgreich - Frontend: Grünes "Revisionssicher archiviert" Badge mit CID im GapDashboard - DSMS Proxy Route (/api/sdk/v1/dsms/[...path]) für Verify-Abfragen Stufe 2 (Evidence Upload → DSMS) und Stufe 3 (Version Chains) folgen. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 23:39:26 +02:00
Benjamin Admin	36afbadc01	fix(mc-browser): add all missing field fallbacks for ControlDetail ... tags, generation_metadata, source_citation, verification_method, evidence_type, similar_controls, source_original_text, parent_control_uuid Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 23:22:41 +02:00
Benjamin Admin	7ca3624a1f	fix(mc-browser): scope fallback + severity/domain filters ... - Add scope/risk_score/implementation_effort fallbacks to prevent 'undefined is not an object' crash in ControlDetail - Add severity filter (high/medium/low based on total_controls) - Add domain filter (L1 token prefix match) - Fix sort options (source → canonical_name) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 23:13:22 +02:00
Benjamin Admin	397de741c1	feat(cmp): Phase 2 — script blocking + cookie tracking ... Migration 108: scripts_blocked, scripts_released, cookies_set JSONB columns. Backend models/schema/service/serializer/routes extended. Admin detail modal shows released scripts and set cookies with categories. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 22:52:26 +02:00
Benjamin Admin	051890c370	feat(cmp): restore vendor-agnostic fields + module wiring ... Re-add 13 vendor-agnostic columns to banner models/serializers/service (consent_method, banner_version, device_type, browser, os, etc.) that were lost when another session overwrote the code. Keep vendor_consents dict from the other session. Add list_consents method back to BannerConsentService. Wire CookieBanner, Loeschfristen and UseCases into Document Generator contextBridge (CMP_NAME, analytics tools, retention months, feature flags). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 21:57:54 +02:00
Benjamin Admin	0d0e705117	feat: Unified Compliance-Check — 8 document types in one form ... New 3-tab structure: Website-Scan, Compliance-Check, Banner-Check. Compliance-Check Tab (replaces Dokumenten-Pruefung + Impressum-Check): - 8 document rows: DSI, Impressum, Social Media, Cookie, AGB, Nutzungsbedingungen, Widerruf, DSB-Kontakt - Each row: URL input + "Text laden" + file upload + manual text - "Text laden" extracts via consent-tester, shows in editable textarea - User verifies/corrects text before checking - Empty fields = "not present" → own finding Business Profiler (business_profiler.py): - Detects B2B/B2C/B2G from all documents together - Recognizes regulated professions, online shops, editorial content - Context-aware: INFO checks become PASS/FAIL based on profile Backend: /compliance-check + /extract-text endpoints Frontend: ComplianceCheckTab.tsx + DocumentRow.tsx API proxies: compliance-check/route.ts + extract-text/route.ts Also: Impressum regex fixes (Telefon, AG, Geschaeftsfuehrung) and INFO severity for context-dependent checks. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:56:10 +02:00
Benjamin Admin	b8770e1b9c	feat(mc-browser): reuse Control Library UI for Master Controls ... - MC page.tsx imports ControlListView + useControlLibraryState directly - useControlLibraryState accepts optional backendUrl override - MC API route returns data in canonical control format - Same filters, pagination, sorting, click-to-detail as Control Library Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:02:31 +02:00
Benjamin Admin	916337b503	fix: Restore new page.tsx with 4 tabs (was overwritten by merge) ... Merge took the old page.tsx from main which still had useAgentAnalysis. Restored: Website-Scan, Dokumenten-Pruefung, Banner-Check, Impressum-Check. Removed: Schnellanalyse, Consent-Test, Compare, Auth-Test tabs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 15:04:29 +02:00
Benjamin Admin	3c7ed65f86	fix: remove dangling SDKPipelineSidebar reference ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 14:34:52 +02:00
Benjamin Admin	02ff96f74e	fix: resolve all merge conflict markers from feat/zeroclaw-compliance-agent ... 9 files had conflict markers from the branch merge. All resolved keeping the feature branch version. Also split agent_scan_routes.py (534→367 LOC) by extracting Pydantic models to agent_scan_models.py. [guardrail-change] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 12:15:07 +02:00
Benjamin Admin	36c6101b91	Merge feat/zeroclaw-compliance-agent into main ... Brings all compliance doc-check features: - 162 regex checks + 1874 Master Controls - LLM-agnostic agent with tool calling - Banner check (46 checks, 30 CMPs, stealth, Shadow DOM) - Impressum check (24 checks) - Deep consent verification (DataLayer, GCM, TCF) - CMP E2E tests (39 tests) - HTML email reports, FAQ, persistent history Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:44:20 +02:00
Benjamin Admin	e80bbe000f	feat(ui): Master Controls Browser — 13.5K MCs with member drill-down ... - New page /sdk/master-controls with sortable, searchable MC list - Click MC → expandable detail panel with atomic controls - Shows L1 token, L2 subtopic, phase, severity, regulation source - API proxy via pg directly to compliance.master_controls - Sidebar entry added Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:22:12 +02:00
Benjamin Admin	6f776b2fa8	fix(iace): FAB pointer-events fix + Initialisieren auf Betriebszustaende-Seite ... - FAB-Container bekommt pointer-events-none, nur Button + Panel sind klickbar (behebt: Buttons auf der rechten Seite waren nicht klickbar) - Initialisieren + Neu-Initialisieren Buttons von Interview-Seite auf Betriebszustaende-Seite verschoben (natuerlicher Flow: Grenzen → States → Init) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:18:12 +02:00
Benjamin Admin	a0bb9e3aed	feat(iace): "Neu initialisieren" Button + DeleteHazard ... - POST /initialize?force=true loescht bestehende Hazards + Mitigations und erstellt sie neu mit aktuellen Betriebszustaenden - Orange "Neu initialisieren" Button auf Interview-Seite (mit Confirm-Dialog) - DeleteHazard Store-Methode (kaskadiert Risk Assessments) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 09:17:50 +02:00
Benjamin Admin	cb8fb65d3e	feat(iace): Betriebszustand-Traceability auf Hazards + Mitigations ... Hazards zeigen jetzt farbige Badges mit den Betriebszustaenden die sie ausgeloest haben (z.B. "Wartung", "Not-Halt"). Mitigations erben die States ihrer verknuepften Hazards. Backend: OperationalStates im Function-Feld encodiert (kein DB-Schema), beim Lesen als operational_states[] JSON-Feld zurueckgegeben. Frontend: Indigo-Badges in HazardTable + MitigationCard. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 09:04:20 +02:00
Benjamin Admin	af5ab9127a	feat(docgen): wire CMP, Loeschfristen, UseCases into Document Generator ... Connect three previously siloed modules to the contextBridge: - CookieBanner → CONSENT (analytics tools, marketing partners) + FEATURES (CMP_NAME, HAS_FUNCTIONAL_COOKIES) - RetentionPolicies → PRIVACY.ANALYTICS_RETENTION_MONTHS (from actual Loeschfristen data) - UseCases → FEATURES flags (HAS_ACCOUNT, HAS_PAYMENTS, HAS_NEWSLETTER, HAS_SOCIAL_MEDIA) Previously all FEATURES were hardcoded false/empty in EMPTY_CONTEXT. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:37:12 +02:00
Benjamin Admin	8f169cbae3	feat(gap): IST-Zustand Assessment — IACE + Normen + Prozesse ... Gap Analysis v2: statt 500 generische Gaps → nur die ECHTEN Lücken. Backend: - ProductProfile um 15 IST-Felder erweitert (Normen, Doku, Prozesse, CE) - assessGapStatus prüft: IACE-Mitigations → Zertifizierungen → Normen → IST-Felder - norm_mapping.go: 20 Normen → MC-Topic Mapping (ISO 12100, IEC 62443, etc.) - IACE-Integration: CheckIACECoverage() matcht verified Mitigations gegen MCs Frontend: - 2-Step Wizard: Produkt beschreiben → IST-Zustand erfassen - IstAssessment.tsx: CE-Jahr, Normen-Multiselect, Doku+Prozess Checkboxen - Step-Navigation mit visuellen Indikatoren Migration 025 erweitert um IST-Felder. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:33:17 +02:00
Benjamin Admin	cc919eb608	feat: KI-Agent toggle in all 3 check tabs ... - Impressum-Check: Toggle activates 75 Impressum MCs via agent - Banner-Check: Toggle runs additional cookie doc-check (381 MCs) after the Playwright banner test completes - Both use the same use_agent flag through doc-check endpoint Green pill button consistent across all tabs: 'KI-Agent aus' / 'KI-Agent aktiv (X MCs)' Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:00:36 +02:00
Benjamin Admin	6cb5da56b3	feat(frontend): persistent gap projects — list, create, re-analyze ... - Project list view with saved projects - Create + analyze in one flow (saves to DB) - Re-open saved projects for re-analysis - 3 views: projects list → wizard → dashboard Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 07:50:03 +02:00
Benjamin Admin	53c641800f	feat(iace): Phase 5 — Betriebszustand-UI + E2E Tests ... - GET /operational-states endpoint (9 States + 20 Transitions) - Frontend: Operational States page with state cards, transitions graph, delta preview - Navigation: Betriebszustaende entry between Grenzen and Normenrecherche - E2E: 60+ new Phase 5 tests (operational states, hazards, mitigations, classification) - E2E: Updated expected counts for expanded libraries (476 measures, 1114 patterns) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 00:26:07 +02:00
Benjamin Admin	91d6d8b1a7	feat: KI-Agent toggle button in Dokumenten-Pruefung ... Green pill button: 'KI-Agent aus' / 'KI-Agent aktiv (1.874 MCs)' Toggles use_agent flag which is passed through the full chain: Frontend → DocCheckRequest → _run_doc_check → _check_single_document → check_document_with_controls(use_agent=True) → ComplianceAgent with tool calling Default: OFF (deterministic regex). User can enable per scan. Also works via env var COMPLIANCE_USE_AGENT=true for always-on. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 23:26:21 +02:00
Benjamin Admin	85d261a3f8	feat(frontend): Gap Analysis UI — Product Wizard + Dashboard ... - ProductWizard: Product type, technologies, data processing, certifications - GapDashboard: Summary cards, regulation overview, prioritized gap table - Expandable rows with recommendations - Filter by severity and status - Route: /sdk/gap-analysis Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 23:19:21 +02:00
Benjamin Admin	289ec5f396	feat(cmp): vendor-agnostic consent data model — 13 new fields ... Extend banner consent records with consent_method, banner_version, banner_config_hash, geo, page_url, referrer, device info, session_id and consent_scope for full Art. 7 DSGVO proof with any tracking vendor. Migration 107, backward-compatible (all fields nullable). Admin detail modal shows tracking context, device info and technical data. Fix pre-existing str|None → Optional[str] for Python 3.9 compat. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 23:12:20 +02:00
Benjamin Admin	bdbc30e47b	feat(cmp): unified consent view — Website-Besucher + Login-Nutzer tabs ... Merges two separate consent views into one unified page at /sdk/einwilligungen: - Tab "Website-Besucher": device-based banner consents with site selector - Tab "Login-Nutzer": user-based DSGVO consents (existing, unchanged) Backend: - New endpoint GET /admin/consents for paginated banner consent records - Fix: categories JSON string parsing (was iterating chars instead of array) CMP Dashboard: - Dynamic site selector replacing hardcoded "preview-test-site" Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 22:41:56 +02:00
Benjamin Admin	05d98ea95f	feat: New tab structure — Discovery Scan, Doc-Check, Banner, Impressum ... Removed Schnellanalyse tab. New 4-tab structure: 1. Website-Scan (Discovery): Finds legal documents + services, shows "Jetzt pruefen" buttons that navigate to specialized tabs with pre-filled URLs. 2. Dokumenten-Pruefung: DSI, AGB, Cookie, Widerruf checks (existing) 3. Banner-Check: Cookie banner 46-check deep verification (existing) 4. Impressum-Check (NEW): §5 TMG / §18 MStV with 16 checks, own tab with URL input, history, email report. Uses existing impressum_checks.py via doc-check endpoint. Tab cross-navigation: Scan → "Jetzt pruefen" → opens target tab with URL pre-filled via localStorage handoff. Removed: Mode selector (pre/post launch), Schnellanalyse, useAgentAnalysis hook import, AnalysisResult/FollowUpQuestions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 09:09:27 +02:00
Benjamin Admin	f201c01a06	fix: Replace unicode escapes with actual emoji characters	2026-05-10 08:20:00 +02:00
Benjamin Admin	33f0a64ff6	feat: Persistent result history — click to reload old scan results ... Both DocCheckTab and BannerCheckTab now: - Store full scan results per history entry in localStorage - History entries are clickable — loads the saved result immediately - No need to re-scan to see old results - Fallback to last result if specific entry not found - Banner-Check sends HTML email report to mailpit Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 07:59:02 +02:00
Benjamin Admin	1b8e9881bb	feat: Banner-Check — Historie, persistentes Ergebnis, E-Mail-Report ... 1. localStorage Persistenz: URL, letztes Ergebnis, Historie (30 Eintraege) 2. Historie: Zeigt URL, Datum, Provider, Violations, Prozent 3. Letztes Ergebnis bleibt nach Tab-Wechsel/Reload sichtbar 4. E-Mail-Report: HTML-formatiert mit Violations + Hints an mailpit 5. Email-Status Anzeige im Frontend Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 07:55:12 +02:00
Benjamin Admin	2e29b611c9	feat(iace): Phase 1 — Haftungs-Fixes, Massnahmen-Verkabelung, Explainability Engine ... Phase 1A — Haftungs-kritische Fixes: - SIL/PL-Badges als "Vorab-Einschaetzung" mit Tooltip gekennzeichnet - Coverage-Disclaimer in CE-Akte, Projekt-Uebersicht und Print-Export - Norm-Referenzen: 42 Kapitelverweise durch Themen-Deskriptoren ersetzt Phase 1B — Massnahmen-Verkabelung: - 16 neue Massnahmen (M201-M216) fuer bisher unabgedeckte Kategorien (communication_failure, hmi_error, firmware_corruption, maintenance, sensor_fault, mode_confusion) - Kategorie-Fallback im Initialize-Endpoint: ordnet Massnahmen aus der Bibliothek automatisch per HazardCategory zu (max 8 pro Kategorie) - Total: 225 → 241 Massnahmen, 0 Kategorien ohne Massnahmen Phase 1C — Explainability Engine: - MatchReason Struct in PatternMatch (type, tag, met) - Pattern Engine schreibt fuer jeden Match strukturierte Begruendungen - Frontend zeigt "Erkannt weil: Komponente X, Energie Y, Kein Ausschluss Z" Weitere Aenderungen: - BAuA/OSHA Regulatory Hints: 3 Enrich-Endpoints (per Hazard, per Measure, Batch) - Dokumente-Tab in IACE-Bibliothek (36.708 Chunks aus Qdrant) - Varianten-UX: Basis-Projekt-Summary auf Varianten-Seite - Projekt-Initialisierung: POST /initialize kettet Parse→Komponenten→Patterns→Hazards→Massnahmen→Normen - 18 pre-existing TS-Fehler gefixt, Route-Konflikt behoben - Component-Library + Measures-Library Tests aktualisiert Tests: Go alle bestanden, TS 0 Fehler, Playwright 141+ bestanden Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 21:32:23 +02:00
Benjamin Admin	8682522212	feat: Variantenmanagement — Sub-Projekte mit GAP-Analyse ... Backend: - parent_project_id auf iace_projects (DB + Go Struct) - POST/GET /variants + GET /variant-gap Endpoints - GAP-Analyse: Differenz Hazards/Massnahmen/Kategorien Frontend: - VariantPanel auf Projekt-Uebersicht - Variante erstellen Dialog - Sidebar-Anzeige (Variantenanzahl / Basis-Link) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 10:47:01 +02:00
Benjamin Admin	2143840ee7	docs(agent): add FAQ about harmonised standards copyright + EuGH C-588/21 P ... Explains why companies must buy norms their own employees wrote, and the 2024 EuGH ruling that harmonised standards are EU law and must be freely accessible. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 09:50:44 +02:00
Benjamin Admin	4d708b4443	feat(iace): add withdrawn filter to norms library frontend ... - Add withdrawn/valid_until/replaced_by to Norm interface - Add Status filter (Aktiv/Zurueckgezogen) — defaults to "Aktiv" - Withdrawn norms hidden by default, viewable via filter Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 08:50:26 +02:00
Benjamin Admin	4bfb438c92	feat: 4 banner check upgrades — 30 CMPs, stealth, Shadow DOM, categories ... 1. 30 CMP selectors (was 10): Added Sourcepoint, Iubenda, Complianz, CookieFirst, HubSpot, Osano, Piwik PRO, Cookie Consent (Insites), Axeptio, Termly, CookieScript, Civic UK, GDPR Cookie Compliance, CookieHub, Ketch, Admiral, Sibbo, Evidon, LiveRamp, Adsimple. Plus improved generic fallback: role=dialog, aria-label, data-* attrs. 2. Playwright stealth mode: playwright-stealth against bot detection. Removes WebDriver flag, simulates plugins, realistic viewport/locale. Launch args: --disable-blink-features=AutomationControlled. 3. Shadow DOM: Recursive JS-based search through shadowRoot elements for consent banners. Fallback click via page.evaluate() when normal Playwright selectors can't penetrate Shadow DOM. 4. Category selection UI: User can choose which cookie categories to test (Notwendig, Statistik, Marketing, Funktional, Praeferenzen). Pill-style checkboxes in BannerCheckTab, forwarded through API chain. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 08:42:30 +02:00
Benjamin Admin	751f4a5ee7	fix: Remove dead polling code from BannerCheckTab ... The /banner-check endpoint is synchronous (Playwright completes in <30s and returns result directly). Removed unused async polling loop that would never match since no scan_id is returned. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 08:22:36 +02:00
Benjamin Admin	c89e46a828	feat: Dokumenten Upload im Normenrecherche-Tab ... Drag & Drop Upload-Zone fuer kundeneigene PDFs (Normen, Spezifikationen). Tenant-isoliert, Status-Tracking, Backend-Placeholder fuer RAG-Pipeline. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 08:07:58 +02:00
Benjamin Admin	0fcb3ee488	docs(agent): add Machinery Regulation harmonised standards FAQ ... Explains current status: no harmonised standards published under (EU) 2023/1230 yet, ~800 from old directive still valid. Timeline from June 2023 to January 2027 full application. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-09 07:17:32 +02:00
Benjamin Admin	c6229a2c22	fix: Tech-File html_content → content Mapping ... API liefert html_content, Frontend erwartet content. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-08 06:46:51 +02:00
Benjamin Admin	c27022d11b	feat: CE-Akte mit Anhang IV + Tech-File Sections fuer alle 4 Projekte ... - 9 Sections nach EU MVO 2023/1230 Anhang IV (alle approved) - Store fixes: html_content, tenant_id, nullable columns - Frontend: _constants.ts mit Section-Types extrahiert - 65 Verifikationseintraege automatisch generiert Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-08 01:49:14 +02:00
Benjamin Admin	686834cea0	feat: 4 remaining tasks — EU institutions, banner integration, JS-sites, Caritas fixes ... 1. EU Institution Checks (Verordnung 2018/1725): - New doc_type "eu_institution" with 9 L1 + 15 L2 checks - Both German + English patterns (EU institutions are multilingual) - Auto-detection via "2018/1725", "EDSB", "EDPS" keywords - Correct article references (Art. 15 instead of 13, Art. 5 instead of 6) 2. Banner Check Integration: - banner_runner.py maps scan results to 36 L1/L2 structured checks - BannerCheckTab shows hierarchical ChecklistView with hints - 3-phase summary (cookies/scripts before/after consent) - /scan endpoint now includes structured_checks in response 3. JS-heavy Website Fixes (dm, Zalando, HWK): - dsi_helpers.py: goto_resilient (networkidle→domcontentloaded fallback) - try_dismiss_consent_banner before text extraction - PDF redirect detection (dm.de redirects to GCS PDF) 4. Caritas False Positive Fixes: - Phone regex allows parentheses: +49 (0)761 → now matches - "Recht auf Widerspruch" (3 words) + §23 KDG → matches Art. 21 - Church authorities: "Katholisches Datenschutzzentrum" recognized Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-08 01:10:10 +02:00