Alle /ai/... und /developers/... Pfade hatten keine Pages (404).
Gefixt: Daten&RAG→/sdk/rag, Schulungen→/sdk/training,
Screening→/sdk/screening, Qualitaet→/sdk/quality.
SDK-Doku-Kategorie entfernt (liegt auf Developer Portal :3006).
Meta-Links ohne Pages (architecture, onboarding, backlog, rbac)
durch SDK-Module-Link ersetzt.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
OCR-Labeling ist bereits im Core Admin (macmini:3002/ai/ocr-pipeline)
vorhanden und wird im Compliance Dashboard nicht benoetigt.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Website (Uebersetzungen, Manager) und GPU Infrastruktur gehoeren
nicht ins Compliance Dashboard. GPU ist im Core Admin (macmini:3008).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Diese Module gehoeren nur in den Admin Lehrer (macmini:3002),
nicht ins Compliance Dashboard. Entfernt: Education Search,
Zeugnisse-Crawler, Abitur-Archiv, Klausur-Korrektur, Magic Help.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Migrate queryRAG from klausur-service GET to bp-core-rag-service POST with
multi-collection support. Each of the 18 ScopeDocumentType now gets a
type-specific RAG collection and optimized search query instead of the
generic fallback. Vendor-compliance contract review now uses LLM + RAG
for real analysis with mock fallback on error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add legal context enrichment from Qdrant vector corpus to the two
highest-priority modules (Requirements AI assistant and DSFA drafting
engine).
Go SDK:
- Add SearchCollection() with collection override + whitelist validation
- Refactor Search() to delegate to shared searchInternal()
Python backend:
- New ComplianceRAGClient proxying POST /sdk/v1/rag/search (error-tolerant)
- AI assistant: enrich interpret_requirement() and suggest_controls() with RAG
- Requirements API: add ?include_legal_context=true query parameter
Admin (Next.js):
- Extract shared queryRAG() utility from chat route
- Inject RAG legal context into v1 and v2 draft pipelines
Tests for all three layers (Go, Python, TypeScript shared utility).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Part 1 — RAG Corpus Versioning:
- New DB table compliance_corpus_versions (migration 017)
- Go CorpusVersionStore with CRUD operations
- Assessment struct extended with corpus_version_id
- API endpoints: GET /rag/corpus-status, /rag/corpus-versions/:collection
- RAG routes (search, regulations) now registered in main.go
- Ingestion script registers corpus versions after each run
- Frontend staleness badge in SDK sidebar
Part 3 — Source Policy Backend:
- New FastAPI router with CRUD for allowed sources, PII rules,
operations matrix, audit trail, stats, and compliance report
- SQLAlchemy models for all source policy tables (migration 001)
- Frontend API base corrected from edu-search:8088/8089 to
backend-compliance:8002/api
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add quizQuestions field to Lesson interface
- Map quiz_questions (snake_case) to quizQuestions (camelCase) in course mapping
- Map correct_index to correctOptionIndex for quiz rendering
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add POST /academy/courses/generate endpoint that creates an academy
course from a training module (with content + quiz as lessons)
- Add POST /academy/courses/generate-all to bulk-generate all courses
- Fix academy API response mapping (snake_case → camelCase)
- Fix fetchCourses/fetchCourse/fetchEnrollments/fetchStats to unwrap
backend response wrappers ({courses:[...]}, {course:{...}})
- Add "Alle Kurse generieren" button to academy overview page
- Fix bulkResult.errors crash in training page (optional chaining)
- Add SetAcademyCourseID to training store for bidirectional linking
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add training step to the Betrieb package in SDK_STEPS so it appears
in the sidebar after Compliance Academy.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use consistent :moduleId param name for content routes and :mediaId for
media routes. Add param adapters for handlers that expect different names.
Fix frontend media API paths to match backend route structure.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Connect the existing training engine handlers (40+ endpoints) to the router
in main.go. This was the critical blocker preventing the training content
pipeline from being accessible. Also adds generateCourse, generateVideos,
and getVideoStatus functions to the academy API client, plus the
GenerateCourseRequest type.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Academy API client was using NEXT_PUBLIC_SDK_API_URL with fallback
to http://localhost:8093, which is unreachable from the browser. Changed
to use the existing Next.js proxy at /api/sdk/v1/academy/.
Drafting Engine: 7-module pipeline with narrative tags, allowed facts governance,
PII sanitizer, prose validator with repair loop, hash-based cache, and terminology
guide. v1 fallback via ?v=1 query param.
IACE: Initial AI-Act Conformity Engine with risk classifier, completeness checker,
hazard library, and PostgreSQL store for AI system assessments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fix interleaved step ordering by introducing global sequence numbers (100-4700)
instead of package-relative order. Add conditional visibility (visibleWhen) for
optional steps like Import and DSFA. Fix TOM/workflow prerequisite bugs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Reduce chat history from 10 to 6 messages to fit context window
- Lower num_predict from 8192 to 2048 for faster responses
- Add Training module link to SDK sidebar navigation
- Add snake_case to camelCase key transformation for reporting API
(Go backend returns snake_case, TypeScript expects camelCase)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix route param conflict: /content/publish/:id instead of /content/:id/publish
- Fix route conflict: /media/module/:moduleId for module media list
- Use Piper binary instead of pip package (ARM64 compatibility)
- Update frontend API URLs to match new routes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements the 4-level GCI scoring model (Module -> Risk-Weighted -> Regulation Area -> Final GCI)
with DSGVO, NIS2, ISO 27001, and EU AI Act integration.
Backend:
- 9 Go files: engine, models, weights, validity, NIS2 roles/scoring, ISO mapping/gap-analysis, mock data
- GCI handlers with 13 API endpoints under /sdk/v1/gci/
- Routes registered in main.go
Frontend:
- TypeScript types, API client, Next.js API proxy
- Dashboard page with 6 tabs (Overview, Breakdown, NIS2, ISO 27001, Matrix, Audit Trail)
- Sidebar navigation entry
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Next.js pages for Academy, Whistleblower, Incidents, Document Crawler,
DSB Portal, Industry Templates, Multi-Tenant and SSO. Add API proxy routes
and TypeScript SDK client libraries. Add server binary to .gitignore.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
