Both DocCheckTab and BannerCheckTab now:
- Store full scan results per history entry in localStorage
- History entries are clickable — loads the saved result immediately
- No need to re-scan to see old results
- Fallback to last result if specific entry not found
- Banner-Check sends HTML email report to mailpit
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1. localStorage Persistenz: URL, letztes Ergebnis, Historie (30 Eintraege)
2. Historie: Zeigt URL, Datum, Provider, Violations, Prozent
3. Letztes Ergebnis bleibt nach Tab-Wechsel/Reload sichtbar
4. E-Mail-Report: HTML-formatiert mit Violations + Hints an mailpit
5. Email-Status Anzeige im Frontend
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Explains why companies must buy norms their own employees wrote,
and the 2024 EuGH ruling that harmonised standards are EU law
and must be freely accessible.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add withdrawn/valid_until/replaced_by to Norm interface
- Add Status filter (Aktiv/Zurueckgezogen) — defaults to "Aktiv"
- Withdrawn norms hidden by default, viewable via filter
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The /banner-check endpoint is synchronous (Playwright completes in
<30s and returns result directly). Removed unused async polling loop
that would never match since no scan_id is returned.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Explains current status: no harmonised standards published under
(EU) 2023/1230 yet, ~800 from old directive still valid. Timeline
from June 2023 to January 2027 full application.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
5 FAQ items covering:
- What happens when companies are sued (4 enforcement paths)
- How document checks work (3-step process)
- Which document types are checked (7 types, 138 checks)
- How reliable results are (0 false positives, LLM verification)
- What GDPR violations cost in practice (fine tiers + examples)
Includes EuGH rulings (C-300/21, C-319/20), CNIL fine examples,
and practical cost ranges.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Hazard Log: Top 2 relevante Normen pro Kategorie unter dem Kategorie-Badge
- Massnahmen: Normen-Referenzen aus measures_library inline anzeigen
- Navigation: Neuer Normenrecherche-Tab (zwischen Grenzen und Komponenten)
- Normenrecherche-Seite: SuggestedNorms + A/B/C Erklaerung
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SuggestEvidenceModal: Suchfeld + max 20 Ergebnisse statt alle Kacheln
- Verification page: Mitigations nur on-demand laden (nicht beim Seitenstart)
- Deutlich schnellerer Seitenaufbau
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New "Banner-Check" tab with:
- URL input → Playwright 3-phase test (before/reject/accept)
- Shield icon + provider detection
- Progress bar with pass/fail percentage
- 3-phase summary (cookies + scripts per phase)
- Violations (red) and passes (green) in structured list
Backend: new POST /api/compliance/agent/banner-check endpoint
that proxies to consent-tester:8094/scan.
Next step: Upgrade banner checks to L1/L2 format with expert
hints (same quality as document checks).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Uebersicht: Nur noch 2 leichte API-Calls statt 4 (risk-summary statt alle Hazards/Mitigations laden)
- RiskAssessmentTable: Gefaehrdungs-Spalte min-w-[250px] statt max-w-[200px], kein truncate mehr
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- CustomHazardModal: Eigene Gefaehrdung erstellen mit S/E/P/A Slidern
- ResidualRiskPanel: Akzeptabel-Toggle pro Hazard + Fortschrittsbalken
- RiskAssessmentTable: Accept/Reject Buttons pro Zeile integriert
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
API liefert verschachteltes Format (trigger.regulation),
Frontend erwartete flaches Format. Mapping eingefuegt.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Automatische Erkennung von DSGVO/AI Act/CRA/NIS2/Data Act
Implikationen bei CE-Gefaehrdungen. 50 Trigger-Mappings auf
Hazard-Patterns → Compliance-Module mit Modul-Links.
- compliance_triggers.go: 50 Pattern→Regulation Mappings
- compliance_crossover.go: Engine die Projekt-Hazards gegen Trigger prueft
- iace_handler_compliance.go: GET /compliance-triggers API
- ComplianceAlerts.tsx: Frontend Alert-Panel auf Projekt-Uebersicht
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Each check now has a "hint" field explaining what is missing and
what the customer should do to fix it. Hints are shown in the
frontend below failed checks in red text.
Examples:
- "Bei Verarbeitung auf Basis von Art. 6(1)(f) muss dokumentiert
werden, warum Ihr berechtigtes Interesse die Rechte der
Betroffenen ueberwiegt."
- "Die ladungsfaehige Anschrift fehlt. Erforderlich: Strasse,
Hausnummer, PLZ und Ort."
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
L2 checks were hidden behind a second click on L1 items.
Now they render inline below their L1 parent, always visible
when the document card is expanded.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Local origin is 20+ commits ahead of remote gitea. All conflicts
resolved by keeping HEAD (our version) which includes the full
56→138 check expansion and doc_checks package split.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New "Dokumenten-Pruefung" tab in Compliance Agent:
- User adds multiple URLs with document type (DSI, AGB, Impressum, Cookie, Widerruf)
- Each document loaded via Playwright, accordions expanded, text extracted
- Checked against type-specific legal checklist
- Optional: Cookie banner check via checkbox
Checklisten-UX (solves "100% looks like nothing was checked"):
- All checks shown per document: green checkmark + matched text excerpt
- Red X for missing fields with legal reference
- Builds user trust: "9 Punkte geprueft, alle bestanden"
- Expandable per document with completeness bar
New checklists:
- Impressum: §5 TMG (6 fields: name, address, contact, register, VAT, representative)
- Cookie-Richtlinie: §25 TDDDG (5 fields: types, purposes, retention, third-party, opt-out)
Backend:
- POST /agent/doc-check — async with polling (same pattern as /scan)
- DocCheckResult includes checks[] with passed/failed + matched_text
- dsi_document_checker returns all_checks in SCORE finding
- Email report shows per-document checklist
Files: agent_doc_check_routes.py (280 LOC), DocCheckTab.tsx (248 LOC),
ChecklistView.tsx (130 LOC), dsi_document_checker.py (+70 LOC)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Each scan is a separate entry so users can track changes over time.
Increased max entries from 20 to 50.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- localStorage-based scan history (persists across sessions)
- Each completed scan adds entry: URL, timestamp, findings count, docs count
- 'Letzte Scans' section below results shows clickable history entries
- Click loads URL into form (and shows cached result if same URL)
- Max 20 entries, deduplicates by URL (latest scan wins)
- History visible in 'Website-Scan' tab
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- URL, mode, tab, scan result persisted in localStorage
- Active scan_id stored — polling resumes when returning to page
- Scan results survive navigation to other SDK modules
- 'Scan laeuft noch...' shown when returning to in-progress scan
- Cleans up localStorage when scan completes or fails
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
DSI Dedup (consent-tester):
- Only H1/H2 headings count as documents (not H3/H4 sub-sections)
- Sub-sections (Cookies, Betroffenenrechte, Social Media) are part of
parent document's full text, not separate documents
- Reduces IHK result from 30 to ~11 real documents
Backend (agent_scan_routes):
- ScanFinding gets doc_title field linking each finding to its document
- doc_title set when creating DSI findings for document attribution
Frontend (ScanResult.tsx):
- 3 sections: Services table, Document cards, General findings
- Documents: expandable cards with completeness bar (green/yellow/red)
- Findings grouped under their parent document
- Each card shows: title, word count, findings count, % completeness
- Findings without doc_title go to "Allgemeine Findings" section
Email Summary (agent_scan_helpers):
- Findings listed under their parent document
- General findings in separate section
- No more flat mixed list
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- scanProgress state tracks live progress (not mixed into scanData)
- ScanResult only renders when scanData.services exists (prevents crash)
- Purple progress bar with spinner shows current step during scan
- Fixes: TypeError 's.services.filter' when progress data set as scanData
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
CE-Risikobeurteilung Datenerfassung mit 3 wählbaren Eingabe-Modi:
1. Interview-Modus (Chat-artig): Fragen werden nacheinander gestellt
wie im Kundengespräch. Antwort-Historie sichtbar.
2. Wizard-Modus: Schritt-für-Schritt durch 8 Sektionen.
3. Formular-Modus: Alle Sektionen als Accordion auf einer Seite.
20 strukturierte Fragen in 8 Abschnitten:
- Maschinenbeschreibung (Name, Typ, Baugruppen)
- Lebensphasen (Betrieb, Einrichten, Wartung)
- Bestimmungsgemäße Verwendung
- Vorhersehbare Fehlanwendung
- Qualifikation der Benutzer
- Räumliche/Zeitliche Grenzen
- Technische Daten (Kräfte, Spannungen, Temperaturen, Drehzahlen)
- Umgebungsbedingungen
answersToNarrativeText() konvertiert alle Antworten in den Freitext
der an POST /parse-narrative gesendet wird.
Ergebnis-Panel zeigt: Komponenten, Gefahren, Patterns, Energiequellen.
URL: /sdk/iace/[projectId]/interview
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Benjamin Admin