31 Commits

Author	SHA1	Message	Date
Benjamin Admin	35576fb6f8	feat(sidebar): CE-Compliance (IACE) als permanente Sektion — unabhaengig von ceMarkingRequired ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 17:39:47 +01:00
Benjamin Admin	f3ccfe5dcd	fix(ucca): Route-Konflikt :id vs :assessmentId — TOM-Controls Pfad geaendert ... GET /obligations/:id/tom-controls → GET /obligations/tom-controls/for-obligation/:obligationId Gin erlaubt keine unterschiedlichen Param-Namen auf demselben Pfad-Level. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 15:03:48 +01:00
Benjamin Admin	38e278ee3c	feat(ucca): Pflichtendatenbank v2 (325 Obligations), Trigger-Engine, TOM-Control-Mapping ... - 9 Regulation-JSON-Dateien (DSGVO 80, AI Act 60, NIS2 40, BDSG 30, TTDSG 20, DSA 35, Data Act 25, EU-Maschinen 15, DORA 20) - Condition-Tree-Engine fuer automatische Pflichtenselektion (all_of/any_of, 80+ Field-Paths) - Generischer JSONRegulationModule-Loader mit YAML-Fallback - Bidirektionales TOM-Control-Mapping (291 Obligation→Control, 92 Control→Obligation) - Gap-Analyse-Engine (Compliance-%, Priority Actions, Domain Breakdown) - ScopeDecision→UnifiedFacts Bridge fuer Auto-Profiling - 4 neue API-Endpoints (assess-from-scope, tom-controls, gap-analysis, reverse-lookup) - Frontend: Auto-Profiling Button, Regulation-Filter Chips, TOM-Panel, Gap-Analyse-View - 18 Unit Tests (Condition Engine, v2 Loader, TOM Mapper) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 14:51:44 +01:00
Benjamin Admin	308d559c85	feat: DSFA Section 8 KI-Anwendungsfälle + Bundesland RAG-Ingest ... - Migration 028: ai_use_case_modules JSONB + section_8_complete auf compliance_dsfas - Neues ai-use-case-types.ts: AIUseCaseModule Interface, 8 Typen, Art22Assessment, AI Act Risikoklassen, WP248-Kriterien, Privacy by Design, createEmptyModule() Helper - types.ts: Section 8 in DSFA_SECTIONS, ai_use_case_modules im DSFA Interface, section_8_complete in DSFASectionProgress - api.ts: addAIUseCaseModule, updateAIUseCaseModule, removeAIUseCaseModule - 5 neue UI-Komponenten: AIUseCaseTypeSelector, Art22AssessmentPanel, AIRiskCriteriaChecklist, AIUseCaseModuleEditor (7 Tabs), AIUseCaseSection - DSFASidebar: Section 8 Eintrag + calculateSectionProgress case 8 - ReviewScheduleSection: ai_use_case_module Trigger-Typ ergänzt - page.tsx: Section 8 Rendering + Weiter-Button auf activeSection < 8 + KI-Module Counter - scripts/ingest-dsfa-bundesland.sh: WP248 + alle 17 Behörden → bp_dsfa_corpus - Docs: dsfa.md Section 8 + RAG-Corpus, Developer Portal DSFA mit AI-Modul-Code-Beispielen Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-05 09:20:27 +01:00
Benjamin Admin	274dc68e24	feat: Drafting Agent Kompetenzbereich erweitert — alle 18 Dokumenttypen, Gap-Banner, Redirect-Logic ... - DOCUMENT_SDK_STEP_MAP: 12 kaputte URLs korrigiert (z.B. /sdk/loeschkonzept → /sdk/loeschfristen) - Go Backend: iace_ce_assessment zur validTypes-Whitelist hinzugefuegt - SOUL-Datei: von 17 auf ~80 Zeilen erweitert (18 draftbare Typen, Redirects, operative Module) - Intent Classifier: 10 fehlende Dokumenttyp-Patterns + 5 Redirect-Patterns (Impressum/AGB/Widerruf → Document Generator) - State Projector: getExistingDocumentTypes von 6 auf 11 Checks erweitert (risks, escalations, iace, obligations, dsr) - DraftingEngineWidget: Gap-Banner fuer kritische Luecken mit Analysieren-Button - Cross-Validation: 4 neue deterministische Regeln (DSFA-NO-VVT, DSFA-NO-TOM, DSI-NO-LF, AV-NO-VVT) - Prose Blocks: 5 neue Dokumenttypen (av_vertrag, betroffenenrechte, risikoanalyse, notfallplan, iace_ce_assessment) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 09:07:07 +01:00
Benjamin Admin	560bdfb7fd	feat: Agent Management Modul — SOUL-Editor, Dashboard, Architektur-Doku ... - SOUL-Dateien: System-Prompts aus Chat-Routen extrahiert nach agent-core/soul/*.soul.md - soul-reader.ts: Lese-/Schreib-API mit 30s TTL-Cache und Backup-Versionierung - agent-registry.ts: Statische Konfiguration der 2 Compliance-Agenten - 5 API-Routen: /api/sdk/agents (Liste, Detail, SOUL GET/PUT, Sessions, Statistiken) - 5 Frontend-Seiten: Dashboard, Detail mit SOUL-Editor, Architektur, Sessions, Statistiken - Sidebar: "Agenten" Link nach Architektur eingefügt - Wire-Up: compliance-advisor + drafting-engine lesen SOUL-Datei mit Fallback - Dockerfile: agent-core wird in Production-Image kopiert Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 16:53:36 +01:00
Benjamin Admin	c1a1ce8b71	feat: Katalogverwaltung ins Compliance SDK integriert (17 Kataloge) ... Bestehende Catalog-Manager-Komponenten in SDK-Routes eingebunden: - SDKState + Reducer um customCatalogs CRUD erweitert - Neue Route /sdk/catalog-manager mit CatalogManagerContent - Sidebar-Link "Kataloge" mit Database-Icon Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 14:27:20 +01:00
Benjamin Admin	1d9972b565	feat: Architektur-Uebersichtsseite — interaktiver Service-Graph mit ReactFlow ... 13 Services in 4 Schwimmbahnen (Frontend, Backend, Infrastructure, Data Sovereignty), Layer-Filter, DB/RAG/API-Toggles, Detail-Panel und Service-Tabelle. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 13:10:12 +01:00
Benjamin Admin	eca0855216	feat: Sidebar-Links fuer Developer Portal + SDK Dokumentation ... Externe Links oeffnen in neuem Tab mit Icon-Indikator. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 12:24:39 +01:00
Benjamin Admin	215b95adfa	refactor: Admin-Layout komplett entfernt — SDK als einziges Layout ... Kaputtes (admin) Layout geloescht (Role-Selection, 404-Sidebar, localhost-Dashboard). SDK-Flow nach /sdk/sdk-flow verschoben. Route-Gruppe (sdk) aufgeloest. Root-Seite redirected auf /sdk. ~25 ungenutzte Dateien/Verzeichnisse entfernt. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 11:43:00 +01:00
Benjamin Admin	119689ee9e	fix: Sidebar — MagicHelp (TrOCR) + Bildung & Schule Kategorie entfernt ... Diese Module gehoeren nur in den Admin Lehrer (macmini:3002), nicht ins Compliance Dashboard. Entfernt: Education Search, Zeugnisse-Crawler, Abitur-Archiv, Klausur-Korrektur, Magic Help. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 09:49:05 +01:00
Benjamin Admin	c0b179510d	feat: Package 4 Phase 3 — Finale Fixes + Dokumentation (MkDocs, SDK Flow, StepHeader) ... Finale Fixes (5 Bugs): - workflow/page.tsx: Array-Format-Fix fuer loadVersions — Array.isArray statt data.versions - einwilligungen_routes.py: ip_address + user_agent in GET /consents Response ergaenzt - consent/page.tsx: Bearbeiten/Vorschau/Veroeffentlichen + Quick Actions verdrahtet (useRouter + Preview Modal) - cookie-banner/page.tsx: BannerTexts State + Controlled Inputs + DB-Persistenz (banner_texts) - embed-code/route.ts: In-Memory configStorage → DB-fetch aus Backend, embed_code Key korrigiert Dokumentation: - docs-src/services/sdk-modules/rechtliche-texte.md: Neue MkDocs-Seite fuer Paket 4 (Einwilligungen, Rechtliche Vorlagen, Cookie Banner, Document Workflow) - mkdocs.yml: Nav-Eintrag 'Rechtliche Texte (Paket 4)' ergaenzt - dokumentations-module.md: Datenfluss-Diagramm um Paket-4-Module erweitert - flow-data.ts: Paket-4-Steps mit korrekten dbTables/dbMode und aktualisierten Beschreibungen - StepHeader.tsx: cookie-banner + workflow STEP_EXPLANATIONS auf Persistenz und Funktionsumfang aktualisiert Tests: 24/24 bestanden (test_einwilligungen_routes.py) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-03 10:37:41 +01:00
Benjamin Admin	34fc8dc654	feat: 6 Dokumentations-Module auf 100% — VVT Backend, Filter, PDF-Export ... Phase 1 — VVT Backend (localStorage → API): - migrations/006_vvt.sql: Neue Tabellen (vvt_organization, vvt_activities, vvt_audit_log) - compliance/db/vvt_models.py: SQLAlchemy-Models für alle VVT-Tabellen - compliance/api/vvt_routes.py: Vollständiger CRUD-Router (10 Endpoints) - compliance/api/__init__.py: VVT-Router registriert - compliance/api/schemas.py: VVT Pydantic-Schemas ergänzt - app/(sdk)/sdk/vvt/page.tsx: API-Client + camelCase↔snake_case Mapping, localStorage durch persistente DB-Calls ersetzt (POST/PUT/DELETE/GET) - tests/test_vvt_routes.py: 18 Tests (alle grün) Phase 3 — Document Generator PDF-Export: - document-generator/page.tsx: "Als PDF exportieren"-Button funktioniert jetzt via window.print() + Print-Window mit korrektem HTML - Fallback-Banner wenn Template-Service (breakpilot-core) nicht erreichbar Phase 4 — Source Policy erweiterte Filter: - SourcesTab.tsx: source_type-Filter (Rechtlich / Leitlinien / Vorlagen / etc.) - PIIRulesTab.tsx: category-Filter (E-Mail / Telefon / IBAN / etc.) - source_policy_router.py: Backend-Endpoints unterstützen jetzt source_type und category als Query-Parameter - requirements.txt: reportlab==4.2.5 ergänzt (fehlende Audit-PDF-Dependency) Phase 2 — Training (Migration-Skripte): - scripts/apply_training_migrations.sh: SSH-Skript für Mac Mini - scripts/apply_vvt_migration.sh: Vollständiges Deploy-Skript für VVT Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-02 17:14:58 +01:00
Benjamin Admin	7cc420bd9e	docs: Tests, MKDocs und SDK-Flow-Beschreibungen fuer Analyse-Module aktualisieren ... Backend-Tests fuer alle 7 Analyse-Module (Requirements CRUD, AI System CRUD + Assessment, Evidence Pagination, Risk Workflow). MKDocs um Analyse-Module-Seite erweitert. SDK-Flow flow-data.ts und StepHeader STEP_EXPLANATIONS mit neuen Features aktualisiert (CRUD, Pagination, Evidence-Linking, Residual Risk, AI Act Backend-Persistenz, PDF-Export). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-02 16:09:03 +01:00
Benjamin Admin	d079886819	feat: 7 Vorbereitungs-Module auf 100% — Frontend, Proxy-Routen, Backend-Fixes ... Profil: machineBuilder-Felder im POST-Body, PATCH-Handler Scope: API-Route (GET/POST), ScopeDecisionTab Props + Buttons, Export-Druckansicht HTML Anwendung: PUT-Handler, Bearbeiten-Button, Pagination/Search Import: Verlauf laden, DELETE-Route, Offline-Badge, ObjectURL Memory-Leak fix Screening: Security-Backlog Button verdrahtet, Scan-Verlauf Module: Detail-Seite, GET-Proxy, Konfigurieren-Button, Modul-erstellen-Modal, Error-Toast Quellen: 10 Proxy-Routen, Tab-Komponenten umgestellt, Dashboard-Tab, blocked_today Bug fix, Datum-Filter Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-02 15:08:13 +01:00
Benjamin Admin	f7a0b11e41	fix: Vorbereitung-Module auf 100% — Feld-Fixes, Backend-Persistenz, Endpoints ... - ScopeExportTab: 11 Feldnamen-Mismatches gegen ScopeDecision Interface korrigiert (level→determinedLevel, riskScore→risk_score, hardTriggers→triggeredHardTriggers, depthDescription→depth, effortEstimate→estimatedEffort, isMandatory→required, triggeredByHardTrigger→triggeredBy, effortDays→estimatedEffort) - Company Profile: GET vom Backend beim Mount, snake_case→camelCase, SDK State Fallback - Modules: Aktivierung/Deaktivierung ans Backend schreiben (activate/deactivate Endpoints) - Obligations: Explizites Fehler-Banner statt stiller Fallback bei Backend-Fehler - Source Policy: BlockedContentDB Model + GET /api/v1/admin/blocked-content Endpoint - Import: Offline-Modus Label fuer Backend-Fallback Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 12:02:40 +01:00
Benjamin Admin	80a988dc58	fix: SDK-Module Frontend-Backend-Mismatches beheben + fehlende Proxy-Routes ... - P0: enableBackendSync=true in SDKProvider aktiviert (PostgreSQL State-Persistenz) - P0: Source Policy 4 Tabs an Backend-Schema angepasst (is_active→active, data.logs→data.entries, is_allowed→allowed, rule_type→category, severity→action) - P0: OperationsMatrixTab holt jetzt Sources+Operations separat und joint client-side - P0: PIIRulesTab PII-Test auf client-side Regex umgestellt (kein Backend-Endpoint noetig) - P1: GET Proxy-Routes fuer Import, Screening und UCCA [id] (GET+DELETE) erstellt - P1: Compliance Scope ScopeOverviewTab/ScopeExportTab Prop-Interfaces erweitert - P2: Company Profile speichert jetzt auch zum dedizierten Backend-Endpoint - P2: UCCA Wizard von 5 auf 8 Steps erweitert (Rechtsgrundlage, Datentransfer, Vertraege) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 11:40:44 +01:00
Benjamin Admin	e6d666b89b	feat: Vorbereitung-Module auf 100% — Persistenz, Backend-Services, UCCA Frontend ... Phase A: PostgreSQL State Store (sdk_states Tabelle, InMemory-Fallback) Phase B: Modules dynamisch vom Backend, Scope DB-Persistenz, Source Policy State Phase C: UCCA Frontend (3 Seiten, Wizard, RiskScoreGauge), Obligations Live-Daten Phase D: Document Import (PDF/LLM/Gap-Analyse), System Screening (SBOM/OSV.dev) Phase E: Company Profile CRUD mit Audit-Logging Phase F: Tests (Python + TypeScript), flow-data.ts DB-Tabellen aktualisiert Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 11:04:31 +01:00
Benjamin Admin	a228b3b528	feat: add RAG corpus versioning and source policy backend ... Part 1 — RAG Corpus Versioning: - New DB table compliance_corpus_versions (migration 017) - Go CorpusVersionStore with CRUD operations - Assessment struct extended with corpus_version_id - API endpoints: GET /rag/corpus-status, /rag/corpus-versions/:collection - RAG routes (search, regulations) now registered in main.go - Ingestion script registers corpus versions after each run - Frontend staleness badge in SDK sidebar Part 3 — Source Policy Backend: - New FastAPI router with CRUD for allowed sources, PII rules, operations matrix, audit trail, stats, and compliance report - SQLAlchemy models for all source policy tables (migration 001) - Frontend API base corrected from edu-search:8088/8089 to backend-compliance:8002/api Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 07:58:08 +01:00
Benjamin Admin	0e932c0df8	feat(advisor): multi-collection RAG search + country filter (DE/AT/CH/EU) ... - Replace single DSFA corpus query with parallel search across 6 collections via RAG service (port 8097) - Add country parameter with metadata filter for bp_compliance_gesetze - Add country-specific system prompt section - Add DE/AT/CH/EU toggle buttons in ComplianceAdvisorWidget header Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-28 01:04:30 +01:00
Benjamin Admin	305a068354	feat(admin): add /api/admin/health endpoint for service status checks ... Create server-side health check API that probes actual compliance services (Backend, AI SDK, Ollama, TTS, Embedding, RAG, Qdrant, Valkey, MinIO) from within the Docker network. Replaces the non-existent endpoint that caused all services to show as offline. Also updates ServiceStatus component to list compliance-relevant services instead of lehrer services. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-26 10:56:06 +01:00
Benjamin Boenisch	03708d9e5b	feat(iace): sync IACE frontend, API routes, and scope engine updates from breakpilot-pwa ... - Add IACE project pages (classification, evidence, hazards, mitigations, monitoring, tech-file, verification) - Add IACE API catch-all route - Update compliance-scope-engine with IACE AI Act product triggers - Update compliance-scope-types, navigation, roles, and sidebar for IACE - Update company-profile page	2026-02-25 23:03:03 +01:00
Benjamin Boenisch	3efa391de5	feat(sdk): add global seq numbering and visibleWhen for SDK flow navigation ... Fix interleaved step ordering by introducing global sequence numbers (100-4700) instead of package-relative order. Add conditional visibility (visibleWhen) for optional steps like Import and DSFA. Fix TOM/workflow prerequisite bugs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-25 22:26:40 +01:00
Benjamin Boenisch	16e3c251cc	fix(admin): tune chat params, add Training sidebar link, fix reporting API keys ... - Reduce chat history from 10 to 6 messages to fit context window - Lower num_predict from 8192 to 2048 for faster responses - Add Training module link to SDK sidebar navigation - Add snake_case to camelCase key transformation for reporting API (Go backend returns snake_case, TypeScript expects camelCase) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 23:46:19 +01:00
Benjamin Boenisch	375914e568	feat(training): add Media Pipeline — TTS Audio, Presentation Video, Bulk Generation ... Phase A: 8 new IT-Security training modules (SEC-PWD, SEC-DESK, SEC-KIAI, SEC-BYOD, SEC-VIDEO, SEC-USB, SEC-INC, SEC-HOME) with CTM entries. Bulk content and quiz generation endpoints for all 28 modules. Phase B: Piper TTS service (Python/FastAPI) for local German speech synthesis. training_media table, TTSClient in Go backend, audio generation endpoints, AudioPlayer component in frontend. MinIO storage integration. Phase C: FFmpeg presentation video pipeline — LLM generates slide scripts, ImageMagick renders 1920x1080 slides, FFmpeg combines with audio to MP4. VideoPlayer and ScriptPreview components in frontend. New files: 15 created, 9 modified - compliance-tts-service/ (Dockerfile, main.py, tts_engine.py, storage.py, slide_renderer.py, video_generator.py) - migrations 014-016 (training engine, IT-security modules, media table) - training package (models, store, content_generator, media, handlers) - frontend (AudioPlayer, VideoPlayer, ScriptPreview, api, types, page) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 21:45:05 +01:00
Benjamin Boenisch	7a09086930	feat(gci): add Gesamt-Compliance-Index scoring engine and dashboard ... Implements the 4-level GCI scoring model (Module -> Risk-Weighted -> Regulation Area -> Final GCI) with DSGVO, NIS2, ISO 27001, and EU AI Act integration. Backend: - 9 Go files: engine, models, weights, validity, NIS2 roles/scoring, ISO mapping/gap-analysis, mock data - GCI handlers with 13 API endpoints under /sdk/v1/gci/ - Routes registered in main.go Frontend: - TypeScript types, API client, Next.js API proxy - Dashboard page with 6 tabs (Overview, Breakdown, NIS2, ISO 27001, Matrix, Audit Trail) - Sidebar navigation entry Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-15 22:20:17 +01:00
Benjamin Boenisch	dccb3e9f36	feat: add reporting frontend, fix module categorization, update docs ... - Create Reporting module frontend (page.tsx) with executive dashboard showing compliance score, risk overview, deadlines, module KPIs - Create Reporting lib (types.ts, api.ts) matching Go backend models - Add Reporting to STEP_EXPLANATIONS and both SDK sidebars - Remove DSB Portal, Multi-Tenant, SSO from SDK sidebars (admin-only) - Add Multi-Tenant, SSO, DSB Portal to dashboard navigation.ts with 'Plattform-Verwaltung' subgroup - Update docs: academy.md (PDF certs), reporting.md (new), index.md (SDK vs Admin categorization), mkdocs.yml (all modules) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-15 01:03:53 +01:00
Benjamin Boenisch	f1b9e585e6	fix: add missing STEP_EXPLANATIONS and sidebar entries for new SDK modules ... Add STEP_EXPLANATIONS for academy, whistleblower, incidents, dsb-portal, industry-templates, multi-tenant, sso, document-crawler, advisory-board to fix client-side crashes. Add all new modules to Zusatzmodule section in both SDKSidebar and SDKPipelineSidebar (FAB). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-14 22:46:12 +01:00
Benjamin Boenisch	d9c13c947b	refactor(admin-compliance): Rename to Admin Compliance ... Rename Admin v2 to Admin Compliance in sidebar, header, and browser title. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-12 20:01:20 +01:00
Benjamin Boenisch	c11270f8e0	Add CLAUDE.md, MkDocs docs, docs page in admin, .claude/rules ... - CLAUDE.md: Comprehensive documentation for Compliance SDK platform - docs-src: AI-Compliance-SDK docs (architecture, developer, auditor, SBOM) - mkdocs.yml: Compliance-specific nav with purple theme - docker-compose: Added docs service (port 8011, profile: docs) - admin-compliance: New /development/docs page with iframe + quick links - navigation.ts: Added development category with docs module - .claude/rules: testing, docs, open-source, compliance-checklist Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-12 00:49:28 +01:00
Benjamin Boenisch	4435e7ea0a	Initial commit: breakpilot-compliance - Compliance SDK Platform ... Services: Admin-Compliance, Backend-Compliance, AI-Compliance-SDK, Consent-SDK, Developer-Portal, PCA-Platform, DSMS Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-11 23:47:28 +01:00