Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
220 Commits 2 Branches 0 Tags
b1a0dd36157666efbf7db0ad82ef2567daefd6bb
Commit Graph

220 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Admin
b1a0dd3615 docs: SDK-Flow, MkDocs und Entwicklerdoku aktualisieren
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 36s
Details
CI / test-python-backend-compliance (push) Successful in 40s
Details
CI / test-python-document-crawler (push) Successful in 24s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
- flow-data.ts: Profil-Summary und Use-Case-Wizard-Details dokumentiert
- stammdaten.md: Step 99 Summary-Seite dokumentiert, Dokumente-generieren entfernt
- vorbereitung-module.md: UCCA 8-Schritte-Wizard mit Kachel-UI dokumentiert

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 22:30:31 +01:00
Benjamin Admin
6e7d0d9b14 feat(sdk): Profil-Summary + Use-Case-Workshop komplett auf Kachel-UI umstellen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 38s
Details
CI / test-python-backend-compliance (push) Successful in 41s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 22s
Details 
- Profil: Summary-Seite (Step 99) nach Abschluss statt direkter Sprung zu Scope
- Profil: "Dokumente generieren" Block entfernt
- Use Cases Step 1: Branche aus Profil auto-abgeleitet, 21 KI-Kategorien als Kacheln
- Use Cases Step 2: ~60 Datenkategorien in 10 Gruppen als Kacheln (Art. 9 orange)
- Use Cases Step 3: Rechtsgrundlage entfernt (SDK ermittelt), 16 Zweck-Kacheln
- Use Cases Step 4: Automatisierungsgrad als Single-Select-Kacheln
- Use Cases Step 5: Hosting/Region/Modellnutzung als Kacheln statt Dropdowns
- Use Cases Step 6: Transfer-Ziele + Mechanismus als Kacheln statt Checkbox/Dropdown
- Use Cases Step 7: Aufbewahrungsdauer als Kacheln statt Zahlenfeld
- Use Cases Step 8: Compliance-Dokumente als Multi-Select-Kacheln

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 19:03:47 +01:00
Benjamin Admin
24afed69c1 Fix Scope evaluation crash: align property names between engine, types, and components
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 39s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 25s
Details 
The engine used short property names (risk, complexity, assurance, composite) while
the ComplianceScores interface defined (risk_score, complexity_score, assurance_need,
composite_score). Components used yet another convention (riskScore, level, hardTriggers).
The main crash was DEPTH_LEVEL_COLORS[decision.level] where decision.level was undefined
(correct property: decision.determinedLevel).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 16:47:01 +01:00
Benjamin Admin
579fe1b5e1 fix(scope): Evaluierung crasht (answerValue→value), Profil-Persistenz, Block-Umbenennungen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 36s
Details
CI / test-python-backend-compliance (push) Successful in 42s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 25s
Details 
- compliance-scope-engine: answerValue→value (Property existierte nicht, Crash bei Evaluierung)
- company-profile: saveProfileDraft synct jetzt Redux-State (Daten bleiben bei Navigation)
- Scope-Bloecke umbenannt: Kunden & Nutzer, Datenverarbeitung, Hosting & Verarbeitung, Website und Services
- org_cert_target + data_volume als Hidden Scoring Questions (Duplikate entfernt)
- ai_risk_assessment: boolean→single mit Ja/Nein/Noch nicht
- 6 neue Abteilungs-Datenkategorien: IT, Recht, Produktion, Logistik, Einkauf, Facility

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 16:33:59 +01:00
Benjamin Admin
ee6743c7c6 chore: Test-Artefakte (.coverage, test_*.db) zur .gitignore hinzufuegen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 50s
Details
CI / test-python-backend-compliance (push) Successful in 42s
Details
CI / test-python-document-crawler (push) Successful in 26s
Details
CI / test-python-dsms-gateway (push) Successful in 26s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 15:59:44 +01:00
Benjamin Admin
a6818b39c5 feat(scope+vvt): Datenkategorien in Scope Block 9 verschieben, VVT Generator-Tab entfernen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 36s
Details
CI / test-python-backend-compliance (push) Successful in 36s
Details
CI / test-python-document-crawler (push) Successful in 26s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
- ScopeQuestionBlockId um 'datenkategorien_detail' erweitert
- Block 9 mit 6 Abteilungs-Datenkategorie-Fragen (dk_dept_hr, dk_dept_recruiting, etc.)
- ScopeWizardTab: aufklappbare Kacheln fuer Block 9, gefiltert nach Block 8 Abteilungswahl
- VVT: Generator-Tab komplett entfernt (3 statt 4 Tabs)
- VVT Verzeichnis: "Aus Scope-Analyse generieren" Button mit Preview + Uebernehmen

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 14:47:20 +01:00
Benjamin Admin
e3fb81fc0d feat(vvt): Aufklappbare Abteilungskacheln mit Datenkategorien + Wiki-Infoboxen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 24s
Details
CI / test-python-dsms-gateway (push) Successful in 23s
Details 
Step 2 im VVT-Generator: Ja/Nein-Buttons durch expandierbare Kacheln ersetzt.
Pro Abteilung werden typische Datenkategorien als Checkboxen angezeigt (isTypical
vorausgefuellt), Art. 9 Kategorien orange hervorgehoben mit DSGVO-Warnung.
7 neue Wiki-Artikel fuer Datenkategorien pro Geschaeftsbereich (HR, Finanzen,
Vertrieb, Marketing, Support, IT, Produktion).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 13:11:00 +01:00
Benjamin Admin
3512963006 fix(compliance-scope): Race Condition bei State-Persistenz beheben
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 24s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
SDK Context laedt State asynchron vom Server. Die Page las bei Mount
sdkState.complianceScope (noch null), fiel auf leeres localStorage
zurueck, und der Save-Effect ueberschrieb dann den echten State mit
leeren Daten. Fix: sdkState.complianceScope wird jetzt reaktiv
beobachtet, und leere States werden nie zurueckgeschrieben.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 12:11:36 +01:00
Benjamin Admin
85b3cc3421 fix(company-profile): CE-Kennzeichnung und Pruefzyklus entfernen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 37s
Details
CI / test-python-backend-compliance (push) Successful in 36s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
CE-Kennzeichnung aus Zertifizierungsliste entfernt und den Pruefzyklus-
Abschnitt aus dem Legal-Framework-Step entfernt, da beides nicht relevant.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 11:50:25 +01:00
Benjamin Admin
f6019ecba9 feat(compliance-scope): Pflicht/Optional-Klassifikation, offene Fragen sichtbar + Navigation
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 37s
Details
CI / test-python-backend-compliance (push) Successful in 35s
Details
CI / test-python-document-crawler (push) Successful in 26s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
Block-Sidebar zeigt gruen/orange Status pro Block, klickbare Zusammenfassung
offener Pflichtfragen unter dem Fortschrittsbalken, und visuelles Highlighting
(linker Rand) fuer unbeantwortete Pflichtfragen. Sidebar-Haken wird gesetzt
wenn alle Pflichtfragen beantwortet und Auswertung vorhanden.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 11:45:46 +01:00
Benjamin Admin
1f91e05600 fix+test+docs: Archivierte Projekte, Vitest-Tests & Regulations-Doku
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 38s
Details
CI / test-python-backend-compliance (push) Successful in 39s
Details
CI / test-python-document-crawler (push) Successful in 26s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
- fix(ProjectSelector): Archivierte Projekte anklickbar machen, doppelten
  "Neues Projekt" Button entfernen
- test: 32 Vitest-Tests fuer scope-to-facts und supervisory-authority-resolver
- docs(flow-data): Scope-Step outputs + Obligations inputs erweitert
- docs(developer-portal): Feature-Highlight "Automatische Regulierungs-Ableitung"
- docs(mkdocs): Neuer Abschnitt Regulierungs-Ableitung in obligations.md

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 11:07:35 +01:00
Benjamin Admin
3c0c1e49da feat(company-profile): Branchen-Erweiterung, Multi-Select & Zertifizierungen 
Multi-Branche-Auswahl im CompanyProfile, erweiterte allowed-facts fuer
Drafting Engine, Demo-Daten und TOM-Generator Anpassungen.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 11:03:21 +01:00
Benjamin Admin
5da93c5d10 feat(regulations): Automatische Ableitung anwendbarer Gesetze & Aufsichtsbehoerden
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
Nach Abschluss von Profil + Scope werden jetzt automatisch die anwendbaren
Regulierungen (DSGVO, NIS2, AI Act, DORA) ermittelt und die zustaendigen
Aufsichtsbehoerden (Landes-DSB, BSI, BaFin) aus Bundesland + Branche abgeleitet.

- Neues scope-to-facts.ts: Mapping CompanyProfile+Scope → Go SDK Payload
- Neues supervisory-authority-resolver.ts: 16 Landes-DSB + nationale Behoerden
- ScopeDecisionTab: Regulierungs-Report mit Aufsichtsbehoerden-Karten
- Obligations-Seite: Echte Daten statt Dummy in handleAutoProfiling()
- Neue Types: ApplicableRegulation, RegulationAssessmentResult, SupervisoryAuthorityInfo

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 10:29:24 +01:00
Benjamin Admin
fa4cda7627 refactor(scope+profile): Duplikate eliminieren, UI vereinheitlichen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 36s
Details
CI / test-python-backend-compliance (push) Successful in 35s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
- Profil: Steps 6 (VVT) + 7 (KI) entfernt, nach Scope verschoben
- Profil: Steps 9→7 renummeriert (Rechtlicher Rahmen→6, Maschinenbau→7)
- Profil: Branche + Jahresumsatz von Dropdown auf Tile-Grid umgestellt
- Profil: usesAI/aiUseCases aus CompanyProfile Interface entfernt
- Scope: 5 Duplikate aus Block 1 entfernt (Branche, MA, Umsatz, Modell, DSB)
- Scope: 2 Duplikate aus Block 6 entfernt (Angebote, Webshop)
- Scope: Block 7 (KI-Systeme) + Block 8 (VVT) neu hinzugefuegt
- Scope: "Aus Profil" Info-Box zeigt Profildaten in betroffenen Blocks
- Scope: Hidden Scoring fuer entfernte Fragen bleibt erhalten via Auto-Fill

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 08:52:09 +01:00
Benjamin Admin
90d99bba08 feat(use-case-workshop): UCCA-Ergebnis-Panel nach Abschluss anzeigen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
Nach Wizard-Abschluss wird ein Ergebnis-Panel angezeigt:
- Bei UCCA-API-Erfolg: AssessmentResultCard mit Regeln, Kontrollen, Architektur
- Bei API-Fehler: Lokale Risikobewertung mit Score, Massnahmen, Regulations
- Badge zeigt Quelle (API vs Lokal)
- Nutzer kann Ergebnis pruefen bevor "Use Case speichern" geklickt wird

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 08:06:43 +01:00
Benjamin Admin
2c35775b44 feat(use-case-workshop): 8-Schritt-Wizard mit UCCA-API-Integration
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 34s
Details
CI / test-python-backend-compliance (push) Successful in 38s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 24s
Details 
Workshop von 5 auf 8 Schritte erweitert: Datenkategorien (Art.9, Sonstige),
Verarbeitungszweck (Rechtsgrundlage), Technologie (Glossar, Modell-Nutzung),
Automatisierung (Beispiele, Art.22), Hosting/Transfer, Datenhaltung/Vertraege,
Zusammenfassung mit automatischer Risikobewertung und UCCA-API-Aufruf.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 07:56:01 +01:00
Benjamin Admin
aaf95cf894 feat(use-case-wizard): Sonstige Datentypen, bessere Erklaerungen und Glossar
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 51s
Details
CI / test-python-backend-compliance (push) Successful in 40s
Details
CI / test-python-document-crawler (push) Successful in 26s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
- Step 2: Dynamische Textfelder fuer eigene Datentypen (Kennzeichen, VIN etc.)
- Step 4: Konkrete Beispiele fuer Automatisierungsgrade + Art. 22 DSGVO Info
- Step 5: Ausfuehrliche Erklaerungen mit Beispielen + aufklappbares Glossar (ML, DL, NLP, LLM, RAG, Fine-Tuning)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 07:24:05 +01:00
Benjamin Admin
9f41ed4f8e fix: CREATE audit table IF NOT EXISTS before ALTER in migration 042
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 39s
Details
CI / test-python-backend-compliance (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 22s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 23:54:20 +01:00
Benjamin Admin
e7fab73a3a fix(company-profile): Projekt-aware Persistenz — Daten werden jetzt pro Projekt gespeichert
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 36s
Details
CI / test-python-backend-compliance (push) Successful in 35s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
Problem: Company Profile nutzte hartcodiertes tenant_id=default ohne project_id.
Beim Wechsel zwischen Projekten wurden immer die gleichen (oder keine) Daten geladen.

Aenderungen:
- Migration 042: project_id Spalte + UNIQUE(tenant_id, project_id) Constraint,
  fehlende Spalten (offering_urls, Adressfelder) nachgetragen
- Backend: Alle Queries nutzen WHERE tenant_id + project_id IS NOT DISTINCT FROM
- Proxy: project_id Query-Parameter wird durchgereicht
- Frontend: projectId aus SDK-Context, profileApiUrl() Helper fuer alle API-Aufrufe
- "Weiter" speichert jetzt immer den Draft (war schon so, ging aber ins Leere)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 23:48:15 +01:00
Benjamin Admin
f8917ee6fd fix(company-profile): Religion-Label und Art.9-Duplikate bereinigen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 33s
Details
CI / test-python-document-crawler (push) Successful in 28s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
- "Religioese Ueberzeugungen" → "Religion" umbenannt (Konfession ≠ Ueberzeugung)
- Gesundheit/Religion aus Lohnbuchhaltung art9_relevant entfernt,
  da bereits in Personalverwaltung erfasst (keine Doppelabfrage)
- Info-Texte angepasst mit Hinweis auf Personalverwaltung

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 23:30:52 +01:00
Benjamin Admin
51a208a2e1 feat(company-profile): KI-Systeme als eigener Wizard-Schritt mit Vorlagen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 34s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
Schritt 6 (Verarbeitung & KI) aufgeteilt: Step 6 zeigt nur noch
Verarbeitungstaetigkeiten, Step 7 ist ein neuer KI-Systeme-Schritt mit
18 vorgefertigten Vorlagen in 7 Kategorien (Text-KI, Office, Code, Bild,
Uebersetzung, CRM, Intern). Jede Vorlage hat anklickbare Einsatzzweck-Chips,
Datenschutz-Warnhinweise und vorausgefuellte Felder. Link zum AI-Act-Modul
am Ende des Schritts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 23:06:23 +01:00
Benjamin Admin
1c59996f32 feat(wiki): Enrich wiki with DACH court decisions and 18 new articles 
- Update all 10 existing articles with real source URLs (EuGH, BAG, DSK, BfDI)
- Add 18 new articles covering:
  - EuGH C-184/20 (wide interpretation Art. 9)
  - EuGH C-667/21 (cumulative legal basis)
  - EuGH C-34/21 (§26 BDSG unconstitutional)
  - EuGH C-634/21 (SCHUFA scoring)
  - EuGH C-582/14 (IP addresses as personal data)
  - Biometric data, indirect Art. 9 data in daily practice
  - Retention periods overview
  - Video surveillance and GPS tracking at workplace
  - Communication data (email/chat, Fernmeldegeheimnis)
  - Financial data, PCI DSS, SEPA
  - Minors (Art. 8 DSGVO)
  - Austria DSG specifics, Switzerland revDSG
  - AI training data and GDPR/AI Act
  - "Forced" special categories
- Add 3 new categories (EuGH-Leiturteile, Aufbewahrungsfristen, DACH-Besonderheiten)
- Add code block rendering to markdown renderer
- Add Clock, Globe, Gavel icons to icon map
- Total: 11 categories, 28 articles, all with verified source URLs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 20:43:23 +01:00
Benjamin Admin
61064fdcba fix: Cast empty ARRAY[] to text[] in wiki migration 
PostgreSQL requires explicit type cast for empty array literals.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 20:12:54 +01:00
Benjamin Admin
11d4c2fd36 feat: Add Compliance Wiki as internal admin knowledge base 
Migration 040 with wiki_categories + wiki_articles tables, 10 seed
articles across 8 categories (DSGVO, Art. 9, AVV, HinSchG etc.).
Read-only FastAPI API, Next.js proxy, and two-column frontend with
full-text search.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 20:01:27 +01:00
Benjamin Admin
3d22935065 feat(company-profile): Datenkategorien-Infoboxen, AVV-Hinweise, Qualifikationsdaten
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 34s
Details
CI / test-python-backend-compliance (push) Successful in 32s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 23s
Details 
- Info-Tooltips fuer alle Datenkategorien mit typischen Beispieldaten
- Neue Kategorie: Qualifikations-/Schulungsdaten (Fortbildungen, Zertifikate)
- Externer Dienstleister bei Lohn-/Gehaltsabrechnung (AVV-relevant)
- Externer Dienstleister bei Website-Betrieb (AVV nach Art. 28 DSGVO)
- Arbeitszeiterfassung als Pflicht markiert (§3 ArbZG)
- Gesundheitsdaten-Abgrenzung: Krankenkassenname ist KEIN Art. 9 Datum
- Bewerbermanagement: Religion als Art. 9 ergaenzt
- Online-Shop/SaaS Beschreibungen praezisiert + Warnbanner bei Doppelauswahl
- Rechtsgrundlage aus Firmenprofil entfernt (gehoert in VVT-Schritt)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 18:26:49 +01:00
Benjamin Admin
09cfb79840 feat: Projekt-Verwaltung verbessern — Archivieren, Loeschen, Wiederherstellen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 38s
Details
CI / test-python-document-crawler (push) Successful in 24s
Details
CI / test-python-dsms-gateway (push) Successful in 24s
Details 
- Backend: Restore-Endpoint (POST /projects/{id}/restore) und
  Hard-Delete-Endpoint (DELETE /projects/{id}/permanent) hinzugefuegt
- Frontend: Dreistufiger Dialog (Archivieren / Endgueltig loeschen mit
  Bestaetigungsdialog) statt einfachem Loeschen
- Archivierte Projekte aufklappbar in der Projektliste mit
  Wiederherstellen-Button
- CustomerTypeSelector entfernt (redundant seit Multi-Projekt)
- Default tenantId von 'default' auf UUID geaendert (Backend-400-Fix)
- SQL-Cast :state::jsonb durch CAST(:state AS jsonb) ersetzt (SQLAlchemy-Fix)
- snake_case/camelCase-Mapping fuer Backend-Response (NaN-Datum-Fix)
- projectInfo wird beim Laden vom Backend geholt (Header zeigt Projektname)
- API-Client erzeugt sich on-demand (Race-Condition-Fix fuer Projektliste)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 17:48:02 +01:00
Benjamin Admin
d53cf21b95 docs: Projekt-API in API-Docs, Developer Portal + MKDocs ergaenzen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 38s
Details
CI / test-python-backend-compliance (push) Successful in 1m0s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
- endpoints.ts: Neues Modul "Projekte — Multi-Projekt-Verwaltung" (5 Endpoints)
- Developer Portal: projectId im Beispiel-Code, Multi-Projekt als Feature
- multi-tenancy.md: Verweis auf multi-project.md + neue Tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 15:59:27 +01:00
Benjamin Admin
0c83e765d9 fix(sdk): show Header + Sidebar on project list page too
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 31s
Details
CI / test-python-backend-compliance (push) Successful in 35s
Details
CI / test-python-document-crawler (push) Successful in 22s
Details
CI / test-python-dsms-gateway (push) Successful in 20s
Details 
The ProjectSelector page now renders inside the standard SDK layout
with header, sidebar and navigation — consistent with all other pages.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 15:24:17 +01:00
Benjamin Admin
9b59044663 fix(proxy): correct backend URL path to /api/compliance/v1/projects
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 33s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 24s
Details
CI / test-python-dsms-gateway (push) Successful in 27s
Details 
The backend routes are nested under /api/compliance/ prefix, not /api/.
Also includes Suspense boundary fix for useSearchParams in layout.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 15:11:59 +01:00
Benjamin Admin
d787e58341 fix(migration): handle missing sdk_states table in migration 039
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 31s
Details
CI / test-python-backend-compliance (push) Successful in 32s
Details
CI / test-python-document-crawler (push) Successful in 22s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
The sdk_states table may not exist yet if no state has been saved via
the frontend. Wrap sdk_states alterations in a conditional DO block.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 15:06:06 +01:00
Benjamin Admin
4b778f2f85 fix(sdk): wrap useSearchParams in Suspense boundary for Next.js 15
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 35s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 22s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 14:59:30 +01:00
Benjamin Admin
0affa4eb66 feat(sdk): Multi-Projekt-Architektur — mehrere Projekte pro Tenant
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 33s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
Jeder Tenant kann jetzt mehrere Compliance-Projekte anlegen (z.B. verschiedene
Produkte, Tochterunternehmen). CompanyProfile ist pro Projekt kopierbar und
danach unabhaengig editierbar. Multi-Tab-Support via separater BroadcastChannel
und localStorage Keys pro Projekt.

- Migration 039: compliance_projects Tabelle, sdk_states.project_id
- Backend: FastAPI CRUD-Routes fuer Projekte mit Tenant-Isolation
- Frontend: ProjectSelector UI, SDKProvider mit projectId, URL ?project=
- State API: UPSERT auf (tenant_id, project_id) mit Abwaertskompatibilitaet
- Tests: pytest fuer Model-Validierung, Row-Konvertierung, Tenant-Isolation
- Docs: MKDocs Seite, CLAUDE.md, Backend README

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 14:53:50 +01:00
Benjamin Admin
d3fc4cdaaa feat(sdk): Logo-Navigation, stabile Versionsnummer V001 + Firmenname im Header
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 45s
Details
CI / test-python-backend-compliance (push) Successful in 35s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
- Logo-Klick fuehrt zurueck zur Startseite (Neues/Bestehendes Projekt)
- Neue projectVersion im SDK State (inkrementiert nur bei explizitem Speichern)
- Header zeigt Firmenname + V001-Format statt auto-inkrementierende Sync-Version
- Sidebar Logo von Link auf Button umgestellt mit customerType-Reset

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-09 08:14:33 +01:00
Benjamin Admin
de486aeab0 feat(sdk): Step 6 nach Abteilungen + aktivitätsspezifische Datenkategorien
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 34s
Details
CI / test-python-backend-compliance (push) Successful in 38s
Details
CI / test-python-document-crawler (push) Successful in 24s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
- Verarbeitungstätigkeiten nach 11+ Abteilungen gruppiert (Personal, Finanzen, Vertrieb, Marketing, IT, Recht, Einkauf, Produktion, Logistik, Kundenservice, Facility)
- Branchenspezifische Abteilungen (E-Commerce, Gesundheit, Finanz, Bildung, Immobilien)
- 3-Stufen Datenkategorien: primär (sichtbar), weitere (aufklappbar), Art. 9 (rot, nur wenn plausibel relevant)
- Bundesland/Kanton-Dropdown für DE (16), AT (9), CH (26) statt Freitext

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 23:53:52 +01:00
Benjamin Admin
e96f623af0 feat(sdk): Step 6 Wizard rebuilt — Verarbeitungstätigkeiten statt IT-Systeme
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 33s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 28s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
- Verarbeitungstätigkeiten-Checkliste nach Branche (Art. 30 DSGVO)
- DSGVO-Standard Datenkategorien als Checkboxen (10 + 5 Art. 9)
- Rechtsgrundlage pro Verarbeitungstätigkeit (Art. 6 Abs. 1)
- KI-Systeme vereinfacht: risk_category und human_oversight entfernt (Tool-Output)
- Full-width Layout, Mitarbeiterzahl-Dropdown entfernt, Adressfelder ergänzt
- Konzern-Hinweis bei Jahresumsatz, Regulierungen aus Zielmarkt entfernt

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 23:31:19 +01:00
Benjamin Admin
53ff0722a4 fix(backend): SQLAlchemy text() fuer alle raw SQL + UI-Verbesserungen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 32s
Details
CI / test-python-backend-compliance (push) Successful in 39s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details 
- CRITICAL: Alle db.execute() Aufrufe in company_profile_routes.py
  und generation_routes.py mit text() gewrapped (SQLAlchemy 2.x)
- Geschaeftsmodell-Kacheln: Nur Kurztext, Beschreibung bei Klick
- "Warum diese Fragen" in Hauptbereich unter Ueberschrift verschoben
- Sidebar-Box entfernt fuer mehr Platz

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 22:53:29 +01:00
Benjamin Admin
2abf0b4cac feat(sdk): Company Profile Wizard verbessert
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 32s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
- B2B2C als Geschaeftsmodell hinzugefuegt
- URL-Felder bei Offering-Auswahl (Website, Shop, App, SaaS) — optional
- Schritt-spezifische Erklaerungen in "Warum diese Fragen?"
- Firmenname ohne Rechtsform, Templates bauen automatisch zusammen
- Gruendungsjahr springt auf 2000 statt 1800
- SDK-Abdeckung Panel und Profil-loeschen Button entfernt

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 22:41:15 +01:00
Benjamin Admin
fd45545fbe feat(sdk): Auto-Save bei Schrittwechsel + Session-Header
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 34s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details 
Company Profile Wizard speichert jetzt bei jedem Schrittwechsel (Weiter/Zurueck)
als Draft (is_complete: false). Shared buildProfilePayload() vermeidet Duplikation.
SDKHeader zeigt Version, letzten Schritt, Sync-Status und Bearbeiter.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 22:16:44 +01:00
Benjamin Admin
504b1a1207 fix(sdk): Remove non-existent setCurrentModule() from roadmap page
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 29s
Details
CI / test-python-backend-compliance (push) Successful in 30s
Details
CI / test-python-document-crawler (push) Successful in 22s
Details
CI / test-python-dsms-gateway (push) Successful in 17s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 14:38:46 +01:00
Benjamin Admin
66d32cd744 fix(sdk): Re-add useEffect import removed by mistake
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 27s
Details
CI / test-python-backend-compliance (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 16s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 14:30:38 +01:00
Benjamin Admin
7fa0349fe4 fix(sdk): Portfolio/Workshop crash + Audit-LLM 403 + Change-Requests Sidebar
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 29s
Details
CI / test-python-backend-compliance (push) Successful in 31s
Details
CI / test-python-document-crawler (push) Successful in 21s
Details
CI / test-python-dsms-gateway (push) Successful in 17s
Details 
- Remove non-existent setCurrentModule() calls from portfolio/workshop pages
- Move change-requests from app/(sdk)/sdk/ to app/sdk/ for sidebar layout
- Seed compliance_officer RBAC role for default admin user (audit-llm 403)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 14:25:41 +01:00
Benjamin Admin
6ff9f1f2f3 feat(api-docs): API-Exposure-Klassifikation — Intern vs. Oeffentlich
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 36s
Details
CI / test-python-backend-compliance (push) Successful in 33s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 16s
Details 
Alle ~640 Endpoints nach Netzwerk-Exposition klassifiziert: public (5 Module, ~30 EP),
partner/Integration (6 Module, ~25 EP), internal (25+ Module, ~550 EP), admin/Wartung (4 EP).
Badges, Filter und Stats in API-Docs + Developer Portal.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 13:31:16 +01:00
Benjamin Admin
56758e8b55 fix(mock-data): Fake-Daten bei leerer DB entfernt — ISMS 0%, Dashboard keine simulierten Trends, Compliance-Hub keine Fallback-Zahlen
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 29s
Details
CI / test-python-backend-compliance (push) Successful in 33s
Details
CI / test-python-document-crawler (push) Successful in 22s
Details
CI / test-python-dsms-gateway (push) Successful in 17s
Details 
- ISMS Overview: 14% → 0% bei leerer DB, "not_started" Status, alle Kapitel 0%
- Dashboard: 12-Monate simulierte Trend-Historie entfernt
- Compliance-Hub: Hardcoded Fallback-Statistiken (474/180/95/120/79/44/558/19) → 0
- SQLAlchemy Bug: `is not None` → `.isnot(None)` in SoA-Query
- Hardcoded chapter_7/8_status="pass" → berechnet aus Findings

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 23:25:25 +01:00
Benjamin Admin
0c75182fb3 fix(proxy): 3 kaputte Proxy-Pfade + 21x localhost→backend-compliance Fallback
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 30s
Details
CI / test-python-backend-compliance (push) Successful in 32s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details 
- compliance-scope: /api/v1/compliance-scope → /api/compliance/v1/compliance-scope
- modules (4 Dateien): /api/modules → /api/compliance/modules
- 21 Proxy-Dateien: localhost:8002 → backend-compliance:8002 Fallback

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 22:57:03 +01:00
Benjamin Admin
4a60b3a744 fix(isms): Proxy-Pfad /api/isms → /api/compliance/isms
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 29s
Details
CI / test-python-backend-compliance (push) Successful in 32s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details 
Readiness-Check Button funktionierte nicht weil der ISMS-Proxy
das /compliance Segment im Backend-Pfad fehlte.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 19:20:27 +01:00
Benjamin Admin
95fcba34cd fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 30s
Details
CI / test-python-backend-compliance (push) Successful in 30s
Details
CI / test-python-document-crawler (push) Successful in 21s
Details
CI / test-python-dsms-gateway (push) Successful in 17s
Details 
- Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell
- CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns)
- TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes
- Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed
- Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A)
- Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 19:00:33 +01:00
Benjamin Admin
6509e64dd9 feat(sdk): API-Referenz Frontend + Backend-Konsolidierung (Shared Utilities, CRUD Factory)
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 32s
Details
CI / test-python-backend-compliance (push) Successful in 30s
Details
CI / test-python-document-crawler (push) Successful in 21s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details 
- API-Referenz Seite (/sdk/api-docs) mit ~690 Endpoints, Suche, Filter, Modul-Index
- Shared db_utils.py (row_to_dict) + tenant_utils Integration in 6 Route-Dateien
- CRUD Factory (crud_factory.py) fuer zukuenftige Module
- Version-Route Auto-Registration in versioning_utils.py
- 1338 Tests bestanden, -232 Zeilen Duplikat-Code

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 17:07:43 +01:00
Benjamin Admin
7ec6b9f6c0 fix(cleanup): ISMS Bugfix, 13 tote AI-Endpoints entfernt, Compliance-Hub Proxy fix
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 33s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 22s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details 
- ISMS: markStepCompleted entfernt (existiert nicht in SDKContext, verursachte Application Error)
- AI Routes: 13 ungenutzte Endpoints entfernt (ai_routes.py 1266→379 Zeilen, -887)
- Schemas: 12 ungenutzte AI-Schema-Klassen entfernt (-108 Zeilen)
- Compliance-Hub: 5 Fetch-URLs von /api/admin/... auf /api/sdk/v1/... umgestellt
- Tests: 1361 passed, 0 Regressionen

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 15:13:19 +01:00
Benjamin Admin
9e65dff7d6 feat(isms): ISO 27001 Frontend, Proxy, Sidebar, Flow-Data, Architecture, MkDocs
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 33s
Details
CI / test-python-backend-compliance (push) Successful in 29s
Details
CI / test-python-document-crawler (push) Successful in 20s
Details
CI / test-python-dsms-gateway (push) Successful in 16s
Details 
ISMS-Modul mit 6 Tabs (Uebersicht, Policies, SoA, Ziele, Audits/Findings/CAPA,
Management-Reviews) fuer alle 39 Backend-Endpoints. Readiness-Check identifiziert
potenzielle Major/Minor-Findings vor externer Zertifizierung.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 14:53:31 +01:00
Benjamin Admin
1e84df9769 feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6)
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 32s
Details
CI / test-python-backend-compliance (push) Successful in 30s
Details
CI / test-python-document-crawler (push) Successful in 21s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details 
6-Phasen-Implementation fuer cloud-faehiges, mandantenfaehiges Compliance SDK:

Phase 1: Multi-Tenancy Fix
- Shared tenant_utils.py Dependency (UUID-Validierung, kein "default" mehr)
- VVT tenant_id Column + tenant-scoped Queries
- DSFA/Vendor DEFAULT_TENANT_ID von "default" auf UUID migriert
- Migration 035

Phase 2: Stammdaten-Erweiterung
- Company Profile um JSONB-Felder erweitert (processing_systems, ai_systems, technical_contacts)
- Regulierungs-Flags (NIS2, AI Act, ISO 27001)
- GET /template-context Endpoint
- Migration 036

Phase 3: Dokument-Versionierung
- 5 Versions-Tabellen (DSFA, VVT, TOM, Loeschfristen, Obligations)
- Shared versioning_utils.py Helper
- /{id}/versions Endpoints auf allen 5 Dokumenttypen
- Migration 037

Phase 4: Change-Request System
- Zentrale CR-Inbox mit CRUD + Accept/Reject/Edit Workflow
- Regelbasierte CR-Engine (VVT DPIA → DSFA CR, Datenkategorien → Loeschfristen CR)
- Audit-Trail
- Migration 038

Phase 5: Dokumentengenerierung
- 5 Template-Generatoren (DSFA, VVT, TOM, Loeschfristen, Obligations)
- Preview + Apply Endpoints (erzeugt CRs, keine direkten Dokumente)

Phase 6: Frontend-Integration
- Change-Request Inbox Page mit Stats, Filtern, Modals
- VersionHistory Timeline-Komponente
- SDKSidebar CR-Badge (60s Polling)
- Company Profile: 2 neue Wizard-Steps + "Dokumente generieren" CTA

Docs: 5 neue MkDocs-Seiten, CLAUDE.md aktualisiert
Tests: 97 neue Tests (alle bestanden)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 14:12:34 +01:00