37 Commits

Author	SHA1	Message	Date
Benjamin Admin	02ff96f74e	fix: resolve all merge conflict markers from feat/zeroclaw-compliance-agent ... 9 files had conflict markers from the branch merge. All resolved keeping the feature branch version. Also split agent_scan_routes.py (534→367 LOC) by extracting Pydantic models to agent_scan_models.py. [guardrail-change] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 12:15:07 +02:00
Benjamin Admin	36c6101b91	Merge feat/zeroclaw-compliance-agent into main ... Brings all compliance doc-check features: - 162 regex checks + 1874 Master Controls - LLM-agnostic agent with tool calling - Banner check (46 checks, 30 CMPs, stealth, Shadow DOM) - Impressum check (24 checks) - Deep consent verification (DataLayer, GCM, TCF) - CMP E2E tests (39 tests) - HTML email reports, FAQ, persistent history Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:44:20 +02:00
Benjamin Admin	af5ab9127a	feat(docgen): wire CMP, Loeschfristen, UseCases into Document Generator ... Connect three previously siloed modules to the contextBridge: - CookieBanner → CONSENT (analytics tools, marketing partners) + FEATURES (CMP_NAME, HAS_FUNCTIONAL_COOKIES) - RetentionPolicies → PRIVACY.ANALYTICS_RETENTION_MONTHS (from actual Loeschfristen data) - UseCases → FEATURES flags (HAS_ACCOUNT, HAS_PAYMENTS, HAS_NEWSLETTER, HAS_SOCIAL_MEDIA) Previously all FEATURES were hardcoded false/empty in EMPTY_CONTEXT. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:37:12 +02:00
Benjamin Admin	bb1f5d6c94	feat: Document Workflow wiring + Email system consolidation ... Document Workflow: - "Als Version speichern" button in Document Generator preview - Creates document + version via /legal-documents/documents API - Saved documents appear in /sdk/workflow module - Status indicator (saving/saved/error) in toolbar Email Consolidation: - consent-management Emails tab now redirects to /sdk/email-templates - Single source of truth for all email templates - Old tab replaced with redirect card explaining the change Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-04 07:57:33 +02:00
Benjamin Admin	4c92b17617	feat: Rollenkonzept module + Document Generator review integration (Phase 4-5) ... - New /sdk/rollenkonzept/ module with 3 tabs (Rollen, Zuordnung, Reviews) - 7 standard compliance roles (DSB, GF, IT-Leiter, HR, Marketing, Compliance, Einkauf) - Inline role editing with test email via Mailpit - Document-to-role mapping table (editable per tenant) - Review list with status filters and approve/reject workflow - ReviewAssignmentPanel in Document Generator preview tab - "Zur Pruefung senden" button creates reviews + sends notification emails - Approval notification sent to all affected roles after document sign-off - Sidebar navigation link added Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 13:09:32 +02:00
Benjamin Admin	a56ea2c843	feat: A4 preview + example data + company profile presets ... Feature 1: DIN A4 Preview - Markdown→HTML renderer (inline, no dependency) - A4 page container (210mm × 297mm) with print styling - Toggle between "Vorschau" (rendered A4) and "Markdown" (raw) - Print button opens new window with @page A4 CSS - Purple theme for headings, styled tables Feature 2: Example Data Button - "Beispieldaten" button in Generator header - Loads examples/{templateType}_{lang}.json - Prefills all context fields for instant full preview Feature 3: Company Profile Presets - 10 industry presets: SaaS Startup, Consumer App, E-Commerce, IT-Agentur, Maschinenbau, Rechtsanwalt, Arztpraxis, Handwerk, Bildung, Enterprise - Each with pre-filled CompanyProfile + scope hints + recommended docs - PresetSelector component (card grid with icons) - "Manuell ausfuellen" skip option Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 07:38:18 +02:00
Benjamin Admin	64700b355e	feat: Review all 12 remaining policy templates + categorize ... Migration 110: Updated descriptions and version for 12 previously unreviewed templates (asset_management, backup, change_management, cloud_security, devsecops, incident_response, logging, patch_management, secrets_management, vulnerability_management, informationspflichten, verpflichtungserklaerung). All templates assessed as "Very Good" quality — only incremental updates needed (AI Act, CRA, NIS2UmsuCG references in descriptions). informationspflichten: Kept as separate compact checklist (distinct from the full privacy_policy DSI template). verpflichtungserklaerung: Kept as standalone HR document (employee signs at onboarding). Added to HR & Mitarbeiter category. Result: 88 templates, 44 at v1.1+, 0 unreviewed remaining. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 07:19:41 +02:00
Benjamin Admin	4b9cf34243	feat: Full template cleanup + categories by use case ... Cleanup (109): - Removed DPA duplicates (v1 DE + v1 EN, kept v2 DE) - Removed cookie_banner duplicate (kept larger with IF-blocks) - Removed impressum duplicate (kept larger with IF-blocks) - Removed TOM duplicate (kept newest) - Removed DSFA v1 (kept v2) - Kept all 8 VVT templates (1 main + 7 industry templates) - DB: 98 → 88 templates, 0 duplicates remaining Categories restructured by use case: - Website/App: DSI, Impressum, Cookie, Social Media - Online-Shop: AGB, Widerruf, DSI, Cookie - SaaS/Cloud: AGB, AVV, SLA, Cloud Agreement - App/Plattform: Nutzungsbedingungen, Community Guidelines, AUP - Vertraege (B2B): AVV, NDA, SLA, Cloud - DSGVO-Pflichten: TOM, VVT, Loeschkonzept, DSFA - Sicherheitskonzepte + Richtlinien (separate categories) - HR & Mitarbeiter, Daten-Governance, Vendor, BCM Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-03 07:09:16 +02:00
Benjamin Admin	d1fb19810b	fix: Remove premature closing brace in SECTION_FIELDS ... The SECTION_FIELDS object was prematurely closed before the TOM and DPA sections, causing a build-time syntax error. Removed the extra closing brace so TOM and DPA fields are correctly inside the object. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 15:08:23 +02:00
Benjamin Admin	062d607da9	feat: Scope questions, placeholder mappings, example contexts ... Scope questions (compliance-scope-data.ts): - 7 new questions: org_has_employees, org_has_social_media, org_has_video_conferencing, proc_uses_ai_tools, proc_byod_allowed, prod_ugc_platform, org_cert_iso27001 Template recommendations updated: - employee_dsi/applicant_dsi now triggered by org_has_employees - ai_usage_policy triggered by proc_uses_ai_tools - byod_policy triggered by proc_byod_allowed (required when yes) - social_media_dsi triggered by org_has_social_media - video_conference_dsi triggered by org_has_video_conferencing - community_guidelines/terms_of_use triggered by prod_ugc_platform Placeholder mappings (contextBridge-helpers.ts): - 30+ new mappings for: whistleblower, video conference, AI policy, BYOD, consent, social media, transfer/SCC, DSI fields - SECTION_COVERS updated for template relevance detection Example contexts: ai_usage_policy_de, employee_dsi_de, social_media_dsi_de, tia_de Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 13:43:09 +02:00
Benjamin Admin	ef8eead513	feat: Adequacy decisions, DPF check, customer guidance for transfers ... New: adequacy-decisions.ts - Complete list of 15 countries with EU adequacy decisions (Art. 45) - EU/EEA country set (30 countries) - getTransferRequirement() — determines SCC/TIA/certification needs per country code with human-readable explanations - US special handling: DPF certification required, check URL included Updated: transfers/page.tsx - "Was muss ich tun?" explanation section with 3 options: 1. Adequacy decision (green) — no action needed 2. DPF certification (blue, US only) — check dataprivacyframework.gov 3. SCC + TIA required (amber) — link to Document Generator - Collapsible adequacy countries table (15 countries with restrictions) - Schrems II background explanation for customers - Customer guidance written for non-experts who never heard of TIA/SCC Updated: templateRecommendations.ts - SCC+TIA rules now consider DPF certification and adequacy status - us_dpf_only → SCC/TIA optional (not required) - adequate_only → SCC/TIA not recommended Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 12:57:54 +02:00
Benjamin Admin	9f4c4abb84	feat: Document recommendation UI in generator ... New RecommendedDocuments component shown above the template library: - Evaluates scope answers + compliance level (L1-L4) - Groups templates into required/recommended/optional - Shows profile label (Startup/KMU/Extended/Enterprise) - Cards link to actual templates — click opens in generator - Optional section collapsed by default - Only visible when scope has been completed Renders as purple gradient panel with grid cards, each showing template name and availability status. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 11:06:56 +02:00
Benjamin Admin	d942b21354	feat: SCC + TIA templates for third-country transfers ... New templates for the Vendor Compliance module: - 105: Transfer Impact Assessment (TIA) — Schrems II risk assessment with country evaluation, government access assessment, supplementary measures, risk matrix, and go/conditional/deny decision - 105: SCC Companion Document — annexes to EU Decision 2021/914 (module selection C2C/C2P/P2P/P2C, party details, data description, TOMs, sub-processor list) Template recommendations: SCC+TIA triggered by tech_third_country answer Generator: New "Drittlandtransfer" category Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 10:19:56 +02:00
Benjamin Admin	4ff6050f43	feat: Template recommendation engine — bridges scope to document generator ... Fixes critical gap: 50+ templates were unreachable because the Compliance Scope Engine only outputs 23 document types, while the database has 70+. New: templateRecommendations.ts - 25 template rules that map scope answers to specific templates - Covers ALL previously orphaned templates (HR-DSI, whistleblower, AI policy, BYOD, security policies, community guidelines, etc.) - Each rule evaluates scope answers + compliance level to determine required/recommended/optional status - Key triggers: - employee_count > 0 → employee_dsi, applicant_dsi - employee_count >= 50 → whistleblower_policy (HinSchG Pflicht!) - ai_usage != none → ai_usage_policy - business_model = platform → community_guidelines, terms_of_use - cert_target = iso27001 → isms_manual - webshop = yes → widerruf Updated: scopeDefaults.ts - getRecommendedDocuments() expanded with all 60+ document types - L1→L4 graduated recommendation (required/recommended/optional) Updated: _constants.ts - Consolidated AI governance into internal_policies category Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 10:12:15 +02:00
Benjamin Admin	42e02fe72d	feat: Phase 6 — Integration + QS (categories, scope defaults, examples) ... Phase 6 of the Document Templates Masterplan: - Categories: Consolidated AI governance into internal_policies, removed redundant category - scopeDefaults.ts: Added getRecommendedDocuments() function that maps L1-L4 compliance levels to required/recommended/optional document types (~60 types across 4 tiers) - Examples: Added dpa_de.json, tom_de.json, whistleblower_de.json example contexts for the document generator Document recommendation per level: - L1 (Startup): 5 required (DSI, Impressum, AGB, Cookie) - L2 (KMU): +6 recommended (AVV, TOM, VVT, Löschkonzept, etc.) - L3 (Extended): +16 recommended (Security concepts, policies, HR DSI) - L4 (Enterprise): +25 recommended (ISMS, BCM, all policies) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 09:36:48 +02:00
Benjamin Admin	3984f39329	feat: Phase 5 — Special templates (AI policy, BYOD, ISMS, consent, video DSI) ... Phase 5 of the Document Templates Masterplan: - 104: 5 new special templates: - ai_usage_policy: AI usage policy (AI Act Art. 4 training obligation, forbidden inputs, quality check, labeling, TDM opt-out) - byod_policy: Bring Your Own Device (container solution, remote wipe, DSFA, cost sharing options) - consent_texts: Double-Opt-In texts, newsletter, marketing, tracking, profiling consent, unsubscribe confirmation - video_conference_dsi: Video conference privacy notice (Zoom/Teams/Meet, recording consent, third-country transfer) - isms_manual: ISMS handbook (ISO 27001, document structure map to all other templates, PDCA cycle, management review) Generator: 6 new categories (AI governance, ISMS, consent, special DSI, internal policies) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 09:25:32 +02:00
Benjamin Admin	4417938558	feat: Phase 3 — Security + HR/Vendor/BCM policies ... Phase 3 of the Document Templates Masterplan: - 103: 4 new security policies (information_security_policy, password_policy, encryption_policy, access_control_policy) + updates for CRA (056) and all 15 HR/Vendor/BCM policies (072) New templates: - Information Security Policy: ISMS-Leitlinie (ISO 27001, BSI, NIS2) - Password Policy: BSI/NIST compliant (12+ chars, MFA, no forced rotation) - Encryption Policy: BSI TR-02102, algorithms, key management, TLS config - Access Control Policy: RBAC, Least Privilege, Zero Trust, rezertification Updates: AI Act + NIS2UmsuCG references for CRA and all 15 HR/Vendor/BCM Generator: 6 new categories (security, HR, data, vendor, BCM policies) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 09:05:03 +02:00
Benjamin Admin	f591871277	feat: Phase 1 — Whistleblower + Cookie/Impressum + HR-DSI templates ... Phase 1 of the Document Templates Masterplan: - 098: Whistleblower-Richtlinie (HinSchG) — 10 sections, anonymous reporting, 7-day confirmation, 3-month feedback, reprisal protection - 099: Cookie-Banner + Impressum updates — OS-Plattform discontinued note (July 2025), description updates - 100: Applicant DSI + Employee DSI — two new HR privacy notices with § 26 BDSG, 6-month retention (applicants), modular blocks for video interviews, talent pool, IT monitoring, company vehicles, works council Generator: 25 new fields (whistleblower, applicant, employee categories) Categories: whistleblower, hr_dsi added to document generator Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 08:29:52 +02:00
Benjamin Admin	bae59e2ce0	feat: Document Templates v2 — 11 migrations + scope-based generator ... Complete overhaul of document generator templates based on paragraph-by-paragraph legal review of attorney-drafted templates (TOM, AVV, AGB, DSI, Community Guidelines, Nutzungsbedingungen, Widerrufsbelehrung, Cookie-Richtlinie). Templates (11 migrations 087-097): - 087: TOM-Dokumentation v2 (11 categories incl. Trennungskontrolle) - 088: AVV Art. 28 DSGVO (complete, §§ 1-11, 3 annexes) - 089: Cross-document updates (Löschkonzept DIN 66399, VVT recipients) - 090: AGB SaaS/Shop v2 (18 §§, B2B/B2C, IoT, physical goods, IP protection) - 091: Community Guidelines v2 (3 tones, 11 modular categories, DSA-compliant) - 092: Media & Content modules (MStV, AI Act Art. 50, UWG, Pressekodex) - 093: DSI/Privacy Policy v2 (Art. 13 complete, shop+corporate modules) - 094: Nutzungsbedingungen (Terms of Use, UGC, tipping, wallet, CC licenses) - 095: Widerrufsbelehrung (SaaS + physical + IoT bundle + combo) - 096: Social Media DSI (Facebook, YouTube, LinkedIn, TikTok, Meta Pixel) - 097: Cookie-Richtlinie v2 (TDDDG § 25, consent banner, browser links) Frontend (generator): - scopeDefaults.ts: L1-L4 scope-based defaults from Compliance Scope Engine - contextBridge.ts: TOMCtx + DPACtx interfaces (70+ new fields) - contextBridge-helpers.ts: 35+ placeholder mappings for TOM/DPA/AGB - _constants.ts: 120+ new generator fields (TOM, DPA, AGB, community, media, social, nutzungsbedingungen, widerruf, cookie, shop, IoT) - page.tsx: Auto-prefill TOM/DPA from scope engine decision Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-01 01:18:33 +02:00
Benjamin Admin	2134383b5a	fix: guard placeholders with Array.isArray to prevent e.filter crash ... Same pattern as the email templates variables fix. Backend may return placeholders as object instead of array. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-28 23:36:09 +02:00
Benjamin Admin	b2a28eb4cd	feat: DSR Prozessbeschreibungen Art. 15-21 mit Swim-Lane-Diagrammen ... 7 vollstaendige Prozessbeschreibungen fuer den Document Generator: - Art. 15: Auskunftsrecht (30 Tage, 6 Schritte, Informationskatalog) - Art. 16: Berichtigungsrecht (14 Tage, inkl. Art. 19 Mitteilung) - Art. 17: Loeschungsrecht (14 Tage, Art. 17(3) Ausnahmen-Checkliste) - Art. 18: Einschraenkungsrecht (14 Tage, erlaubte Verarbeitung) - Art. 19: Mitteilungspflicht (automatisch bei Art. 16/17/18) - Art. 20: Datenuebertragbarkeit (30 Tage, JSON/CSV/XML Export) - Art. 21: Widerspruchsrecht (30 Tage, Sonderfall Direktwerbung) Jede Beschreibung enthaelt: - Mermaid Swim-Lane-Diagramm (Betroffener/Sachbearbeitung/Fachabteilung/DSB) - Detaillierte Schritt-Tabelle mit Verantwortlichkeiten und Fristen - Rechtsgrundlagen-Verweise - Firmen-Platzhalter (FIRMENNAME, VERSION, DATUM, DSB_NAME) Integration: - 7 neue Typen in VALID_DOCUMENT_TYPES (legal_template_routes.py) - Neue Kategorie "DSR-Prozesse" im Document Generator Frontend - DSR types-core.ts: templateType Feld verknuepft DSR → Document Generator - Migration 085 seeded die Templates in die legal_templates Tabelle [migration-approved] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-28 19:25:38 +02:00
Benjamin Admin	b39c1d5dce	feat: DSR Prozessbeschreibungen Art. 15-21 mit Swim-Lane-Diagrammen ... 7 vollstaendige Prozessbeschreibungen fuer den Document Generator: - Art. 15: Auskunftsrecht (30 Tage, 6 Schritte, Informationskatalog) - Art. 16: Berichtigungsrecht (14 Tage, inkl. Art. 19 Mitteilung) - Art. 17: Loeschungsrecht (14 Tage, Art. 17(3) Ausnahmen-Checkliste) - Art. 18: Einschraenkungsrecht (14 Tage, erlaubte Verarbeitung) - Art. 19: Mitteilungspflicht (automatisch bei Art. 16/17/18) - Art. 20: Datenuebertragbarkeit (30 Tage, JSON/CSV/XML Export) - Art. 21: Widerspruchsrecht (30 Tage, Sonderfall Direktwerbung) Jede Beschreibung enthaelt: - Mermaid Swim-Lane-Diagramm (Betroffener/Sachbearbeitung/Fachabteilung/DSB) - Detaillierte Schritt-Tabelle mit Verantwortlichkeiten und Fristen - Rechtsgrundlagen-Verweise - Firmen-Platzhalter (FIRMENNAME, VERSION, DATUM, DSB_NAME) Integration: - 7 neue Typen in VALID_DOCUMENT_TYPES (legal_template_routes.py) - Neue Kategorie "DSR-Prozesse" im Document Generator Frontend - DSR types-core.ts: templateType Feld verknuepft DSR → Document Generator - Migration 085 seeded die Templates in die legal_templates Tabelle [migration-approved] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-28 17:53:44 +02:00
Sharang Parnerkar	feedeb052f	refactor(admin-compliance): split 11 oversized files under 500 LOC hard cap (batch 2) ... Barrel-split pattern: each original becomes a thin re-export barrel; logic moved to sibling files so no consumer imports need updating. Files split: - loeschfristen-profiling.ts → profiling-data.ts + profiling-generator.ts - vendor-compliance/catalog/vendor-templates.ts → vendor-country-profiles.ts - vendor-compliance/catalog/legal-basis.ts → legal-basis-retention.ts - dsfa/eu-legal-frameworks.ts → eu-legal-frameworks-national.ts - compliance-scope-types/document-scope-matrix-core.ts → core-part2.ts - compliance-scope-types/document-scope-matrix-extended.ts → extended-part2.ts - app/sdk/document-generator/contextBridge.ts → contextBridge-helpers.ts - app/api/sdk/drafting-engine/draft/route.ts → draft-helpers.ts + draft-helpers-v2.ts All files ≤ 500 LOC. Zero behavior changes. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-18 00:32:08 +02:00
Sharang Parnerkar	2ade65431a	refactor(admin): split compliance-hub, obligations, document-generator pages ... Each page.tsx was >1000 LOC; extract components to _components/ and hooks to _hooks/ so page files stay under 500 LOC (164 / 255 / 243 respectively). Zero behavior changes — logic relocated verbatim. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 17:10:14 +02:00
Sharang Parnerkar	c43d9da6d0	merge: sync with origin/main, take upstream on conflicts ... # Conflicts: # admin-compliance/lib/sdk/types.ts # admin-compliance/lib/sdk/vendor-compliance/types.ts	2026-04-16 16:26:48 +02:00
Sharang Parnerkar	eeb9931d87	refactor(admin): split document-generator page.tsx into colocated components ... Split 1130-LOC document-generator page into _components and _constants modules. page.tsx now 243 LOC (wire-up only). Behavior preserved. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-14 23:01:56 +02:00
Benjamin Admin	1cc34c23d9	feat(document-generator): 33 policy + module document templates ... - Migration 071: 14 IT-Security policy templates (ISO 27001/BSI) information_security, access_control, password, encryption, logging, backup, incident_response, change_management, patch_management, asset_management, cloud_security, devsecops, secrets_management, vulnerability_management - Migration 072: 15 Data/HR/Vendor/BCM policy templates data_protection, data_classification, data_retention, data_transfer, privacy_incident, employee_security, security_awareness, remote_work, offboarding, vendor_risk_management, third_party_security, supplier_security, business_continuity, disaster_recovery, crisis_management - Migration 073: 4 module document reference templates vvt_register, tom_documentation, loeschkonzept, pflichtenregister - TemplateType union: 17 → 61 types with German labels - VALID_DOCUMENT_TYPES: +6 types (cybersecurity_policy, dsfa, 4 module docs) - CATEGORIES: new "DSGVO-Dokumente" category for module documents Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-19 23:27:25 +01:00
Benjamin Admin	0171d611f6	feat: add policy library with 29 German policy templates ... Add 29 new document types (IT security, data, personnel, vendor, BCM policies) to VALID_DOCUMENT_TYPES and 5 category pills to the document generator UI. Include seed script for production DB population. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-14 22:37:33 +01:00
Benjamin Admin	49ce417428	feat: add compliance modules 2-5 (dashboard, security templates, process manager, evidence collector) ... Module 2: Extended Compliance Dashboard with roadmap, module-status, next-actions, snapshots, score-history Module 3: 7 German security document templates (IT-Sicherheitskonzept, Datenschutz, Backup, Logging, Incident-Response, Zugriff, Risikomanagement) Module 4: Compliance Process Manager with CRUD, complete/skip/seed, ~50 seed tasks, 3-tab UI Module 5: Evidence Collector Extended with automated checks, control-mapping, coverage report, 4-tab UI Also includes: canonical control library enhancements (verification method, categories, dedup), control generator improvements, RAG client extensions 52 tests pass, frontend builds clean. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-14 21:03:04 +01:00
Benjamin Admin	95fcba34cd	fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring ... - Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell - CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns) - TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes - Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed - Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A) - Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 19:00:33 +01:00
Benjamin Admin	6a8289246c	feat: DSFA als TemplateType + Kategorie im Document Generator ... - TemplateType-Union um 'dsfa' erweitert - TEMPLATE_TYPE_LABELS: dsfa → 'Datenschutz-Folgenabschätzung' - Document Generator: Kategorie-Tab 'DSFA' hinzugefügt Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 23:54:29 +01:00
Benjamin Admin	dd404da6cd	fix: Bibliothek-Vorschau zeigt vollständigen Template-Text ... Trunkierung bei 1.500 Zeichen entfernt, Container auf max-h-[32rem] erweitert damit langer Inhalt scrollbar aber vollständig lesbar ist. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-04 15:04:03 +01:00
Benjamin Admin	e0f7f2134e	feat: Template-Spec v1 Phase C — IF-Renderer + HOSTING/FEATURES + 4 neue DE-Templates ... - contextBridge.ts: HostingCtx + FeaturesCtx (35 Felder), ~50 neue Platzhalter-Aliases - ruleEngine.ts: buildBoolContext() + applyConditionalBlocks() (IF/IF_NOT/IF_ANY) - ruleEngine.test.ts: 67 Tests (+18 für Phase C), alle grün - page.tsx: IF-Renderer in Pipeline, HOSTING+FEATURES Formular-Sections, erweiterter SDK-Prefill - scripts/apply_templates_023.py: 4 neue DE-Templates (Cookie v2, DSE, AGB, Impressum) - migrations/023_new_templates_de.sql: Dokumentation + Verifikations-Query Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-04 14:35:56 +01:00
Benjamin Admin	1c5a4c2d96	feat: Template-Spec v1 Phase B — Rule Engine + Block Removal ... - ruleEngine.ts: Minimal JSONLogic evaluator, 6-phase runner (compute_flags, auto_defaults, hard_validations, auto_remove_blocks, module_requirements, warnings), getDocType mapping, applyBlockRemoval - ruleEngine.test.ts: 49 Vitest tests (alle grün) - page.tsx: ruleResult useMemo, enabledModules state, computed flags pills, module toggles, rule engine banners (errors/warnings/legal notice) - migrations/022_template_block_markers.sql: Dokumentation + Verify-Query - scripts/apply_block_markers_022.py: NDA_PENALTY_BLOCK, COOKIE_ANALYTICS_BLOCK, COOKIE_MARKETING_BLOCK in DB-Templates einfügen Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-04 13:23:03 +01:00
Benjamin Admin	076cdd587d	feat: DocumentGenerator — Template-Spec v1 Phase A (Kontext-Formular + Beispiele) ... - page.tsx: Generator-Section nutzt jetzt strukturiertes Kontext-Formular statt einzelner Platzhalter-Inputs - 10 Sections (Anbieter, Kunde, Dienst, Rechtliches, Datenschutz, SLA, Zahlungskonditionen, Sicherheit, NDA, Cookie/Einwilligung) - Nur für die Vorlage relevante Sections werden angezeigt (getRelevantSections) - Collapsible Sections mit Auto-Expand beim Template-Wechsel - Uncovered Placeholders als separate manuelle Eingaben - Validierungs-Badge zeigt fehlende Pflichtfelder - Grüne Bestätigung wenn alle Felder ausgefüllt - 11 Beispiel-Contexts für alle doc_types (nda_de, nda_en, sla_de, aup_en, community_de, copyright_de, cloud_contract_de, data_usage_clause_de, cookie_banner_de, agb_de, liability_clause_en) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 12:36:40 +01:00
Benjamin Admin	eca0855216	feat: Sidebar-Links fuer Developer Portal + SDK Dokumentation ... Externe Links oeffnen in neuem Tab mit Icon-Indikator. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 12:24:39 +01:00
Benjamin Admin	215b95adfa	refactor: Admin-Layout komplett entfernt — SDK als einziges Layout ... Kaputtes (admin) Layout geloescht (Role-Selection, 404-Sidebar, localhost-Dashboard). SDK-Flow nach /sdk/sdk-flow verschoben. Route-Gruppe (sdk) aufgeloest. Root-Seite redirected auf /sdk. ~25 ungenutzte Dateien/Verzeichnisse entfernt. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 11:43:00 +01:00