8266c37911
merge: phases 1–5 refactor, CI hardening, docs (coolify → main)
...
Build + Deploy / build-admin-compliance (push) Failing after 47s
Build + Deploy / build-backend-compliance (push) Successful in 11s
Build + Deploy / build-ai-sdk (push) Successful in 34s
Build + Deploy / build-developer-portal (push) Successful in 56s
Build + Deploy / build-tts (push) Successful in 26s
Build + Deploy / build-document-crawler (push) Successful in 15s
Build + Deploy / build-dsms-gateway (push) Successful in 13s
Build + Deploy / trigger-orca (push) Has been skipped
CI/CD / loc-budget (push) Successful in 22s
CI/CD / guardrail-integrity (push) Has been skipped
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been cancelled
CI/CD / test-go-ai-compliance (push) Has been cancelled
CI/CD / test-python-backend-compliance (push) Has been cancelled
CI/CD / test-python-document-crawler (push) Has been cancelled
CI/CD / test-python-dsms-gateway (push) Successful in 28s
CI/CD / sbom-scan (push) Has been cancelled
CI/CD / validate-canonical-controls (push) Successful in 20s
Phase 1: backend-compliance — partial service-layer extraction
Phase 2: ai-compliance-sdk — full hexagonal split; iace/ucca/training handlers
and stores split into focused files; cmd/server/main.go → internal/app/
Phase 3: admin-compliance — types.ts, tom-generator loader, and major page
components split; lib document generators extracted
Phase 4: dsms-gateway, consent-sdk, developer-portal, breakpilot-compliance-sdk
Phase 5 CI hardening:
- loc-budget job now scans whole repo (blocking, no || true)
- sbom-scan / grype blocking on high+ CVEs
- ai-compliance-sdk/.golangci.yml: strict golangci-lint config
- check-loc.sh: skip test_*.py and *.html; loc-exceptions.txt expanded
- deleted stray routes.py.backup (2512 LOC)
Docs:
- root README.md with CI badge, service table, quick start, CI pipeline table
- CONTRIBUTING.md: setup, pre-commit checklist, guardrail marker reference
- CLAUDE.md: First-Time Setup & Claude Code Onboarding section
- all 7 service READMEs updated (stale phase refs, current architecture)
- AGENTS.go/python/typescript.md enhanced with linting, DI, barrel re-export
- .gitignore: dist/, .turbo/, pnpm-lock.yaml added
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-19 16:11:53 +02:00
e3a1822883
refactor(admin): split training, control-provenance, iace/verification, training/learner, ControlDetail
...
All 5 files reduced below 500 LOC (hard cap) by extracting sub-components:
- training/page.tsx: 780→278 LOC — imports existing _components/, adds BlocksSection
- control-provenance/page.tsx: 739→145 LOC — extracts provenance-data.ts, ProvenanceHelpers, LicenseMatrix, SourceRegistry
- iace/[projectId]/verification/page.tsx: 673→164 LOC — extracts VerificationForm, CompleteModal, SuggestEvidenceModal, VerificationTable
- training/learner/page.tsx: 560→216 LOC — extracts AssignmentsList, ContentView, QuizView, CertificatesView
- ControlDetail.tsx: 878→311 LOC — adds ControlSourceCitation, ControlTraceability, ControlRegulatorySection, ControlSimilarControls, ControlReviewActions siblings
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-17 12:26:39 +02:00
0125199c76
refactor(admin): split controls, training, control-provenance, iace/verification pages
...
Each page.tsx exceeded the 500-LOC hard cap. Extracted components and hooks into
colocated _components/ and _hooks/ directories; page.tsx is now a thin orchestrator.
- controls/page.tsx: 944 → 180 LOC; extracted ControlCard, AddControlForm,
LoadingSkeleton, TransitionErrorBanner, StatsCards, FilterBar, RAGPanel into
_components/ and useControlsData, useRAGSuggestions into _hooks/; types into _types.ts
- training/page.tsx: 780 → 288 LOC; extracted ContentTab (inline content generator tab)
into _components/ContentTab.tsx
- control-provenance/page.tsx: 739 → 122 LOC; extracted MarkdownRenderer, UsageBadge,
PermBadge, LicenseMatrix, SourceRegistry into _components/; PROVENANCE_SECTIONS
static data into _data/provenance-sections.ts
- iace/[projectId]/verification/page.tsx: 673 → 196 LOC; extracted StatusBadge,
VerificationForm, CompleteModal, SuggestEvidenceModal, VerificationTable into _components/
Zero behavior changes; logic relocated verbatim.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-16 22:50:15 +02:00
9c1355c05f
feat(iace): Phase 5+6 — frontend integration, RAG library search, comprehensive tests
...
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Successful in 34s
CI/CD / test-python-backend-compliance (push) Successful in 33s
CI/CD / test-python-document-crawler (push) Successful in 23s
CI/CD / test-python-dsms-gateway (push) Successful in 19s
CI/CD / validate-canonical-controls (push) Successful in 13s
CI/CD / Deploy (push) Successful in 2s
Phase 5 — Frontend Integration:
- components/page.tsx: ComponentLibraryModal with 120 components + 20 energy sources
- hazards/page.tsx: AutoSuggestPanel with 3-column pattern matching review
- mitigations/page.tsx: SuggestMeasuresModal per hazard with 3-level grouping
- verification/page.tsx: SuggestEvidenceModal per mitigation with evidence types
Phase 6 — RAG Library Search:
- Added bp_iace_libraries to AllowedCollections whitelist in rag_handlers.go
- SearchLibrary endpoint: POST /iace/library-search (semantic search across libraries)
- EnrichTechFileSection endpoint: POST /projects/:id/tech-file/:section/enrich
- Created ingest-iace-libraries.sh ingestion script for Qdrant collection
Tests (123 passing):
- tag_taxonomy_test.go: 8 tests for taxonomy entries, domains, essential tags
- controls_library_test.go: 7 tests for measures, reduction types, subtypes
- integration_test.go: 7 integration tests for full match flow and library consistency
- Extended tag_resolver_test.go: 9 new tests for FindByTags and cross-category resolution
Documentation:
- Updated iace.md with Hazard-Matching-Engine, RAG enrichment, and new DB tables
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-16 10:22:49 +01:00
c7651796c9
feat(iace): integrate ISO 12100 machine risk model with 4-factor assessment
...
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Successful in 36s
CI/CD / test-python-backend-compliance (push) Successful in 36s
CI/CD / test-python-document-crawler (push) Successful in 22s
CI/CD / test-python-dsms-gateway (push) Successful in 18s
CI/CD / validate-canonical-controls (push) Successful in 12s
CI/CD / Deploy (push) Successful in 2s
Add dual-mode risk engine: legacy S×E×P (avoidance=0) and ISO mode S×F×P×A
(avoidance>=1) with new thresholds (low/medium/high/very_high/not_acceptable).
- 150+ hazard library entries across 28 categories incl. physical hazards
(mechanical, electrical, thermal, pneumatic/hydraulic, noise/vibration,
ergonomic, material/environmental)
- 160-entry protective measures library with 3-step hierarchy validation
(design → protective → information)
- 25 lifecycle phases, 20 affected person roles, 50 evidence types
- 10 verification methods (expanded from 7)
- New API endpoints: lifecycle-phases, roles, evidence-types,
protective-measures-library, validate-mitigation-hierarchy
- DB migrations 018+019 for extended schema
- Frontend: 4-slider risk assessment, hierarchy warnings, measures library modal
- MkDocs wiki updated with ISO mode docs and legal notice (no norm text)
All content uses original wording — norms referenced as methodology only.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-15 23:13:41 +01:00
215b95adfa
refactor: Admin-Layout komplett entfernt — SDK als einziges Layout
...
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Successful in 32s
CI / test-python-backend-compliance (push) Successful in 31s
CI / test-python-document-crawler (push) Successful in 21s
CI / test-python-dsms-gateway (push) Successful in 19s
Kaputtes (admin) Layout geloescht (Role-Selection, 404-Sidebar, localhost-Dashboard).
SDK-Flow nach /sdk/sdk-flow verschoben. Route-Gruppe (sdk) aufgeloest.
Root-Seite redirected auf /sdk. ~25 ungenutzte Dateien/Verzeichnisse entfernt.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-04 11:43:00 +01:00
Sharang Parnerkar