breakpilot-compliance

Author	SHA1	Message	Date
Benjamin Admin	e6201d5239	feat: Anti-Fake-Evidence System (Phase 1-4b) Implement full evidence integrity pipeline to prevent compliance theater: - Confidence levels (E0-E4), truth status tracking, assertion engine - Four-Eyes approval workflow, audit trail, reject endpoint - Evidence distribution dashboard, LLM audit routes - Traceability matrix (backend endpoint + Compliance Hub UI tab) - Anti-fake badges, control status machine, normative patterns - 2 migrations, 4 test suites, MkDocs documentation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-23 17:15:45 +01:00
Benjamin Admin	4f6bc8f6f6	feat(training+controls): interactive video pipeline, training blocks, control generator, CE libraries Some checks failed CI/CD / go-lint (push) Has been skipped Details CI/CD / python-lint (push) Has been skipped Details CI/CD / nodejs-lint (push) Has been skipped Details CI/CD / test-go-ai-compliance (push) Failing after 37s Details CI/CD / test-python-backend-compliance (push) Successful in 39s Details CI/CD / test-python-document-crawler (push) Successful in 26s Details CI/CD / test-python-dsms-gateway (push) Successful in 23s Details CI/CD / validate-canonical-controls (push) Successful in 12s Details CI/CD / Deploy (push) Has been skipped Details Interactive Training Videos (CP-TRAIN): - DB migration 022: training_checkpoints + checkpoint_progress tables - NarratorScript generation via Anthropic (AI Teacher persona, German) - TTS batch synthesis + interactive video pipeline (slides + checkpoint slides + FFmpeg) - 4 new API endpoints: generate-interactive, interactive-manifest, checkpoint submit, checkpoint progress - InteractiveVideoPlayer component (HTML5 Video, quiz overlay, seek protection, progress tracking) - Learner portal integration with automatic completion on all checkpoints passed - 30 new tests (handler validation + grading logic + manifest/progress + seek protection) Training Blocks: - Block generator, block store, block config CRUD + preview/generate endpoints - Migration 021: training_blocks schema Control Generator + Canonical Library: - Control generator routes + service enhancements - Canonical control library helpers, sidebar entry - Citation backfill service + tests - CE libraries data (hazard, protection, evidence, lifecycle, components) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-16 21:41:48 +01:00
Benjamin Admin	11d4c2fd36	feat: Add Compliance Wiki as internal admin knowledge base Migration 040 with wiki_categories + wiki_articles tables, 10 seed articles across 8 categories (DSGVO, Art. 9, AVV, HinSchG etc.). Read-only FastAPI API, Next.js proxy, and two-column frontend with full-text search. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 20:01:27 +01:00
Benjamin Admin	0affa4eb66	feat(sdk): Multi-Projekt-Architektur — mehrere Projekte pro Tenant Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 33s Details CI / test-python-backend-compliance (push) Successful in 34s Details CI / test-python-document-crawler (push) Successful in 23s Details CI / test-python-dsms-gateway (push) Successful in 19s Details Jeder Tenant kann jetzt mehrere Compliance-Projekte anlegen (z.B. verschiedene Produkte, Tochterunternehmen). CompanyProfile ist pro Projekt kopierbar und danach unabhaengig editierbar. Multi-Tab-Support via separater BroadcastChannel und localStorage Keys pro Projekt. - Migration 039: compliance_projects Tabelle, sdk_states.project_id - Backend: FastAPI CRUD-Routes fuer Projekte mit Tenant-Isolation - Frontend: ProjectSelector UI, SDKProvider mit projectId, URL ?project= - State API: UPSERT auf (tenant_id, project_id) mit Abwaertskompatibilitaet - Tests: pytest fuer Model-Validierung, Row-Konvertierung, Tenant-Isolation - Docs: MKDocs Seite, CLAUDE.md, Backend README Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 14:53:50 +01:00
Benjamin Admin	d3fc4cdaaa	feat(sdk): Logo-Navigation, stabile Versionsnummer V001 + Firmenname im Header Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 45s Details CI / test-python-backend-compliance (push) Successful in 35s Details CI / test-python-document-crawler (push) Successful in 25s Details CI / test-python-dsms-gateway (push) Successful in 21s Details - Logo-Klick fuehrt zurueck zur Startseite (Neues/Bestehendes Projekt) - Neue projectVersion im SDK State (inkrementiert nur bei explizitem Speichern) - Header zeigt Firmenname + V001-Format statt auto-inkrementierende Sync-Version - Sidebar Logo von Link auf Button umgestellt mit customerType-Reset Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 08:14:33 +01:00
Benjamin Admin	6509e64dd9	feat(sdk): API-Referenz Frontend + Backend-Konsolidierung (Shared Utilities, CRUD Factory) All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 32s Details CI / test-python-backend-compliance (push) Successful in 30s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 18s Details - API-Referenz Seite (/sdk/api-docs) mit ~690 Endpoints, Suche, Filter, Modul-Index - Shared db_utils.py (row_to_dict) + tenant_utils Integration in 6 Route-Dateien - CRUD Factory (crud_factory.py) fuer zukuenftige Module - Version-Route Auto-Registration in versioning_utils.py - 1338 Tests bestanden, -232 Zeilen Duplikat-Code Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 17:07:43 +01:00
Benjamin Admin	9e65dff7d6	feat(isms): ISO 27001 Frontend, Proxy, Sidebar, Flow-Data, Architecture, MkDocs All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 33s Details CI / test-python-backend-compliance (push) Successful in 29s Details CI / test-python-document-crawler (push) Successful in 20s Details CI / test-python-dsms-gateway (push) Successful in 16s Details ISMS-Modul mit 6 Tabs (Uebersicht, Policies, SoA, Ziele, Audits/Findings/CAPA, Management-Reviews) fuer alle 39 Backend-Endpoints. Readiness-Check identifiziert potenzielle Major/Minor-Findings vor externer Zertifizierung. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 14:53:31 +01:00
Benjamin Admin	1e84df9769	feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6) All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 32s Details CI / test-python-backend-compliance (push) Successful in 30s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 18s Details 6-Phasen-Implementation fuer cloud-faehiges, mandantenfaehiges Compliance SDK: Phase 1: Multi-Tenancy Fix - Shared tenant_utils.py Dependency (UUID-Validierung, kein "default" mehr) - VVT tenant_id Column + tenant-scoped Queries - DSFA/Vendor DEFAULT_TENANT_ID von "default" auf UUID migriert - Migration 035 Phase 2: Stammdaten-Erweiterung - Company Profile um JSONB-Felder erweitert (processing_systems, ai_systems, technical_contacts) - Regulierungs-Flags (NIS2, AI Act, ISO 27001) - GET /template-context Endpoint - Migration 036 Phase 3: Dokument-Versionierung - 5 Versions-Tabellen (DSFA, VVT, TOM, Loeschfristen, Obligations) - Shared versioning_utils.py Helper - /{id}/versions Endpoints auf allen 5 Dokumenttypen - Migration 037 Phase 4: Change-Request System - Zentrale CR-Inbox mit CRUD + Accept/Reject/Edit Workflow - Regelbasierte CR-Engine (VVT DPIA → DSFA CR, Datenkategorien → Loeschfristen CR) - Audit-Trail - Migration 038 Phase 5: Dokumentengenerierung - 5 Template-Generatoren (DSFA, VVT, TOM, Loeschfristen, Obligations) - Preview + Apply Endpoints (erzeugt CRs, keine direkten Dokumente) Phase 6: Frontend-Integration - Change-Request Inbox Page mit Stats, Filtern, Modals - VersionHistory Timeline-Komponente - SDKSidebar CR-Badge (60s Polling) - Company Profile: 2 neue Wizard-Steps + "Dokumente generieren" CTA Docs: 5 neue MkDocs-Seiten, CLAUDE.md aktualisiert Tests: 97 neue Tests (alle bestanden) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 14:12:34 +01:00
Benjamin Admin	37166c966f	feat(sdk): Audit-Dashboard + RBAC-Admin Frontends, UCCA/Go Cleanup Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 33s Details CI / test-python-backend-compliance (push) Successful in 32s Details CI / test-python-document-crawler (push) Successful in 18s Details CI / test-python-dsms-gateway (push) Successful in 16s Details - Remove 5 unused UCCA routes (wizard, stats, dsb-pool) from Go main.go - Delete 64 deprecated Go handlers (DSGVO, Vendors, Incidents, Drafting) - Delete legacy proxy routes (dsgvo, vendors) - Add LLM Audit Dashboard (3 tabs: Log, Nutzung, Compliance) with export - Add RBAC Admin UI (5 tabs: Mandanten, Namespaces, Rollen, Benutzer, LLM-Policies) - Add proxy routes for audit-llm and rbac to Go backend - Add Workshop, Portfolio, Roadmap proxy routes and frontends - Add LLM Audit + RBAC Admin to SDKSidebar Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 09:45:56 +01:00
Benjamin Admin	35576fb6f8	feat(sidebar): CE-Compliance (IACE) als permanente Sektion — unabhaengig von ceMarkingRequired All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 34s Details CI / test-python-backend-compliance (push) Successful in 28s Details CI / test-python-document-crawler (push) Successful in 22s Details CI / test-python-dsms-gateway (push) Successful in 16s Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 17:39:47 +01:00
Benjamin Admin	560bdfb7fd	feat: Agent Management Modul — SOUL-Editor, Dashboard, Architektur-Doku All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 37s Details CI / test-python-backend-compliance (push) Successful in 38s Details CI / test-python-document-crawler (push) Successful in 24s Details CI / test-python-dsms-gateway (push) Successful in 19s Details - SOUL-Dateien: System-Prompts aus Chat-Routen extrahiert nach agent-core/soul/*.soul.md - soul-reader.ts: Lese-/Schreib-API mit 30s TTL-Cache und Backup-Versionierung - agent-registry.ts: Statische Konfiguration der 2 Compliance-Agenten - 5 API-Routen: /api/sdk/agents (Liste, Detail, SOUL GET/PUT, Sessions, Statistiken) - 5 Frontend-Seiten: Dashboard, Detail mit SOUL-Editor, Architektur, Sessions, Statistiken - Sidebar: "Agenten" Link nach Architektur eingefügt - Wire-Up: compliance-advisor + drafting-engine lesen SOUL-Datei mit Fallback - Dockerfile: agent-core wird in Production-Image kopiert Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 16:53:36 +01:00
Benjamin Admin	c1a1ce8b71	feat: Katalogverwaltung ins Compliance SDK integriert (17 Kataloge) All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 36s Details CI / test-python-backend-compliance (push) Successful in 41s Details CI / test-python-document-crawler (push) Successful in 23s Details CI / test-python-dsms-gateway (push) Successful in 18s Details Bestehende Catalog-Manager-Komponenten in SDK-Routes eingebunden: - SDKState + Reducer um customCatalogs CRUD erweitert - Neue Route /sdk/catalog-manager mit CatalogManagerContent - Sidebar-Link "Kataloge" mit Database-Icon Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 14:27:20 +01:00
Benjamin Admin	1d9972b565	feat: Architektur-Uebersichtsseite — interaktiver Service-Graph mit ReactFlow All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 35s Details CI / test-python-backend-compliance (push) Successful in 30s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 20s Details 13 Services in 4 Schwimmbahnen (Frontend, Backend, Infrastructure, Data Sovereignty), Layer-Filter, DB/RAG/API-Toggles, Detail-Panel und Service-Tabelle. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 13:10:12 +01:00
Benjamin Admin	eca0855216	feat: Sidebar-Links fuer Developer Portal + SDK Dokumentation Externe Links oeffnen in neuem Tab mit Icon-Indikator. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 12:24:39 +01:00
Benjamin Admin	215b95adfa	refactor: Admin-Layout komplett entfernt — SDK als einziges Layout All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 32s Details CI / test-python-backend-compliance (push) Successful in 31s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 19s Details Kaputtes (admin) Layout geloescht (Role-Selection, 404-Sidebar, localhost-Dashboard). SDK-Flow nach /sdk/sdk-flow verschoben. Route-Gruppe (sdk) aufgeloest. Root-Seite redirected auf /sdk. ~25 ungenutzte Dateien/Verzeichnisse entfernt. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-04 11:43:00 +01:00
Benjamin Admin	a228b3b528	feat: add RAG corpus versioning and source policy backend All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 34s Details CI / test-python-backend-compliance (push) Successful in 32s Details CI / test-python-document-crawler (push) Successful in 23s Details CI / test-python-dsms-gateway (push) Successful in 18s Details Part 1 — RAG Corpus Versioning: - New DB table compliance_corpus_versions (migration 017) - Go CorpusVersionStore with CRUD operations - Assessment struct extended with corpus_version_id - API endpoints: GET /rag/corpus-status, /rag/corpus-versions/:collection - RAG routes (search, regulations) now registered in main.go - Ingestion script registers corpus versions after each run - Frontend staleness badge in SDK sidebar Part 3 — Source Policy Backend: - New FastAPI router with CRUD for allowed sources, PII rules, operations matrix, audit trail, stats, and compliance report - SQLAlchemy models for all source policy tables (migration 001) - Frontend API base corrected from edu-search:8088/8089 to backend-compliance:8002/api Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 07:58:08 +01:00
Benjamin Boenisch	3efa391de5	feat(sdk): add global seq numbering and visibleWhen for SDK flow navigation Fix interleaved step ordering by introducing global sequence numbers (100-4700) instead of package-relative order. Add conditional visibility (visibleWhen) for optional steps like Import and DSFA. Fix TOM/workflow prerequisite bugs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-25 22:26:40 +01:00
Benjamin Boenisch	16e3c251cc	fix(admin): tune chat params, add Training sidebar link, fix reporting API keys All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 36s Details CI / test-python-backend-compliance (push) Successful in 28s Details CI / test-python-document-crawler (push) Successful in 23s Details CI / test-python-dsms-gateway (push) Successful in 18s Details - Reduce chat history from 10 to 6 messages to fit context window - Lower num_predict from 8192 to 2048 for faster responses - Add Training module link to SDK sidebar navigation - Add snake_case to camelCase key transformation for reporting API (Go backend returns snake_case, TypeScript expects camelCase) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 23:46:19 +01:00
Benjamin Boenisch	7a09086930	feat(gci): add Gesamt-Compliance-Index scoring engine and dashboard All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 34s Details CI / test-python-backend-compliance (push) Successful in 28s Details CI / test-python-document-crawler (push) Successful in 24s Details CI / test-python-dsms-gateway (push) Successful in 17s Details Implements the 4-level GCI scoring model (Module -> Risk-Weighted -> Regulation Area -> Final GCI) with DSGVO, NIS2, ISO 27001, and EU AI Act integration. Backend: - 9 Go files: engine, models, weights, validity, NIS2 roles/scoring, ISO mapping/gap-analysis, mock data - GCI handlers with 13 API endpoints under /sdk/v1/gci/ - Routes registered in main.go Frontend: - TypeScript types, API client, Next.js API proxy - Dashboard page with 6 tabs (Overview, Breakdown, NIS2, ISO 27001, Matrix, Audit Trail) - Sidebar navigation entry Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-15 22:20:17 +01:00
Benjamin Boenisch	dccb3e9f36	feat: add reporting frontend, fix module categorization, update docs - Create Reporting module frontend (page.tsx) with executive dashboard showing compliance score, risk overview, deadlines, module KPIs - Create Reporting lib (types.ts, api.ts) matching Go backend models - Add Reporting to STEP_EXPLANATIONS and both SDK sidebars - Remove DSB Portal, Multi-Tenant, SSO from SDK sidebars (admin-only) - Add Multi-Tenant, SSO, DSB Portal to dashboard navigation.ts with 'Plattform-Verwaltung' subgroup - Update docs: academy.md (PDF certs), reporting.md (new), index.md (SDK vs Admin categorization), mkdocs.yml (all modules) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-15 01:03:53 +01:00
Benjamin Boenisch	f1b9e585e6	fix: add missing STEP_EXPLANATIONS and sidebar entries for new SDK modules Add STEP_EXPLANATIONS for academy, whistleblower, incidents, dsb-portal, industry-templates, multi-tenant, sso, document-crawler, advisory-board to fix client-side crashes. Add all new modules to Zusatzmodule section in both SDKSidebar and SDKPipelineSidebar (FAB). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-14 22:46:12 +01:00
Benjamin Boenisch	4435e7ea0a	Initial commit: breakpilot-compliance - Compliance SDK Platform Services: Admin-Compliance, Backend-Compliance, AI-Compliance-SDK, Consent-SDK, Developer-Portal, PCA-Platform, DSMS Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-11 23:47:28 +01:00

22 Commits