breakpilot-compliance

Author	SHA1	Message	Date
Benjamin Admin	dd09fa7a46	feat: CRA wiki, cybersecurity policy template, Phase H RAG ingestion All checks were successful CI/CD / go-lint (push) Has been skipped Details CI/CD / python-lint (push) Has been skipped Details CI/CD / nodejs-lint (push) Has been skipped Details CI/CD / test-go-ai-compliance (push) Successful in 35s Details CI/CD / test-python-backend-compliance (push) Successful in 33s Details CI/CD / test-python-document-crawler (push) Successful in 22s Details CI/CD / test-python-dsms-gateway (push) Successful in 19s Details CI/CD / validate-canonical-controls (push) Successful in 12s Details CI/CD / Deploy (push) Successful in 2s Details - Wiki: add CRA category with 3 articles (Grundlagen, 35 Security Controls, CRA+NIS2+AI Act Framework) - Document Generator: add CRA-konforme Cybersecurity Policy template with 21 sections covering governance, SSDLC, vulnerability management, incident response (24h/72h), SBOM, patch management - RAG: ingest Phase H — 17 EU regulations + 2 NIST frameworks now in Qdrant (CRA, AI Act, NIS2, DSGVO, DMA, GPSR, Batterieverordnung, etc.) - Phase H script: add scripts/ingest-phase-h.sh for reproducible ingestion - rag-sources.md: update status to ingestiert, add CRA entry Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-15 00:43:46 +01:00
Benjamin Admin	ebe7e90bd8	feat(rag): Expand Phase H to Layer 1 Safe Core (~60 documents) Some checks failed CI/CD / go-lint (push) Has been skipped Details CI/CD / python-lint (push) Has been skipped Details CI/CD / nodejs-lint (push) Has been skipped Details CI/CD / test-go-ai-compliance (push) Successful in 40s Details CI/CD / test-python-backend-compliance (push) Successful in 39s Details CI/CD / test-python-document-crawler (push) Successful in 29s Details CI/CD / test-python-dsms-gateway (push) Successful in 25s Details CI/CD / deploy-hetzner (push) Failing after 1s Details Phase H now includes: - 16 German laws (PAngV, VSBG, ProdHaftG, BDSG, HGB, AO, DDG, TKG, etc.) - 15 EUR-Lex EU laws (DSGVO, Consumer Rights Dir, Sale of Goods Dir, E-Commerce Dir, Unfair Terms Dir, DMA, NIS2, Product Liability Dir, etc.) - 2 NIST frameworks (CSF 2.0, Privacy Framework 1.0) - 1 HLEG Ethics Guidelines Updated rag-sources.md with complete inventory of already-ingested vs new documents, plus Layer 2-5 TODO roadmap. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 16:54:07 +01:00
Benjamin Admin	7f38df9d9c	feat(scope): Split HT-H01 B2B/B2C + register Verbraucherschutz document types + RAG ingestion Some checks failed CI/CD / go-lint (push) Has been skipped Details CI/CD / python-lint (push) Has been skipped Details CI/CD / nodejs-lint (push) Has been skipped Details CI/CD / test-go-ai-compliance (push) Successful in 38s Details CI/CD / test-python-backend-compliance (push) Successful in 39s Details CI/CD / test-python-document-crawler (push) Successful in 27s Details CI/CD / test-python-dsms-gateway (push) Successful in 24s Details CI/CD / deploy-hetzner (push) Has been cancelled Details - Split HT-H01 into HT-H01a (B2C/Hybrid mit Verbraucherschutzpflichten) und HT-H01b (reiner B2B mit Basis-Pflichten). B2B-Webshops bekommen keine Widerrufsbelehrung/Preisangaben/Fernabsatz mehr. - Add excludeWhen/requireWhen to HardTriggerRule for conditional trigger logic - Register 6 neue ScopeDocumentType: widerrufsbelehrung, preisangaben, fernabsatz_info, streitbeilegung, produktsicherheit, ai_act_doku - Full DOCUMENT_SCOPE_MATRIX L1-L4 for all new types - Align HardTriggerRule interface with actual engine field names - Add Phase H (Verbraucherschutz) to RAG ingestion script: 10 deutsche Gesetze + 4 EU-Verordnungen + HLEG Ethics Guidelines - Add scripts/rag-sources.md with license documentation - 9 new tests for B2B/B2C trigger split, all 326 tests pass Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 16:03:49 +01:00

3 Commits