breakpilot-compliance

Benjamin_Boenisch/breakpilot-compliance

Fork 0

Commit Graph

Author	SHA1	Message	Date
Sharang Parnerkar	cb90d0db0c	chore(backend): deprecation sweep — Pydantic V1 -> V2, utcnow -> tz-aware Two low-risk Pydantic V1 idioms that will be hard errors in V3: - Query(regex=...) -> Query(pattern=...) (audit_routes, control_generator_routes) - class Config: from_attributes=True -> model_config = ConfigDict(...) in source_policy_router.py (schemas.py is intentionally skipped — it is the Phase 1 schema-split target and the ConfigDict conversion is most efficient to do during that split). Naive -> aware datetime sweep across 47 files: - datetime.utcnow() -> datetime.now(timezone.utc) - default=datetime.utcnow -> default=lambda: datetime.now(timezone.utc) - onupdate=datetime.utcnow -> onupdate=lambda: datetime.now(timezone.utc) All SQLAlchemy DateTime columns in the project already declare timezone=True, so the DB schema expects aware datetimes. Before this commit, the in-Python side was generating naive values and the driver was silently coercing them. This is a latent-bug fix, not a behavior change at the DB boundary. Verified: - 173/173 pytest compliance/tests/ pass (same as baseline) - tests/contracts/test_openapi_baseline.py passes (360 paths, 484 operations unchanged) - DeprecationWarning count dropped from 158 -> 35 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 13:09:59 +02:00
Benjamin Admin	95fcba34cd	fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 30s Details CI / test-python-backend-compliance (push) Successful in 30s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 17s Details - Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell - CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns) - TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes - Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed - Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A) - Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 19:00:33 +01:00
Benjamin Admin	3ed8300daf	feat(extraction): POST /compliance/extract-requirements-from-rag All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 34s Details CI / test-python-backend-compliance (push) Successful in 31s Details CI / test-python-document-crawler (push) Successful in 35s Details CI / test-python-dsms-gateway (push) Successful in 17s Details Sucht alle RAG-Kollektionen nach Prüfaspekten und legt automatisch Anforderungen in der DB an. Kernfeatures: - Durchsucht alle 6 RAG-Kollektionen parallel (bp_compliance_ce, bp_compliance_recht, bp_compliance_gesetze, bp_compliance_datenschutz, bp_dsfa_corpus, bp_legal_templates) - Erkennt BSI Prüfaspekte (O.Purp_6) im Artikel-Feld und per Regex - Dedupliziert nach (regulation_code, article) — safe to call many times - Auto-erstellt Regulations-Stubs für unbekannte regulation_codes - dry_run=true zeigt was erstellt würde ohne DB-Schreibzugriff - Optionale Filter: collections, regulation_codes, search_queries - 18 Tests (alle bestanden) - Frontend: "Aus RAG extrahieren" Button auf /sdk/requirements Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-05 15:11:10 +01:00

Author

SHA1

Message

Date

Sharang Parnerkar

cb90d0db0c

chore(backend): deprecation sweep — Pydantic V1 -> V2, utcnow -> tz-aware

Two low-risk Pydantic V1 idioms that will be hard errors in V3:
  - Query(regex=...) -> Query(pattern=...) (audit_routes, control_generator_routes)
  - class Config: from_attributes=True -> model_config = ConfigDict(...)
    in source_policy_router.py (schemas.py is intentionally skipped — it is
    the Phase 1 schema-split target and the ConfigDict conversion is most
    efficient to do during that split).

Naive -> aware datetime sweep across 47 files:
  - datetime.utcnow() -> datetime.now(timezone.utc)
  - default=datetime.utcnow -> default=lambda: datetime.now(timezone.utc)
  - onupdate=datetime.utcnow -> onupdate=lambda: datetime.now(timezone.utc)

All SQLAlchemy DateTime columns in the project already declare
timezone=True, so the DB schema expects aware datetimes. Before this
commit, the in-Python side was generating naive values and the driver
was silently coercing them. This is a latent-bug fix, not a behavior
change at the DB boundary.

Verified:
  - 173/173 pytest compliance/tests/ pass (same as baseline)
  - tests/contracts/test_openapi_baseline.py passes (360 paths,
    484 operations unchanged)
  - DeprecationWarning count dropped from 158 -> 35

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-07 13:09:59 +02:00

Benjamin Admin

95fcba34cd

fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

CI / go-lint (push) Has been skipped

Details

CI / python-lint (push) Has been skipped

Details

CI / nodejs-lint (push) Has been skipped

Details

CI / test-go-ai-compliance (push) Failing after 30s

Details

CI / test-python-backend-compliance (push) Successful in 30s

Details

CI / test-python-document-crawler (push) Successful in 21s

Details

CI / test-python-dsms-gateway (push) Successful in 17s

Details

- Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell
- CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns)
- TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes
- Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed
- Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A)
- Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-07 19:00:33 +01:00

Benjamin Admin

3ed8300daf

feat(extraction): POST /compliance/extract-requirements-from-rag

CI / go-lint (push) Has been skipped

Details

CI / python-lint (push) Has been skipped

Details

CI / nodejs-lint (push) Has been skipped

Details

CI / test-go-ai-compliance (push) Successful in 34s

Details

CI / test-python-backend-compliance (push) Successful in 31s

Details

CI / test-python-document-crawler (push) Successful in 35s

Details

CI / test-python-dsms-gateway (push) Successful in 17s

Details

Sucht alle RAG-Kollektionen nach Prüfaspekten und legt automatisch
Anforderungen in der DB an. Kernfeatures:

- Durchsucht alle 6 RAG-Kollektionen parallel (bp_compliance_ce,
  bp_compliance_recht, bp_compliance_gesetze, bp_compliance_datenschutz,
  bp_dsfa_corpus, bp_legal_templates)
- Erkennt BSI Prüfaspekte (O.Purp_6) im Artikel-Feld und per Regex
- Dedupliziert nach (regulation_code, article) — safe to call many times
- Auto-erstellt Regulations-Stubs für unbekannte regulation_codes
- dry_run=true zeigt was erstellt würde ohne DB-Schreibzugriff
- Optionale Filter: collections, regulation_codes, search_queries
- 18 Tests (alle bestanden)
- Frontend: "Aus RAG extrahieren" Button auf /sdk/requirements

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-05 15:11:10 +01:00

3 Commits