Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
455 Commits 5 Branches 0 Tags
e58af8aa3099be9b9255735ec96c843f8a50c5a8
Commit Graph

10 Commits

Author SHA1 Message Date
Sharang Parnerkar
e58af8aa30 refactor(admin): split tom-generator controls loader and vendor risk controls-library 
Split loader.ts (3163 LOC) into categories/ subdir (8 files, each <500 LOC):
- access.ts (ACCESS_CONTROL + ADMISSION_CONTROL + ACCESS_AUTHORIZATION)
- transfer-input.ts (TRANSFER_CONTROL + INPUT_CONTROL)
- order-availability.ts (ORDER_CONTROL + AVAILABILITY)
- separation-encryption.ts (SEPARATION incl. DL-* + ENCRYPTION)
- pseudonymization.ts (PSEUDONYMIZATION)
- resilience-recovery.ts (RESILIENCE + RECOVERY)
- review.ts (REVIEW + training/TR-* controls)
- category-map.ts (category metadata Map)

Split controls-library.ts (943 LOC) into domain files:
- transfer-audit.ts (TRANSFER + AUDIT)
- deletion-incident.ts (DELETION + INCIDENT)
- subprocessor-tom.ts (SUBPROCESSOR + TOM)
- contract-data-subject.ts (CONTRACT + DATA_SUBJECT)
- security-governance.ts (SECURITY + GOVERNANCE)

Both barrel files preserved their full public API. No consumer imports changed.
Zero new TypeScript errors introduced (305 pre-existing errors unchanged).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-17 09:20:22 +02:00
Sharang Parnerkar
c43d9da6d0 merge: sync with origin/main, take upstream on conflicts 
# Conflicts:
#	admin-compliance/lib/sdk/types.ts
#	admin-compliance/lib/sdk/vendor-compliance/types.ts
 2026-04-16 16:26:48 +02:00
Sharang Parnerkar
528abc86ab refactor(admin): split 8 oversized lib/ files into focused modules under 500 LOC 
Split these files that exceeded the 500-line hard cap:
- privacy-policy.ts (965 LOC) -> sections + renderers
- academy/api.ts (787 LOC) -> courses + mock-data
- whistleblower/api.ts (755 LOC) -> operations + mock-data
- vvt-profiling.ts (659 LOC) -> data + logic
- cookie-banner.ts (595 LOC) -> config + embed
- dsr/types.ts (581 LOC) -> core + api types
- tom-generator/rules-engine.ts (560 LOC) -> evaluator + gap-analysis
- datapoint-helpers.ts (548 LOC) -> generators + validators

Each original file becomes a barrel re-export for backward compatibility.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-10 21:05:59 +02:00
Sharang Parnerkar
58e95d5e8e refactor(admin): split 9 more oversized lib/ files into focused modules 
Files split by agents before rate limit:
  - dsr/api.ts (669 → barrel + helpers)
  - einwilligungen/context.tsx (669 → barrel + hooks/reducer)
  - export.ts (753 → barrel + domain exporters)
  - incidents/api.ts (845 → barrel + api-helpers)
  - tom-generator/context.tsx (720 → barrel + hooks/reducer)
  - vendor-compliance/context.tsx (1010 → 234 provider + hooks/reducer)
  - api-docs/endpoints.ts — partially split (3 domain files created)
  - academy/api.ts — partially split (helpers extracted)
  - whistleblower/api.ts — partially split (helpers extracted)

next build passes. api-client.ts (885) deferred to next session.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-10 19:12:09 +02:00
Sharang Parnerkar
aae07b7a9b refactor(admin): split 4 large type-definition files into per-section modules 
Split vendor-compliance/types.ts (1217 LOC), dsfa/types.ts (1082 LOC),
tom-generator/types.ts (963 LOC), and einwilligungen/types.ts (838 LOC)
into types/ directories with per-section domain files and barrel-export
index.ts files, matching the pattern in lib/sdk/types/index.ts.
All files are under 500 LOC. Build verified with npx next build.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-10 13:42:27 +02:00
Benjamin Admin
4b1eede45b feat(tom): audit document, compliance checks, 25 controls, canonical control mapping 
Phase A: TOM document HTML generator (12 sections, inline CSS, A4 print)
Phase B: TOMDocumentTab component (org-header form, revisions, print/download)
Phase C: 11 compliance checks with severity-weighted scoring
Phase D: MkDocs documentation for TOM module
Phase E: 25 new controls (63 → 88) in 13 categories

Canonical Control Mapping (three-layer architecture):
- Migration 068: tom_control_mappings + tom_control_sync_state tables
- 6 API endpoints: sync, list, by-tom, stats, manual add, delete
- Category mapping: 13 TOM categories → 17 canonical categories
- Frontend: sync button + coverage card (Overview), drill-down (Editor),
  belegende Controls count (Document)
- 20 tests (unit + API with mocked DB)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-19 11:56:53 +01:00
Benjamin Admin
3c0c1e49da feat(company-profile): Branchen-Erweiterung, Multi-Select & Zertifizierungen 
Multi-Branche-Auswahl im CompanyProfile, erweiterte allowed-facts fuer
Drafting Engine, Demo-Daten und TOM-Generator Anpassungen.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 11:03:21 +01:00
Benjamin Admin
95fcba34cd fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 30s
Details
CI / test-python-backend-compliance (push) Successful in 30s
Details
CI / test-python-document-crawler (push) Successful in 21s
Details
CI / test-python-dsms-gateway (push) Successful in 17s
Details 
- Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell
- CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns)
- TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes
- Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed
- Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A)
- Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 19:00:33 +01:00
Benjamin Admin
3707ffe799 feat: DSK/BfDI RAG-Ingest, TOM-Control-Library 180, Risk-Engine-Spec, RAG-Query-Optimierung
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 37s
Details
CI / test-python-backend-compliance (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 21s
Details 
- Crawler erweitert: +26 neue Dokumente (DSK KP 1-20, SDM V3.1, BfDI Loeschkonzept, BayLDA TOM-Checkliste)
- RAG-Queries optimiert: 18 Queries mit EDPB/DSK/WP-Referenzen fuer besseres Retrieval
- Chat-Route: queryRAG nutzt jetzt Collection + Query-Boost aus DOCUMENT_RAG_CONFIG
- TOM Control Library: 180 Controls in 12 Domaenen (ISO Annex-A Style, tom_controls_v1.json)
- Risk Engine Spec: Impact/Likelihood 0-10, Score 0-100, 4 Tiers, Loeschfristen-Engine
- Soul-Files: DSK-Kurzpapiere, SDM V3.1, BfDI als primaere deutsche Quellen
- Manifest CSV: eu_de_privacy_manifest.csv mit Lizenz-Ampel (gruen/gelb/rot)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 12:03:57 +01:00
Benjamin Boenisch
4435e7ea0a Initial commit: breakpilot-compliance - Compliance SDK Platform 
Services: Admin-Compliance, Backend-Compliance,
AI-Compliance-SDK, Consent-SDK, Developer-Portal,
PCA-Platform, DSMS

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-11 23:47:28 +01:00