439 Commits

Author	SHA1	Message	Date
Benjamin Admin	6940271672	feat(iace): expandable detail comparison in benchmark tab ... Backend: HazardSummary now includes description, scenario, possible_harm, trigger_event, and mitigations[] for side-by-side comparison. Frontend: Each matched pair row is now clickable/expandable showing two-column detail view: - Left (GT): hazard type, cause, zone, lifecycle phases, risk values (F/W/P/S->R), residual risk, measures, type (KM/TM/BI), norms, comment - Right (Engine): name, scenario, zone, possible harm, trigger, measures Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-13 15:36:18 +02:00
Benjamin Admin	64e3a47b8c	fix(iace): confirmation dialog for ungrouping + undo/regroup ... - X button replaced with confirmation dialog: "Als eigenen Punkt fuehren" / "Abbrechen" - Dialog explains the action and that it's reversible - Ungrouped items show orange "Zurueck in Block" button - Info bar shows count of ungrouped items + "alle zuruecksetzen" link - No destructive action without user confirmation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-13 15:19:39 +02:00
Benjamin Admin	81a0568537	feat(iace): block-aware risk table + benchmark quality badges ... Risk Assessment tab now shows block grouping: - BlockAwareRiskTable: Parents bold/purple, children indented - Collapse/expand blocks, "Abgedeckt" badge for covered children - Ungroup button to remove child from block - Info bar showing block count and covered children Benchmark tab improvements: - Green/Yellow/Red quality badges (Exakt/Aehnlich/Schwach) - GT risk factor detail (F/W/P/S) shown per entry - Match counts in tab header (X exakt, Y aehnlich) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-13 15:00:19 +02:00
Benjamin Admin	d31c2fe018	feat(iace): hazard block view — parent/child grouping ... Backend: - hazard_blocks.go: ComputeHazardBlocks() groups hazards by category + component + zone. Parent = highest risk in group. Children covered by parent's measures are flagged (no separate assessment needed). - iace_handler_blocks.go: GET /projects/:id/hazard-blocks endpoint with summary stats (blocks, covered children, assessments saved) Frontend: - HazardBlockView.tsx: Expandable block view with summary cards, parent-child hierarchy, coverage badges, and "abgedeckt" indicators - hazards/page.tsx: New "Bloecke" tab alongside "Hazard-Liste" and "Risikobewertung" No database schema changes — grouping is computed at runtime. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-13 11:36:04 +02:00
Benjamin Admin	8bb90d73e5	feat(iace): benchmark system + erklaerteil + dedup-fix ... - Erklaerteil-Template fuer Risikobeurteilungen (risk_assessment_template.go) in PDF-Export, Markdown-Export und Frontend ReportPrintView eingebaut - Ground Truth Benchmark-System: Datenmodell, Fuzzy-Matching-Engine, 3 API Endpoints (import-gt, benchmark, benchmark/summary) - Frontend Benchmark-Tab mit Score-Cards, Kategorie-Breakdown, Hazard-Vergleichstabelle (Zugeordnet/Fehlend/Extra), Business Impact - Erster Benchmark: 13.3% Coverage (Baseline) gegen 60 GT-Eintraege - Dedup-Fix: seenCat[cat] -> seenCatZone[cat+zone] erlaubt mehrere Gefaehrdungen pro Kategorie an verschiedenen Gefahrenstellen - Komponenten-spezifische Hazard-Namen und Zone-basierte Zuordnung Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-13 01:02:33 +02:00
Benjamin Admin	185d680669	feat(vendor-assessment): E2E tests + remove old use-case-audit ... Phase 6-7: Remove /sdk/use-case-audit (questionnaire approach), replace sidebar with "Vertragspruefung". Add Playwright E2E tests: - Page load & form validation tests - Spiegel.de DSE assessment (real URL) - IHK Berlin multi-document assessment (DSE + Impressum) - Hetzner AVV auto-detect test - API direct tests (POST, GET, poll, not-found) - Cross-check scenario (AVV without TOM → missing TOM finding) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 23:37:45 +02:00
Benjamin Admin	0b9150f16f	feat(vendor-assessment): Pruefprotokoll + Frontend + Sidebar ... Phase 4-5: Professional Pruefprotokoll report builder with styled HTML output (Kopfdaten, Kategorie-Scores, L1/L2 Check-Hierarchie, Findings, Freigabe-Block). Frontend at /sdk/vendor-assessment with 3-step flow: DocumentUploader → AssessmentProgress → PruefprotokollView. Sidebar: "Use-Case Audits" → "Vertragspruefung" renamed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 23:24:12 +02:00
Benjamin Admin	de808190dd	fix(use-case-compiler): batch LLM calls + increase proxy timeout ... Single LLM calls per MC caused 2min+ timeouts. Now batches up to 10 MCs in one prompt with 20s timeout. LLM failure falls through to deterministic derivation gracefully. Proxy timeout increased to 60s. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 17:55:42 +02:00
Benjamin Admin	08fcb5f239	feat(compliance-check): scenario badges + extracted profile display ... - Show extracted profile fields (company name, legal form, address, DPO, USt-IdNr) with "In Company Profile uebernehmen" button - Show Compliance Scope hints extracted from documents - Scenario badges per document: Neugenerierung (red), Korrekturen (amber), Konform (green) - Summary line shows scenario counts Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 17:49:45 +02:00
Benjamin Admin	4a7e09bbb0	fix(impressum): regex [A-Z] never matches on lowercased text ... All patterns matched against text_lower but used [A-Z] character class. Changed to [a-zA-Z] so patterns like "geschäftsführung: dr. oliver" are found. Also added "Pflicht"/"Detail" labels to the two progress bars to clarify what 100% vs 8% means. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 14:02:25 +02:00
Benjamin Admin	edbf6d2be5	feat(dsms): Stufe 2+3 — Evidence/TechFile → DSMS + Version Chains + Audit Timeline ... Stufe 2A: Evidence Upload → automatische DSMS-Archivierung - Nach SHA-256 Hash → archive_to_dsms(), CID im Audit-Trail - Evidence mit CID wird automatisch zu E2 (hash-verifiziert) hochgestuft Stufe 2B: IACE Tech-File Export → DSMS - PDF/Excel/DOCX/Markdown Exporte werden nach DSMS archiviert - archiveTechFile() Helper fuer alle 4 Formate Stufe 3A: DSMS Gateway — parent_cid + History Endpoint - parent_cid + tenant_id Felder in DocumentMetadata - GET /documents/{cid}/history — folgt parent_cid-Chain (max 50 deep) Stufe 3C: Audit Timeline UI - Neue Seite /sdk/audit-timeline - Vertikale Timeline mit farbigen Action-Dots - Filter: Alle, Nachweis, DSMS-Archiv, Control, Dokument, DSFA, VVT, TOM - CID-Badges fuer DSMS-archivierte Eintraege Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 13:55:07 +02:00
Benjamin Admin	06bfbd1dca	feat(use-case-compiler): MC-based compliance questionnaires with scoring ... Implements the Use-Case Compiler that turns Master Controls into interactive compliance audits. 5 templates (Vendor Check, SAST/DAST, DSGVO, NIS2, CRA), deterministic + LLM question generation, scoring engine with regulation/severity breakdown, and gap detection. - Backend: 9 API endpoints, 22 unit tests (all pass) - Frontend: Template selector, questionnaire, result dashboard - Migration 027: usecase_audits + usecase_answers tables Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 13:49:16 +02:00
Benjamin Admin	128967fa3d	fix(checklist-ui): show INFO-severity checks as gray info icon ... INFO checks (V.i.S.d.P., Streitbeilegung, Berufsrecht, Stammkapital, etc.) that fail are now shown with a gray info icon instead of red X, with gray hint text. They are excluded from the Pflichtangaben count since they are context-dependent and likely not applicable. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 12:28:00 +02:00
Benjamin Admin	ce77cde309	fix(compliance-check): batch LLM verification + increase poll timeout ... - LLM verify now sends ALL failed checks in one batched call instead of one Ollama call per check (80+ calls → 1 per document) - Increase frontend poll timeout from 6 min to 15 min Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 11:49:30 +02:00
Benjamin Admin	a127dd971b	fix(compliance-check): resume polling after navigation away ... Save active check_id to localStorage so polling resumes when the user navigates away via sidebar and comes back. Same pattern as scan tab. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 11:37:06 +02:00
Benjamin Admin	65b4857be5	feat(iace): KI-Vorschlag Button im FMEA-Tab ... - Dropdown: Komponente waehlen → "KI-Vorschlag" klicken - Ruft POST /projects/:id/components/:cid/suggest-fms auf - Zeigt LLM-generierte oder Bibliotheks-FMs als Overlay - Jeder Vorschlag mit Name, Auswirkung, S/O/D, RPZ Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 10:07:10 +02:00
Benjamin Admin	93028b443e	feat(iace): FMEA Bedienungsanleitung — ausklappbare Info-Box ... Erklaert S/O/D Skalen, RPZ + AP Kennzahlen, konkretes Beispiel (SPS Kommunikationsausfall), Workflow-Schritte. Fuer Nicht-Experten. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:54:56 +02:00
Benjamin Admin	6ce5b4bf41	feat(iace): VDA-Format FMEA Excel Export ... - GET /projects/:id/fmea/export → xlsx im VDA-Formblatt - Spalten: Nr, Komponente, Typ, Fehlerart, Fehlerfolge, S, O, D, RPZ, AP, Massnahme - AP-Zellen farbig: H=rot, M=gelb, L=gruen - Dependency: github.com/xuri/excelize/v2 (BSD-3-Clause) - Frontend: "VDA Excel exportieren" Button auf FMEA-Seite Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:45:18 +02:00
Benjamin Admin	ed3ebbc246	fix(compliance-check): send 'documents' instead of 'entries' to backend ... Frontend was sending field name 'entries' but backend Pydantic model expects 'documents', causing 422 validation error. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:25:36 +02:00
Benjamin Admin	4e865d2997	feat(iace): CE-Flag auf Komponenten + AIAG-VDA Action Priority (AP) ... CE-Flag: - Toggle "Bereits CE-gekennzeichnet" im ComponentForm - ce_marked Boolean auf Component (via metadata JSONB, kein DB-Change) - Hinweis "(Nur Schnittstellen bewerten)" im Formular AIAG-VDA Action Priority: - CalculateAP(S,O,D) → H/M/L nach AIAG-VDA FMEA Handbuch 2019 - AP-Spalte in FMEA-Worksheet: H=rot, M=gelb, L=grün - Ergänzt (nicht ersetzt) die bestehende RPZ-Berechnung Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:15:43 +02:00
Benjamin Admin	f5664612ad	feat(iace): Einsatzbereich / Branche — filtert branchenspezifische Patterns ... Neues Feld "Einsatzbereich" auf Interview-Seite (Sektion 7) mit 15 Branchen. Pattern Engine bekommt MachineTypes aus MatchInput → branchenfremde Patterns (Medizin, Aufzug, Bau etc.) feuern nur wenn die Branche ausgewählt ist. Refactoring: iace_handler_init.go aufgeteilt in init + init_helpers (LOC-Limit). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 09:09:28 +02:00
Benjamin Admin	6586d2cb5e	fix(iace): Delta + FMEA — derive component tags from names when library_id missing ... Auto-created components have no library_id. Delta analysis and FMEA now derive pattern-engine-compatible tags from component names (e.g. "Roboter" → cobot/robot_arm, "SPS" → controller/plc, "Scanner" → sensor). Also: new E2E test file iace-extensions.spec.ts (FMEA, Knowledge Graph, Delta API, Failure Modes API). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 08:26:15 +02:00
Benjamin Admin	df15f6f098	feat(iace): Erweiterung 5 — Safety Knowledge Graph (React Flow) ... Interaktiver Graph: Komponente → Gefaehrdung → Massnahme - 3-Spalten-Layout: Indigo (Komponenten), Rot (Hazards), Gruen (Massnahmen) - Animierte Kanten mit Pfeilmarkern - Zoom, Pan, MiniMap, Controls - Dependency: @xyflow/react v12 (MIT-Lizenz) Alle 5 IACE Phase-5 Erweiterungen jetzt abgeschlossen: 1. Betriebszustand-UI 2. FMEA-Worksheet 3. Delta-Impact-Preview Modal 4. Textil + Landmaschinen Patterns 5. Safety Knowledge Graph Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 07:20:38 +02:00
Benjamin Admin	bcf78c120a	feat(iace): Erweiterungen 2-4 — FMEA Worksheet, Delta Modal, Textil+Agri ... Erweiterung 2: FMEA-Worksheet Tab (/fmea) - Tabelle: Komponente | Typ | Fehlerart | Auswirkung | S | O | D | RPZ | Bewertung - RPZ-Farbcodierung: >200 Kritisch, >100 Handlungsbedarf, >50 Beobachten - Stats: Gesamt, Kritisch, Handlungsbedarf, Akzeptabel Erweiterung 3: DeltaPreviewModal (wiederverwendbar) - Modal zeigt +/- Patterns, Hazards, Massnahmen bei Aenderungen - Nutzt POST /delta-analysis Endpoint - Summary Grid + detaillierte Listen Erweiterung 4: Textilmaschinen (EN ISO 11111) + Landmaschinen (ISO 4254) - 21 neue Patterns: HP1550-HP1559 (Textil), HP1565-HP1575 (Agri) - 23 neue Massnahmen: M452-M460 (Textil), M461-M474 (Agri) - Walzenspalt, Zapfwelle, ROPS, autonomer Traktor, Siloexplosion etc. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 07:08:56 +02:00
Benjamin Admin	1866bb11ae	feat(mc-browser): MC Detail with member controls + phase filter ... Replace ControlDetail (empty for MCs) with MCDetail panel showing: - MC name, ID, total controls count - Phase badges as clickable filters - Member controls list with severity, phase, action, regulation source - Filter by lifecycle phase (definition, implementation, testing, etc.) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 00:24:16 +02:00
Benjamin Admin	f3751a4efa	feat(compliance-check): show business profile + banner check result in UI ... Add two info boxes above the checklist results: - Business profile (B2B/B2C, industry, regulated profession) - Banner check status (CMP detected, violations count, cross-check hint) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-12 00:19:51 +02:00
Benjamin Admin	66d30568e2	feat(dsms): Stufe 1 — Gap-Analyse Report wird in DSMS archiviert ... - Go DSMS Client (internal/dsms/client.go): Archive() + Verify() - Python DSMS Client (compliance/services/dsms_client.py): archive_to_dsms() + verify_dsms() - Gap-Analyse AnalyzeProject() archiviert Report-JSON nach DSMS - Response enthält dsms_cid wenn Archivierung erfolgreich - Frontend: Grünes "Revisionssicher archiviert" Badge mit CID im GapDashboard - DSMS Proxy Route (/api/sdk/v1/dsms/[...path]) für Verify-Abfragen Stufe 2 (Evidence Upload → DSMS) und Stufe 3 (Version Chains) folgen. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 23:39:26 +02:00
Benjamin Admin	36afbadc01	fix(mc-browser): add all missing field fallbacks for ControlDetail ... tags, generation_metadata, source_citation, verification_method, evidence_type, similar_controls, source_original_text, parent_control_uuid Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 23:22:41 +02:00
Benjamin Admin	7ca3624a1f	fix(mc-browser): scope fallback + severity/domain filters ... - Add scope/risk_score/implementation_effort fallbacks to prevent 'undefined is not an object' crash in ControlDetail - Add severity filter (high/medium/low based on total_controls) - Add domain filter (L1 token prefix match) - Fix sort options (source → canonical_name) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 23:13:22 +02:00
Benjamin Admin	397de741c1	feat(cmp): Phase 2 — script blocking + cookie tracking ... Migration 108: scripts_blocked, scripts_released, cookies_set JSONB columns. Backend models/schema/service/serializer/routes extended. Admin detail modal shows released scripts and set cookies with categories. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 22:52:26 +02:00
Benjamin Admin	051890c370	feat(cmp): restore vendor-agnostic fields + module wiring ... Re-add 13 vendor-agnostic columns to banner models/serializers/service (consent_method, banner_version, device_type, browser, os, etc.) that were lost when another session overwrote the code. Keep vendor_consents dict from the other session. Add list_consents method back to BannerConsentService. Wire CookieBanner, Loeschfristen and UseCases into Document Generator contextBridge (CMP_NAME, analytics tools, retention months, feature flags). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 21:57:54 +02:00
Benjamin Admin	90da26745b	fix(mc-api): NODE_TLS_REJECT_UNAUTHORIZED=0 for self-signed cert ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:56:38 +02:00
Benjamin Admin	0d0e705117	feat: Unified Compliance-Check — 8 document types in one form ... New 3-tab structure: Website-Scan, Compliance-Check, Banner-Check. Compliance-Check Tab (replaces Dokumenten-Pruefung + Impressum-Check): - 8 document rows: DSI, Impressum, Social Media, Cookie, AGB, Nutzungsbedingungen, Widerruf, DSB-Kontakt - Each row: URL input + "Text laden" + file upload + manual text - "Text laden" extracts via consent-tester, shows in editable textarea - User verifies/corrects text before checking - Empty fields = "not present" → own finding Business Profiler (business_profiler.py): - Detects B2B/B2C/B2G from all documents together - Recognizes regulated professions, online shops, editorial content - Context-aware: INFO checks become PASS/FAIL based on profile Backend: /compliance-check + /extract-text endpoints Frontend: ComplianceCheckTab.tsx + DocumentRow.tsx API proxies: compliance-check/route.ts + extract-text/route.ts Also: Impressum regex fixes (Telefon, AG, Geschaeftsfuehrung) and INFO severity for context-dependent checks. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:56:10 +02:00
Benjamin Admin	b214cbc003	fix(mc-api): accept self-signed SSL cert for production DB ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:49:44 +02:00
Benjamin Admin	19d8a7e2b9	fix(mc-api): use COMPLIANCE_DATABASE_URL for production DB ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:11:03 +02:00
Benjamin Admin	b8770e1b9c	feat(mc-browser): reuse Control Library UI for Master Controls ... - MC page.tsx imports ControlListView + useControlLibraryState directly - useControlLibraryState accepts optional backendUrl override - MC API route returns data in canonical control format - Same filters, pagination, sorting, click-to-detail as Control Library Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 20:02:31 +02:00
Benjamin Admin	916337b503	fix: Restore new page.tsx with 4 tabs (was overwritten by merge) ... Merge took the old page.tsx from main which still had useAgentAnalysis. Restored: Website-Scan, Dokumenten-Pruefung, Banner-Check, Impressum-Check. Removed: Schnellanalyse, Consent-Test, Compare, Auth-Test tabs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 15:04:29 +02:00
Benjamin Admin	3c7ed65f86	fix: remove dangling SDKPipelineSidebar reference ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 14:34:52 +02:00
Benjamin Admin	02ff96f74e	fix: resolve all merge conflict markers from feat/zeroclaw-compliance-agent ... 9 files had conflict markers from the branch merge. All resolved keeping the feature branch version. Also split agent_scan_routes.py (534→367 LOC) by extracting Pydantic models to agent_scan_models.py. [guardrail-change] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 12:15:07 +02:00
Benjamin Admin	36c6101b91	Merge feat/zeroclaw-compliance-agent into main ... Brings all compliance doc-check features: - 162 regex checks + 1874 Master Controls - LLM-agnostic agent with tool calling - Banner check (46 checks, 30 CMPs, stealth, Shadow DOM) - Impressum check (24 checks) - Deep consent verification (DataLayer, GCM, TCF) - CMP E2E tests (39 tests) - HTML email reports, FAQ, persistent history Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:44:20 +02:00
Benjamin Admin	e80bbe000f	feat(ui): Master Controls Browser — 13.5K MCs with member drill-down ... - New page /sdk/master-controls with sortable, searchable MC list - Click MC → expandable detail panel with atomic controls - Shows L1 token, L2 subtopic, phase, severity, regulation source - API proxy via pg directly to compliance.master_controls - Sidebar entry added Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:22:12 +02:00
Benjamin Admin	6f776b2fa8	fix(iace): FAB pointer-events fix + Initialisieren auf Betriebszustaende-Seite ... - FAB-Container bekommt pointer-events-none, nur Button + Panel sind klickbar (behebt: Buttons auf der rechten Seite waren nicht klickbar) - Initialisieren + Neu-Initialisieren Buttons von Interview-Seite auf Betriebszustaende-Seite verschoben (natuerlicher Flow: Grenzen → States → Init) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 11:18:12 +02:00
Benjamin Admin	a0bb9e3aed	feat(iace): "Neu initialisieren" Button + DeleteHazard ... - POST /initialize?force=true loescht bestehende Hazards + Mitigations und erstellt sie neu mit aktuellen Betriebszustaenden - Orange "Neu initialisieren" Button auf Interview-Seite (mit Confirm-Dialog) - DeleteHazard Store-Methode (kaskadiert Risk Assessments) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 09:17:50 +02:00
Benjamin Admin	cb8fb65d3e	feat(iace): Betriebszustand-Traceability auf Hazards + Mitigations ... Hazards zeigen jetzt farbige Badges mit den Betriebszustaenden die sie ausgeloest haben (z.B. "Wartung", "Not-Halt"). Mitigations erben die States ihrer verknuepften Hazards. Backend: OperationalStates im Function-Feld encodiert (kein DB-Schema), beim Lesen als operational_states[] JSON-Feld zurueckgegeben. Frontend: Indigo-Badges in HazardTable + MitigationCard. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 09:04:20 +02:00
Benjamin Admin	af5ab9127a	feat(docgen): wire CMP, Loeschfristen, UseCases into Document Generator ... Connect three previously siloed modules to the contextBridge: - CookieBanner → CONSENT (analytics tools, marketing partners) + FEATURES (CMP_NAME, HAS_FUNCTIONAL_COOKIES) - RetentionPolicies → PRIVACY.ANALYTICS_RETENTION_MONTHS (from actual Loeschfristen data) - UseCases → FEATURES flags (HAS_ACCOUNT, HAS_PAYMENTS, HAS_NEWSLETTER, HAS_SOCIAL_MEDIA) Previously all FEATURES were hardcoded false/empty in EMPTY_CONTEXT. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:37:12 +02:00
Benjamin Admin	8f169cbae3	feat(gap): IST-Zustand Assessment — IACE + Normen + Prozesse ... Gap Analysis v2: statt 500 generische Gaps → nur die ECHTEN Lücken. Backend: - ProductProfile um 15 IST-Felder erweitert (Normen, Doku, Prozesse, CE) - assessGapStatus prüft: IACE-Mitigations → Zertifizierungen → Normen → IST-Felder - norm_mapping.go: 20 Normen → MC-Topic Mapping (ISO 12100, IEC 62443, etc.) - IACE-Integration: CheckIACECoverage() matcht verified Mitigations gegen MCs Frontend: - 2-Step Wizard: Produkt beschreiben → IST-Zustand erfassen - IstAssessment.tsx: CE-Jahr, Normen-Multiselect, Doku+Prozess Checkboxen - Step-Navigation mit visuellen Indikatoren Migration 025 erweitert um IST-Felder. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:33:17 +02:00
Benjamin Admin	cc919eb608	feat: KI-Agent toggle in all 3 check tabs ... - Impressum-Check: Toggle activates 75 Impressum MCs via agent - Banner-Check: Toggle runs additional cookie doc-check (381 MCs) after the Playwright banner test completes - Both use the same use_agent flag through doc-check endpoint Green pill button consistent across all tabs: 'KI-Agent aus' / 'KI-Agent aktiv (X MCs)' Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 08:00:36 +02:00
Benjamin Admin	6cb5da56b3	feat(frontend): persistent gap projects — list, create, re-analyze ... - Project list view with saved projects - Create + analyze in one flow (saves to DB) - Re-open saved projects for re-analysis - 3 views: projects list → wizard → dashboard Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 07:50:03 +02:00
Benjamin Admin	53c641800f	feat(iace): Phase 5 — Betriebszustand-UI + E2E Tests ... - GET /operational-states endpoint (9 States + 20 Transitions) - Frontend: Operational States page with state cards, transitions graph, delta preview - Navigation: Betriebszustaende entry between Grenzen and Normenrecherche - E2E: 60+ new Phase 5 tests (operational states, hazards, mitigations, classification) - E2E: Updated expected counts for expanded libraries (476 measures, 1114 patterns) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-11 00:26:07 +02:00
Benjamin Admin	91d6d8b1a7	feat: KI-Agent toggle button in Dokumenten-Pruefung ... Green pill button: 'KI-Agent aus' / 'KI-Agent aktiv (1.874 MCs)' Toggles use_agent flag which is passed through the full chain: Frontend → DocCheckRequest → _run_doc_check → _check_single_document → check_document_with_controls(use_agent=True) → ComplianceAgent with tool calling Default: OFF (deterministic regex). User can enable per scan. Also works via env var COMPLIANCE_USE_AGENT=true for always-on. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-10 23:26:21 +02:00