breakpilot-compliance

Author	SHA1	Message	Date
Benjamin Admin	e7fab73a3a	fix(company-profile): Projekt-aware Persistenz — Daten werden jetzt pro Projekt gespeichert Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 36s Details CI / test-python-backend-compliance (push) Successful in 35s Details CI / test-python-document-crawler (push) Successful in 27s Details CI / test-python-dsms-gateway (push) Successful in 21s Details Problem: Company Profile nutzte hartcodiertes tenant_id=default ohne project_id. Beim Wechsel zwischen Projekten wurden immer die gleichen (oder keine) Daten geladen. Aenderungen: - Migration 042: project_id Spalte + UNIQUE(tenant_id, project_id) Constraint, fehlende Spalten (offering_urls, Adressfelder) nachgetragen - Backend: Alle Queries nutzen WHERE tenant_id + project_id IS NOT DISTINCT FROM - Proxy: project_id Query-Parameter wird durchgereicht - Frontend: projectId aus SDK-Context, profileApiUrl() Helper fuer alle API-Aufrufe - "Weiter" speichert jetzt immer den Draft (war schon so, ging aber ins Leere) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 23:48:15 +01:00
Benjamin Admin	53ff0722a4	fix(backend): SQLAlchemy text() fuer alle raw SQL + UI-Verbesserungen Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 32s Details CI / test-python-backend-compliance (push) Successful in 39s Details CI / test-python-document-crawler (push) Successful in 23s Details CI / test-python-dsms-gateway (push) Successful in 18s Details - CRITICAL: Alle db.execute() Aufrufe in company_profile_routes.py und generation_routes.py mit text() gewrapped (SQLAlchemy 2.x) - Geschaeftsmodell-Kacheln: Nur Kurztext, Beschreibung bei Klick - "Warum diese Fragen" in Hauptbereich unter Ueberschrift verschoben - Sidebar-Box entfernt fuer mehr Platz Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-08 22:53:29 +01:00
Benjamin Admin	95fcba34cd	fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring Some checks failed CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Failing after 30s Details CI / test-python-backend-compliance (push) Successful in 30s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 17s Details - Ruff: 144 auto-fixes (unused imports, == None → is None), F821/F811/F841 manuell - CVEs: python-multipart>=0.0.22, weasyprint>=68.0, pillow>=12.1.1, npm audit fix (0 vulns) - TS: 5 tote Drafting-Engine-Dateien entfernt, allowed-facts/sanitizer/StepHeader/context fixes - Tests: +104 (ISMS 58, Evidence 18, VVT 14, Generation 14) → 1449 passed - Refactoring: collect_ci_evidence (F→A), row_to_response (E→A), extract_requirements (E→A) - Dead Code: pca-platform, 7 Go-Handler, dsr_api.py, duplicate Schemas entfernt Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 19:00:33 +01:00
Benjamin Admin	1e84df9769	feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6) All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 32s Details CI / test-python-backend-compliance (push) Successful in 30s Details CI / test-python-document-crawler (push) Successful in 21s Details CI / test-python-dsms-gateway (push) Successful in 18s Details 6-Phasen-Implementation fuer cloud-faehiges, mandantenfaehiges Compliance SDK: Phase 1: Multi-Tenancy Fix - Shared tenant_utils.py Dependency (UUID-Validierung, kein "default" mehr) - VVT tenant_id Column + tenant-scoped Queries - DSFA/Vendor DEFAULT_TENANT_ID von "default" auf UUID migriert - Migration 035 Phase 2: Stammdaten-Erweiterung - Company Profile um JSONB-Felder erweitert (processing_systems, ai_systems, technical_contacts) - Regulierungs-Flags (NIS2, AI Act, ISO 27001) - GET /template-context Endpoint - Migration 036 Phase 3: Dokument-Versionierung - 5 Versions-Tabellen (DSFA, VVT, TOM, Loeschfristen, Obligations) - Shared versioning_utils.py Helper - /{id}/versions Endpoints auf allen 5 Dokumenttypen - Migration 037 Phase 4: Change-Request System - Zentrale CR-Inbox mit CRUD + Accept/Reject/Edit Workflow - Regelbasierte CR-Engine (VVT DPIA → DSFA CR, Datenkategorien → Loeschfristen CR) - Audit-Trail - Migration 038 Phase 5: Dokumentengenerierung - 5 Template-Generatoren (DSFA, VVT, TOM, Loeschfristen, Obligations) - Preview + Apply Endpoints (erzeugt CRs, keine direkten Dokumente) Phase 6: Frontend-Integration - Change-Request Inbox Page mit Stats, Filtern, Modals - VersionHistory Timeline-Komponente - SDKSidebar CR-Badge (60s Polling) - Company Profile: 2 neue Wizard-Steps + "Dokumente generieren" CTA Docs: 5 neue MkDocs-Seiten, CLAUDE.md aktualisiert Tests: 97 neue Tests (alle bestanden) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 14:12:34 +01:00
Benjamin Admin	0503e72a80	fix(freigabe): Vorbereitung-Module release prep — Python 3.9 fix, Scope Engine tests, MkDocs All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 36s Details CI / test-python-backend-compliance (push) Successful in 33s Details CI / test-python-document-crawler (push) Successful in 22s Details CI / test-python-dsms-gateway (push) Successful in 20s Details - fix: company_profile_routes.py — dict\|None → Optional[dict] for Python 3.9 compat (9/9 tests grün) - test: 40 Vitest-Tests für ComplianceScopeEngine (calculateScores, determineLevel, evaluateHardTriggers, evaluate integration, buildDocumentScope, evaluateRiskFlags) - docs: vorbereitung-module.md — Profil, Scope, UCCA vollständig dokumentiert - docs: mkdocs.yml — Nav-Eintrag "Vorbereitung-Module (Paket 1)" vor Analyse-Module Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-05 10:57:17 +01:00
Benjamin Admin	dc0d38ea40	feat: Vorbereitung-Module auf 100% — Compliance-Scope Backend, DELETE-Endpoints, Proxy-Fixes, blocked-content Tab All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 35s Details CI / test-python-backend-compliance (push) Successful in 31s Details CI / test-python-document-crawler (push) Successful in 23s Details CI / test-python-dsms-gateway (push) Successful in 19s Details Paket A — Kritische Blocker: - compliance_scope_routes.py: GET + POST UPSERT für sdk_states JSONB-Feld - compliance/api/__init__.py: compliance_scope_router registriert - import/route.ts: POST-Proxy für multipart/form-data Upload - screening/route.ts: POST-Proxy für Dependency-File Upload Paket B — Backend + UI: - company_profile_routes.py: DELETE-Endpoint (DSGVO Art. 17) - company-profile/route.ts: DELETE-Proxy - company-profile/page.tsx: Profil-löschen-Button mit Bestätigungs-Dialog - source-policy/pii-rules/[id]/route.ts: GET ergänzt - source-policy/operations/[id]/route.ts: GET + DELETE ergänzt Paket C — Tests + UI: - test_compliance_scope_routes.py: 27 Tests (neu) - test_import_routes.py: +36 Tests → 60 gesamt - test_screening_routes.py: +28 Tests → 80+ gesamt - source-policy/page.tsx: "Blockierte Inhalte" Tab mit Tabelle + Remove Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-04 17:43:29 +01:00
Benjamin Admin	e6d666b89b	feat: Vorbereitung-Module auf 100% — Persistenz, Backend-Services, UCCA Frontend All checks were successful CI / go-lint (push) Has been skipped Details CI / python-lint (push) Has been skipped Details CI / nodejs-lint (push) Has been skipped Details CI / test-go-ai-compliance (push) Successful in 37s Details CI / test-python-backend-compliance (push) Successful in 32s Details CI / test-python-document-crawler (push) Successful in 22s Details CI / test-python-dsms-gateway (push) Successful in 18s Details Phase A: PostgreSQL State Store (sdk_states Tabelle, InMemory-Fallback) Phase B: Modules dynamisch vom Backend, Scope DB-Persistenz, Source Policy State Phase C: UCCA Frontend (3 Seiten, Wizard, RiskScoreGauge), Obligations Live-Daten Phase D: Document Import (PDF/LLM/Gap-Analyse), System Screening (SBOM/OSV.dev) Phase E: Company Profile CRUD mit Audit-Logging Phase F: Tests (Python + TypeScript), flow-data.ts DB-Tabellen aktualisiert Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 11:04:31 +01:00

7 Commits