e6d666b89b
All checks were successful
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Successful in 37s
CI / test-python-backend-compliance (push) Successful in 32s
CI / test-python-document-crawler (push) Successful in 22s
CI / test-python-dsms-gateway (push) Successful in 18s
Phase A: PostgreSQL State Store (sdk_states Tabelle, InMemory-Fallback) Phase B: Modules dynamisch vom Backend, Scope DB-Persistenz, Source Policy State Phase C: UCCA Frontend (3 Seiten, Wizard, RiskScoreGauge), Obligations Live-Daten Phase D: Document Import (PDF/LLM/Gap-Analyse), System Screening (SBOM/OSV.dev) Phase E: Company Profile CRUD mit Audit-Logging Phase F: Tests (Python + TypeScript), flow-data.ts DB-Tabellen aktualisiert Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
46 lines
1.8 KiB
SQL
46 lines
1.8 KiB
SQL
-- =============================================================================
|
|
-- Migration 004: System Screening Tables
|
|
--
|
|
-- Tables for SBOM generation and vulnerability scanning results.
|
|
-- =============================================================================
|
|
|
|
CREATE TABLE IF NOT EXISTS compliance_screenings (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
tenant_id VARCHAR(255) NOT NULL,
|
|
status VARCHAR(20) DEFAULT 'pending',
|
|
sbom_format VARCHAR(50) DEFAULT 'CycloneDX',
|
|
sbom_version VARCHAR(20) DEFAULT '1.5',
|
|
total_components INTEGER DEFAULT 0,
|
|
total_issues INTEGER DEFAULT 0,
|
|
critical_issues INTEGER DEFAULT 0,
|
|
high_issues INTEGER DEFAULT 0,
|
|
medium_issues INTEGER DEFAULT 0,
|
|
low_issues INTEGER DEFAULT 0,
|
|
sbom_data JSONB,
|
|
started_at TIMESTAMPTZ,
|
|
completed_at TIMESTAMPTZ,
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_screenings_tenant ON compliance_screenings(tenant_id);
|
|
CREATE INDEX IF NOT EXISTS idx_screenings_status ON compliance_screenings(status);
|
|
|
|
CREATE TABLE IF NOT EXISTS compliance_security_issues (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
screening_id UUID NOT NULL REFERENCES compliance_screenings(id) ON DELETE CASCADE,
|
|
severity VARCHAR(20) NOT NULL,
|
|
title VARCHAR(500) NOT NULL,
|
|
description TEXT,
|
|
cve VARCHAR(50),
|
|
cvss FLOAT,
|
|
affected_component VARCHAR(255),
|
|
affected_version VARCHAR(100),
|
|
fixed_in VARCHAR(100),
|
|
remediation TEXT,
|
|
status VARCHAR(20) DEFAULT 'OPEN',
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_security_issues_screening ON compliance_security_issues(screening_id);
|
|
CREATE INDEX IF NOT EXISTS idx_security_issues_severity ON compliance_security_issues(severity);
|