Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4d708b44438ba6db10eb390324c2c8e08a1d9b8d
breakpilot-compliance/backend-compliance
T
History
Benjamin Admin 4bfb438c92
Build + Deploy / build-admin-compliance (push) Successful in 2m17s
Details
Build + Deploy / build-backend-compliance (push) Successful in 3m17s
Details
Build + Deploy / build-ai-sdk (push) Successful in 56s
Details
Build + Deploy / build-developer-portal (push) Successful in 1m37s
Details
Build + Deploy / build-tts (push) Successful in 1m33s
Details
Build + Deploy / build-document-crawler (push) Successful in 42s
Details
Build + Deploy / build-dsms-gateway (push) Successful in 33s
Details
Build + Deploy / build-dsms-node (push) Successful in 16s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / loc-budget (push) Failing after 25s
Details
CI / secret-scan (push) Has been skipped
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Successful in 3m33s
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / test-go (push) Failing after 1m18s
Details
CI / test-python-backend (push) Successful in 53s
Details
CI / test-python-document-crawler (push) Successful in 36s
Details
CI / test-python-dsms-gateway (push) Successful in 33s
Details
CI / validate-canonical-controls (push) Successful in 24s
Details
Build + Deploy / trigger-orca (push) Successful in 3m19s
Details
feat: 4 banner check upgrades — 30 CMPs, stealth, Shadow DOM, categories 
1. 30 CMP selectors (was 10): Added Sourcepoint, Iubenda, Complianz,
   CookieFirst, HubSpot, Osano, Piwik PRO, Cookie Consent (Insites),
   Axeptio, Termly, CookieScript, Civic UK, GDPR Cookie Compliance,
   CookieHub, Ketch, Admiral, Sibbo, Evidon, LiveRamp, Adsimple.
   Plus improved generic fallback: role=dialog, aria-label, data-* attrs.

2. Playwright stealth mode: playwright-stealth against bot detection.
   Removes WebDriver flag, simulates plugins, realistic viewport/locale.
   Launch args: --disable-blink-features=AutomationControlled.

3. Shadow DOM: Recursive JS-based search through shadowRoot elements
   for consent banners. Fallback click via page.evaluate() when
   normal Playwright selectors can't penetrate Shadow DOM.

4. Category selection UI: User can choose which cookie categories to
   test (Notwendig, Statistik, Marketing, Funktional, Praeferenzen).
   Pill-style checkboxes in BannerCheckTab, forwarded through API chain.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-09 08:42:30 +02:00
..
auth
classroom_engine
compliance
feat: 4 banner check upgrades — 30 CMPs, stealth, Shadow DOM, categories
2026-05-09 08:42:30 +02:00
middleware
migrations
feat: Cookie-Banner ↔ Backend Integration (DSR, Retention, Consent Proof)
2026-05-02 19:52:04 +02:00
scripts
services
templates/gdpr
tests
feat: Cookie-Banner ↔ Backend Integration (DSR, Retention, Consent Proof)
2026-05-02 19:52:04 +02:00
consent_admin_api.py
consent_api.py
consent_client.py
database.py
Dockerfile
gdpr_api.py
gdpr_export_service.py
main.py
feat: Multi-URL Document Check with full checklist visibility
2026-05-06 10:08:40 +02:00
migration_runner.py
mypy.ini
chore: mypy cleanup — comprehensive disable headers for agent-created services
2026-04-10 11:23:43 +02:00
PHASE1_RUNBOOK.md
README.md
docs: update service READMEs for refactor progress and stale phase references
2026-04-19 16:07:23 +02:00
requirements-reranker.txt
requirements.txt

README.md

backend-compliance

Python/FastAPI service implementing the DSGVO compliance API: DSR, DSFA, consent, controls, risks, evidence, audit, vendor management, ISMS, change requests, document generation.

Port: 8002 (container: bp-compliance-backend) Stack: Python 3.12, FastAPI, SQLAlchemy 2.x, Alembic, Keycloak auth.

Architecture

compliance/
├── api/            # Routers (thin, ≤30 LOC per handler)
├── services/       # Business logic
├── repositories/   # DB access
├── domain/         # Value objects, domain errors
├── schemas/        # Pydantic models, split per domain
└── db/models/      # SQLAlchemy ORM, one module per aggregate

The service follows this layered target structure but not all files are fully refactored yet. Phase 1 backlog is tracked in .claude/rules/loc-exceptions.txt (27 backend-compliance files currently excepted).

See ../AGENTS.python.md for the full convention and ../.claude/rules/architecture.md for the non-negotiable rules.

Run locally

cd backend-compliance
pip install -r requirements.txt
export COMPLIANCE_DATABASE_URL=...  # Postgres (Hetzner or local)
uvicorn main:app --reload --port 8002

Tests

pytest compliance/tests/ -v
pytest --cov=compliance --cov-report=term-missing

Layout: tests/unit/, tests/integration/, tests/contracts/. Contract tests diff /openapi.json against tests/contracts/openapi.baseline.json.

Public API surface

404+ endpoints across /api/v1/*. Grouped by domain: ai, audit, consent, dsfa, dsr, gdpr, vendor, evidence, change-requests, generation, projects, company-profile, isms. Every path is a contract — see the "Public endpoints" rule in the root CLAUDE.md.

Environment

Var Purpose
COMPLIANCE_DATABASE_URL Postgres DSN, sslmode=require
KEYCLOAK_* Auth verification
QDRANT_URL, QDRANT_API_KEY Vector search
CORE_VALKEY_URL Session cache

Don't touch

Database schema, __tablename__, column names, existing migrations under migrations/. See root CLAUDE.md rule 3.

Reference in New Issue View Git Blame Copy Permalink