Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9fe77599730a2d5056e4ffb22eaf2b35d6f5667b
breakpilot-compliance/backend-compliance/migrations
T
History
Benjamin Admin c89a68e59e feat: Whistleblower backend + Scanner banner-check (last 2 gaps) 
Whistleblower (HinSchG):
- Migration 118: 3 tables (reports, messages, measures) with
  HinSchG deadlines (7d acknowledgment, 3mo feedback)
- whistleblower_routes.py: 14 endpoints (CRUD, acknowledge, close,
  messages, measures, public submit, anonymous status check)
- Frontend api-operations.ts rewired from Go SDK to compliance proxy
- Access key format XXXX-XXXX-XXXX for anonymous reporters

Scanner banner-check (TTDSG § 25):
- CMP Dashboard: green "Kein Cookie-Banner erforderlich" when no
  trackers detected + no banner configured
- Red warning "Cookie-Banner fehlt!" when trackers found but no banner
- Mandatory note: Impressum (DDG § 5) + DSE (DSGVO Art. 13) still required

[migration-approved]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-04 00:22:18 +02:00
..
001_source_policy.sql
feat: add RAG corpus versioning and source policy backend
2026-03-02 07:58:08 +01:00
002_sdk_states.sql
feat: Vorbereitung-Module auf 100% — Persistenz, Backend-Services, UCCA Frontend
2026-03-02 11:04:31 +01:00
003_document_import.sql
feat: Vorbereitung-Module auf 100% — Persistenz, Backend-Services, UCCA Frontend
2026-03-02 11:04:31 +01:00
004_screening.sql
feat: Vorbereitung-Module auf 100% — Persistenz, Backend-Services, UCCA Frontend
2026-03-02 11:04:31 +01:00
005_company_profile.sql
feat: Vorbereitung-Module auf 100% — Persistenz, Backend-Services, UCCA Frontend
2026-03-02 11:04:31 +01:00
006_vvt.sql
feat: 6 Dokumentations-Module auf 100% — VVT Backend, Filter, PDF-Export
2026-03-02 17:14:58 +01:00
007_legal_documents.sql
feat: Package 4 Rechtliche Texte — DB-Persistenz fuer Legal Documents, Einwilligungen und Cookie Banner
2026-03-03 08:25:13 +01:00
008_einwilligungen.sql
feat: Package 4 Rechtliche Texte — DB-Persistenz fuer Legal Documents, Einwilligungen und Cookie Banner
2026-03-03 08:25:13 +01:00
009_consent_history.sql
feat: Package 4 Nachbesserungen — History-Tracking, Pagination, Frontend-Fixes
2026-03-03 11:54:25 +01:00
010_consent_templates.sql
feat: Betrieb-Module → 100% — Echte CRUD-Flows, kein Mock-Data
2026-03-03 12:48:43 +01:00
011_escalations.sql
feat: Betrieb-Module → 100% — Echte CRUD-Flows, kein Mock-Data
2026-03-03 12:48:43 +01:00
012_notfallplan.sql
feat: Betrieb-Module → 100% — Echte CRUD-Flows, kein Mock-Data
2026-03-03 12:48:43 +01:00
013_obligations.sql
feat: Obligations-Modul auf 100% — vollständige CRUD-Implementierung
2026-03-03 15:58:50 +01:00
014_security_backlog.sql
feat: Alle 5 verbleibenden SDK-Module auf 100% — RAG, Security-Backlog, Quality, Notfallplan, Loeschfristen
2026-03-03 18:04:53 +01:00
015_quality.sql
feat: Alle 5 verbleibenden SDK-Module auf 100% — RAG, Security-Backlog, Quality, Notfallplan, Loeschfristen
2026-03-03 18:04:53 +01:00
016_notfallplan_incidents.sql
feat: Alle 5 verbleibenden SDK-Module auf 100% — RAG, Security-Backlog, Quality, Notfallplan, Loeschfristen
2026-03-03 18:04:53 +01:00
017_loeschfristen.sql
feat: Alle 5 verbleibenden SDK-Module auf 100% — RAG, Security-Backlog, Quality, Notfallplan, Loeschfristen
2026-03-03 18:04:53 +01:00
018_legal_templates.sql
feat: Legal Templates Service — eigene Vorlagen für Dokumentengenerator
2026-03-03 23:12:07 +01:00
019_legal_templates_attribution.sql
feat: Legal Templates — Attribution-Tracking + 6 neue Templates (DE/EN)
2026-03-04 09:00:25 +01:00
020_legal_templates_new_types.sql
feat: Dokumentengenerator — Vollständige Vorlage-Bibliothek + Frontend-Redesign
2026-03-04 10:47:38 +01:00
021_legal_templates_v2.sql
feat: Migration 021 — Legal Templates v2 (vollwertige Inhalte)
2026-03-04 12:06:26 +01:00
022_template_block_markers.sql
feat: Template-Spec v1 Phase B — Rule Engine + Block Removal
2026-03-04 13:23:03 +01:00
023_new_templates_de.sql
feat: Template-Spec v1 Phase C — IF-Renderer + HOSTING/FEATURES + 4 neue DE-Templates
2026-03-04 14:35:56 +01:00
024_dsfa.sql
feat: DSFA Modul — Backend, Proxy, Frontend-Migration, Tests + Mock-Daten entfernt
2026-03-04 22:41:05 +01:00
025_dsfa_template.sql
fix: DSFA-Template status active → published (wird im Document Generator angezeigt)
2026-03-05 00:05:10 +01:00
026_dsr.sql
feat: Consent-Service Module nach Compliance migriert (DSR, E-Mail-Templates, Legal Docs, Banner)
2026-03-05 00:36:24 +01:00
027_email_templates.sql
feat: Consent-Service Module nach Compliance migriert (DSR, E-Mail-Templates, Legal Docs, Banner)
2026-03-05 00:36:24 +01:00
028_dsfa_ai_use_cases.sql
fix: Migration 028 robuster (section_progress UPDATE via DO-Block mit IF EXISTS)
2026-03-05 09:32:31 +01:00
029_banner_consent.sql
feat: Consent-Service Module nach Compliance migriert (DSR, E-Mail-Templates, Legal Docs, Banner)
2026-03-05 00:36:24 +01:00
030_dsfa_full_schema.sql
feat: DSFA vollständiges DB-Schema + PDF-Ingest + Tests
2026-03-05 10:03:09 +01:00
031_modules.sql
feat(freigabe): Import/Screening/Modules/RAG — API-Tests, Migration 031, Bug-Fix
2026-03-05 11:42:19 +01:00
032_legal_documents_extend.sql
chore: diverse Bereinigungen und Fixes
2026-03-05 17:24:15 +01:00
033_vvt_consolidation.sql
feat(vvt): Go-Features nach Python portieren (Source of Truth)
2026-03-06 17:14:38 +01:00
034_tom.sql
feat(tom): TOM-Backend in Python erstellen, Frontend von In-Memory auf DB migrieren
2026-03-06 17:35:44 +01:00
035_vvt_tenant_isolation.sql
feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6)
2026-03-07 14:12:34 +01:00
036_company_profile_extend.sql
feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6)
2026-03-07 14:12:34 +01:00
037_document_versions.sql
feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6)
2026-03-07 14:12:34 +01:00
038_change_requests.sql
feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6)
2026-03-07 14:12:34 +01:00
039_compliance_projects.sql
fix(migration): handle missing sdk_states table in migration 039
2026-03-09 15:06:06 +01:00
040_compliance_wiki.sql
fix: Cast empty ARRAY[] to text[] in wiki migration
2026-03-09 20:12:54 +01:00
041_compliance_wiki_enrichment.sql
feat(wiki): Enrich wiki with DACH court decisions and 18 new articles
2026-03-09 20:43:23 +01:00
042_company_profile_project_id.sql
fix: CREATE audit table IF NOT EXISTS before ALTER in migration 042
2026-03-09 23:54:20 +01:00
043_wiki_datenkategorien_abteilungen.sql
feat(vvt): Aufklappbare Abteilungskacheln mit Datenkategorien + Wiki-Infoboxen
2026-03-10 13:11:00 +01:00
044_canonical_control_library.sql
feat(canonical-controls): Canonical Control Library — rechtssichere Security Controls
2026-03-12 19:55:06 +01:00
045_canonical_controls_seed.sql
feat: seed 10 canonical controls + CRUD endpoints + frontend editor
2026-03-13 00:28:21 +01:00
046_control_generator.sql
fix: migration runner strips BEGIN/COMMIT and guards missing tables
2026-03-14 21:59:10 +01:00
047_verification_method_category.sql
fix: migration runner strips BEGIN/COMMIT and guards missing tables
2026-03-14 21:59:10 +01:00
048_processing_path_expand.sql
fix: make migrations 048/049 safe for environments without canonical tables
2026-03-14 21:45:00 +01:00
049_target_audience.sql
fix: make migrations 048/049 safe for environments without canonical tables
2026-03-14 21:45:00 +01:00
050_score_snapshots.sql
feat: add compliance modules 2-5 (dashboard, security templates, process manager, evidence collector)
2026-03-14 21:03:04 +01:00
051_security_templates.sql
feat: add compliance modules 2-5 (dashboard, security templates, process manager, evidence collector)
2026-03-14 21:03:04 +01:00
052_process_tasks.sql
feat: add compliance modules 2-5 (dashboard, security templates, process manager, evidence collector)
2026-03-14 21:03:04 +01:00
053_evidence_checks.sql
feat: add compliance modules 2-5 (dashboard, security templates, process manager, evidence collector)
2026-03-14 21:03:04 +01:00
054_wiki_hinschg_erweitert.sql
feat: enhance whistleblower HinSchG content, fix control-library filter layout
2026-03-15 00:23:19 +01:00
055_wiki_cra.sql
feat: CRA wiki, cybersecurity policy template, Phase H RAG ingestion
2026-03-15 00:43:46 +01:00
056_cra_cybersecurity_policy.sql
feat: CRA wiki, cybersecurity policy template, Phase H RAG ingestion
2026-03-15 00:43:46 +01:00
057_processing_path_batch.sql
feat(control-library): document-grouped batching, generation strategy tracking, sort by source
2026-03-15 15:10:52 +01:00
058_generation_strategy.sql
feat(control-library): document-grouped batching, generation strategy tracking, sort by source
2026-03-15 15:10:52 +01:00
059_wiki_cra_annex_i_detail.sql
feat(training+controls): interactive video pipeline, training blocks, control generator, CE libraries
2026-03-16 21:41:48 +01:00
060_crosswalk_matrix.sql
feat(multi-layer): complete Multi-Layer Control Architecture (Phases 1-8 + Pass 0)
2026-03-17 09:00:37 +01:00
061_obligation_candidates.sql
feat(multi-layer): complete Multi-Layer Control Architecture (Phases 1-8 + Pass 0)
2026-03-17 09:00:37 +01:00
062_pipeline_version.sql
feat(pipeline): pipeline_version v2, migration 062, docs + 71 tests
2026-03-17 17:31:11 +01:00
063_control_applicability.sql
feat(pipeline): v3 — scoped control applicability + source_type classification
2026-03-18 16:28:05 +01:00
064_vvt_master_libraries.sql
feat(sdk): VVT master libraries, process templates, Loeschfristen profiling + document
2026-03-19 11:56:25 +01:00
065_vvt_library_seed.sql
feat(sdk): VVT master libraries, process templates, Loeschfristen profiling + document
2026-03-19 11:56:25 +01:00
066_vvt_process_templates.sql
feat(sdk): VVT master libraries, process templates, Loeschfristen profiling + document
2026-03-19 11:56:25 +01:00
067_vvt_process_templates_seed.sql
feat(sdk): VVT master libraries, process templates, Loeschfristen profiling + document
2026-03-19 11:56:25 +01:00
068_tom_control_mappings.sql
feat(tom): audit document, compliance checks, 25 controls, canonical control mapping
2026-03-19 11:56:53 +01:00
069_obligations_vendor_link.sql
feat(sdk): vendor-compliance cross-module integration — VVT, obligations, TOM, loeschfristen
2026-03-19 13:59:43 +01:00
070_loeschfristen_vendor_link.sql
feat(sdk): vendor-compliance cross-module integration — VVT, obligations, TOM, loeschfristen
2026-03-19 13:59:43 +01:00
071_policy_templates_it_security.sql
feat(document-generator): 33 policy + module document templates
2026-03-19 23:27:25 +01:00
072_policy_templates_data_hr_vendor_bcm.sql
feat(document-generator): 33 policy + module document templates
2026-03-19 23:27:25 +01:00
073_module_document_templates.sql
feat(document-generator): 33 policy + module document templates
2026-03-19 23:27:25 +01:00
074_control_dedup.sql
feat: Control Library UI, dedup migration, QA tooling, docs
2026-03-21 11:56:08 +01:00
075_obligation_refinement.sql
feat(decomposition): add merge pass, enrichment, and Pass 0b refinements
2026-03-21 22:27:09 +01:00
076_anti_fake_evidence.sql
feat: Anti-Fake-Evidence System (Phase 1-4b)
2026-03-23 17:15:45 +01:00
077_anti_fake_evidence_phase2.sql
feat: Anti-Fake-Evidence System (Phase 1-4b)
2026-03-23 17:15:45 +01:00
078_batch_dedup.sql
feat: Batch Dedup Runner — 85k→~18-25k Master Controls
2026-03-24 07:06:38 +01:00
079_evidence_type.sql
feat: evidence_type Feld (code/process/hybrid) fuer Controls
2026-03-25 21:53:40 +01:00
080_v1_control_matches.sql
feat: V1 Control Enrichment — Eigenentwicklung-Label, regulatorisches Matching & Vergleichsansicht
2026-03-26 10:32:08 +01:00
081_obligation_dedup_state.sql
feat: Obligation-Deduplizierung — 34.617 Duplikate als 'duplicate' markiert
2026-03-26 20:13:00 +01:00
082_widen_source_article.sql
Add migration 082: widen source_article to TEXT, fix pass0b query filters
2026-03-28 12:47:26 +01:00
083_ai_act_decision_tree.sql
feat: AI Act Decision Tree — Zwei-Achsen-Klassifikation (GPAI + High-Risk)
2026-03-29 10:14:09 +02:00
085_dsr_process_templates.sql
feat: DSR Prozessbeschreibungen Art. 15-21 mit Swim-Lane-Diagrammen
2026-04-28 17:53:44 +02:00
086_agent_scans.sql
feat: Phase 5 — DB persistence for scan results + Phase 10 in plan
2026-04-29 15:17:51 +02:00
087_tom_documentation_v2.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
088_avv_template.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
089_template_cross_doc_updates.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
090_agb_saas_v2.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
091_community_guidelines_v2.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
092_media_content_modules.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
093_privacy_policy_v2.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
094_terms_of_use.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
095_widerrufsbelehrung_v2.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
096_social_media_dsi.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
097_cookie_policy_v2.sql
feat: Document Templates v2 — 11 migrations + scope-based generator
2026-05-01 01:18:33 +02:00
098_whistleblower_policy.sql
feat: Phase 1 — Whistleblower + Cookie/Impressum + HR-DSI templates
2026-05-01 08:29:52 +02:00
099_cookie_banner_impressum_v2.sql
feat: Phase 1 — Whistleblower + Cookie/Impressum + HR-DSI templates
2026-05-01 08:29:52 +02:00
100_employee_applicant_dsi.sql
feat: Phase 1 — Whistleblower + Cookie/Impressum + HR-DSI templates
2026-05-01 08:29:52 +02:00
101_security_concepts_v2.sql
feat: Phase 2 — Security Concepts + DSFA + DSR updates
2026-05-01 08:45:04 +02:00
102_dsfa_pflichten_dsr_v2.sql
feat: Phase 2 — Security Concepts + DSFA + DSR updates
2026-05-01 08:45:04 +02:00
103_security_policies_new.sql
feat: Phase 3 — Security + HR/Vendor/BCM policies
2026-05-01 09:05:03 +02:00
104_special_templates.sql
feat: Phase 5 — Special templates (AI policy, BYOD, ISMS, consent, video DSI)
2026-05-01 09:25:32 +02:00
105_scc_tia_templates.sql
feat: SCC + TIA templates for third-country transfers
2026-05-01 10:19:56 +02:00
106_banner_email_link_consent_proof.sql
feat: Cookie-Banner ↔ Backend Integration (DSR, Retention, Consent Proof)
2026-05-02 19:41:22 +02:00
106_cleanup_agb_duplicates.sql
feat: AGB cleanup + English Terms v2
2026-05-03 06:59:28 +02:00
107_agb_en_v2.sql
feat: AGB cleanup + English Terms v2
2026-05-03 06:59:28 +02:00
108_privacy_policy_cleanup_en.sql
feat: Privacy notice cleanup + English v2
2026-05-03 07:03:06 +02:00
109_full_template_cleanup.sql
feat: Full template cleanup + categories by use case
2026-05-03 07:09:16 +02:00
110_unreviewed_policies_v2.sql
feat: Review all 12 remaining policy templates + categorize
2026-05-03 07:19:41 +02:00
111_org_roles_reviews.sql
feat: Rollenkonzept backend + SOP template (Phase 1-3)
2026-05-03 13:03:38 +02:00
112_sop_template.sql
feat: Rollenkonzept backend + SOP template (Phase 1-3)
2026-05-03 13:03:38 +02:00
113_vendor_consent_granular.sql
feat: Vendor-level consent + Consent analytics (F4 + F6)
2026-05-03 20:58:06 +02:00
114_banner_analytics.sql
feat: Vendor-level consent + Consent analytics (F4 + F6)
2026-05-03 20:58:06 +02:00
115_role_training_mapping.sql
feat: Academy integration — training gap detection after document approval (F7)
2026-05-03 22:03:25 +02:00
116_banner_ab_testing.sql
feat: A/B Testing + Compliance Report PDF (F5 + F8)
2026-05-03 21:42:50 +02:00
117_dsr_email_templates_content.sql
feat: EmailDeliveryService + professional DSR email templates
2026-05-03 23:38:32 +02:00
118_whistleblower.sql
feat: Whistleblower backend + Scanner banner-check (last 2 gaps)
2026-05-04 00:22:18 +02:00