breakpilot-compliance/backend-compliance/compliance/api at a638d0e5276be4fd0368cdd39254de0e28ac94f3 - breakpilot-compliance - Gitea: Git with a cup of tea

Benjamin_Boenisch/breakpilot-compliance

Files

History

Sharang Parnerkar a638d0e527 refactor(backend/api): extract EvidenceService (Step 4 — file 9 of 18)

compliance/api/evidence_routes.py (641 LOC) -> 240 LOC thin routes + 460-line
EvidenceService. Manages evidence CRUD, file upload, CI/CD evidence
collection (SAST/dependency/SBOM/container scans), and CI status dashboard.

Service injection pattern: EvidenceService takes the EvidenceRepository,
ControlRepository, and AutoRiskUpdater classes as constructor parameters.
The route's get_evidence_service factory reads these class references from
its own module namespace so tests that
``patch("compliance.api.evidence_routes.EvidenceRepository", ...)`` still
take effect through the factory.

The `_store_evidence` and `_update_risks` helpers stay as module-level
callables in evidence_service and are re-exported from the route module.
The collect_ci_evidence handler remains inline (not delegated to a service
method) so tests can patch
`compliance.api.evidence_routes._store_evidence` and have the patch take
effect at the handler's call site.

Legacy re-exports via __all__: SOURCE_CONTROL_MAP, EvidenceRepository,
ControlRepository, AutoRiskUpdater, _parse_ci_evidence,
_extract_findings_detail, _store_evidence, _update_risks.

Verified:
  - 208/208 pytest (core + 35 evidence tests) pass
  - OpenAPI 360/484 unchanged
  - mypy compliance/ -> Success on 135 source files
  - evidence_routes.py 641 -> 240 LOC
  - Hard-cap violations: 10 -> 9

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-08 21:59:03 +02:00

..

document_templates

fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

2026-03-07 19:00:33 +01:00

__init__.py

fix: make compliance router imports resilient to individual module failures

2026-03-13 09:46:52 +01:00

_http_errors.py

refactor(backend/api): extract AuditSession service layer (Step 4 worked example)

2026-04-07 18:16:50 +02:00

ai_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

audit_routes.py

tech-debt: mypy --strict config + integration tests for audit routes

2026-04-07 18:39:40 +02:00

banner_routes.py

refactor(backend/api): extract BannerConsent + BannerAdmin services (Step 4)

2026-04-07 18:52:31 +02:00

canonical_control_routes.py

refactor(backend/api): extract CanonicalControlService (Step 4 — file 6 of 18)

2026-04-07 19:53:55 +02:00

change_request_engine.py

fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

2026-03-07 19:00:33 +01:00

change_request_routes.py

fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

2026-03-07 19:00:33 +01:00

company_profile_routes.py

refactor(backend/api): extract CompanyProfileService (Step 4 — file 4 of 18)

2026-04-07 19:47:29 +02:00

compliance_scope_routes.py

Fix SQLAlchemy 2.x compatibility: wrap raw SQL in text()

2026-03-13 10:16:52 +01:00

consent_template_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

control_generator_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

crud_factory.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

dashboard_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

db_utils.py

feat(sdk): API-Referenz Frontend + Backend-Konsolidierung (Shared Utilities, CRUD Factory)

2026-03-07 17:07:43 +01:00

dsfa_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

dsr_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

einwilligungen_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

email_template_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

escalation_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

evidence_routes.py

refactor(backend/api): extract EvidenceService (Step 4 — file 9 of 18)

2026-04-08 21:59:03 +02:00

extraction_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

generation_routes.py

fix(backend): SQLAlchemy text() fuer alle raw SQL + UI-Verbesserungen

2026-03-08 22:53:29 +01:00

import_routes.py

Fix SQLAlchemy 2.x compatibility: wrap raw SQL in text()

2026-03-13 10:16:52 +01:00

incident_routes.py

fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

2026-03-07 19:00:33 +01:00

isms_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

legal_document_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

legal_template_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

loeschfristen_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

module_routes.py

fix: Vorbereitung-Module auf 100% — Feld-Fixes, Backend-Persistenz, Endpoints

2026-03-02 12:02:40 +01:00

notfallplan_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

obligation_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

project_routes.py

feat: Projekt-Verwaltung verbessern — Archivieren, Loeschen, Wiederherstellen

2026-03-09 17:48:02 +01:00

quality_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

risk_routes.py

feat: Analyse-Module auf 100% — Backend-Wiring, Proxy-Route, DELETE-Endpoints

2026-03-02 12:46:11 +01:00

routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

routes.py.backup

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

schemas.py

refactor(backend/api): split schemas.py into per-domain modules (1899 -> 39 LOC shim)

2026-04-07 18:06:27 +02:00

scraper_routes.py

Initial commit: breakpilot-compliance - Compliance SDK Platform

2026-02-11 23:47:28 +01:00

screening_routes.py

refactor(backend/api): extract ScreeningService (Step 4 — file 8 of 18)

2026-04-07 20:03:16 +02:00

security_backlog_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

source_policy_router.py

refactor(backend/api): extract SourcePolicyService (Step 4 — file 7 of 18)

2026-04-07 19:58:02 +02:00

tenant_utils.py

feat(sdk): Multi-Tenancy, Versionierung, Change-Requests, Dokumentengenerierung (Phase 1-6)

2026-03-07 14:12:34 +01:00

tom_routes.py

refactor(backend/api): extract TOMService (Step 4 — file 3 of 18)

2026-04-07 19:42:17 +02:00

vendor_compliance_routes.py

refactor: phase 0 guardrails + phase 1 step 2 (models.py split)

2026-04-07 13:18:29 +02:00

versioning_utils.py

fix(quality): Ruff/CVE/TS-Fixes, 104 neue Tests, Complexity-Refactoring

2026-03-07 19:00:33 +01:00

vvt_routes.py

refactor(backend/api): extract VVTService (Step 4 — file 5 of 18)

2026-04-07 19:50:40 +02:00

wiki_routes.py

feat: Add Compliance Wiki as internal admin knowledge base

2026-03-09 20:01:27 +01:00