Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b70c1b7c373dc05329d8555d141552efe8a0aa89
breakpilot-compliance/backend-compliance/tests/test_silent_intake.py
T
Benjamin Admin 9c33582412 feat: Silent Knowledge Pass — recognise before asking (Phase 0, before the endpoint) 
Not the endpoint yet — the bigger knowledge lever first. The Advisor can say "I need 5 answers" but
does not yet decide what it can find out by ITSELF. The Silent Knowledge Pass runs in front of the
Advisor and, from signals existing scanners/parsers already produce (website, repository, documents,
product data), deterministically derives capabilities the company demonstrably HAS + product facts
that drive scope — so every recognised item shrinks the delta and removes a question.

compliance/onboarding/silent_intake.py: silent_intake(signals, signal_map) -> detected_capabilities
(+ evidence already in hand) + product_facts. The signal->conclusion map is curated DATA
(knowledge/onboarding/intake_signal_map.yaml), signals are injected (scanners are upstream). Pure,
deterministic, no LLM. advisor_start gains detected_capabilities (folded into the profile at HIGH
confidence -> covered, not asked) and an auto_detected result + headline.

The experience flips from a question wall to "we already recognised 4 capabilities, 2 product facts
and have 4 pieces of evidence in hand — only these few remain". Order now: Silent Pass -> #58
endpoint/frontend -> #59 empirical loop. NOT new architecture, just an orchestration step in front.
Non-runtime (no app caller) -> no deploy. 15 onboarding tests pass, mypy --strict clean, check-loc 0.
2026-06-28 14:34:27 +02:00

80 lines
4.1 KiB
Python
Raw Blame History

"""Silent Knowledge Pass — recognise before asking (Phase 0).
Pins the deterministic signal->capability/product-fact mapping and the product effect that matters: when
the Silent Pass feeds detected capabilities into the Advisor, the delta shrinks and the number of
next-best questions DROPS — "we already recognised X, only these few remain" instead of a question wall.
"""
from __future__ import annotations
import os
import yaml
from compliance.onboarding import (
IntakeSignal,
OnboardingInput,
SignalMapping,
advisor_start,
resolve_for_certifications,
silent_intake,
)
from compliance.onboarding import CapabilityHypothesis
from compliance.transition_reasoning import TargetRequirement
_DIR = os.path.dirname(__file__)
_MAP = [SignalMapping(**m) for m in yaml.safe_load(
open(os.path.join(_DIR, "..", "knowledge", "onboarding", "intake_signal_map.yaml"), encoding="utf-8"))["mappings"]]
_LIB = [CapabilityHypothesis(**h) for h in yaml.safe_load(
open(os.path.join(_DIR, "..", "knowledge", "certification_hypotheses", "hypotheses.yaml"), encoding="utf-8"))["hypotheses"]]
_CRA = yaml.safe_load(open(os.path.join(_DIR, "..", "knowledge", "transition_patterns",
"transition_pattern_iso27001_to_cra_maschinenvo_v1.yaml"), encoding="utf-8"))
_REQ = [TargetRequirement(capability_id=a["capability"]) for a in _CRA["likely_covered"]]
_REQ += [TargetRequirement(capability_id=d["capability"], expected_evidence=d.get("expected_evidence", []))
for d in _CRA["delta_requirements"]]
# scanner findings (injected): a machine builder with a public CVD policy, an SBOM + signed releases in
# the repo, a product risk-assessment doc, and a cloud-connected PLC product.
_SIGNALS = [
IntakeSignal(source="website", signal="security_txt_or_cvd_policy", detail="/.well-known/security.txt"),
IntakeSignal(source="repository", signal="sbom_file_found", detail="sbom.cdx.json"),
IntakeSignal(source="repository", signal="signed_releases"),
IntakeSignal(source="document", signal="product_risk_assessment_doc"),
IntakeSignal(source="product", signal="cloud_connectivity"),
IntakeSignal(source="product", signal="plc_sps"),
]
def test_silent_intake_is_deterministic_signal_mapping():
res = silent_intake(_SIGNALS, _MAP)
caps = set(res.capability_ids())
assert {"coordinated_vulnerability_disclosure", "sbom_creation", "secure_signed_update_distribution",
"product_cyber_risk_assessment"} <= caps
assert "sbom" in res.evidence_found # evidence already in hand -> no upload needed
facts = {f.key for f in res.product_facts}
assert "connected_to_internet" in facts and "is_machine" in facts
def test_silent_pass_reduces_the_questions():
inp = OnboardingInput(company="x", certifications=["ISO27001", "ISO9001"], target=["CRA"])
hyp = resolve_for_certifications(inp.certifications, _LIB)
without = advisor_start(inp, hyp, _REQ, target_id="CRA", corpus_status={"CRA": "validated"})
detected = silent_intake(_SIGNALS, _MAP).capability_ids()
with_pass = advisor_start(inp, hyp, _REQ, target_id="CRA", corpus_status={"CRA": "validated"},
detected_capabilities=detected)
# the whole point: recognising things automatically leaves FEWER open questions
assert len(with_pass.capability_delta) < len(without.capability_delta)
assert len(with_pass.next_best_questions) <= len(without.next_best_questions)
assert with_pass.auto_detected # recognised without asking
assert "automatisch erkannt (Intake)" in with_pass.headline
def test_detected_capabilities_are_not_asked_again():
inp = OnboardingInput(company="x", certifications=["ISO27001"], target=["CRA"])
hyp = resolve_for_certifications(inp.certifications, _LIB)
detected = silent_intake(_SIGNALS, _MAP).capability_ids()
res = advisor_start(inp, hyp, _REQ, target_id="CRA", corpus_status={"CRA": "validated"},
detected_capabilities=detected)
asked = {q.capability_id for q in res.next_best_questions}
assert "sbom_creation" not in asked and "sbom_creation" not in res.capability_delta
Reference in New Issue View Git Blame Copy Permalink