Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c7fde93061d03dc764f9f6fd20659455c3c758f7
breakpilot-compliance/backend-compliance
T
History
Benjamin Admin c7fde93061 feat(backend): On-demand Browser-Verhaltens-Matrix + Snapshot-Persistenz (Phase 2) 
- check_snapshot: update_browser_matrix/load_browser_matrix — migrationsfrei
  in banner_result.browser_matrix (JSONB jsonb_set, eigener scanned_at)
- snapshot_check_routes: POST /snapshots/{id}/browser-behavior/run laeuft
  /scan-matrix LIVE (Re-Crawl je Engine, nur live messbar), persistiert das
  Ergebnis; GET /snapshots/{id}/browser-behavior liefert die gespeicherte
  Matrix ohne Re-Crawl. Profil-Set = 4 Default-Engines + Brave/Chrome/Edge.
- consent-tester multi_browser_scanner: Semaphore(2) gegen OOM (7 Browser
  parallel sprengten das 2g-mem_limit)
- Pydantic-Modell mit Optional[List[...]] (nicht `| None`) → Py3.9-sicher
- Tests: _snapshot_scan_url + Request-Defaults (5)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-12 23:03:28 +02:00
..
auth
classroom_engine
compliance
feat(backend): On-demand Browser-Verhaltens-Matrix + Snapshot-Persistenz (Phase 2)
2026-06-12 23:03:28 +02:00
middleware
migrations
MC mapping: defensive route + MinIO overridable + iace migration 151 (#27)
2026-06-10 11:54:48 +00:00
scripts
Use-Case-Mapping-Filter für Master Controls + Mapper-Präzisionsfix
2026-06-09 23:19:56 +02:00
services
templates/gdpr
tests
feat(backend): On-demand Browser-Verhaltens-Matrix + Snapshot-Persistenz (Phase 2)
2026-06-12 23:03:28 +02:00
consent_admin_api.py
consent_api.py
consent_client.py
database.py
Dockerfile
gdpr_api.py
gdpr_export_service.py
main.py
refactor+feat: Snapshot-Router-Split + generischer ChecklistAgent + AGB-Modul
2026-06-11 14:23:29 +02:00
migration_runner.py
mypy.ini
PHASE1_RUNBOOK.md
README.md
requirements-reranker.txt
requirements.txt

README.md

backend-compliance

Python/FastAPI service implementing the DSGVO compliance API: DSR, DSFA, consent, controls, risks, evidence, audit, vendor management, ISMS, change requests, document generation.

Port: 8002 (container: bp-compliance-backend) Stack: Python 3.12, FastAPI, SQLAlchemy 2.x, Alembic, Keycloak auth.

Architecture

compliance/
├── api/            # Routers (thin, ≤30 LOC per handler)
├── services/       # Business logic
├── repositories/   # DB access
├── domain/         # Value objects, domain errors
├── schemas/        # Pydantic models, split per domain
└── db/models/      # SQLAlchemy ORM, one module per aggregate

The service follows this layered target structure but not all files are fully refactored yet. Phase 1 backlog is tracked in .claude/rules/loc-exceptions.txt (27 backend-compliance files currently excepted).

See ../AGENTS.python.md for the full convention and ../.claude/rules/architecture.md for the non-negotiable rules.

Run locally

cd backend-compliance
pip install -r requirements.txt
export COMPLIANCE_DATABASE_URL=...  # Postgres (Hetzner or local)
uvicorn main:app --reload --port 8002

Tests

pytest compliance/tests/ -v
pytest --cov=compliance --cov-report=term-missing

Layout: tests/unit/, tests/integration/, tests/contracts/. Contract tests diff /openapi.json against tests/contracts/openapi.baseline.json.

Public API surface

404+ endpoints across /api/v1/*. Grouped by domain: ai, audit, consent, dsfa, dsr, gdpr, vendor, evidence, change-requests, generation, projects, company-profile, isms. Every path is a contract — see the "Public endpoints" rule in the root CLAUDE.md.

Environment

Var Purpose
COMPLIANCE_DATABASE_URL Postgres DSN, sslmode=require
KEYCLOAK_* Auth verification
QDRANT_URL, QDRANT_API_KEY Vector search
CORE_VALKEY_URL Session cache

Don't touch

Database schema, __tablename__, column names, existing migrations under migrations/. See root CLAUDE.md rule 3.

Reference in New Issue View Git Blame Copy Permalink