c7ab569b2b
feat(pitch-deck): admin UI for investor + financial-model management ( #3 )
...
CI / test-go-consent (push) Successful in 42s
CI / test-python-voice (push) Successful in 30s
CI / test-bqas (push) Successful in 30s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / Deploy (push) Successful in 2s
Adds /pitch-admin dashboard with real bcrypt admin accounts and full
audit attribution for every state-changing action.
- pitch_admins + pitch_admin_sessions tables (migration 002)
- pitch_audit_logs.admin_id + target_investor_id columns
- lib/admin-auth.ts: bcryptjs, single-session, jose JWT with audience claim
- middleware.ts: two-cookie gating with bearer-secret CLI fallback
- 14 new API routes (admin-auth, dashboard, investor detail/edit/resend,
admins CRUD, fm scenarios + assumptions PATCH)
- 9 admin pages: login, dashboard, investors list/new/[id], audit,
financial-model list/[id], admins
- Bootstrap CLI: npm run admin:create
- 36 vitest tests covering auth, admin-auth, rate-limit primitives
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 10:36:16 +00:00
645973141c
feat(pitch-deck): passwordless investor auth, audit logs, snapshots & PWA ( #2 )
...
CI / test-go-consent (push) Successful in 27s
CI / test-python-voice (push) Successful in 25s
CI / test-bqas (push) Successful in 27s
CI / Deploy (push) Successful in 6s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
Adds investor-facing access controls, persistence, and PWA support to the pitch deck:
- Passwordless magic-link auth (jose JWT + nodemailer SMTP)
- Per-investor audit logging (logins, slide views, assumption changes, chat)
- Financial model snapshot persistence (auto-save/restore per investor)
- PWA support (manifest, service worker, offline caching, branded icons)
- Safeguards: email watermark overlay, security headers, content protection,
rate limiting, IP/new-IP detection, single active session per investor
- Admin API: invite, list investors, revoke, query audit logs
- pitch-deck service added to docker-compose.coolify.yml
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-07 08:48:38 +00:00
Benjamin Admin
3a2567b44d
feat(pitch-deck): add AI Presenter mode with LiteLLM migration and FAQ system
...
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 27s
CI / test-python-voice (push) Successful in 25s
CI / test-bqas (push) Successful in 25s
CI / Deploy (push) Successful in 4s
- Migrate chat API from Ollama to LiteLLM (OpenAI-compatible SSE)
- Add 15-min presenter storyline with bilingual scripts for all 20 slides
- Add FAQ system (30 entries) with keyword matching for instant answers
- Add IntroPresenterSlide with avatar placeholder and start button
- Add PresenterOverlay (progress bar, subtitle text, play/pause/stop)
- Add AvatarPlaceholder with pulse animation during speaking
- Add usePresenterMode hook (state machine: idle→presenting→paused→answering→resuming)
- Add 'P' keyboard shortcut to toggle presenter mode
- Support [GOTO:slide-id] markers in chat responses
- Dynamic slide count (was hardcoded 13, now from SLIDE_ORDER)
- TTS stub prepared for future Piper integration
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-20 11:45:55 +01:00
Benjamin Admin
df0a9d6cf0
feat(pitch-deck): update TAM/SAM/SOM with bottom-up competitor revenue validation
...
MarketSlide:
- TAM sources updated: bottom-up from Top-10 competitor revenues (>$1.13B known)
- SAM increased €850M → €950M, growth 19.5% → 24% (NIS2/CRA/AI Act expansion)
- SAM source: bottom-up DACH revenues (DataGuard €52M, heyData €15M, etc.)
- SOM growth increased to 30%, benchmark against Proliance/heyData
- TAM growth updated to 18.5% (compliance automation wave 30-45% vs GRC avg 13.8%)
ProblemSlide:
- Added 3rd source to DSGVO card: market validation with real competitor revenues
- Highlights: Vanta $220M/$4.15B, Top-10 >$1.1B, 80% still manual
DB (pitch_market):
- SAM value_eur: 850M → 950M
- Growth rates: TAM 16.2→18.5, SAM 19.5→24.0, SOM 25→30
- Source strings updated to reference bottom-up methodology
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-20 08:33:18 +01:00
Benjamin Admin
38363b2837
feat(pitch-deck): rewrite CompetitionSlide with 6 detailed competitor profiles
...
- Add Vanta, Drata, Sprinto (international) alongside Proliance, DataGuard, heyData (DACH)
- Each card: HQ city/country, offices, employees, revenue, customers + countries, funding, investors, AI badge
- Two tabs: Overview & Comparison / Feature Matrix (Detail)
- 44-feature comparison table with collapsible sections: Top 5 Unterschiede, Alle Features, USP
- Efficiency ratios table (revenue/employee, customers/employee)
- DACH landscape note (Secjur, Usercentrics, Caralegal, 2B Advice, OneTrust)
- Research-backed data: Vanta $220M/$4.15B, Drata $100M/$2B, Sprinto $38M, DataGuard €52M, heyData €15M
- Dynamic feature/USP counts in subtitle
- Bilingual (de/en) with i18n subtitle update
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-20 08:26:20 +01:00
Benjamin Admin
f467db2ea0
fix(pitch-deck): Waiting-Indicator in ChatFAB (richtiges Komponente)
...
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 25s
CI / test-python-voice (push) Successful in 29s
CI / test-bqas (push) Successful in 26s
ChatInterface.tsx war falsch — der echte Investor Agent laeuft in
ChatFAB.tsx. Animierte Punkte + firstChunk-Logik dort implementiert.
Session-History laeuft bereits korrekt (FAB permanent gemountet).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-06 09:39:19 +01:00
Benjamin Admin
35aad9b169
fix(pitch-deck): Stale-Closure-Bug im Waiting-Indicator behoben
...
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 27s
CI / test-python-voice (push) Successful in 30s
CI / test-bqas (push) Successful in 25s
isWaiting im async Closure war immer true — lokale Variable
firstChunk ersetzt den State-Check zuverlaessig.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-06 09:28:12 +01:00
Benjamin Admin
806d3e0b56
feat(pitch-deck): Waiting-Indicator im Investor Agent Chat
...
CI / test-go-consent (push) Successful in 27s
CI / test-bqas (push) Successful in 29s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-python-voice (push) Successful in 31s
Drei animierte Punkte (iMessage-Style) erscheinen sofort nach dem
Absenden und verschwinden wenn der erste Token eintrifft.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-06 09:16:22 +01:00
Benjamin Admin
9f0e8328e5
fix(pitch-deck): qwen3.5 thinking-mode deaktiviert, num_ctx 8192
...
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 28s
CI / test-python-voice (push) Successful in 30s
CI / test-bqas (push) Successful in 29s
Qwen3.5 denkt standardmaessig intern durch (think: true) — das
ueberschreitet den 2-Minuten-Timeout des Investor Agents.
think: false + num_ctx 8192 sorgt fuer schnelle direkte Antworten.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-03-06 08:31:17 +01:00
Benjamin Admin
2801e44d39
feat(pitch-deck): Wettbewerbsanalyse aktualisiert — 761K LOC, 44 Features, 57 Compliance-Module, 9 USPs
...
CI / test-python-voice (push) Successful in 28s
CI / test-bqas (push) Successful in 27s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 28s
- EngineeringSlide: 691K→761K LOC, TS 403K→408K, Python 160K→213K, Go 127K→141K
- CompetitionSlide: Security-Features durch Compliance-USPs ersetzt (Self-Hosted, PII-Redaction, IPFS, SDK)
- i18n: Solution Pillar '57 Module', Competition Subtitle, Engineering Subtitle aktualisiert
- DB: 18 neue Features (DSR, Consent, Academy, Whistleblower, Incidents, etc.), Metrics + Competitors aktualisiert
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-03-05 22:59:54 +01:00
Benjamin Boenisch
e87ec2520d
feat(pitch-deck): pivot to Maschinen- und Anlagenbau target market
...
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 33s
CI / test-python-voice (push) Successful in 33s
CI / test-bqas (push) Successful in 33s
Refocus entire pitch deck narrative on machine/plant manufacturers with
in-house embedded software development. Key changes:
- i18n: All DE/EN texts updated (cover, problem, solution, market, etc.)
- MarketSlide: Dynamic unit formatting (Mrd/Mio/k) for SOM in millions
- SolutionSlide: Code-Security pillar with ScanLine icon
- HowItWorksSlide: GitBranch icon for code repo connection step
- CompetitionSlide: Security features reframed for firmware/embedded
- RegulatorySlide: Added CRA (Cyber Resilience Act) as 4th tab
- AI chat prompt: Updated Kernbotschaften for Maschinenbau USP
- DB migration: TAM 8.7B, SAM 850M, SOM 7.2M, customers 5-380 (2026-2030),
4 new differentiator features, product capabilities for code-security
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-17 21:42:29 +01:00
Benjamin Boenisch
b7d21daa24
feat: Add DevSecOps tools, Woodpecker proxy, Vault persistent storage, pitch-deck annex slides
...
CI / test-bqas (push) Successful in 32s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 46s
CI / test-python-voice (push) Successful in 38s
- Install Gitleaks, Trivy, Grype, Syft, Semgrep, Bandit in backend-core Dockerfile
- Add Woodpecker SQLite proxy API (fallback without API token)
- Mount woodpecker_data volume read-only to backend-core
- Add backend proxy fallback in admin-core Woodpecker route
- Add Vault file-based persistent storage (config.hcl, init-vault.sh)
- Auto-init, unseal and root-token persistence for Vault
- Add 6 pitch-deck annex slides (Assumptions, Architecture, GTM, Regulatory, Engineering, AI Pipeline)
- Dynamic margin/amortization KPIs in BusinessModelSlide
- Market sources modal with citations in MarketSlide
- Redesign nginx landing page to 3-column layout (Lehrer/Compliance/Core)
- Extend MkDocs nav with Services and SDK documentation sections
- Add SDK Protection architecture doc
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-17 15:42:43 +01:00
Benjamin Boenisch
f2a24d7341
feat: add pitch-deck service to core infrastructure
...
Migrated pitch-deck from breakpilot-pwa to breakpilot-core.
Container: bp-core-pitch-deck on port 3012.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-14 19:44:27 +01:00
