36 Commits

Author	SHA1	Message	Date
Benjamin Admin	ba3b172223	security: re-secure fp-patch	2026-04-22 07:30:56 +02:00
Benjamin Admin	34d7b187af	fix(pitch-deck): Cloud-Hosting 1500 base + 100/customer, fill material costs ... - SysEleven: 1500 EUR base (288 cores + managed), +100 EUR/customer >10 - 3rd Party API (Tavily): 45-700 EUR/Mon scaling - Datenbank-Hosting: 180-900 EUR/Mon scaling - CDN/Storage/Monitoring: 85-780 EUR/Mon scaling - Gross Margin now ~80-89% (realistic for AI-SaaS) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-22 07:28:16 +02:00
Benjamin Admin	487dc6d1e7	security: re-secure fp-patch	2026-04-22 07:06:46 +02:00
Benjamin Admin	24e57f558e	feat(pitch-deck): move COGS to Materialaufwand for correct Gross Margin ... - Cloud-Hosting, KI Tools, 3rd Party API → Materialaufwand - New rows: Datenbank-Hosting, CDN/Storage - Engine: compute Cloud-Hosting formula in materialaufwand - Gross Margin now realistic (~82% in 2026) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-22 07:04:22 +02:00
Benjamin Admin	82c9b5cf53	feat(pitch-deck): interactive charts with Y-axes, click-to-detail, explanations ... - All charts now have Y-axis labels with scale - X-axis with year labels on border lines - Click any chart → modal with KPI explanation + yearly breakdown - 8 detail explanations: MRR, EBIT, Headcount, Cash, Rev vs Costs, ACV, Gross Margin, NRR, EBIT Margin - Unit Economics cards clickable with hover effect - Compact 2x2 grid for EBIT/Headcount and Cash/RevCost - ISO 27001 cert moved to Jan 2027 on production Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 23:55:48 +02:00
Benjamin Admin	bb1144f392	chore: TEMP fp-patch for ISO cert Jan 2027	2026-04-21 23:50:43 +02:00
Benjamin Admin	56da89fb0e	feat(pitch-deck): add subtitles to USP + Milestones, EUR hint, re-secure ... - USP: "Compliance und Code — in einer Plattform, immer synchron" - Milestones: "Von der Idee zur GmbH — was wir bereits erreicht haben" - Finanzplan subtitle: "Alle Werte in EUR" - 2. Finanzierungsrunde (optional) - Re-secure fp-patch Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 23:38:51 +02:00
Benjamin Admin	283894a197	fix: recompute + diagnose KPIs on production	2026-04-21 23:32:35 +02:00
Benjamin Admin	41c2191280	security: re-secure fp-patch	2026-04-21 23:21:45 +02:00
Benjamin Admin	2dfc47d67e	feat(pitch-deck): insurance optimization, new positions, funding, slide reorder ... - Insurance: combined E&O+Produkt, realistic costs (~800 vs 1708 EUR/Mon) - New: Betriebshaftpflicht, Dienstreise-KV, Gruppenunfall, Key Man - New: Recruiting, ext. DSB, Zertifizierung (ISO 27001) - BG: 0.5% instead of 2.77% (VBG IT/Büro) - Marketing: 8% (2026-28), 10% (2029+) - Bewirtungskosten: all customers x 50 EUR (not just Enterprise) - Messen: 2x in 2029, 3x in 2030 - Liquidität: Fördergelder/Grants + Forschungszulage (§27a EStG) - Serverkosten tooltip updated - Slide reorder: Strategy+Finanzplan after 18, Risks before Glossary - 110→380+ everywhere, Compliance Optimizer on exec summary Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 23:07:30 +02:00
Benjamin Admin	004a624f23	security: re-secure fp-patch	2026-04-21 21:27:26 +02:00
Benjamin Admin	15b6e8614c	feat(pitch-deck): milestones update, Serverkosten formula, material/liquidität fixes ... - Milestones: correct dates + events (DPMA, domains, RAG, EUIPO, GmbH) - Serverkosten: 2000 base + max(0, customers-10)*250 (first 10 included) - Materialaufwand: cleared, info placeholder - 2. Finanzierungsrunde: renamed, sort order fixed Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 21:24:37 +02:00
Benjamin Admin	80376c90b3	security: re-secure fp-patch	2026-04-21 20:36:17 +02:00
Benjamin Admin	111e5d546f	feat(pitch-deck): Pricing slide, GuV hierarchy, Problem/Solution cards, engine fixes ... - BusinessModel → Pricing: remove Unit Economics, fullwidth tiers - GuV: major sums (EBIT, Rohergebnis, Jahresüberschuss) larger font + border - Engine: compute Rohergebnis, dynamic financing row matching - Problem slide: amber/orange "Die Konsequenz" card - Solution slide: larger Compliance Optimizer card - DB patch: Stammkapital, 2. Finanzierungsrunde 500k, GuV sort order Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 20:33:35 +02:00
Benjamin Admin	43418d46fd	security: re-secure fp-patch	2026-04-21 19:41:30 +02:00
Benjamin Admin	e4f2d49e96	fix(pitch-deck): engine uses dynamic row matching for renamed labels ... - Engine no longer hardcodes financing row labels — matches by row_type - Handles renamed WD rows (Wandeldarlehen Investor/L-Bank, Stammkapital) - fp-patch: all pending WD fixes (labels, investments, materialaufwand, pos3) - Bestandskunden annual column shows Dec value (point-in-time) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 19:39:00 +02:00
Benjamin Admin	898ad1785b	security: re-secure fp-patch after WD data import	2026-04-21 19:16:39 +02:00
Benjamin Admin	8aa5db39fd	fix(pitch-deck): engine includes manual revenue rows in GESAMTUMSATZ ... Revenue rows without qty/price (e.g. Beratung & Service) were excluded from total. Now all revenue rows contribute to GESAMTUMSATZ. Same fix for materialaufwand SUMME. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 19:14:03 +02:00
Benjamin Admin	db0b77ef8f	fix(pitch-deck): restore WD revenue data, fix Bestandskunden annual display ... - Bulk-imported 67 umsatz + 78 kunden + 28 material rows to production WD - Fix Bestandskunden annual column: show Dec value (point-in-time), not sum - Fix tab labels: Umsatzerlöse, Liquidität (umlauts) - Re-secure fp-patch endpoint Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 18:57:13 +02:00
Benjamin Admin	f115b0a307	chore: TEMP fp-patch — move Rechtsanwalt to 2030	2026-04-21 18:37:15 +02:00
Benjamin Admin	c34c06d28d	security: re-secure fp-patch	2026-04-21 18:33:40 +02:00
Benjamin Admin	48042bde47	fix(pitch-deck): fix umlauts in tab labels + DB rows, delete Full-Stack pos ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 18:31:43 +02:00
Benjamin Admin	7fb207cfce	security: re-secure fp-patch after execution	2026-04-21 18:24:38 +02:00
Benjamin Admin	11b330c268	chore: TEMP fp-patch v3 — Fremdkapital fix + Rechtsanwalt + recompute	2026-04-21 18:22:31 +02:00
Benjamin Admin	7cb79dacd5	security(pitch-deck): re-secure fp-patch, convert to admin recompute endpoint ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 18:12:24 +02:00
Benjamin Admin	14362cbc0e	chore(pitch-deck): TEMP public fp-patch v2 — fix WD funding + recompute ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 18:09:35 +02:00
Benjamin Admin	e5bb8e65e8	security(pitch-deck): remove temp public fp-patch, re-secure admin endpoint ... Patch executed successfully on production. Temp endpoint removed. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 17:49:31 +02:00
Benjamin Admin	f86dc265eb	chore(pitch-deck): TEMP public fp-patch endpoint for one-time DB fix ... Will be removed immediately after execution. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-21 17:46:26 +02:00
Sharang Parnerkar	497be5fac9	redesign ArchitectureSlide with island map aesthetic + turbopack dev ... - Replace grid/SVG-line layout with archipelago map: organic island blobs, quadratic bezier sea routes, circular map-marker nodes - Fix SVG distortion: all strokes use vectorEffect=non-scaling-stroke - No more preserveAspectRatio=none diagonal-line warping - LiteLLM hub gets spinning ring + ripple pulse on active - Ocean background with per-tier radial glows, dot grid, zone labels - Switch dev server to --turbopack for faster HMR Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-20 22:26:12 +02:00
Sharang Parnerkar	5d71a371d6	fix(pitch-deck): resolve Docker build failures — nodemailer webpack + jose Edge Runtime ... - Add nodemailer to serverExternalPackages so webpack doesn't try to bundle fs/net/dns built-ins (was fatal build error) - Import jwtVerify from jose/jwt/verify instead of the full jose index to avoid pulling in JWE deflate code incompatible with Edge Runtime Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 20:31:34 +02:00
Benjamin Admin	7c17e484c1	fix(pitch-deck): add /team to public paths for team photo access ... Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-15 18:23:52 +02:00
Sharang Parnerkar	44659a9dd7	fix(pitch-deck): serve /screenshots/* past the auth middleware ... The SDK Live Demo slide renders screenshots via next/image from /public/screenshots/*.png. Because /screenshots was not on the PUBLIC_PATHS list, every request was 307-redirected to /auth, and the next/image optimizer responded with HTTP 400 "The requested resource isn't a valid image." leaving the slide with empty dark frames (surfaced in the pitch preview). next/image also bypasses middleware itself (see the matcher), but the server-side fetch it performs for the source URL does hit middleware and carries no investor cookie, so whitelisting the path is required even for authenticated viewers. These PNGs are public marketing assets — there's no reason to gate them. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-15 18:20:16 +02:00
Benjamin Admin	ff071af2a0	fix(pitch-deck): allow admin sessions to access investor routes ... Admins in preview mode can now use /api/chat and other investor endpoints without needing a separate investor login. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-15 00:13:13 +02:00
Sharang Parnerkar	ea752088f6	feat(pitch-admin): structured form editors, bilingual fields, version preview ... Replaces raw JSON textarea in version editor with proper form UIs: - Company: single-record form with side-by-side DE/EN tagline + mission - Team: expandable card list with bilingual role/bio, expertise tags - Financials: year-by-year table with numeric inputs - Market: TAM/SAM/SOM row table - Competitors: card list with strengths/weaknesses tag arrays - Features: card list with DE/EN names + checkbox matrix - Milestones: card list with DE/EN title/description + status dropdown - Metrics: card list with DE/EN labels - Funding: form + nested use_of_funds table - Products: card list with DE/EN capabilities + feature tag arrays - FM Scenarios: card list with color picker - FM Assumptions: row table Shared editor primitives (components/pitch-admin/editors/): BilingualField, FormField, ArrayField, RowTable, CardList "Edit as JSON" toggle preserved as escape hatch on every tab. Preview: admin clicks "Preview" on version editor → opens /pitch-preview/[versionId] in new tab showing the full pitch deck with that version's data. Admin-cookie gated (no investor auth). Yellow "PREVIEW MODE" banner at top. Also fixes the [object Object] inline table type cast in FM editor. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 10:34:42 +02:00
Sharang Parnerkar	c7ab569b2b	feat(pitch-deck): admin UI for investor + financial-model management (#3) ... Adds /pitch-admin dashboard with real bcrypt admin accounts and full audit attribution for every state-changing action. - pitch_admins + pitch_admin_sessions tables (migration 002) - pitch_audit_logs.admin_id + target_investor_id columns - lib/admin-auth.ts: bcryptjs, single-session, jose JWT with audience claim - middleware.ts: two-cookie gating with bearer-secret CLI fallback - 14 new API routes (admin-auth, dashboard, investor detail/edit/resend, admins CRUD, fm scenarios + assumptions PATCH) - 9 admin pages: login, dashboard, investors list/new/[id], audit, financial-model list/[id], admins - Bootstrap CLI: npm run admin:create - 36 vitest tests covering auth, admin-auth, rate-limit primitives Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 10:36:16 +00:00
Sharang Parnerkar	645973141c	feat(pitch-deck): passwordless investor auth, audit logs, snapshots & PWA (#2) ... Adds investor-facing access controls, persistence, and PWA support to the pitch deck: - Passwordless magic-link auth (jose JWT + nodemailer SMTP) - Per-investor audit logging (logins, slide views, assumption changes, chat) - Financial model snapshot persistence (auto-save/restore per investor) - PWA support (manifest, service worker, offline caching, branded icons) - Safeguards: email watermark overlay, security headers, content protection, rate limiting, IP/new-IP detection, single active session per investor - Admin API: invite, list investors, revoke, query audit logs - pitch-deck service added to docker-compose.coolify.yml Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-07 08:48:38 +00:00