breakpilot-core

Author	SHA1	Message	Date
Benjamin Admin	66a70ab31c	feat(pipeline): G1 Decision Trace — compliance decision tracking New table: decision_traces (status, reason, evidence, fix plan per control) New API: POST/GET/PUT /v1/decision-traces (CRUD for decisions) GET /v1/decision-traces/stats (compliance dashboard) GET /v1/controls/{id}/full-trace (Regulation→Obligation→Control→Decision→Evidence) 454 tests pass, 0 regressions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-06 18:26:21 +02:00
Benjamin Admin	ad24835940	feat(pipeline): G-pre1/2/3 — Object Clustering + Master Controls + API G-pre1: 144k objects clustered into 7,466 groups via Mini-Batch K-Means on bge-m3 embeddings. Two-stage: k=5000 base + sub-cluster groups >50. G-pre2: 5,114 Master Controls from lifecycle phase chains (define→implement→test→monitor), linking 172,504 atomic controls. G-pre3: REST API for Master Controls GET /v1/master-controls (list, search, filter) GET /v1/master-controls/stats GET /v1/master-controls/{mc_id} (detail with phase-controls) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-05-06 15:11:38 +02:00
Benjamin Admin	42ab5ead26	feat(pipeline): implement Control Dependency Engine (Block 9) Core engine (dependency_engine.py): - 5 dependency types: prerequisite, supersedes, compensating_control, conditional_requirement, scope_exclusion - Generic condition evaluator (JSONB rules with AND/OR/NOT/field ops) - Priority-based conflict resolution - Cycle detection (DFS) + topological sort - Full evaluation with MCP-compatible dependency_resolution trace - 39 tests all passing (incl. GHV scenario from user requirements) Automatic generator (dependency_generator.py): - Ontology-based: same normalized_object + phase sequence -> prerequisite - Pattern-based: define->implement, implement->monitor, etc. - Domain packs: YAML rules for GDPR, AI Act, CRA, Security, Labor Contracts - 14 tests all passing API routes (dependency_routes.py): - CRUD for dependencies - POST /evaluate with dependency resolution - POST /generate (auto-generation with dry_run) - POST /validate (cycle detection) - GET /graph (nodes + edges for visualization) Prompt enhancement (decomposition_pass.py): - Added dependency_hints + lifecycle_phase_order to Pass 0b prompt - Stored in generation_metadata for post-processing DB migration: control_dependencies + control_evaluation_results tables 126 tests total, all passing. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-26 20:28:10 +02:00
Benjamin Admin	3ffa3f5793	feat(control-pipeline): add Document Compliance Engine — scope detection + document requirements New service: document_scope_resolver.py with 28 document rules covering: - Base (impressum, privacy_policy) - Tracking (cookie_banner, cookie_policy) - E-Commerce (AGB, withdrawal, shipping, pricing, payment) - Digital (digital_content_terms, no_withdrawal_notice) - SaaS (ToS, service_description, DPA, SLA) - AI (transparency_notice, automated_decisions) - Hardware (warranty, return, CE, safety) - Environmental (WEEE, battery disposal) - Marketplace (seller terms, ranking transparency) - Subscription (cancellation terms) API: POST /v1/document-compliance/required Input: company flags + jurisdiction → Output: required documents + assessment Includes confidence scoring, escalation detection (e.g. ecommerce without distance_selling flag), and reasoning. 19 tests covering all business model combinations including B2B-only exclusions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-24 08:39:55 +02:00
Benjamin Admin	e3ab428b91	feat: control-pipeline Service aus Compliance-Repo migriert Control-Pipeline (Pass 0a/0b, BatchDedup, Generator) als eigenstaendiger Service in Core, damit Compliance-Repo unabhaengig refakturiert werden kann. Schreibt weiterhin ins compliance-Schema der shared PostgreSQL. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-09 14:40:47 +02:00

5 Commits