v1.35.0

ISMS Builder v1.35.0

Quick Start

tar -xzf isms-builder-v1.35.0.tar.gz
npm install
cp .env.example .env   # JWT_SECRET setzen
npm start

See CHANGELOG and documentation for details.

What's Changed

• chore(deps): bump puppeteer from 24.39.0 to 24.39.1 by @dependabot[bot] in #7
• chore(ci): bump actions/setup-node from 4 to 6 by @dependabot[bot] in #4
• chore(ci): bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in #5
• chore(ci): bump actions/checkout from 4 to 6 by @dependabot[bot] in #6

New Contributors

• @dependabot[bot] made their first contribution in #7

Full Changelog: v1.34.1...v1.35.0

V 1.34.1 — MariaDB backend, OE admin fix, Findings UI polish, Systemhandbuch

What's new in V 1.34.1

Added

• MariaDB/MySQL backend — STORAGE_BACKEND=mariadb in .env; full async template store (mysql2 optional dependency); tools/migrate-json-to-mariadb.js migration script; .env.example extended with DB_HOST/PORT/USER/PASS/NAME/SSL
• Organisational Units (OE) — cross-module org unit management; OE picker in Risk Treatments, Assets, Suppliers
• Greenbone/OpenVAS scanner import — XML + PDF (with Ollama llama3.2:3b fallback for higher detection rate)
• Findings UI polish — action plan progressbar, print/PDF button per finding
• Findings list exports — JSON, CSV, PDF export buttons on the findings overview
• Favicon — shield-check icon (16/32/48px) derived from login logo
• Systemhandbuch ISMS Build — seeded admin quick-reference (9 sections: modules, RBAC, lifecycle, storage backends, Ollama KI integration)
• Security tooling: Dependabot, scripts/security-check.sh, npm audit hard-fail in CI, PINNED-DEPS.md

Fixed

• Admin → Organisation: OE section no longer overwritten on tab reopen
• GitHub release workflow: permissions: contents: write (HTTP 403 fix)
• Chrome/GDPR: scrollTop reset, isConnected guard, bfcache handler
• Findings print button: string ID quoting fix in onclick attribute

Ollama KI integration

Ollama is used in three places (all local, GDPR-compliant):

• Semantic search (topbar) — nomic-embed-text
• Scanner import PDF — llama3.2:3b fallback (significantly higher detection rate than regex-only)
• Scanner import XML — no LLM needed

Storage backends

Backend	.env	Status
JSON	STORAGE_BACKEND=json	Dev/test only
SQLite	STORAGE_BACKEND=sqlite	Default (production)
MariaDB/MySQL	STORAGE_BACKEND=mariadb	✅ New in this release
PostgreSQL	STORAGE_BACKEND=pg	Stub (planned)

201/201 tests passing.

V1.32.0 — Findings Integration

What's New in V1.32.0

Findings Module — Full Integration

• Calendar: Finding action due dates appear as finding_action_due events (overdue = red/high)
• Semantic Search: Findings are automatically indexed via Ollama embeddings on create/update/delete
• Reports: New Audit Findings report type with KPI row (total/by severity/by status/open actions/overdue actions) and filterable table
• PDF Export: New PDF export button in the reports filter bar — generates a print-ready page in a new tab
• Reports Fix: Filter panel was hidden for report types that don't need an entity selection — fixed with wrapper div

Other

• CHANGELOG.md introduced (full version history V1.20–V1.32.0)
• Presentations (DE/EN) updated to V1.32.0
• 192/192 tests green

ISMS Builder V 1.31.80 — Audit Findings, FR/NL, Language Config

What's New in V 1.32

🔍 Audit Findings Module

• Complete finding register using IST→SOLL→Risk→Recommendation model
• Automatic reference numbers FIND-YYYY-NNNN
• Severities: Critical · High · Medium · Low · Observation
• Structured action plan per finding (responsible, due date, status tracking)
• Links to SoA controls, policy templates, and risks
• Soft-delete + trash; 30-day autopurge; 16 automated tests

🌍 FR/NL Guidance Translations

• All guidance seeds fully translated: 🇩🇪 DE · 🇬🇧 EN · 🇫🇷 FR · 🇳🇱 NL
• FR/NL language switching bug fixed (_getDemoLang() mapped FR/NL to EN)
• Server-side sync on GET /guidance?lang=xx — no reload conflict

⚙️ Admin: Language Configuration

• New section in Admin → Organisation: enable/disable languages system-wide
• Configure default language shown on the login page
• Login page and settings panel show only enabled languages
• Public API endpoint GET /auth/language-config (no login required)

🌐 i18n Extension

• New translation keys for Findings module (DE/EN/FR/NL)
• New translation keys for Language Configuration UI (DE/EN/FR/NL)

---

192 / 192 tests passing

Full changelog in docs/ISMS-build-documentation.md (Sections 46–48).

ISMS Builder v1.29.0

Initial open-source release. 16 modules, 313 controls across 8 frameworks, 176 tests passing, Docker ready, local AI search via Ollama.