From dc55ffa902cc762108ca200629e23f5970e6a3ff Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Thu, 18 Jun 2026 20:52:54 +0200 Subject: [PATCH] =?UTF-8?q?feat(ms-ai-architect):=20#9=20v1.16.0=20?= =?UTF-8?q?=E2=80=94=20currency=20+=20privat-sektor-paritets-release?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Siste audit-item (#9). Versjonsbump + telling-/konsistens-synk for hele audit-syklusen (#5–#8 currency + #7 routing/privat-sektor-paritet). Ingen ny funksjonalitet i denne commiten — kun release-deklarasjoner og count-konsistens. Innholdet ble levert i e406ef3 og forutgående commits. Versjonsdeklarasjoner (1.15.0 → 1.16.0): - .claude-plugin/plugin.json - README.md version-badge + ny version-history-rad (currency-temaer, 4 nye kommandoer, regulatorisk/plattform/kostnad/sikkerhet-currency) - CHANGELOG.md ny [1.16.0]-entry (Added/Changed/Notes); historiske entries urørt - docs/playground.md doc-stamp (tittel + Validering-header). Playground- KODEN er uendret siden v1.15.0 → kun stamp bumpet, screenshots IKKE regenerert (forblir playground/screenshots/v1.15.0/) Telling-/konsistens-synk (verifisert ved faktisk fil-telling = 389): - README docs-badge 387 → 389; README KB-tabell + per-skill-seksjon (ms-ai-security 60 → 62); README prosa «387/387+» → «389/389+» - CLAUDE.md skill-tabell ms-ai-security 60 → 62 (var stale etter #8b) - SKILL.md cost-optimization subdir-telling 21 → 22 (korrigert pre- eksisterende drift; faktisk filtelling 22) Kommando-delta verifisert via git: 25 (v1.15.0) → 29 (v1.16.0). 4 nye: businesscase + anskaffelse (#7c), design + vendor (#7d). Tester: validate-plugin 239 PASS / 0 FAIL / 0 WARN · kb-integrity 115/115 (262 pre-eksisterende orphan-warnings, uendret) · run-e2e alle suiter (security/cost/summary/ros/ai-act + 6 playground-suiter + kb-update) PASS. Audit-backlog #5–#9 nå komplett. FLAGG: `/architect:kb-update` apply (~190 filer/~80 fetches) forblir UTSATT — krever egen bekreftelse. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01REiKFhP4w6xGXXqWKpPCJJ --- .claude-plugin/plugin.json | 2 +- CHANGELOG.md | 33 +++++++++++++++++++++++++++++++++ CLAUDE.md | 2 +- README.md | 13 +++++++------ docs/playground.md | 4 ++-- skills/ms-ai-security/SKILL.md | 2 +- 6 files changed, 45 insertions(+), 11 deletions(-) diff --git a/.claude-plugin/plugin.json b/.claude-plugin/plugin.json index b28039a..e77f99c 100644 --- a/.claude-plugin/plugin.json +++ b/.claude-plugin/plugin.json @@ -1,6 +1,6 @@ { "name": "ms-ai-architect", - "version": "1.15.0", + "version": "1.16.0", "description": "Microsoft AI Solution Architect - structured architecture guidance for the full Microsoft AI stack", "author": { "name": "Kjell Tore Guttormsen" diff --git a/CHANGELOG.md b/CHANGELOG.md index 9a7a19d..4a15d35 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,39 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.16.0] - 2026-06-18 + +Currency- og privat-sektor-paritets-release. Adresserer devil's-advocate-audit (2026-06-18, 10 dimensjoner, 89 verifiserte funn) — `docs/devils-advocate-audit-2026-06-18.md`. Alle faktapåstander verifisert mot Microsoft Learn / EDPB / OWASP-primærkilder før skriving. + +### Added + +- **4 nye kommandoer (25 → 29):** + - `/architect:businesscase` — forretningscase med NNV (netto nåverdi) + DFØ-gevinstrealisering (#7c). + - `/architect:anskaffelse` — AI-anskaffelse: kravspesifikasjon, leverandørevaluering, terskelverdier (#7c). + - `/architect:design` — sektor-nøytralt Solution Architecture Document (SAD): kontekst, NFR, alternativer, valgt design, risiko, veikart (#7d). + - `/architect:vendor` — tredjeparts-/SaaS-leverandørvurdering (due diligence): dataresidens, sub-prosessorer, DPA, Schrems II, AI Act-deployer (#7d). +- **2 nye KB-filer (ms-ai-security, 60 → 62 refs):** `owasp-llm-top10-azure-mitigations.md` (LLM04/06/08/09) og `defender-threat-protection-ai-services.md` (AI threat protection — ikke i Azure Government). +- **Privat-sektor-paritet:** sektor-parametrisering i 6 kommandoer + onboarding-forgrening for privat/regulert sektor + parallell privat-bane i README/help/playground. + +### Changed + +- **EU AI Act-tidslinje re-baselinet mot Digital Omnibus:** Annex III høyrisiko (frittstående) utsatt til 2027-12-02, Annex I (innebygd) til 2028-08-02, Art. 50 transparens 2026-08-02. Art. 99-bøtesatser korrigert (35M €/7 %, 15M €/3 %, 7,5M €/1 %). Klargjort at EU AI Act ennå ikke er EØS-innlemmet og KI-loven uvedtatt per juni 2026. +- **Agent-orkestrering currency:** Connected Agents deprecated (pensjon 2027-03-31) → ny GA-modell Prompt/Hosted agents + Responses API som single entry point. MAF 1.0 GA + A2A v1.0.1. Prompt Flow (Foundry + AML) retirement 2027-04-20 → MAF. Computer Use Agent (CUA) GA 2026-05-07. Agentic retrieval GA-split (REST `2026-04-01` min/ekstraktiv, LLM-planning preview). +- **Kostnadslag re-baselinet:** GPT-5 $1,25/$10 input/output, konsolidert til én prissannhet i `deterministic-cost-calculation-model.md`. +- **Foundry URL-navnerom-migrering:** `ai-foundry` → `foundry` / `foundry-classic` på tvers av 141 filer. +- **Dataresidens korrigert:** Norway East — gpt-4o + gpt-4o-mini eneste Norge-residente generative modeller; modellkatalog modernisert. +- **DPIA cross-border:** EDPB Rec 01/2020 seks-stegs-TIA + CLOUD Act/FISA-restanalyse (FISA §702 til mars 2027; DPF gyldig; CLOUD Act uendret av DPF). EDPB 28/2024: anonymisering vurderes case-by-case. +- **ROS + DPIA regulatorisk currency:** NSM Grunnprinsipper v2.1, OWASP Agentic 2026 (ASI01–10), EchoLeak, DPF, EUDB. +- **Sikkerhet:** M365 E7 + Agent 365 (GA 2026-05-01) i licensing-matrix; Foundry Local air-gapped (Sovereign Private Cloud) i disconnected-scenarios. +- **KB-routing:** RAG/MLOps-KB ruting (betinget last) + forsont ROS-last-kontrakt (kjerne + betinget). +- Tellinger oppdatert: README docs-badge 387 → 389, README KB-tabell + per-skill-seksjon (ms-ai-security 60 → 62), CLAUDE.md skill-tabell (ms-ai-security 60 → 62), SKILL.md cost-optimization subdir-telling 21 → 22 (korrigert pre-eksisterende drift). + +### Notes on 1.16.0 + +- **Verifisering:** alle currency-påstander krysssjekket mot primærkilder. Der OWASP 2025-sider returnerte 404 ble innholdet kryssverifisert mot alternative offisielle kilder. +- **Plugin API surface:** 29 kommandoer, 12 agenter, 5 skills (389 reference docs), 2 hooks, MCP-server-config. Playground v3-koden er uendret siden v1.15.0 — kun doc-stamp bumpet; screenshots i `playground/screenshots/v1.15.0/` ikke regenerert. +- **Tester:** 239 plugin-validering, kb-integrity 115/115, run-e2e alle suiter (security/cost/summary/ros/ai-act + 6 playground-suiter) 0 FAIL. + ## [1.15.0] - 2026-05-16 ### Changed — playground v3 project-view integration diff --git a/CLAUDE.md b/CLAUDE.md index fb31721..06c5427 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -72,7 +72,7 @@ Tilbyr strukturert arkitekturveiledning for Microsoft AI-stakken: |-------|--------|----------------|--------------| | `ms-ai-advisor` | Cosmo Skyberg-persona, 7-fase arbeidsflyt, plattformvalg | 62 | "Hjelp meg velge" | | `ms-ai-governance` | Norsk offentlig sektor-styring, EU-regelverk, ansvarlig AI | 78 | "Er dette lovlig?" | -| `ms-ai-security` | Sikkerhetsscoring (6x5), kostnadsestimering (P10/P50/P90) | 60 | "Er dette trygt?" | +| `ms-ai-security` | Sikkerhetsscoring (6x5), kostnadsestimering (P10/P50/P90) | 62 | "Er dette trygt?" | | `ms-ai-engineering` | RAG, agenter, Azure AI Services, data, MLOps, multimodal | 153 | "Hvordan bygger jeg dette?" | | `ms-ai-infrastructure` | BCDR, hybrid/edge, suveren sky | 34 | "Hvordan drifter jeg dette?" | diff --git a/README.md b/README.md index e74ac15..3534d5a 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,9 @@ *AI-generated: all code produced by Claude Code through dialog-driven development. [Full disclosure →](../../README.md#ai-generated-code-disclosure)* -![Version](https://img.shields.io/badge/version-1.15.0-blue) +![Version](https://img.shields.io/badge/version-1.16.0-blue) ![Platform](https://img.shields.io/badge/platform-Claude_Code_Plugin-purple) -![Docs](https://img.shields.io/badge/reference_docs-387-green) +![Docs](https://img.shields.io/badge/reference_docs-389-green) ![Agents](https://img.shields.io/badge/agents-12-orange) ![License](https://img.shields.io/badge/license-MIT-lightgrey) @@ -204,14 +204,14 @@ The orchestrator creates a `.work/` directory for intermediate results, delegate ## Knowledge Base -The plugin includes **387 reference documents** organized across 5 domain-specific skills: +The plugin includes **389 reference documents** organized across 5 domain-specific skills: | Skill | Domain | Refs | User Intent | |-------|--------|------|-------------| | `ms-ai-advisor` | Cosmo persona, 7-phase workflow, platform selection | 62 | "Help me choose" | | `ms-ai-engineering` | RAG, agents, Azure AI Services, data, MLOps, multimodal | 153 | "How do I build this?" | | `ms-ai-governance` | Norwegian public sector governance, EU regulations, responsible AI, ROS | 78 | "Is this legal/safe?" | -| `ms-ai-security` | Security scoring (6×5), cost estimation (P10/P50/P90) | 60 | "Is this safe?" | +| `ms-ai-security` | Security scoring (6×5), cost estimation (P10/P50/P90) | 62 | "Is this safe?" | | `ms-ai-infrastructure` | BCDR, hybrid/edge, sovereign cloud | 34 | "How do I operate this?" | ### ms-ai-advisor (62 refs) @@ -226,7 +226,7 @@ RAG implementation patterns, agent orchestration, Azure AI Foundry, Copilot Stud Norwegian public sector governance (Digdir, DFØ), EU AI Act (Annex III checklist), responsible AI frameworks, GDPR/Schrems II compliance, Utredningsinstruksen alignment. Includes a comprehensive **ROS analysis framework** with 7 new reference documents: AI threat library (49 threats across 7 categories), NS 5814/ISO 31000 methodology guide, 7×5 scoring rubrics, sector-specific checklists (health, transport, finance, justice, education), report templates, DPIA/security integration patterns, and MAESTRO multi-agent security model. -### ms-ai-security (60 refs) +### ms-ai-security (62 refs) 6×5 security scoring rubrics, threat modeling for AI systems, content safety, cost optimization, deterministic cost calculation model, data residency patterns. @@ -602,7 +602,7 @@ bash tests/capture-fixture.sh ### Knowledge Base Maintenance -The 387+ reference documents are actively maintained by the plugin author. Updated reference files are published as regular commits to the marketplace repository. If you installed via `claude plugin marketplace add`, updates are pulled automatically — no manual action needed. +The 389+ reference documents are actively maintained by the plugin author. Updated reference files are published as regular commits to the marketplace repository. If you installed via `claude plugin marketplace add`, updates are pulled automatically — no manual action needed. For forks (or if you simply want to refresh the KB yourself), the plugin ships with a sitemap-based change-detection pipeline plus a slash command that drives the apply-fasen via the active Claude Code session. @@ -659,6 +659,7 @@ Category-to-skill routing is defined in `scripts/skill-gen/category-skill-map.js | Version | Date | Highlights | |---------|------|-----------| +| **1.16.0** | 2026-06-18 | Currency- og privat-sektor-paritets-audit (devil's-advocate-audit 2026-06-18, 10 dimensjoner, 89 verifiserte funn — `docs/devils-advocate-audit-2026-06-18.md`). **Regulatorisk:** EU AI Act-tidslinje re-baselinet mot Digital Omnibus (Annex III høyrisiko → 2027-12-02, Art. 50 → 2026-08-02) + Art. 99-bøtesatser (35M/7 %, 15M/3 %, 7,5M/1 %); EU AI Act ennå ikke EØS-innlemmet, KI-loven uvedtatt per juni 2026; DPIA cross-border med EDPB Rec 01/2020 seks-stegs-TIA + CLOUD Act/FISA-restanalyse + EDPB 28/2024 (anonymisering case-by-case). **Plattform:** Foundry URL-navnerom-migrering (`ai-foundry` → `foundry`/`foundry-classic`, 141 filer); Connected Agents deprecated (pensjon 2027-03-31) → Prompt/Hosted agents + Responses API; MAF 1.0 GA + A2A v1.0.1; Prompt Flow retirement 2027-04-20; CUA GA 2026-05-07; agentic retrieval GA-split. **Kostnad:** re-baselinet til GPT-5 $1,25/$10 med én prissannhet. **Dataresidens:** korrigert Norway East (gpt-4o + gpt-4o-mini eneste Norge-residente generative). **Sikkerhet:** Defender AI threat protection (ikke Azure Government) + OWASP LLM04/06/08/09-tiltak (2 nye KB-filer); M365 E7 + Agent 365 (GA 2026-05-01); Foundry Local air-gapped. **Privat-sektor-paritet:** sektor-parametrisering i 6 kommandoer + onboarding-forgrening + 4 nye kommandoer (`businesscase`, `anskaffelse`, `design`, `vendor` → 25 → 29 totalt). ROS/DPIA-currency (NSM v2.1, OWASP Agentic 2026, EchoLeak, DPF, EUDB). 389 reference docs (ms-ai-security 60 → 62). 239 plugin-validering · kb-integrity 115/115 · run-e2e alle suiter 0 FAIL. Playground-koden uendret siden v1.15.0 (kun doc-stamp bumpet; screenshots ikke regenerert). | | **1.15.0** | 2026-05-16 | Playground v3 project-view integration — `renderProjectSurface` (v2 screen-tabs + category-tabs + per-command paste-cards) erstattet av `renderProjectView` (sidebar med 17 artifacts + main-area + import-modal overlay). `renderActive()` delegerer nå til `renderProjectSurfaceV3()`. Dead code fjernet: `renderCommandSubCard`, `rehydratePasteImports`, `currentProjectScreen`, `ACTIONS['project-screen']`, 5 v2-CSS-klasser (`.project-tabs`, `.project-tab`, `.project-tab__count`, `.sub-zone`, `.paste-import-row`, `.project-header__*`, `.command-cards`). 2 fingerprint-gap lukket: `requirements.headers` matcher nå "EU AI Act — Krav for høyrisiko..."; `license.headers` matcher "Lisens-kapabilitetsmatrise...". v2→v3 migrasjon utvidet med `parserFor` slik at demo-state med kun `raw_markdown` auto-parses inn i `project.artifacts[cid]`. `components-tier4-project-view.css` wired inn (var ikke loaded — modal-overlay og two-column layout virket ikke). `renderImportModal` setter `data-open="true"` (DS-kontrakt). 219 plugin-validering, 386 E2E playground (32 fingerprints, 219 v3-static, 70 parsers, 16 migrations, 30 project-view, 19 actions), 0 FAIL, 2 WARN (pre-eksisterende). 24 screenshots regenerert til `playground/screenshots/v1.15.0/`. Demo viser nå 17 artifacts navigerbare i sidebar, aggregate verdict (BLOKKERT), top-risks-liste, og fungerende re-importer/slett-knapper per artifact. | | **1.14.0** | 2026-05-08 | Playground root-cause refaktor — DS-konvensjon-adopsjon på tvers av 14 renderere over 6 sesjoner. Sesjon 2: B-DS-1/2/3 fikset i shared/ DS v0.4.0 (kanban-card word-break, expansion title-block, matrix-bubble cursor). Sesjon 3: renderDpia/Security/Ros til DS-summary-grid + ros-layout. Sesjon 4: 6 compliance/govern-renderere bytter `.report-meta`-wrapper mot DS-konvensjon (renderAiActPyramid, renderRequirements, renderConformity, renderTransparency, renderFria, renderReview). Sesjon 5: renderMigrate + renderPoc → expansion-list per fase (slett `.phase-detail`-CSS). Sesjon 5b: renderCost key-stats viste "[object Object]" (parser-output har p50/p90 = {monthly,yearly}-objekter — nå ekstrahert via `.monthly`); renderCompare distinctive-token-matching erstatter firstWord-heuristikk; renderUtredning droppet misvisende `role="tab"`-attributter. Lokal `