Tags

v1.2.5

Releasing the Final Version for Hackathon submission

v1.2.0

v1.2.0 - GCP Integration with Graceful Degradation

New Features:
- BigQuery logging for compliance findings analytics
- Cloud Storage for PDF reports and evidence archival (1-year retention)
- Vertex AI (Gemini) for AI-powered compliance narratives
- CLI tool for manual/CI archival operations

Key Design:
- Graceful degradation: Main flow works without GCP credentials
- Clear error messages when GCP services unavailable
- Fallback narrative generation without Vertex AI
- Modular architecture (src/gcp/)

Documentation:
- docs/GCP_SETUP.md - Complete setup guide
- Enhanced BigQuery schema with analytics queries

Testing:
- tests/test_gcp_integration.py - Unit tests for all modules

v1.1.5

v1.1.5 - Fix MR context extraction in flow

- Scanner extracts MR IID from context and includes in output
- Downstream agents receive MR metadata via scanner_findings
- Explicit project path for URL construction
- Better prompt instructions for MR identification

v1.1.4

v1.1.4 - Fix MR context passing in flow

- Use context:merge_request instead of context:goal
- Agents now receive proper MR context when triggered
- Updated prompts to extract project_id and merge_request_iid from context

v1.1.3

v1.1.3 - Add name field to flow schema

v1.1.2

v1.1.2 - Add description field to flow schema

v1.1.1

v1.1.1 - Fix flow schema for AI Catalog

Changes:
- Add required 'definition' wrapper to flow schema
- Replace deprecated issue tools with work_item tools
- Fix README directory structure

ComplianceBot Flow features:
- Multi-agent compliance flow (Scanner, Mapper, Evidence Collector, Reporter)
- SOC 2, ISO 27001, PCI-DSS, HIPAA framework support
- Compliance scoring (0-100 scale)
- Evidence collection with SHA-256 hashing

v1.1.0

v1.1.0 - ComplianceBot Flow published to AI Catalog

Release highlights:
- Multi-agent compliance flow with 4 agents (Scanner, Mapper, Evidence Collector, Reporter)
- SOC 2, ISO 27001, PCI-DSS, HIPAA framework support
- Compliance scoring (0-100 scale)
- Evidence collection with SHA-256 hashing
- Google Cloud integration (Vertex AI, BigQuery, GCS)
- Audit-ready PDF report generation

Published to GitLab AI Catalog for hackathon submission.

v1.0-requirements-verified

ComplianceBot Flow v1.0: All Requirements Verified

✅ All 4 agents properly defined and validated:
   - ComplianceBot Scanner (read_file, read_files)
   - ComplianceBot Mapper (6 official tools)
   - ComplianceBot Evidence Collector (6 official tools)
   - ComplianceBot Reporter (5 official tools)

✅ Flow properly orchestrated:
   - Scanner → Mapper → Evidence Collector → Reporter
   - All components correctly chained
   - All routers and entry points defined

✅ Tool validation complete:
   - 18 total official GitLab tools used
   - All tools verified in OFFICIAL_TOOLS_REFERENCE.md
   - No custom tools (GitLab Catalog compliant)

✅ Compliance frameworks fully supported:
   - SOC 2 Trust Services Criteria
   - ISO 27001 Information Security Controls
   - PCI-DSS Requirements (conditional)
   - HIPAA Security Rule (conditional)

✅ All requirements met:
   - Non-repudiation (SHA-256 hashing)
   - Audit trail (14-day collection)
   - Evidence archival (BigQuery + GCS)
   - Compliance scoring (0-100 scale)
   - MR comments for high-risk findings
   - Auto-issue creation for findings

✅ Documentation complete:
   - AGENTS.md: Agent behavior guidelines
   - REQUIREMENTS_VERIFICATION.md: Full verification report
   - TESTING_AND_SUBMISSION.md: End-to-end testing strategy
   - TESTING_QUICK_REFERENCE.md: Quick 1-page checklist
   - docs/OFFICIAL_TOOLS_REFERENCE.md: Tool reference

Ready for testing and submission.
Date: March 20, 2026

v0.0.6

Compiled all agents

v0.0.5

v0.0.3

v0.0.4