Skip to content

feat: add governance roles to role taxonomy (#542)#659

Open
JensGrote wants to merge 5 commits into
LLM-Coding:mainfrom
JensGrote:feat/542-governance-roles-push
Open

feat: add governance roles to role taxonomy (#542)#659
JensGrote wants to merge 5 commits into
LLM-Coding:mainfrom
JensGrote:feat/542-governance-roles-push

Conversation

@JensGrote

@JensGrote JensGrote commented Jun 29, 2026

Copy link
Copy Markdown
Collaborator

Summary

(German version below)

Adds three internal governance roles to the :roles: vocabulary, as agreed in #542. This implements Step 1 of the governance role taxonomy proposal, scoped down per maintainer recommendation.

New roles

Role ID Basis
Data Protection Officer data-protection-officer GDPR Art. 37–39
Legal / Compliance Counsel legal-compliance EU AI Act, ISO 9001/20000/27001, BSI-Grundschutz, NIS2
Ethics Officer / AI Ethics Board ethics-officer EU AI Act Art. 9, ISO/IEC 42001

Anchors tagged

Anchor New roles added
regulated-environment data-protection-officer, legal-compliance, ethics-officer
meaningful-human-control data-protection-officer, ethics-officer, legal-compliance
linddun data-protection-officer
stride data-protection-officer
owasp-top-10 data-protection-officer
quality-attribute-scenario data-protection-officer, ethics-officer
arc42 legal-compliance
adr-according-to-nygard legal-compliance
c4-diagrams legal-compliance
iec-61508-sil-levels legal-compliance, ethics-officer
site-reliability-engineering legal-compliance
twelve-factor-app legal-compliance
testing-pyramid legal-compliance

Scope rationale

The governance roles are not limited to IT security and data protection. They cover anchors relevant for:

  • Internal audits and revision (ISO 9001, ISO 27001)
  • IT Service Management compliance (ISO 20000)
  • BSI-Grundschutz, KRITIS, NIS2
  • Architecture documentation as audit evidence (arc42, ADRs, C4)
  • Test evidence and SLO/SLA compliance (testing-pyramid, SRE)

Changes

  • 26 anchor files (13 EN + 13 DE) — :roles: extended
  • scripts/extract-metadata.js — three new entries in roleIdToName()
  • Regenerated roles.json, anchors.json, metadata.json, categories.json

Tests

All 16 unit tests pass (scripts/ vitest).

Closes #520.
Addresses #542 (Step 1).


Deutsche Version

Zusammenfassung

Fügt drei interne Governance-Rollen zum :roles:-Vokabular hinzu, wie in #542 vereinbart. Implementiert Schritt 1 des Governance-Rollen-Taxonomie-Vorschlags, auf Empfehlung der Maintainer reduziert.

Neue Rollen

Rolle ID Grundlage
Data Protection Officer data-protection-officer GDPR Art. 37–39
Legal / Compliance Counsel legal-compliance EU AI Act, ISO 9001/20000/27001, BSI-Grundschutz, NIS2
Ethics Officer / AI Ethics Board ethics-officer EU AI Act Art. 9, ISO/IEC 42001

Getaggte Anchors

Anchor Neue Rollen
regulated-environment data-protection-officer, legal-compliance, ethics-officer
meaningful-human-control data-protection-officer, ethics-officer, legal-compliance
linddun data-protection-officer
stride data-protection-officer
owasp-top-10 data-protection-officer
quality-attribute-scenario data-protection-officer, ethics-officer
arc42 legal-compliance
adr-according-to-nygard legal-compliance
c4-diagrams legal-compliance
iec-61508-sil-levels legal-compliance, ethics-officer
site-reliability-engineering legal-compliance
twelve-factor-app legal-compliance
testing-pyramid legal-compliance

Scope-Begründung

Die Governance-Rollen sind nicht auf IT-Security und Datenschutz beschränkt. Sie umfassen Anchors relevant für:

  • Interne Revisionen (ISO 9001, ISO 27001)
  • IT-Service-Management-Compliance (ISO 20000)
  • BSI-Grundschutz, KRITIS, NIS2
  • Architektur-Dokumentation als Audit-Nachweis (arc42, ADRs, C4)
  • Testnachweise und SLO/SLA-Compliance (Testing Pyramid, SRE)

Änderungen

  • 26 Anchor-Dateien (13 EN + 13 DE) — :roles: erweitert
  • scripts/extract-metadata.js — drei neue Einträge in roleIdToName()
  • roles.json, anchors.json, metadata.json, categories.json regeneriert

Tests

Alle 16 Unit-Tests bestehen (scripts/ vitest).

Schließt #520.
Adressiert #542 (Schritt 1).

Summary by CodeRabbit

  • Dokumentation
    • Rollen-Metadaten in vielen Dokumentations-Ankern erweitert und vereinheitlicht (u. a. Legal-Compliance, Datenschutzbeauftragte, Ethikrollen).
    • Redaktionelle Anpassungen in „Twelve-Factor App“ zur Statusbeschreibung.
  • Datenaktualisierung
    • Anchor-, Kategorie- und Rollen-Daten für die Website erweitert und angereichert.
    • Metadaten-Zeitstempel sowie Statistiken (z. B. Verteilungen) aktualisiert.

Add three internal governance roles to :roles: vocabulary:
- data-protection-officer (GDPR Art. 37-39)
- legal-compliance (EU AI Act, ISO 9001/20000/27001, BSI-Grundschutz, NIS2)
- ethics-officer (EU AI Act Art. 9, ISO/IEC 42001)

Applied to 13 anchors relevant for audits, compliance, and governance.
Regenerated roles.json, anchors.json, metadata.json via extract-metadata.

Closes LLM-Coding#520
@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 561cdc25-1cbc-43f4-a4df-cbb36c436201

📥 Commits

Reviewing files that changed from the base of the PR and between 75f72ae and a194edb.

📒 Files selected for processing (19)
  • docs/anchors/arc42.adoc
  • docs/anchors/arc42.de.adoc
  • docs/anchors/c4-diagrams.adoc
  • docs/anchors/c4-diagrams.de.adoc
  • docs/anchors/iec-61508-sil-levels.adoc
  • docs/anchors/iec-61508-sil-levels.de.adoc
  • docs/anchors/linddun.adoc
  • docs/anchors/linddun.de.adoc
  • docs/anchors/meaningful-human-control.adoc
  • docs/anchors/meaningful-human-control.de.adoc
  • docs/anchors/owasp-top-10.adoc
  • docs/anchors/owasp-top-10.de.adoc
  • docs/anchors/site-reliability-engineering.adoc
  • docs/anchors/site-reliability-engineering.de.adoc
  • docs/anchors/testing-pyramid.adoc
  • docs/anchors/testing-pyramid.de.adoc
  • docs/anchors/twelve-factor-app.adoc
  • docs/anchors/twelve-factor-app.de.adoc
  • scripts/extract-metadata.js
✅ Files skipped from review due to trivial changes (18)
  • docs/anchors/owasp-top-10.adoc
  • docs/anchors/linddun.de.adoc
  • docs/anchors/testing-pyramid.de.adoc
  • docs/anchors/site-reliability-engineering.de.adoc
  • docs/anchors/site-reliability-engineering.adoc
  • docs/anchors/iec-61508-sil-levels.adoc
  • docs/anchors/c4-diagrams.de.adoc
  • docs/anchors/meaningful-human-control.adoc
  • docs/anchors/arc42.de.adoc
  • docs/anchors/arc42.adoc
  • docs/anchors/linddun.adoc
  • docs/anchors/iec-61508-sil-levels.de.adoc
  • docs/anchors/c4-diagrams.adoc
  • docs/anchors/meaningful-human-control.de.adoc
  • docs/anchors/owasp-top-10.de.adoc
  • docs/anchors/twelve-factor-app.adoc
  • scripts/extract-metadata.js
  • docs/anchors/twelve-factor-app.de.adoc
🚧 Files skipped from review as they are similar to previous changes (1)
  • docs/anchors/testing-pyramid.adoc

Walkthrough

Neue Rollenbezeichner und ihre Lesetexte werden ergänzt. Mehrere Anchor-Dokumente erweitern ihre Rollenmetadaten, die generierten Rollen- und Anchor-Daten werden angereichert, und Kategorien- sowie Statistikdateien werden aktualisiert.

Changes

Governance-Rollen und Metadatenaktualisierungen

Layer / File(s) Summary
Rollenmapping im Extraktionsskript
scripts/extract-metadata.js
Drei neue Rollen-IDs werden im Mapping auf lesbare Namen abgebildet.
Erweiterte Rollenmetadaten in Anchor-Dokumenten
docs/anchors/adr-according-to-nygard*.adoc, docs/anchors/arc42*.adoc, docs/anchors/c4-diagrams*.adoc, docs/anchors/iec-61508-sil-levels*.adoc, docs/anchors/linddun*.adoc, docs/anchors/meaningful-human-control*.adoc, docs/anchors/owasp-top-10*.adoc, docs/anchors/quality-attribute-scenario*.adoc, docs/anchors/regulated-environment*.adoc, docs/anchors/site-reliability-engineering*.adoc, docs/anchors/stride*.adoc, docs/anchors/testing-pyramid*.adoc, docs/anchors/twelve-factor-app*.adoc
Mehrere Anchor-Seiten erweitern ihre :roles:-Listen um Governance-, Compliance-, Datenschutz- und Ethikrollen; bei twelve-factor-app wird zusätzlich der Current-Status-Text angepasst.
Aktualisierte roles.json
website/public/data/roles.json
Neue Rollenobjekte werden eingefügt und bestehende Rollen erhalten erweiterte Anchor-Listen.
Aktualisierte anchors.json
website/public/data/anchors.json
Viele Anchor-Objekte erhalten zusätzliche Metadatenfelder, angepasste Tier-Werte und neue Definitionen.
Aktualisierte categories.json und metadata.json
website/public/data/categories.json, website/public/data/metadata.json
Mehrere Kategorien bekommen neue Anchors, und die aggregierten Zähler sowie Statistiken werden neu berechnet.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Possibly related issues

Possibly related PRs

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Linked Issues check ⚠️ Warning Die Änderungen implementieren nicht die angeforderte Rolle systems-thinker aus #520, sondern andere Governance-Rollen. Bitte systems-thinker samt docs/roles/systems-thinker.adoc und den geforderten Anchors ergänzen oder die Verknüpfung zu #520 korrigieren.
Out of Scope Changes check ⚠️ Warning Die neuen data-protection-officer/legal-compliance/ethics-officer-Änderungen liegen außerhalb des in #520 geforderten systems-thinker-Scopes. Beschränken Sie den PR auf systems-thinker-Änderungen oder splitten Sie die Governance-Rollen in einen separaten PR.
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed Der Titel fasst die Einführung neuer Governance-Rollen in die Rollentaxonomie passend zusammen.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
docs/anchors/twelve-factor-app.adoc (1)

5018-5049: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Katalogeintrag für twelve-factor-app ergänzen.

In skill/semantic-anchor-translator/references/catalog.md fehlt noch twelve-factor-app; ohne den Eintrag erkennen AI-Agenten den neuen Anchor nicht.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/anchors/twelve-factor-app.adoc` around lines 5018 - 5049, The
`catalog.md` reference list is missing the new `twelve-factor-app` anchor, so AI
agents cannot discover it. Add a catalog entry for `twelve-factor-app` in
`skill/semantic-anchor-translator/references/catalog.md`, matching the existing
format used for other anchor entries and ensuring the new anchor name is
included exactly so it can be resolved correctly.

Source: Path instructions

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/anchors/adr-according-to-nygard.adoc`:
- Around line 1-4: The metadata block in the ADR anchor is incomplete after the
roles change; update the same anchor entry to include the missing required
attributes. In `ADR according to Nygard`, add `:proponents:`, `:related:`, and
`:tags:` alongside the existing `:categories:` and `:roles:` metadata so the
document satisfies the `docs/anchors/**/*.adoc` requirements and the repo
guidelines for `related anchors` and tags.

In `@docs/anchors/adr-according-to-nygard.de.adoc`:
- Around line 1-4: The metadata block in this anchor AsciiDoc is incomplete;
update the document’s header metadata in the existing anchor file so it includes
the required attributes alongside the current title, categories, and roles. Add
the missing :proponents:, :related:, and :tags: metadata entries, and make sure
the file’s metadata follows the anchor-document conventions used by the
docs/anchors/*.adoc content.

In `@docs/anchors/arc42.adoc`:
- Around line 1-5: The arc42 anchor metadata block is incomplete because it
defines categories, roles, proponents, and tier but omits the required related
and tags attributes. Update the metadata in the arc42 anchor document so it
includes both :related: and :tags: alongside the existing anchor attributes,
keeping the block consistent with the required docs/anchors/*.adoc metadata
pattern.

In `@docs/anchors/arc42.de.adoc`:
- Around line 1-5: The metadata block in arc42.de.adoc is missing the required
related and tags attributes. Update the anchor metadata alongside categories,
roles, and proponents by adding :related: for the relevant linked anchors and
:tags: for the applicable tags, keeping the same metadata style used in the
other docs/anchors/*.adoc files.

In `@docs/anchors/testing-pyramid.de.adoc`:
- Around line 1-4: The metadata block in the anchor document is incomplete and
needs the missing required attributes added. Update the AsciiDoc header for the
testing anchor so it includes :proponents:, :related:, and :tags: alongside the
existing :categories: and :roles: entries, following the conventions used by
other anchor files and the repository guidelines. Use the document’s anchor
metadata section in testing-pyramid.de.adoc as the place to add these fields so
the file satisfies the required docs/anchors metadata contract.

In `@docs/anchors/twelve-factor-app.de.adoc`:
- Line 63: The “Aktueller Stand” passage in twelve-factor-app.de.adoc contains
an ungrounded speculation about LLM training data, so remove that claim or
replace it with a named, fetch-verified source. Update the anchor structure to
include both == Kritik and == Aktueller Stand sections in German and English,
and make the status statement traceable to a specific source such as
12factor.net or another cited publication/standard via the existing anchor
content.

---

Outside diff comments:
In `@docs/anchors/twelve-factor-app.adoc`:
- Around line 5018-5049: The `catalog.md` reference list is missing the new
`twelve-factor-app` anchor, so AI agents cannot discover it. Add a catalog entry
for `twelve-factor-app` in
`skill/semantic-anchor-translator/references/catalog.md`, matching the existing
format used for other anchor entries and ensuring the new anchor name is
included exactly so it can be resolved correctly.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: b8f59feb-5543-4f8f-9a3b-9d5cdf9646fc

📥 Commits

Reviewing files that changed from the base of the PR and between 5d8fde2 and 75f72ae.

📒 Files selected for processing (31)
  • docs/anchors/adr-according-to-nygard.adoc
  • docs/anchors/adr-according-to-nygard.de.adoc
  • docs/anchors/arc42.adoc
  • docs/anchors/arc42.de.adoc
  • docs/anchors/c4-diagrams.adoc
  • docs/anchors/c4-diagrams.de.adoc
  • docs/anchors/iec-61508-sil-levels.adoc
  • docs/anchors/iec-61508-sil-levels.de.adoc
  • docs/anchors/linddun.adoc
  • docs/anchors/linddun.de.adoc
  • docs/anchors/meaningful-human-control.adoc
  • docs/anchors/meaningful-human-control.de.adoc
  • docs/anchors/owasp-top-10.adoc
  • docs/anchors/owasp-top-10.de.adoc
  • docs/anchors/quality-attribute-scenario.adoc
  • docs/anchors/quality-attribute-scenario.de.adoc
  • docs/anchors/regulated-environment.adoc
  • docs/anchors/regulated-environment.de.adoc
  • docs/anchors/site-reliability-engineering.adoc
  • docs/anchors/site-reliability-engineering.de.adoc
  • docs/anchors/stride.adoc
  • docs/anchors/stride.de.adoc
  • docs/anchors/testing-pyramid.adoc
  • docs/anchors/testing-pyramid.de.adoc
  • docs/anchors/twelve-factor-app.adoc
  • docs/anchors/twelve-factor-app.de.adoc
  • scripts/extract-metadata.js
  • website/public/data/anchors.json
  • website/public/data/categories.json
  • website/public/data/metadata.json
  • website/public/data/roles.json

Comment thread docs/anchors/adr-according-to-nygard.adoc
Comment thread docs/anchors/adr-according-to-nygard.de.adoc
Comment thread docs/anchors/arc42.adoc
Comment on lines 1 to 5
= arc42 Architecture Documentation
:categories: software-architecture
:roles: software-architect, technical-writer, team-lead
:roles: software-architect, technical-writer, team-lead, legal-compliance
:proponents: Gernot Starke, Peter Hruschka

@coderabbitai coderabbitai Bot Jun 29, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🗄️ Data Integrity & Integration | 🟡 Minor | ⚡ Quick win

related und tags bitte im Metadatenblock ergänzen.

Der angefasste Anchor erfüllt die Repo-Vorgabe für categories/roles/proponents, aber :related: und :tags: fehlen weiterhin. As per coding guidelines, docs/anchors/*.adoc: "must use metadata attributes for categories, roles, related anchors, proponents, and tags."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/anchors/arc42.de.adoc` around lines 1 - 5, The metadata block in
arc42.de.adoc is missing the required related and tags attributes. Update the
anchor metadata alongside categories, roles, and proponents by adding :related:
for the relevant linked anchors and :tags: for the applicable tags, keeping the
same metadata style used in the other docs/anchors/*.adoc files.

Source: Coding guidelines

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pre-existing gap — same as EN version. Tracked in #668 (comprehensive metadata audit).

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JensGrote, understood — thanks for linking #668. I'll leave this as-is here since it's already tracked for the broader metadata audit.


🧠 Learnings used
Learnt from: raifdmueller
Repo: LLM-Coding/Semantic-Anchors PR: 379
File: docs/anchors/todotxt-flavoured-markdown.de.adoc:2-2
Timestamp: 2026-03-27T09:53:39.838Z
Learning: In this repository, `:categories:` in `docs/anchors/*.adoc` files is intentionally not restricted to a fixed whitelist. `extract-metadata.js` reads `:categories:` from all `.adoc` files to generate category data, so reviewers should allow new category slugs to be introduced via `:categories:`. After running `npm run build`, new categories should automatically appear in `website/public/data/categories.json`; do not flag new/unknown category slugs as invalid due to any hardcoded validation.

Comment thread docs/anchors/testing-pyramid.de.adoc
Comment thread docs/anchors/twelve-factor-app.de.adoc Outdated
@JensGrote

Copy link
Copy Markdown
Collaborator Author

Thanks for the thorough review, @coderabbitai!

Regarding the metadata completeness comments (:proponents:, :tags:, :related:):

These are pre-existing gaps — I verified against the merge base that all of these fields were already missing before my changes. My PR only adds legal-compliance to the :roles: line in these files; it does not introduce the missing metadata.

I have created a separate cleanup issue (see below) to audit and fill the missing metadata across all 318 anchor files — the 5 files touched here will be fixed as part of that comprehensive effort, not in this PR.

This keeps the scope of this PR focused on the governance roles addition.

For reference, audit results across the catalog:

Field Status Missing
:proponents: Required 64 files
:tags: Recommended 90 files
:related: Optional 148 files

@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Tip

For best results, initiate chat on the files or code changes.

@JensGrote, thanks for the detailed clarification and for verifying against the merge base. That's a reasonable scoping decision — keeping this PR focused on the governance role additions while tracking the broader metadata audit (:proponents: in 64 files, :tags: in 90 files, :related: in 148 files) as a separate cleanup effort makes sense. I won't flag those pre-existing gaps again for this PR.

Good luck with the cleanup issue!

(=^・ω・^)ノ


✏️ Learnings added
Learnt from: JensGrote
URL: https://github.com/LLM-Coding/Semantic-Anchors/pull/659

Timestamp: 2026-07-01T20:53:53.688Z
Learning: In the Semantic-Anchors repository, pre-existing metadata gaps in anchor files (missing `:proponents:`, `:tags:`, `:related:` fields in docs/anchors/*.adoc files) are tracked separately from feature PRs (e.g., role additions) via a dedicated cleanup issue covering all anchor files, rather than being fixed incidentally within unrelated PRs.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Role Proposal]: Systems Thinker / Systemic Consultant

1 participant