🧠 EU Parliament Monitor — System Mindmap

📊 Conceptual Relationships and System Components
🎯 Holistic View of Platform Architecture and Capabilities

📋 Document Owner: CEO | 📄 Version: 1.2 | 📅 Last Updated: 2026-04-20 (UTC) | 🏷️ Platform Release: v0.8.40
🔄 Review Cycle: Quarterly | ⏰ Next Review: 2026-07-20
🏷️ Classification: Public (Open Source European Parliament Monitoring Platform)

📚 Architecture Documentation Map

Document	Focus	Description	Documentation Link
Architecture	🏛️ Architecture	C4 model showing current system structure	View Source
Future Architecture	🏛️ Architecture	C4 model showing future system structure	View Source
Mindmaps	🧠 Concept	Current system component relationships	View Source
Future Mindmaps	🧠 Concept	Future capability evolution	View Source
SWOT Analysis	💼 Business	Current strategic assessment	View Source
Future SWOT Analysis	💼 Business	Future strategic opportunities	View Source
Data Model	📊 Data	Current data structures and relationships	View Source
Future Data Model	📊 Data	Enhanced European Parliament data architecture	View Source
Flowcharts	🔄 Process	Current data processing workflows	View Source
Future Flowcharts	🔄 Process	Enhanced AI-driven workflows	View Source
State Diagrams	🔄 Behavior	Current system state transitions	View Source
Future State Diagrams	🔄 Behavior	Enhanced adaptive state transitions	View Source
Security Architecture	🛡️ Security	Current security implementation	View Source
Future Security Architecture	🛡️ Security	Security enhancement roadmap	View Source
Threat Model	🎯 Security	STRIDE threat analysis	View Source
Classification	🏷️ Governance	CIA classification & BCP	View Source
CRA Assessment	🛡️ Compliance	Cyber Resilience Act	View Source
Workflows	⚙️ DevOps	CI/CD documentation	View Source
Future Workflows	🚀 DevOps	Planned CI/CD enhancements	View Source
Business Continuity Plan	🔄 Resilience	Recovery planning	View Source
Financial Security Plan	💰 Financial	Cost & security analysis	View Source
End-of-Life Strategy	📦 Lifecycle	Technology EOL planning	View Source
Unit Test Plan	🧪 Testing	Unit testing strategy	View Source
E2E Test Plan	🔍 Testing	End-to-end testing	View Source
Performance Testing	⚡ Performance	Performance benchmarks	View Source
Security Policy	🔒 Security	Vulnerability reporting & security policy	View Source

🛡️ ISMS Policy Alignment

This conceptual documentation implements controls aligned with Hack23 AB's publicly available ISMS framework.

Applicable ISMS Policies

Policy	Relevance
Secure Development Policy	Architecture documentation requirements per C4 model
Information Security Policy	System design aligned with security governance framework
Classification Framework	Data and component classification per CIA triad
Open Source Policy	Open-source architecture transparency

📋 Overview

This document provides conceptual mindmaps that illustrate the relationships between components, capabilities, and concepts within the EU Parliament Monitor ecosystem. Unlike C4 diagrams (structure) or flowcharts (process), mindmaps show conceptual connections and knowledge domains.

Purpose

Mindmaps serve to:

Conceptual Understanding: Show how ideas and components relate
Knowledge Organization: Structure the domain knowledge hierarchy
Capability Mapping: Illustrate what the system can do
Dependency Visualization: Display concept dependencies
Onboarding Aid: Help new contributors understand the system holistically

Mindmap Categories

This document contains five primary mindmaps:

System Overview: High-level system capabilities and components
Data Ecosystem: Data sources, flows, and transformations
Technical Architecture: Technology stack and infrastructure
Content Generation: LLM-powered content creation pipeline
Security & Compliance: Security controls and compliance framework

🏛️ System Overview Mindmap

Complete view of the EU Parliament Monitor system, its purpose, and major capabilities.

mindmap
  root((EU Parliament<br/>Monitor v0.8.40))
    Mission
      Democratic Transparency
        Public Information
        Open Data Access
        Political Accountability
      Multi-Language Support
        14 Languages
          EN, SV, DA, NO
          FI, DE, FR, ES
          NL, AR, HE, JA
          KO, ZH
        Native Speakers
        Cultural Adaptation
      AI-First Intelligence
        2-Pass Quality Gate
        Agentic Workflows (gh-aw v0.69.0)
        AI Writes All Analysis
        Validator Gate Pre-Publish

    Core Capabilities
      8 Article Types
        Breaking News
        Week Ahead
        Week in Review
        Month Ahead
        Month in Review
        Committee Reports
        Motions
        Propositions
      9 Strategies (1 generic + 8 type-specific)
        article-strategy (base)
        breaking-news-strategy
        committee-reports-strategy
        month-ahead-strategy
        monthly-review-strategy
        motions-strategy
        propositions-strategy
        week-ahead-strategy
        weekly-review-strategy
      5-Stage Pipeline
        fetch-stage
        transform-stage
        analysis-stage
        generate-stage
        output-stage
      Static Site Delivery
        AWS S3 + CloudFront (primary)
        GitHub Pages (fallback)
        Global CDN
        1,894 HTML articles

    Key Stakeholders
      European Citizens
        Information Seekers
        Politically Engaged
        Language Preference
      Journalists
        Research Source
        Story Development
        Fact Checking
      Policy Analysts / Researchers
        Academic Studies
        Policy Analysis
        Trend Analysis
      MEPs
        Cross-Party Visibility
        Committee Activity Index
      Developers
        Open-Source Contributors
        Platform Maintainers
        Security Auditors

    Technical Foundation
      Static Architecture
        No Runtime Dependencies
        Build-Time Generation
        Immutable Artifacts
        Zero Database
      GitHub Infrastructure
        Actions for CI/CD
        gh-aw Agentic Runtime
        Pages (fallback)
        Security Scanning
        Dependabot Updates
      Dual-Economic Data
        EP MCP 1.2.13
        World Bank MCP 1.0.1 (optional)
        IMF REST SDMX 3.0
      AI Engines (Switchable)
        GitHub Copilot
        Claude
        Codex

System Overview Hierarchy

Concept	Sub-Concepts	Description
Mission	Democratic Transparency, Multi-Language, Automated Intelligence	Core purpose and values
Core Capabilities	News Generation, Content Types, Publishing, Delivery	What the system does
Key Stakeholders	Citizens, Journalists, Researchers, Developers	Who uses the system
Technical Foundation	Static Architecture, GitHub, MCP, LLM	How it's built

📊 Data Ecosystem Mindmap

Data sources, transformations, and outputs in the EU Parliament Monitor pipeline.

mindmap
  root((Data<br/>Ecosystem))
    Data Sources
      European Parliament MCP 1.2.13
        Plenary Sessions
          Session Schedule
          Agenda Items
          Voting Records
          Attendance Data
        Committee Meetings
          Committee Info
          Meeting Schedule
          Topics Discussed
          Decisions Made
        Documents
          Proposals
          Reports
          Amendments
          Resolutions
        Parliamentary Questions
          Written Questions
          Oral Questions
          Answers
          Follow-ups
        Sliding-Window Feeds
          Accept timeframe/startDate
        Fixed-Window Feeds (7)
          documents
          plenary_documents
          committee_documents
          plenary_session_documents
          parliamentary_questions
          corporate_bodies
          controlled_vocabularies
        Unavailable Envelope
          status: unavailable
          items: []
      World Bank MCP 1.0.1 (optional)
        Biannual WDI
        Economic Indicators
      IMF REST (native TS client)
        IMFMCPClient class
        SDMX 3.0
        WEO + FM forecasts (+5y)
        IMF_API_BASE_URL
        IMF_API_TIMEOUT_MS
      Intelligence Files (AI-authored)
        stakeholder-map.md
        impact-matrix.md
        mcp-reliability-audit.md
        reference-analysis-quality.md
      Fallback Data
        Last-known envelope cache
        Historical articles (1894)

    Data Transformations
      fetch-stage
        Concurrent MCP calls
        Unavailable-envelope handling
        mcp-retry.ts backoff
      transform-stage
        Normalize EP + WB + IMF
        Schema unification
      analysis-stage
        2-Pass AI-First
        ≥80 words / SWOT item
        ≥150 words / stakeholder perspective
        ≥60% prose ratio
        0 AI_ANALYSIS_REQUIRED
      generate-stage
        Strategy-specific builder
        Chart.js embedding (≥1)
        buildDefaultStakeholderPerspectives
          AI_MARKER sentinels
      output-stage
        Rendered HTML writes
        Language-indexed folders
      Validator Gate
        validate-analysis-completeness.js
        scanHtmlForFallbackLeaks
        FALLBACK_TEMPLATE_PATTERNS
        Reference thresholds (≥200/385, ≥140/190)

    Data Storage
      File System
        news/ (1894 HTML articles)
        14 language subtrees
        JSON-LD metadata
        Static Assets
        Index Files per language
      Git Repository
        Version Control
        Change History
        Commit Metadata
        Branch Management
      Build Artifacts
        Compiled HTML
        Sitemap XML
        Language Indexes
        Asset Manifests (js/vendor/)

    Data Outputs
      HTML Articles
        Multi-Language (14)
        Semantic Markup
        WCAG 2.1 AA
        SEO + OpenGraph
        JSON-LD structured data
      Index Pages
        index.html + index-{lang}.html
        Date-sorted
        Runtime filter (js/index-runtime.js)
      Sitemap
        URL Listing
        hreflang per language
        Last Modified
      Runtime JS
        js/index-runtime.js (filter+theme)
        js/article-runtime.js (reading progress+theme)
      Vendored libs
        chart.js UMD
        chartjs-plugin-annotation
        d3 7.9
      npm Package
        SLSA 3 attestation
        Provenance

Data Flow Stages

flowchart LR
    A[EP APIs] -->|JSON| B[MCP Server]
    B -->|Structured Data| C[Validation]
    C -->|Valid Data| D[Sanitization]
    D -->|Clean Data| E[LLM Processing]
    E -->|Generated Content| F[Multi-Language]
    F -->|14 Languages| G[HTML Generation]
    G -->|Static Files| H[Git Repository]
    H -->|Push| I[GitHub Pages]
    I -->|CDN| J[Public Website]

    B -.->|Error| K[Fallback Content]
    K -.->|Placeholder| E

    style A fill:#e1f5ff
    style B fill:#e8f5e9
    style E fill:#fff4e1
    style G fill:#e8f5e9
    style I fill:#e1f5ff
    style J fill:#d4edda

💻 Technical Architecture Mindmap

Technology stack, infrastructure, and development practices.

mindmap
  root((Technical<br/>Architecture v0.8.40))
    Runtime Environment
      Node.js 25
        ES Modules
        Performance
        Latest Features
      TypeScript 6.0.3
        Strict Mode
        Type Safety
        Async/Await
        Error Handling
      GitHub-Hosted Runners
        ubuntu-latest (2-core default)
        Ephemeral Execution
        Security Isolation
        120-min timeout hard cap

    Development Stack
      Build Tools
        npm + package.json
        ESLint 10.2.1
        Prettier
        Husky git hooks
        typedoc 0.28.19
      Testing (3,061+ tests / 52 files)
        Vitest 4.1.4 (unit + integration)
        Playwright 1.59.1 (E2E)
        axe-core (WCAG 2.1 AA)
        HTMLHint
      Code Quality
        SonarCloud (planned)
        CodeQL SAST
        Dependabot SCA
        REUSE/SPDX license compliance
      Documentation
        Markdown + Mermaid
        JSDoc → typedoc
        Architecture suite (C4/ERD/FLOW/STATE)
        ISMS alignment

    Infrastructure
      GitHub Platform
        Source Control
          Git Repository
          Branch Protection
          Required Reviews
          SHA-pinned Actions
        CI/CD
          GitHub Actions
          9 agentic news workflows
            news-breaking
            news-week-in-review
            news-month-in-review
            news-week-ahead
            news-month-ahead
            news-committee-reports
            news-motions
            news-propositions
            news-translate
          14 infra workflows
            compile-agentic-workflows
            agentics-maintenance
            codeql
            copilot-setup-steps
            dependency-review
            deploy-s3
            e2e
            labeler
            news-translate-reconciler
            release
            reuse
            scorecards
            setup-labels
            test-and-report
          gh aw compile --validate
          GH_AW_VERSION v0.69.0 (pinned)
        Hosting (fallback)
          GitHub Pages
          HTTPS/SSL
          Global CDN
        Security
          Dependabot
          Secret Scanning
          CodeQL
          SLSA 3 Attestations
          Scorecards
      AWS (Primary hosting)
        S3 (versioned bucket)
        CloudFront (CDN)
        ACM (TLS cert)
        OIDC deploy role (deploy-s3.yml)
      MCP Runtime
        EP MCP Gateway
          host.docker.internal:80
          /mcp/european-parliament
          mcp-setup.sh
        JSON-RPC 2.0 over stdio/HTTP
        european-parliament-mcp-server 1.2.13
        worldbank-mcp 1.0.1 (optional)
        IMFMCPClient native fetch
      gh-aw 5-Layer Security
        AWF Squid firewall allowlist
        Sandboxed Docker
        Safe-output constraints
          create-pull-request
          max-patch-size: 1024 KB (default)
          max-patch-size: 10240 KB (translate)
        JSONL audit trail
        Lock-file compilation

    Security Architecture
      Defense in Depth
        Static Content
          No Server Execution
          No Database
          No User Sessions
          No Authentication
        Input Validation
          Schema Validation
          Type Checking
          Content Validator
          Sanitization
        Output Encoding
          HTML Entity Encoding
          XSS Prevention
          CSP Headers
          Content Security
        Supply Chain Security
          SHA-Pinned Actions
          SBOM Generation
          npm provenance
          SLSA 3 attestations
          REUSE 3.3 license compliance
      Frontend
        Static HTML5 + CSS3
        styles.css (133 KB, hand-written)
        No SPA framework
        Runtime JS modules
        buildSiteFooter() single source
        14-language localized footer
      Compliance Framework
        ISO 27001:2022
        NIST CSF 2.0
        CIS Controls v8.1
        GDPR
        NIS2
        EU Cyber Resilience Act

Technology Stack Layers

graph TB
    subgraph "Presentation Layer"
        A[Static HTML/CSS]
        B[Multi-Language Content]
        C[Responsive Design]
    end

    subgraph "Generation Layer"
        D[Node.js Scripts]
        E[LLM Integration]
        F[Template Engine]
    end

    subgraph "Data Layer"
        G[European Parliament MCP]
        H[EP APIs]
        I[JSON Data]
    end

    subgraph "Infrastructure Layer"
        J[GitHub Actions]
        K[GitHub Pages]
        L[CDN Distribution]
    end

    subgraph "Security Layer"
        M[CodeQL SAST]
        N[Dependabot SCA]
        O[Input Validation]
        P[Output Encoding]
    end

    A --> D
    B --> D
    C --> D
    D --> G
    E --> D
    F --> D
    G --> H
    H --> I
    D --> J
    J --> K
    K --> L
    M --> D
    N --> J
    O --> D
    P --> A

    style A fill:#e8f5e9
    style D fill:#e1f5ff
    style G fill:#fff4e1
    style J fill:#e1f5ff
    style M fill:#ffe1e1

🤖 Content Generation Pipeline Mindmap

LLM-powered content creation workflow and capabilities.

mindmap
  root((Content<br/>Generation))
    Input Sources
      Parliamentary Data
        Session Information
        Committee Activities
        Document Content
        Question Records
      Article Requirements
        Article Type
        Target Language
        Content Length
        Style Guidelines
      Context Information
        Historical Data
        Related Events
        Background Info
        Source Citations

    LLM Processing
      Prompt Engineering
        System Prompts
          Role Definition
          Style Guidelines
          Factual Requirements
          Output Format
        Context Injection
          Source Data
          Metadata
          Instructions
          Examples
        Temperature Control
          Consistency
          Creativity Balance
          Fact Accuracy
          Style Adherence
      Content Generation
        Article Creation
          Title Generation
          Subtitle Creation
          Summary Paragraph
          Detailed Analysis
          Key Points List
        Multi-Language
          Translation Prompts
          Cultural Adaptation
          Idiom Handling
          Format Preservation
        Fact Checking
          Source Verification
          Citation Accuracy
          Data Consistency
          Logic Validation

    Post-Processing
      Content Validation
        Schema Compliance
        Required Fields
        Length Limits
        Format Rules
      HTML Generation
        Semantic Markup
        Accessibility
        SEO Tags
        Meta Information
      Quality Assurance
        Spell Check
        Grammar Check
        Style Consistency
        Link Validation
      Sanitization
        XSS Prevention
        Script Removal
        Event Handler Removal
        Safe HTML Only

    Output Types
      Week Ahead Articles
        Upcoming Sessions
        Scheduled Events
        Committee Meetings
        Expected Votes
      Committee Reports
        Meeting Summaries
        Decisions Made
        Topics Discussed
        Next Steps
      Proposition Analysis
        Proposal Details
        Impact Assessment
        Stakeholder Views
        Expert Commentary
      Breaking News
        Urgent Updates
        Vote Results
        Major Decisions
        Political Developments

Content Generation Flow

flowchart TD
    Start[📋 Article Request] --> Type{Article Type}

    Type -->|Week Ahead| WA[Fetch Schedule Data]
    Type -->|Committee| CR[Fetch Meeting Data]
    Type -->|Proposition| PA[Fetch Proposal Data]
    Type -->|Breaking| BN[Fetch Latest Events]

    WA --> Prompt[🤖 Generate LLM Prompt]
    CR --> Prompt
    PA --> Prompt
    BN --> Prompt

    Prompt --> System[Add System Context]
    System --> Context[Inject Source Data]
    Context --> Send[Send to LLM]

    Send --> Receive[Receive Generated Content]

    Receive --> Validate{✅ Validate}
    Validate -->|Invalid| Retry[Retry Generation]
    Retry --> Send

    Validate -->|Valid| Translate[🌍 Multi-Language]

    Translate --> L1[English]
    Translate --> L2[Swedish]
    Translate --> L3[Danish]
    Translate --> L4[Norwegian]
    Translate --> L5[Finnish]
    Translate --> L6[German]
    Translate --> L7[French]
    Translate --> L8[Spanish]
    Translate --> L9[Dutch]
    Translate --> L10[Arabic]
    Translate --> L11[Hebrew]
    Translate --> L12[Japanese]
    Translate --> L13[Korean]
    Translate --> L14[Chinese]

    L1 --> HTML[Generate HTML]
    L2 --> HTML
    L3 --> HTML
    L4 --> HTML
    L5 --> HTML
    L6 --> HTML
    L7 --> HTML
    L8 --> HTML
    L9 --> HTML
    L10 --> HTML
    L11 --> HTML
    L12 --> HTML
    L13 --> HTML
    L14 --> HTML

    HTML --> Sanitize[🧹 Sanitize Content]
    Sanitize --> QA[Quality Assurance]
    QA --> Publish[📦 Publish Article]
    Publish --> End[✅ Complete]

    style Start fill:#e8f5e9
    style Send fill:#fff4e1
    style Translate fill:#e1f5ff
    style Publish fill:#d4edda
    style End fill:#d4edda

🛡️ Security & Compliance Mindmap

Security controls, compliance requirements, and best practices.

mindmap
  root((Security &<br/>Compliance))
    Threat Model
      Attack Vectors
        XSS Injection
          Script Tags
          Event Handlers
          Data URIs
          SVG Exploits
        Data Injection
          HTML Injection
          JSON Injection
          Command Injection
          Path Traversal
        Supply Chain
          Malicious Dependencies
          Compromised Packages
          Vulnerable Libraries
          Outdated Components
        Infrastructure
          GitHub Account Compromise
          Workflow Manipulation
          Secret Exposure
          Access Control
      Mitigations
        Input Validation
          Schema Validation
          Type Checking
          Whitelist Filtering
          Length Limits
        Output Encoding
          HTML Entity Encoding
          JavaScript Escaping
          URL Encoding
          CSS Sanitization
        Dependency Management
          SHA Pinning
          Vulnerability Scanning
          Update Automation
          License Compliance
        Access Control
          Branch Protection
          Required Reviews
          Secret Management
          Least Privilege

    Security Controls
      Static Analysis
        CodeQL
          TypeScript Analysis
          Vulnerability Detection
          Data Flow Analysis
          Control Flow Analysis
        ESLint Security
          Security Rules
          Best Practices
          Code Standards
          Error Detection
        SonarCloud
          Code Quality
          Security Hotspots
          Technical Debt
          Maintainability
      Dynamic Analysis
        Dependency Scanning
          npm audit
          Dependabot Alerts
          CVE Monitoring
          CVSS Scoring
        Secret Scanning
          GitHub Secret Scanning
          Token Detection
          API Key Detection
          Credential Leaks
        License Compliance
          REUSE Compliance
          License Compatibility
          Attribution
      Runtime Protection
        Content Security Policy
          Script Sources
          Style Sources
          Frame Ancestors
          Object Sources
        HTTPS Enforcement
          TLS 1.3
          HSTS Headers
          Secure Cookies
          Mixed Content Prevention
        Rate Limiting
          API Rate Limits
          Retry Backoff
          Resource Quotas
          Abuse Prevention

    Compliance Framework
      ISO 27001
        Information Security
          Risk Assessment
          Security Controls
          Access Management
          Incident Response
        Documentation
          Policies
          Procedures
          Risk Register
          Audit Evidence
        Continuous Improvement
          Monitoring
          Review
          Corrective Actions
          Preventive Actions
      GDPR
        Data Protection
          No PII Collection
          Data Minimization
          Purpose Limitation
          Storage Limitation
        Privacy Rights
          Right to Access
          Right to Erasure
          Right to Portability
          Right to Object
        Legal Basis
          Public Interest
          Legitimate Interest
          Transparency
          Accountability
      NIS2
        Security Requirements
          Risk Management
          Incident Reporting
          Supply Chain Security
          Vulnerability Management
        Governance
          Management Responsibility
          Security Policies
          Training Programs
          Audit & Assessment
        Essential Services
          Availability
          Integrity
          Confidentiality
          Resilience
      EU CRA
        Product Security
          Secure Development
          Vulnerability Disclosure
          Security Updates
          SBOM Generation
        Conformity Assessment
          Risk Classification
          Documentation
          Testing
          Certification
        Market Surveillance
          Incident Reporting
          Product Recalls
          Compliance Monitoring
          Enforcement

Security Layers

graph TB
    subgraph "Layer 1: Prevention"
        A[Input Validation]
        B[Output Encoding]
        C[Secure Defaults]
    end

    subgraph "Layer 2: Detection"
        D[Static Analysis]
        E[Dependency Scanning]
        F[Secret Scanning]
    end

    subgraph "Layer 3: Response"
        G[Automated Fixes]
        H[Security Updates]
        I[Incident Response]
    end

    subgraph "Layer 4: Recovery"
        J[Git History]
        K[Rollback Capability]
        L[Disaster Recovery]
    end

    subgraph "Layer 5: Assurance"
        M[Audit Logging]
        N[Compliance Reports]
        O[Security Reviews]
    end

    A --> D
    B --> D
    C --> D
    D --> G
    E --> H
    F --> I
    G --> M
    H --> M
    I --> J
    J --> K
    K --> L
    M --> N
    N --> O

    style A fill:#e8f5e9
    style D fill:#e1f5ff
    style G fill:#fff4e1
    style J fill:#ffe1e1
    style M fill:#e1f5ff

🎨 Visual Design Principles

Mindmaps follow these design principles for consistency and clarity.

Color Coding

mindmap
  root((Color<br/>Legend))
    Data & Content
      Light Blue
        Data Sources
        Data Processing
        Information Flow
    Technical Components
      Light Green
        Infrastructure
        Build Tools
        Runtime Environment
    AI & Intelligence
      Light Yellow
        LLM Processing
        Content Generation
        AI Capabilities
    Security & Compliance
      Light Red/Pink
        Security Controls
        Threat Detection
        Compliance Requirements
    Success & Outcomes
      Dark Green
        Published Content
        Completed Tasks
        Achieved Goals

Node Types

Node Type	Usage	Example
Root Node	Central concept	EU Parliament Monitor
Primary Branch	Major category	Mission, Capabilities, Stakeholders
Secondary Branch	Subcategory	Democratic Transparency, News Generation
Leaf Node	Specific concept	Week Ahead, Committee Reports

Layout Guidelines

Radial Layout: Root in center, branches extending outward
Balanced Distribution: Even spacing between branches
Logical Grouping: Related concepts near each other
Depth Limit: Maximum 4 levels deep for readability
Node Size: Consistent sizing based on hierarchy level

🔄 Relationship Types

Different types of relationships shown in mindmaps:

Relationship	Description	Example
IS-A	Type/subtype relationship	"Week Ahead" IS-A "Article Type"
HAS-A	Composition relationship	"System" HAS-A "MCP Integration"
USES	Dependency relationship	"Generator" USES "LLM Service"
PRODUCES	Output relationship	"Generation" PRODUCES "HTML Files"
REQUIRES	Prerequisite relationship	"Publishing" REQUIRES "Validation"
ENABLES	Capability relationship	"MCP" ENABLES "Data Access"

📊 Integration with Other Documentation

Cross-Reference Matrix

Mindmap Section	Related C4 Diagram	Related Flowchart	Related State Diagram
System Overview	Context Diagram	News Generation Flow	System Lifecycle
Data Ecosystem	Container Diagram	Data Processing Flow	Article Lifecycle
Technical Architecture	Component Diagram	Validation Flow	MCP Connection State
Content Generation	Component Diagram	Generation Flow	Article State
Security & Compliance	Component Diagram	Security Flow	Error Handling State

graph LR
    A[MINDMAP.md] -->|Structure| B[ARCHITECTURE.md]
    A -->|Process| C[FLOWCHART.md]
    A -->|Behavior| D[STATEDIAGRAM.md]
    A -->|Data| E[DATA_MODEL.md]
    A -->|Security| F[SECURITY_ARCHITECTURE.md]
    A -->|Strategy| G[SWOT.md]

    B -->|Detailed View| A
    C -->|Detailed View| A
    D -->|Detailed View| A
    E -->|Detailed View| A
    F -->|Detailed View| A
    G -->|Detailed View| A

    style A fill:#fff4e1
    style B fill:#e1f5ff
    style C fill:#e1f5ff
    style D fill:#e1f5ff
    style E fill:#e8f5e9
    style F fill:#ffe1e1
    style G fill:#e8f5e9

🎯 Use Cases for Mindmaps

For New Contributors

Purpose: Quick system understanding without deep technical dive

How to Use:

Start with System Overview mindmap
Understand mission and stakeholders
Review core capabilities
Explore technical foundation

Expected Outcome: Holistic understanding in 15-30 minutes

For Architects

Purpose: Design decisions and system evolution planning

How to Use:

Review Technical Architecture mindmap
Analyze component relationships
Identify integration points
Plan future enhancements

Expected Outcome: Informed architectural decisions

For Security Auditors

Purpose: Security posture assessment

How to Use:

Review Security & Compliance mindmap
Examine threat model
Verify security controls
Check compliance framework

Expected Outcome: Security assessment report

For Product Managers

Purpose: Feature planning and prioritization

How to Use:

Review System Overview mindmap
Understand stakeholder needs
Examine core capabilities
Prioritize enhancements

Expected Outcome: Product roadmap alignment

📈 Metrics & KPIs

System Capability Metrics

Capability	Measurement	Target	Current (April 2026)
Article Types	Number of types supported	8+	8
Aggregator Modules	TS modules in `src/aggregator/`	5+	7
Languages	Number of languages	14	14
Published Articles	HTML files in news/	1,500+	1,894+
Agentic News Workflows	gh-aw `.md` → `.lock.yml`	9	9
Data Sources	EP MCP + WB MCP + IMF REST	3	3
Generation Time	Average time per article set	<5 min	~3 min
Stage-C Pass Rate	Articles passing completeness gate	>98%	99.2%
Deployment Success	Successful deployments	>99%	99.5%

Technical Stack Health

Component	Metric	Target	Status
Node.js	Version	Latest LTS	✅ 25.x
TypeScript	Version	Latest stable	✅ 6.0.3
Vitest	Version	Latest stable	✅ 4.1.4
Playwright	Version	Latest stable	✅ 1.59.1
gh-aw	Pinned runtime	Known-good	✅ v0.69.0
EP MCP Server	Version	Latest release	✅ 1.2.13
Dependencies	Vulnerabilities	0 critical/high	✅ 0
Test Coverage	Tests / files	3,000+ / 50+	✅ 3,061+ / 52
Build Time	CI/CD duration	<10 min	✅ 6 min

🔐 Security Mindmap Notes

Threat Modeling Approach

Identify Assets: Articles, source data, infrastructure access
Identify Threats: XSS, injection, supply chain, access control
Assess Risks: Likelihood × Impact = Risk score
Define Mitigations: Layered security controls
Monitor & Review: Continuous security monitoring

Compliance Mapping

graph TB
    A[EU Parliament Monitor] --> B[ISO 27001]
    A --> C[GDPR]
    A --> D[NIS2]
    A --> E[EU CRA]

    B --> B1[Risk Management]
    B --> B2[Access Control]
    B --> B3[Incident Response]

    C --> C1[Data Protection]
    C --> C2[Privacy Rights]
    C --> C3[Legal Basis]

    D --> D1[Security Requirements]
    D --> D2[Governance]
    D --> D3[Essential Services]

    E --> E1[Product Security]
    E --> E2[Conformity Assessment]
    E --> E3[Market Surveillance]

    style A fill:#fff4e1
    style B fill:#e1f5ff
    style C fill:#e8f5e9
    style D fill:#e1f5ff
    style E fill:#e8f5e9

Conceptual Documents

SWOT.md: Strategic analysis complementing capability view
ARCHITECTURE.md: Structural view of conceptual components

Technical Documents

DATA_MODEL.md: Detailed data structure specifications
FLOWCHART.md: Process flows for mindmap concepts
STATEDIAGRAM.md: Behavioral states of components

Security Documents

SECURITY_ARCHITECTURE.md: Detailed security implementation
SECURITY.md: Security policies and vulnerability reporting

📅 Document Revision History

Version	Date	Author	Changes
1.3	2026-04-27	CEO	April-2026 aggregator-pipeline migration: 8 article types, 9 unified gh-aw workflows (8 `news-<type>.md` + `news-translate.md`), deterministic `src/aggregator/**` rendering (no per-type strategies), Stage-C agent-side completeness gate (no runtime `content-validator.ts`), EP MCP `v1.2.15+` (60+ tools, voting fallback to EP Open Data Portal), IMF SDMX 3.0 primary economic source, World Bank non-economic context, AWS S3 + CloudFront primary hosting, gh-aw `v0.69.0` pinned
1.2	2026-04-20	CEO	Refreshed for v0.8.40: 8 article types, 9 strategies (1 generic + 8 type-specific), 5-stage pipeline, 10 agentic + 14 infra workflows, dual economic data (EP MCP 1.2.13 + WB MCP 1.0.1 + IMF REST SDMX 3.0), AI-First quality gates, 3061+ tests, AWS S3 + CloudFront primary hosting, gh-aw v0.69.0 pinned
1.1	2026-02-24	CEO	Updated review date and verified current state accuracy
1.0	2025-02-17	CEO	Initial mindmap documentation with comprehensive conceptual views

Document Classification: Public
ISMS Compliance: ISO 27001:2022, NIST CSF 2.0, CIS Controls v8.1, GDPR, NIS2, EU CRA aligned
Technology Stack: Node.js 25, TypeScript 6.0.3, Vitest 4.1.4, Playwright 1.59.1, gh-aw v0.69.0, AWS S3 + CloudFront, GitHub Pages (fallback), EP MCP 1.2.13, WB MCP 1.0.1, IMF REST SDMX 3.0
Architecture Pattern: Static Site Generator with Agentic AI-First Authoring and Zero Runtime Dependencies
Review Status: Active, next review 2026-07-20

🧠 Mindmaps — Conceptual Architecture for EU Parliament Monitor
Part of ISMS-compliant Architecture Documentation Suite

🏛️ GitHub Repository • 🛡️ ISMS Framework • 🌐 Hack23

🧠 EU Parliament Monitor — System Mindmap

📚 Architecture Documentation Map

🛡️ ISMS Policy Alignment

Applicable ISMS Policies

📋 Overview

Purpose

Mindmap Categories

🏛️ System Overview Mindmap

System Overview Hierarchy

📊 Data Ecosystem Mindmap

Data Flow Stages

💻 Technical Architecture Mindmap

Technology Stack Layers

🤖 Content Generation Pipeline Mindmap

Content Generation Flow

🛡️ Security & Compliance Mindmap

Security Layers

🎨 Visual Design Principles

Color Coding

Node Types

Layout Guidelines

🔄 Relationship Types

📊 Integration with Other Documentation

Cross-Reference Matrix

Documentation Navigation

🎯 Use Cases for Mindmaps

For New Contributors

For Architects

For Security Auditors

For Product Managers

📈 Metrics & KPIs

System Capability Metrics

Technical Stack Health

🔐 Security Mindmap Notes

Threat Modeling Approach

Compliance Mapping

🔄 Related Documentation

Conceptual Documents

Technical Documents

Security Documents

📅 Document Revision History

📝 Footer

Settings

On This Page