ENG-2919: Add Slack cards to evidence components#7657
Merged
Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
|
The latest updates on your projects. Learn more about Vercel for GitHub. 2 Skipped Deployments
|
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Contributor
Greptile SummaryThis PR adds Slack thread card rendering to the evidence section of privacy assessments. It introduces a new
Confidence Score: 3/5
Important Files Changed
Last reviewed commit: 40f0b31 |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Comment on lines
+1
to
+19
| How exactly will the AI be used? (Process & Purpose) | ||
| • The Legal Requirement: A description of the deployer's processes in which the high-risk AI system will be used in line with its intended purpose. | ||
| • What it means: You need to document the specific business or operational workflows where the AI will be integrated. If it’s an HR screening tool, what exact stage of the hiring pipeline is it used in, and what decisions is it informing? | ||
| 2. What is the timeframe and frequency of use? (Duration) | ||
| • The Legal Requirement: A description of the period of time within which, and the frequency with which, each high-risk AI system is intended to be used. | ||
| • What it means: You must outline whether this is a continuous, 24/7 background process, a tool used only during an annual review cycle, or a system deployed for a temporary, six-month pilot program. | ||
| 3. Who will be subjected to the AI? (Affected Populations) | ||
| • The Legal Requirement: The categories of natural persons and groups likely to be affected by its use in the specific context. | ||
| • What it means: You must explicitly identify the demographics the AI will interact with or evaluate. This requires special attention to vulnerable or historically marginalized groups (based on race, age, gender, disability, socioeconomic status, etc.) who might be disproportionately impacted by the system's output. | ||
| 4. What are the specific risks to fundamental rights? (Risk Identification) | ||
| • The Legal Requirement: The specific risks of harm likely to have an impact on those identified groups, taking into account the technical information provided by the AI developer. | ||
| • What it means: This is the core of the assessment. You must evaluate how the AI might infringe upon rights enshrined in the EU Charter of Fundamental Rights—such as the right to non-discrimination, privacy, human dignity, or access to justice. You must base this on the technical documentation and instructions handed down by the AI provider. | ||
| 5. How will humans stay in control? (Human Oversight) | ||
| • The Legal Requirement: A description of the implementation of human oversight measures, according to the instructions for use. | ||
| • What it means: You have to prove that the AI is not operating with blind autonomy. You must document exactly who is monitoring the system, what authority they have to override or reverse the AI's decisions, and how they are trained to avoid "automation bias" (the human tendency to blindly trust machine outputs). | ||
| 6. What is the emergency plan if things go wrong? (Mitigation & Governance) | ||
| • The Legal Requirement: The measures to be taken in the case of the materialization of those risks, including arrangements for internal governance and complaint mechanisms. | ||
| • What it means: If the AI starts discriminating against candidates or making harmful errors, what is your kill switch? You must detail your internal governance protocols for halting the system and outline how affected individuals can submit complaints or challenge the AI's decisions. | ||
| Important Note on FRIA Updates: A FRIA is not a "one-and-done" exercise. You must conduct it before the first use of the system, but the law requires you to update the assessment if any of the underlying facts change (e.g., if you decide to use the AI on a new demographic group, or if the AI provider issues a major update that alters its risk profile). Once completed, the results of the FRIA must be officially submitted to your relevant national market surveillance authority. |
Contributor
There was a problem hiding this comment.
Accidental file committed to repo root
This reference document appears to have been unintentionally included in the PR. It is not related to the Slack card evidence changes and is sitting at the repository root alongside files like README.md and CHANGELOG.md. Consider removing it from the commit, or if it is intentional, moving it to an appropriate documentation directory.
clients/admin-ui/src/features/privacy-assessments/EvidenceCardGroup.tsx
Outdated
Show resolved
Hide resolved
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Replace hardcoded color, raw <a> tag, and inline styles with fidesui Link component, palette variables, and SCSS classes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Split SlackThreadCard into a separate component file per frontend guidelines. Use classNames package for conditional class composition. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use warmer color palette (#1A1F36, #4B5563, #E8EBED), add content summary display, remove "View thread in Slack" link, add hover effect with subtle box shadow, and use FIDESUI_NEUTRAL_100 for message dividers. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Chain the FRIA template migration (baa6792fc3f7) after the resurface behavior migration (ea20059aee77) to resolve the multiple heads error that was preventing container startup.
…es into eng-2919/evidence-slack-cards
lucanovera
approved these changes
Mar 17, 2026
Contributor
lucanovera
left a comment
lucanovera
left a comment
There was a problem hiding this comment.
Thank you for tackling the FE changes as well. I've just adjusted a few things to comply with our FE rules. Approved!
- Add high-risk AI classification question (fria_1_0) - Add intended purpose verification to fria_1_2 guidance - Add DPIA relationship question (fria_1_4) - Add FRIA review/update process question (fria_6_4) - Add market surveillance notification question (fria_6_5) - Add direct vs indirect impact to fria_3_3 guidance Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Ticket ENG-2919
Description Of Changes
Adds rendering support for Slack thread evidence (team input) in the evidence drawer. Previously, team input evidence from Slack was not displayed because the
TEAM_INPUTevidence type was missing from the filter and there was no card component to render the thread data.Code Changes
SlackThreadCardcomponent to render Slack thread evidence with collapsible message listTEAM_INPUTto theEvidenceTypeenum and evidence filter inEvidenceSection.tsxSlackMessage,SlackEvidenceDatainterfaces anddatafield toEvidenceItemtypeSteps to Confirm
Pre-Merge Checklist
CHANGELOG.mdupdatedmaindowngrade()migration is correct and works