diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/MetricsService.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/MetricsService.kt
index 910107d2ab7306e5570ab00ad6167d4ea71f9ee4..e6a4f8f150f8773bd9893b0dabbde5861345c758 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/MetricsService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/MetricsService.kt
@@ -1,6 +1,7 @@
 package de.fraunhofer.iem.dataprovider.kpi.metrics
 
 import de.fraunhofer.iem.dataprovider.kpi.metrics.repositoryDetails.service.RepositoryDetailsService
+import de.fraunhofer.iem.dataprovider.kpi.service.KPIService
 import de.fraunhofer.iem.dataprovider.repository.service.RepositoryService
 import de.fraunhofer.iem.dataprovider.toolRun.service.ToolRunService
 import kotlinx.coroutines.CoroutineScope
@@ -13,7 +14,8 @@ import org.springframework.stereotype.Service
 class MetricsService(
     private val repositoryService: RepositoryService,
     private val toolRunService: ToolRunService,
-    private val repositoryDetailsService: RepositoryDetailsService
+    private val repositoryDetailsService: RepositoryDetailsService,
+    private val kpiService: KPIService
 ) {
 
     private val defaultScope = CoroutineScope(Dispatchers.Default)
@@ -21,6 +23,10 @@ class MetricsService(
 
     suspend fun handleRepositoryChange(repoId: Long) = defaultScope.launch {
 
+        // TODO: we need to create the tools in the db and link them to the tool run.
+        // This should probably be done on the initial server startup, based on some
+        // config properties, as the tools don't change dynamically.
+
         /**
          * Create initial db models.
          * If this fails we want the whole method to fail as we can't continue
@@ -57,9 +63,7 @@ class MetricsService(
 
         val repositoryDetailsKpi = async {
             val repoDetailsDto = repositoryDetailsService.getRepositoryDetails(repoId)
-            val repositoryDetailsKpiDto = repositoryDetailsService.calculateRepositoryDetailsKpis(repoDetailsDto)
-
-            repositoryDetailsService.saveRepositoryDetailsKpi(toolRun.repository!!, repositoryDetailsKpiDto)
+            repositoryDetailsService.calculateRepositoryDetailsKpis(repoDetailsDto)
         }
 
         /**
@@ -67,6 +71,7 @@ class MetricsService(
          * joinAll(toolKpi)
          * calculateKpiTree(toolKpi, ...)
          */
+        kpiService.calculateAndSaveKpiTree(toolRun.repository!!, repositoryDetailsKpi.await())
     }
 
 }
\ No newline at end of file
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/dto/RepositoryDetailsKpiDto.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/dto/RepositoryDetailsKpiDto.kt
index 5971733970bc36e299b6ba0d7e614833e6a9e5a4..1f56c6d2e0b6cc4a5cd641c7d6f5bc18fa8586bf 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/dto/RepositoryDetailsKpiDto.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/dto/RepositoryDetailsKpiDto.kt
@@ -6,7 +6,4 @@ data class RepositoryDetailsKpisDto(
     val numberOfCommitsKpi: KPICreateDto,
     val numberOfSignedCommitsKPI: KPICreateDto,
     val isDefaultBranchProtectedKPI: KPICreateDto,
-    val signedCommitsRatioKPI: KPICreateDto,
-    val processComplianceKPI: KPICreateDto,
-    val processTransparencyKPI: KPICreateDto
 )
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/service/RepositoryDetailsService.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/service/RepositoryDetailsService.kt
index 9021c961b5f1adfffe572adc43fbe109cf7e57e6..ab53011e12e20ef2d883661ccfe0f782b2ab852e 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/service/RepositoryDetailsService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/metrics/repositoryDetails/service/RepositoryDetailsService.kt
@@ -3,23 +3,24 @@ package de.fraunhofer.iem.dataprovider.kpi.metrics.repositoryDetails.service
 import de.fraunhofer.iem.dataprovider.gitlab.service.OpenCodeGitlabApi
 import de.fraunhofer.iem.dataprovider.kpi.dto.KPICreateDto
 import de.fraunhofer.iem.dataprovider.kpi.metrics.repositoryDetails.dto.RepositoryDetailsKpisDto
-import de.fraunhofer.iem.dataprovider.kpi.metrics.repositoryDetails.dto.RepositoryDetailsKpisEntity
-import de.fraunhofer.iem.dataprovider.kpi.service.KPIService
-import de.fraunhofer.iem.dataprovider.kpi.strategy.AggregationKPICalculationStrategy
-import de.fraunhofer.iem.dataprovider.kpi.strategy.RatioKPICalculationStrategy
 import de.fraunhofer.iem.dataprovider.kpi.strategy.RawValueKPICalculationStrategy
 import de.fraunhofer.iem.dataprovider.repository.dto.RepositoryDetailsDto
-import de.fraunhofer.iem.dataprovider.repository.entity.RepositoryEntity
 import org.springframework.stereotype.Service
 
 @Service
-class RepositoryDetailsService(private val kpiService: KPIService, private val openCodeGitlabApi: OpenCodeGitlabApi) {
+class RepositoryDetailsService(private val openCodeGitlabApi: OpenCodeGitlabApi) {
 
-    fun getRepositoryDetails(repoId: Long): RepositoryDetailsDto {
+    suspend fun getRepositoryDetails(repoId: Long): RepositoryDetailsDto {
         return openCodeGitlabApi.getRepositoryDetails(repoId)
     }
 
+
+    /**
+     * Creates a named map of RepositoryCreateDtos, based upon the provided repository details.
+     * This method only returns raw KPIs.
+     */
     fun calculateRepositoryDetailsKpis(repoDetailsDto: RepositoryDetailsDto): RepositoryDetailsKpisDto {
+
         val numberOfCommitsKPI = KPICreateDto(
             "Number of Commits",
             "Total number of commits on the default branch of the repository.",
@@ -39,68 +40,11 @@ class RepositoryDetailsService(private val kpiService: KPIService, private val o
             RawValueKPICalculationStrategy(if (repoDetailsDto.isDefaultBranchProtected) 100 else 0)
         )
 
-        val signedCommitsRatioKPI =
-            KPICreateDto(
-                "Commit Signature Ratio",
-                "Used to assess compliance with a common and transparent development process. It is desirable that all commits are signed by their authors. Therefore, the ratio of signed commits to all commits is determined to calculate this metric.",
-                false,
-                RatioKPICalculationStrategy()
-            )
-        signedCommitsRatioKPI.addChildKPI(numberOfCommitsKPI, 1.0)
-        signedCommitsRatioKPI.addChildKPI(numberOfSignedCommitsKPI, 1.0)
-
-        val processComplianceKPI = KPICreateDto(
-            "Process Compliance Score",
-            "Assesses the development process of the software provided. For this purpose, the development process traceable in the repository is compared with common development standards to enable an assessment.",
-            false,
-            AggregationKPICalculationStrategy()
-        )
-
-        val processTransparencyKPI = KPICreateDto(
-            "Process Transparency Score",
-            "Assesses the transparency resp. traceability of the development process of the provided software for external parties. For this purpose, various analyzes are performed that assess the availability of information about the software development process within the repository.",
-            false,
-            AggregationKPICalculationStrategy()
-        )
-        processComplianceKPI.addChildKPI(isDefaultBranchProtectedKPI, 0.5)
-        processComplianceKPI.addChildKPI(signedCommitsRatioKPI, 0.5)
-        processTransparencyKPI.addChildKPI(signedCommitsRatioKPI, 1.0)
 
         return RepositoryDetailsKpisDto(
-            processComplianceKPI = processComplianceKPI,
-            processTransparencyKPI = processTransparencyKPI,
-            signedCommitsRatioKPI = signedCommitsRatioKPI,
             isDefaultBranchProtectedKPI = isDefaultBranchProtectedKPI,
             numberOfSignedCommitsKPI = numberOfSignedCommitsKPI,
             numberOfCommitsKpi = numberOfCommitsKPI
         )
     }
-
-
-    fun saveRepositoryDetailsKpi(
-        repositoryEntity: RepositoryEntity,
-        repositoryDetailsKpisDto: RepositoryDetailsKpisDto
-    ): RepositoryDetailsKpisEntity {
-        return RepositoryDetailsKpisEntity(
-            numberOfCommitsKpi = kpiService.saveKpi(repositoryEntity, repositoryDetailsKpisDto.numberOfCommitsKpi),
-            numberOfSignedCommitsKPI = kpiService.saveKpi(
-                repositoryEntity,
-                repositoryDetailsKpisDto.numberOfSignedCommitsKPI
-            ),
-            isDefaultBranchProtectedKPI = kpiService.saveKpi(
-                repositoryEntity,
-                repositoryDetailsKpisDto.isDefaultBranchProtectedKPI
-            ),
-            signedCommitsRatioKPI = kpiService.saveKpi(
-                repositoryEntity,
-                repositoryDetailsKpisDto.signedCommitsRatioKPI
-            ),
-            processComplianceKPI = kpiService.saveKpi(repositoryEntity, repositoryDetailsKpisDto.processComplianceKPI),
-            processTransparencyKPI = kpiService.saveKpi(
-                repositoryEntity,
-                repositoryDetailsKpisDto.processTransparencyKPI
-            ),
-
-            )
-    }
 }
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/service/KPIService.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/service/KPIService.kt
index 468d25b5f987efeca85aee72ca29fdc7d6abd1d9..d304a0ec06beb878c1b41bc6d643c2fc3b9009d4 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/service/KPIService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/kpi/service/KPIService.kt
@@ -3,8 +3,11 @@ package de.fraunhofer.iem.dataprovider.kpi.service
 import de.fraunhofer.iem.dataprovider.kpi.dto.KPICreateDto
 import de.fraunhofer.iem.dataprovider.kpi.entity.KPIEntity
 import de.fraunhofer.iem.dataprovider.kpi.entity.KPIHierarchyEdgeEntity
+import de.fraunhofer.iem.dataprovider.kpi.metrics.repositoryDetails.dto.RepositoryDetailsKpisDto
 import de.fraunhofer.iem.dataprovider.kpi.repository.KPIHierarchyEdgeRepository
 import de.fraunhofer.iem.dataprovider.kpi.repository.KPIRepository
+import de.fraunhofer.iem.dataprovider.kpi.strategy.AggregationKPICalculationStrategy
+import de.fraunhofer.iem.dataprovider.kpi.strategy.RatioKPICalculationStrategy
 import de.fraunhofer.iem.dataprovider.logger.getLogger
 import de.fraunhofer.iem.dataprovider.repository.entity.RepositoryEntity
 import org.springframework.data.repository.findByIdOrNull
@@ -19,24 +22,129 @@ class KPIService(
 
     private val logger = getLogger(javaClass)
 
-
-    /**
-     * Stores the given KPIs and links them to the given repository
-     */
-    fun saveKpis(repositoryEntity: RepositoryEntity, createKpis: Array<KPICreateDto>): Array<KPIEntity> {
-        return createKpis.map { saveKpi(repositoryEntity, it) }.toTypedArray()
+    fun calculateAndSaveKpiTree(repository: RepositoryEntity, repoDetailsEntity: RepositoryDetailsKpisDto) {
+        val rootKPI = generateKPITree(repoDetailsEntity)
+        calculateKPIs(rootKPI)
+        storeAndPurgeOld(repository, rootKPI)
     }
 
 
-    /**
-     * Stores the given KPI and links it to the given repository
-     */
-    fun saveKpi(repositoryEntity: RepositoryEntity, createKpi: KPICreateDto): KPIEntity {
-        val kpiEntity = createKpi.toDbObject()
-        kpiEntity.repository = repositoryEntity
-        return kpiRepository.save(kpiEntity)
+    private fun generateKPITree(repoDetailsEntity: RepositoryDetailsKpisDto): KPICreateDto {
+
+
+        val signedCommitsRatioKPI =
+            KPICreateDto(
+                "Commit Signature Ratio",
+                "Used to assess compliance with a common and transparent development process. It is desirable that all commits are signed by their authors. Therefore, the ratio of signed commits to all commits is determined to calculate this metric.",
+                false,
+                RatioKPICalculationStrategy()
+            )
+        signedCommitsRatioKPI.addChildKPI(repoDetailsEntity.numberOfCommitsKpi, 1.0)
+        signedCommitsRatioKPI.addChildKPI(repoDetailsEntity.numberOfSignedCommitsKPI, 1.0)
+
+        val processComplianceKPI = KPICreateDto(
+            "Process Compliance Score",
+            "Assesses the development process of the software provided. For this purpose, the development process traceable in the repository is compared with common development standards to enable an assessment.",
+            false,
+            AggregationKPICalculationStrategy()
+        )
+
+        val processTransparencyKPI = KPICreateDto(
+            "Process Transparency Score",
+            "Assesses the transparency resp. traceability of the development process of the provided software for external parties. For this purpose, various analyzes are performed that assess the availability of information about the software development process within the repository.",
+            false,
+            AggregationKPICalculationStrategy()
+        )
+
+        processComplianceKPI.addChildKPI(repoDetailsEntity.isDefaultBranchProtectedKPI, 0.5)
+        processComplianceKPI.addChildKPI(signedCommitsRatioKPI, 0.5)
+        processTransparencyKPI.addChildKPI(signedCommitsRatioKPI, 1.0)
+
+
+//        val securityKPI = KPICreateDto(
+//            "Security Score",
+//            "Assesses the security of the software provided. For this purpose, various security-relevant analyzes are carried out, which, among other things, check the external dependencies or the code for vulnerabilities.",
+//            false,
+//            AggregationKPICalculationStrategy()
+//        )
+
+//        val maximalDependencyVulnerabilityKPI = KPICreateDto(
+//            "Maximal Dependency Vulnerability Score",
+//            "This score is calculated by the following formula: 100 - (max(CVSS score) * 10). Thus, a lower value indicates a more critical vulnerability.",
+//            false,
+//            // This strategy is tied to this specific KPI. It calculates 100 - max(children). Children are already multiplied by 10
+//            MaximumKPICalculationStrategy()
+//
+
+        //TODO: this code will be called from the dependency api request task !
+//        val dependencyDtos = dependencyService.getDependenciesForRepository(repoId)
+//        // We change the structure to associate vulnerabilities with dependencies instead of dependencies with vulnerabilities
+//        val vulnerabilitiesWithDependencies = restructureDependenciesAndVulnerabilities(dependencyDtos)
+//        // For each vulnerability, we create a sub raw data kpi
+//        addMaximalDependencyVulnerabilitySubKPIs(vulnerabilitiesWithDependencies, maximalDependencyVulnerabilityKPI)
+//        securityKPI.addChildKPI(maximalDependencyVulnerabilityKPI, 0.5)
+//
+//        // TODO: There might be the case that there are no latest tool runs for this repository (would end up in an exception)
+//        val latestToolRunOCCMD = toolRunService.getLatestToolRunsForRepo(repoId).filter { it.tool?.name == "OCCMD" }[0]
+//        val secretKpi = KPICreateDto(
+//            "Public Secrets",
+//            "Score to indicate whether the repository contains secrets like passwords or api keys.",
+//            false,
+//            RawValueKPICalculationStrategy(if (latestToolRunOCCMD.findings.isEmpty()) 100 else 0)
+//        )
+
+//        securityKPI.addChildKPI(secretKpi, 0.5)
+
+
+        val rootKPI = KPICreateDto(
+            "Project Score",
+            "Assesses the project resp. the provided software in the aspects of maturity (based on quality, security and usability aspects) as well as development process.",
+            true,
+            AggregationKPICalculationStrategy()
+        )
+        rootKPI.addChildKPI(processTransparencyKPI, 0.25)
+        rootKPI.addChildKPI(processComplianceKPI, 0.25)
+//        rootKPI.addChildKPI(securityKPI, 0.5)
+        return rootKPI
     }
 
+//    private fun addMaximalDependencyVulnerabilitySubKPIs(
+//        vulnerabilitiesWithDependencies: HashMap<VulnerabilityDto, MutableSet<String>>,
+//        maximalDependencyVulnerabilityKPI: KPICreateDto
+//    ) {
+//        // We iterate through the vulnerabilities and create a sub (raw data) kpi for each of them. Dependencies are displayed in the description
+//        for ((vulnerability, dependencies) in vulnerabilitiesWithDependencies) {
+//            maximalDependencyVulnerabilityKPI.addChildKPI(
+//                KPICreateDto(
+//                    "Vulnerability " + vulnerability.cveIdentifier,
+//                    "Affected packages: " + dependencies.joinToString(", "),
+//                    false,
+//                    // TODO: We multiply the CVSS score by 10 as the data structure can only hold integer values. This might be changed in the future.
+//                    RawValueKPICalculationStrategy((vulnerability.vulnerabilityScores.first().severity.toDouble() * 10).toInt()),
+//                    // TODO: Displayscore shows the real CVSS value, might not be needed if above TODO is resolved
+//                    displayScore = vulnerability.vulnerabilityScores.first().severity
+//                ), 0.0
+//            )
+//        }
+//    }
+//
+//    private fun restructureDependenciesAndVulnerabilities(dependencyDtos: List<DependencyDto>): HashMap<VulnerabilityDto, MutableSet<String>> {
+//        val vulnerabilitiesWithDependencies = HashMap<VulnerabilityDto, MutableSet<String>>()
+//        // Switch structure around, so we can see which vulnerabilities are there and which dependencies are associated to them
+//        for (dependencyDto in dependencyDtos) {
+//            // Iterate through the list of vulnerabilities associated with each dependency
+//            for (vulnerability in dependencyDto.vulnerabilities) {
+//                // Check if the vulnerability is already present in the result map
+//                // If not, add it with an empty list of dependencies
+//                vulnerabilitiesWithDependencies.computeIfAbsent(vulnerability) { mutableSetOf() }
+//                // Add the current dependency to the list of dependencies for the vulnerability
+//                vulnerabilitiesWithDependencies[vulnerability]?.add(dependencyDto.name)
+//            }
+//        }
+//        return vulnerabilitiesWithDependencies
+//    }
+
+
     private fun calculateKPIsRecursively(kpi: KPICreateDto, visited: MutableSet<KPICreateDto>) {
         // Check if the KPI has already been visited
         if (visited.contains(kpi)) {
@@ -66,12 +174,30 @@ class KPIService(
         calculateKPIsRecursively(rootKPI, visited)
     }
 
+
+    fun findKPIById(id: UUID): KPIEntity? {
+        return kpiRepository.findByIdOrNull(id)
+    }
+
+    fun findRootKPIByRepository(repositoryEntity: RepositoryEntity): KPIEntity? {
+        val kpi = kpiRepository.findFirstByRepository_IdAndIsRootTrue(repositoryEntity.id!!)
+        if (kpi.isEmpty) {
+            return null
+        }
+        return kpi.get()
+    }
+
     fun storeAndPurgeOld(repositoryEntity: RepositoryEntity, rootKPI: KPICreateDto) {
         purgeAllKPIs(repositoryEntity)
         val kpiEntityDtoToEntityMapping: MutableMap<KPICreateDto, KPIEntity> = mutableMapOf()
         storeKPI(repositoryEntity, rootKPI, kpiEntityDtoToEntityMapping)
     }
 
+    private fun purgeAllKPIs(repositoryEntity: RepositoryEntity) {
+        val kpiEntities: List<KPIEntity> = kpiRepository.findByRepository_Id(repositoryEntity.id!!)
+        kpiRepository.deleteAll(kpiEntities)
+    }
+
     private fun storeKPI(
         repositoryEntity: RepositoryEntity,
         kpi: KPICreateDto,
@@ -112,20 +238,5 @@ class KPIService(
         }
     }
 
-    private fun purgeAllKPIs(repositoryEntity: RepositoryEntity) {
-        val kpiEntities: List<KPIEntity> = kpiRepository.findByRepository_Id(repositoryEntity.id!!)
-        kpiRepository.deleteAll(kpiEntities)
-    }
-
-    fun findKPIById(id: UUID): KPIEntity? {
-        return kpiRepository.findByIdOrNull(id)
-    }
 
-    fun findRootKPIByRepository(repositoryEntity: RepositoryEntity): KPIEntity? {
-        val kpi = kpiRepository.findFirstByRepository_IdAndIsRootTrue(repositoryEntity.id!!)
-        if (kpi.isEmpty) {
-            return null
-        }
-        return kpi.get()
-    }
 }
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/service/RepositoryService.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/service/RepositoryService.kt
index da31c5f0440c37baae1c79503d78fb5883bb5b64..0b19d1e5bb54c99d6205715570e8502ddd08e6b3 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/service/RepositoryService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/service/RepositoryService.kt
@@ -15,6 +15,10 @@ class RepositoryService(
 ) {
     private val logger = getLogger(javaClass)
 
+    /**
+     * Either creates or returns a repository entity based upon its
+     * opencode repository id.
+     */
     fun getOrCreate(gitRepository: RepositoryCreateDto): RepositoryEntity {
         var repo = repositoryRepository.findByRepoId(gitRepository.id)
         if (repo == null) {
@@ -23,6 +27,9 @@ class RepositoryService(
         return repo
     }
 
+    /**
+     * Queries the gitlab api to get the repo name, url, and id.
+     */
     fun getRepositoryInfo(repoId: Long): RepositoryCreateDto {
         return openCodeGitlabApi.getRepositoryInfo(repoId)
     }
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/GroupTaskManager.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/GroupTaskManager.kt
deleted file mode 100644
index 36893d6d7f17d61060eabb2f5efada78a2824bf4..0000000000000000000000000000000000000000
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/GroupTaskManager.kt
+++ /dev/null
@@ -1,48 +0,0 @@
-package de.fraunhofer.iem.dataprovider.taskManager
-
-import de.fraunhofer.iem.dataprovider.taskManager.events.Event
-import de.fraunhofer.iem.dataprovider.taskManager.events.GroupTasksDoneEvent
-import de.fraunhofer.iem.dataprovider.taskManager.model.GroupTasks
-import java.util.*
-
-class GroupTaskManager(val responseChannel: suspend (event: Event) -> Unit) {
-
-    private val dependentEvents: MutableMap<UUID, GroupTasks> = mutableMapOf()
-
-    /**
-     * Adds new group of tasks
-     */
-    fun createTaskGroup(repositoryId: UUID): UUID {
-        val groupId = UUID.randomUUID()
-        dependentEvents[groupId] = GroupTasks(repositoryId)
-        return groupId
-    }
-
-    fun addTaskToGroup(groupId: UUID, taskId: UUID) {
-        dependentEvents[groupId]?.taskIds?.add(taskId)
-    }
-
-    /**
-     * Removes the finished task with the given ID from the internal task list for the
-     * group. If the whole task group is finished a group finished event is sent.
-     */
-    suspend fun taskInGroupFinished(groupId: UUID, taskId: UUID) {
-        val groupTasks = dependentEvents[groupId]
-        if (groupTasks != null) {
-            val taskGroupEmpty = removeTaskFromGroup(groupTasks, taskId)
-            if (taskGroupEmpty) {
-                removeGroup(groupId)
-                responseChannel(GroupTasksDoneEvent(groupTasks.repositoryId))
-            }
-        }
-    }
-
-    private fun removeTaskFromGroup(groupTasks: GroupTasks, taskId: UUID): Boolean {
-        groupTasks.taskIds.remove(taskId)
-        return groupTasks.taskIds.isEmpty()
-    }
-
-    private fun removeGroup(groupId: UUID) {
-        dependentEvents.remove(groupId)
-    }
-}
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/kpiCalculation/MetricsTask.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/kpiCalculation/MetricsTask.kt
deleted file mode 100644
index 59d5df59a193380f5958f8b056f2897386f66fb3..0000000000000000000000000000000000000000
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/taskManager/tasks/kpiCalculation/MetricsTask.kt
+++ /dev/null
@@ -1,130 +0,0 @@
-package de.fraunhofer.iem.dataprovider.taskManager.tasks.kpiCalculation
-
-import de.fraunhofer.iem.dataprovider.kpi.dto.KPICreateDto
-import de.fraunhofer.iem.dataprovider.kpi.service.KPIService
-import de.fraunhofer.iem.dataprovider.kpi.strategy.AggregationKPICalculationStrategy
-import de.fraunhofer.iem.dataprovider.kpi.strategy.MaximumKPICalculationStrategy
-import de.fraunhofer.iem.dataprovider.kpi.strategy.RawValueKPICalculationStrategy
-import de.fraunhofer.iem.dataprovider.repository.dto.RepositoryDetailsDto
-import de.fraunhofer.iem.dataprovider.repository.service.RepositoryService
-import de.fraunhofer.iem.dataprovider.taskManager.events.Event
-import de.fraunhofer.iem.dataprovider.taskManager.tasks.Task
-import de.fraunhofer.iem.dataprovider.taskManager.tasks.dependency.dto.DependencyDto
-import de.fraunhofer.iem.dataprovider.taskManager.tasks.dependency.dto.VulnerabilityDto
-import de.fraunhofer.iem.dataprovider.toolRun.service.ToolRunService
-import java.util.*
-
-class MetricsTask(
-    val repoId: UUID,
-    private val repositoryService: RepositoryService,
-    private val kpiService: KPIService,
-    override val responseChannel: suspend (task: Event) -> Unit,
-    private val toolRunService: ToolRunService,
-) : Task() {
-    override suspend fun execute() {
-        logger.info("Starting metrics task for repoId $repoId")
-        val repository = repositoryService.findRepoByID(repoId)
-        //TODO: this needs to be made available differently now, as we don't store it in our db!
-
-        //        val repositoryDetails = repositoryService.getLatestRepositoryDetailsByRepositoryId(repoId)
-//        if (repositoryDetails != null && repository != null) {
-//            val rootKPI = generateKPITree(repositoryDetails)
-//            kpiService.calculateKPIs(rootKPI)
-//            kpiService.storeAndPurgeOld(repository, rootKPI)
-//        }
-    }
-
-    private fun generateKPITree(repositoryDetailsEntity: RepositoryDetailsDto): KPICreateDto {
-        val rootKPI = KPITreeFactory(repositoryDetailsEntity)
-
-        return rootKPI
-    }
-
-    private fun KPITreeFactory(repositoryDetailsEntity: RepositoryDetailsDto): KPICreateDto {
-
-
-        // second level
-        // TODO: @Jan-Niclas Please add the dependency kpis to the security KPI
-        val securityKPI = KPICreateDto(
-            "Security Score",
-            "Assesses the security of the software provided. For this purpose, various security-relevant analyzes are carried out, which, among other things, check the external dependencies or the code for vulnerabilities.",
-            false,
-            AggregationKPICalculationStrategy()
-        )
-
-        val maximalDependencyVulnerabilityKPI = KPICreateDto(
-            "Maximal Dependency Vulnerability Score",
-            "This score is calculated by the following formula: 100 - (max(CVSS score) * 10). Thus, a lower value indicates a more critical vulnerability.",
-            false,
-            // This strategy is tied to this specific KPI. It calculates 100 - max(children). Children are already multiplied by 10
-            MaximumKPICalculationStrategy()
-        )
-
-        //TODO: this code will be called from the dependency api request task !
-//        val dependencyDtos = dependencyService.getDependenciesForRepository(repoId)
-//        // We change the structure to associate vulnerabilities with dependencies instead of dependencies with vulnerabilities
-//        val vulnerabilitiesWithDependencies = restructureDependenciesAndVulnerabilities(dependencyDtos)
-//        // For each vulnerability, we create a sub raw data kpi
-//        addMaximalDependencyVulnerabilitySubKPIs(vulnerabilitiesWithDependencies, maximalDependencyVulnerabilityKPI)
-//        securityKPI.addChildKPI(maximalDependencyVulnerabilityKPI, 0.5)
-//
-//        // TODO: There might be the case that there are no latest tool runs for this repository (would end up in an exception)
-//        val latestToolRunOCCMD = toolRunService.getLatestToolRunsForRepo(repoId).filter { it.tool?.name == "OCCMD" }[0]
-//        val secretKpi = KPICreateDto(
-//            "Public Secrets",
-//            "Score to indicate whether the repository contains secrets like passwords or api keys.",
-//            false,
-//            RawValueKPICalculationStrategy(if (latestToolRunOCCMD.findings.isEmpty()) 100 else 0)
-//        )
-
-//        securityKPI.addChildKPI(secretKpi, 0.5)
-
-
-        val rootKPI = KPICreateDto(
-            "Project Score",
-            "Assesses the project resp. the provided software in the aspects of maturity (based on quality, security and usability aspects) as well as development process.",
-            true,
-            AggregationKPICalculationStrategy()
-        )
-//        rootKPI.addChildKPI(processTransparencyKPI, 0.25)
-//        rootKPI.addChildKPI(processComplianceKPI, 0.25)
-        rootKPI.addChildKPI(securityKPI, 0.5)
-        return rootKPI
-    }
-
-    private fun addMaximalDependencyVulnerabilitySubKPIs(
-        vulnerabilitiesWithDependencies: HashMap<VulnerabilityDto, MutableSet<String>>,
-        maximalDependencyVulnerabilityKPI: KPICreateDto
-    ) {
-        // We iterate through the vulnerabilities and create a sub (raw data) kpi for each of them. Dependencies are displayed in the description
-        for ((vulnerability, dependencies) in vulnerabilitiesWithDependencies) {
-            maximalDependencyVulnerabilityKPI.addChildKPI(
-                KPICreateDto(
-                    "Vulnerability " + vulnerability.cveIdentifier,
-                    "Affected packages: " + dependencies.joinToString(", "),
-                    false,
-                    // TODO: We multiply the CVSS score by 10 as the data structure can only hold integer values. This might be changed in the future.
-                    RawValueKPICalculationStrategy((vulnerability.vulnerabilityScores.first().severity.toDouble() * 10).toInt()),
-                    // TODO: Displayscore shows the real CVSS value, might not be needed if above TODO is resolved
-                    displayScore = vulnerability.vulnerabilityScores.first().severity
-                ), 0.0
-            )
-        }
-    }
-
-    private fun restructureDependenciesAndVulnerabilities(dependencyDtos: List<DependencyDto>): HashMap<VulnerabilityDto, MutableSet<String>> {
-        val vulnerabilitiesWithDependencies = HashMap<VulnerabilityDto, MutableSet<String>>()
-        // Switch structure around, so we can see which vulnerabilities are there and which dependencies are associated to them
-        for (dependencyDto in dependencyDtos) {
-            // Iterate through the list of vulnerabilities associated with each dependency
-            for (vulnerability in dependencyDto.vulnerabilities) {
-                // Check if the vulnerability is already present in the result map
-                // If not, add it with an empty list of dependencies
-                vulnerabilitiesWithDependencies.computeIfAbsent(vulnerability) { mutableSetOf() }
-                // Add the current dependency to the list of dependencies for the vulnerability
-                vulnerabilitiesWithDependencies[vulnerability]?.add(dependencyDto.name)
-            }
-        }
-        return vulnerabilitiesWithDependencies
-    }
-}
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/occmd/entity/OccmdSecretEntity.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tools/occmd/entity/OccmdSecretEntity.kt
similarity index 94%
rename from src/main/kotlin/de/fraunhofer/iem/dataprovider/occmd/entity/OccmdSecretEntity.kt
rename to src/main/kotlin/de/fraunhofer/iem/dataprovider/tools/occmd/entity/OccmdSecretEntity.kt
index 48bc2c8c948e3e1eec04ad9a60cf99d66c6fe3af..20b2dcae644b4916d7ea2de9eed4fdf8c9d0b015 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/occmd/entity/OccmdSecretEntity.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/tools/occmd/entity/OccmdSecretEntity.kt
@@ -1,4 +1,4 @@
-package de.fraunhofer.iem.dataprovider.occmd.entity
+package de.fraunhofer.iem.dataprovider.tools.occmd.entity
 
 import jakarta.persistence.*
 import org.hibernate.Hibernate