refactor(audit): single recordAuditLog() seam for audit writes (#110)#111
Draft
f-amine wants to merge 1 commit into
Draft
refactor(audit): single recordAuditLog() seam for audit writes (#110)#111f-amine wants to merge 1 commit into
f-amine wants to merge 1 commit into
Conversation
Replace 17 hand-rolled `db.insert(auditLog)...onConflictDoNothing()` blocks
across 9 server-side action handlers with one `recordAuditLog()` seam in
`@vibestack/db`. The id strategy, conflict policy, and append-only invariant
now live in one place instead of being copy-pasted; callers no longer import
`randomUUID`, the `auditLog` schema, or `db` just to record an event.
- New `packages/db/src/audit.ts` + unit test (the interface is now the test
surface; audit writes previously had no test).
- Migrated: api/{affiliate,gdpr,referral}, auth/welcome, web onboarding +
polar/resend webhooks, admin users + feature-flags actions.
- Seed script left as-is (bulk insert, not an action handler).
- CONTEXT.md: name the seam as the only sanctioned write path.
Closes #110
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #110
What
Deepen the Audit bounded context: replace 17 scattered
db.insert(auditLog)...onConflictDoNothing()blocks with a singlerecordAuditLog()seam in@vibestack/db.Why
CONTEXT.md says audit rows are written server-side, never by clients, and are append-only — but nothing enforced it; every writer hand-rolled the insert (id gen, conflict policy, field mapping all copy-pasted). Any change to the write contract meant editing ~17 sites. The seam makes the context deep: a one-line interface over the id + insert + conflict + invariant.
Changes
packages/db/src/audit.ts—recordAuditLog(event)+AuditEventtype, exported from@vibestack/db.packages/db/src/audit.test.ts— 3 unit tests (id generated + unique, conflict tolerated, optional fields default null). Audit writes had no test before; the interface is now the test surface.api/{affiliate,gdpr,referral},auth/welcome, webonboarding+polar/resendwebhooks, adminusers+feature-flagsactions. Dropped the now-deadrandomUUID/auditLog/dbimports where they were only feeding the insert.recordAuditLog()as the only sanctioned write path.Verify
pnpm typecheck✅ (6/6)pnpm test✅ (db audit 3/3; all suites green)pnpm check✅ (no new findings; pre-existing warnings inscripts/agents/video/*untouched)insert(auditLog)remains outside the seam + seed.🤖 Generated with Claude Code