Matt
79ac60dc1e
Some checks failed
Build and Push Docker Image / build (push) Has been cancelled
Implement withMutationAudit middleware in tRPC that automatically logs every successful mutation for non-SUPER_ADMIN users. Captures procedure path, sanitized input (passwords/tokens redacted), user role, IP, and user agent. Applied to all procedure types except superAdminProcedure. - Input sanitization: strips sensitive fields, truncates long strings (500 chars), limits array size (20 items), caps nesting depth (4) - Entity ID auto-extraction from common input patterns (id, userId, projectId, roundId, etc.) - Action names derived from procedure path (e.g., evaluation.submit becomes EVALUATION_SUBMIT) - Audit page updated with new action types and entity types for filtering auto-generated entries - Failures silently caught — audit logging never breaks operations Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>