Skip to content

chore(release): v9.3.0 — audit visibility#428

Merged
saurabhjain1592 merged 1 commit into
mainfrom
sync/enterprise-20260702-011540-28558546814
Jul 2, 2026
Merged

chore(release): v9.3.0 — audit visibility#428
saurabhjain1592 merged 1 commit into
mainfrom
sync/enterprise-20260702-011540-28558546814

Conversation

@saurabhjain1592

Copy link
Copy Markdown
Member

Sync from Enterprise Repository

This PR syncs changes from the enterprise repository to the Community repository.

Summary

  • Commits synced: 10
  • Files changed: 58

Review Checklist

  • Changes look correct
  • No enterprise-only content included
  • CI checks pass

Auto-generated by sync-community-repo workflow (ADR-016)

…udit read/report/export API

v9.3.0 makes governed activity visible end to end. Requests that carry a developer/session identity now propagate it into the canonical audit row, a read-only report/export API exposes the audit trail, and Claude Code governed traffic is brought into the same view via a Grafana dashboard. One additive migration; the new endpoints are backward-compatible and the rest are behavior-preserving fixes.

Highlights:
- Per-developer and per-session identity flows through to the canonical audit row (X-User-Email / X-Session-Id); migration core/129 adds the nullable audit_logs.session_id column.
- Audit read/report/export API: GET /api/v1/audit/{id}, POST /api/v1/audit/report (per-action counts + top policies), POST /api/v1/audit/export (streamed, redaction preserved, truncation header). Redacted values are served as stored — no unmask path.
- Claude Code Grafana dashboard + a bounded decision origin metric label, so decision volume can be sliced by call origin without unbounded cardinality.
- Fixed: policy action override on the static/system path (allow-flip guard; the redundant dynamic-override path removed); cross-tenant static-policy read/write isolation; Executions and Approvals no longer 500 on legitimately-NULL columns; agent/orchestrator Grafana blocked/allowed panels query the real metric names.

Migration: additive — core/129 adds the nullable audit_logs.session_id column.
Full notes: https://docs.getaxonflow.com/docs/releases/v9-3-0

Signed-off-by: AxonFlow Team <bot@getaxonflow.com>
@saurabhjain1592 saurabhjain1592 added the community-sync Sync from enterprise repository label Jul 2, 2026
@saurabhjain1592 saurabhjain1592 enabled auto-merge July 2, 2026 01:16
@saurabhjain1592 saurabhjain1592 added this pull request to the merge queue Jul 2, 2026
Merged via the queue into main with commit 740cd4c Jul 2, 2026
36 checks passed
@saurabhjain1592 saurabhjain1592 deleted the sync/enterprise-20260702-011540-28558546814 branch July 2, 2026 01:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

community-sync Sync from enterprise repository

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants