Skip to content

feat: add audit logging#38189

Open
bircni wants to merge 4 commits into
go-gitea:mainfrom
bircni:feat/audit-logging
Open

feat: add audit logging#38189
bircni wants to merge 4 commits into
go-gitea:mainfrom
bircni:feat/audit-logging

Conversation

@bircni

@bircni bircni commented Jun 21, 2026

Copy link
Copy Markdown
Member

This PR re-enables and ports the audit logging feature originally proposed in #24257, adapted to the current codebase. The original PR went stale; this revives it with a redesigned event model and incrementally re-wires the call sites.

Audit logging records security-relevant events as structured, GitHub-style events — each with an action, actor, scope, message, and a JSON metadata blob — rather than the original central type registry. Events can be persisted to the database and/or appended to an audit log file, and are surfaced in admin, organization, repository, and user settings.

What's included

Infrastructure

  • models/audit/ — event model + actions
  • services/audit/Record, entity-ref helpers (ActorFromUser, ScopeFrom*), DB + file writers, audit.Init
  • modules/setting/audit.go[audit] config section
  • Migration v340 and en-US locale strings
  • Admin/org/repo/user settings pages + templates, and docs (administration/audit-logging)

Ported call sites (first batch)

  • services/repository — create/delete/fork/convert-fork, visibility, rename, transfer (start/finish/cancel), collaborators, team-repo add/remove, default branch
  • services/org — organization delete
  • services/user — user delete, rename, delete-inactive

These thread a doer through the affected service functions and update all callers (web + API routers, CLI, cron, tests).

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jun 21, 2026
@bircni

bircni commented Jun 21, 2026

Copy link
Copy Markdown
Member Author

Notes

  • Additive: events are only emitted; no existing behavior changes when audit is disabled (default).
  • Audit writes happen after the relevant transaction commits, so rolled-back operations are not logged.

Still to come (follow-up commits)

  • Remaining org-team CRUD audit events at the router layer + removeall team-repo auditing
  • services/auth/* (login sources, 2FA, sessions)
  • secrets, webhook, asymkey, wiki, externalaccount

Re-enables and ports the audit logging feature (originally proposed in
go-gitea#24257), adapted to the current codebase.

Records security-relevant events (user/org/repository/team changes,
authentication, secrets, webhooks, keys) as structured GitHub-style
events with an action, actor, scope, message and JSON metadata. Events
can be written to the database and/or an audit log file, and are surfaced
in admin, org, repo and user settings.

This commit lands the audit infrastructure (models, service, settings,
routes, templates, migration 340, locales) together with the first batch
of ported call sites in services/repository, services/org and
services/user, threading a doer through the affected service functions
and their callers.
@bircni bircni force-pushed the feat/audit-logging branch from 2bd2194 to 3863197 Compare June 23, 2026 20:34
@bircni bircni marked this pull request as ready for review June 28, 2026 16:31
@github-actions github-actions Bot added the type/feature Completely new functionality. Can only be merged if feature freeze is not active. label Jun 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. type/feature Completely new functionality. Can only be merged if feature freeze is not active.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants