feat: add metadata-only message audit events (#103903)

* feat: add metadata-only message audit events

* chore(protocol): restore generated swift models and config baseline after rebase

* fix(state): gate agent-db ownership check before schema version

* fix(cli): sync audit command description into the root-help catalog

* fix(audit): require destination proof before classifying outbound messages as direct

* refactor(audit): drop dead migration guard and add contract comments

* docs(gateway): add dedicated audit history page and cross-links

* test(e2e): enable direct-mode message audit in the telegram proof SUT config

* test(channels): expect declared conversationKind in durable delivery session context

* fix(audit): record the routing channel id for inbound rows from plugin channels

* fix(audit): match channel-prefixed delivery targets in the destination route gate

* fix(audit): validate explicit target kind against the destination route kind

* fix(audit): use the canonical target-prefix grammar in the destination route gate and fail closed on foreign migration tables

* fix(audit): normalize nested provider and kind target prefixes in the destination gate

* fix(audit): strip registered provider aliases and the direct kind prefix in the destination gate

* chore(docs): refresh config baseline after rebase
This commit is contained in:
Peter Steinberger
2026-07-11 13:14:08 -07:00
committed by GitHub
parent fa664fa2a5
commit 7a466b33f3
75 changed files with 7839 additions and 429 deletions

View File

@@ -100,7 +100,7 @@ const coreCliCommandCatalog = defineCommandDescriptorCatalog([
},
{
name: "audit",
description: "Inspect metadata-only agent run and tool action records",
description: "Inspect metadata-only run, tool, and message lifecycle records",
hasSubcommands: false,
},
{

View File

@@ -1,4 +1,4 @@
// Audit command registration for privacy-preserving run/tool history.
// Audit command registration for privacy-preserving activity history.
import type { Command } from "commander";
import { formatDocsLink } from "../../../packages/terminal-core/src/links.js";
import { theme } from "../../../packages/terminal-core/src/theme.js";
@@ -10,15 +10,17 @@ import { runCommandWithRuntime } from "../cli-utils.js";
export function registerAuditCommand(program: Command): void {
program
.command("audit")
.description("Inspect metadata-only agent run and tool action records")
.description("Inspect metadata-only run, tool, and message lifecycle records")
.option("--agent <id>", "Filter by agent id")
.option("--session <key>", "Filter by exact session key")
.option("--run <id>", "Filter by run id")
.option("--kind <kind>", "Filter by kind (agent_run or tool_action)")
.option("--kind <kind>", "Filter by kind (agent_run, tool_action, or message)")
.option(
"--status <status>",
"Filter by status (started, succeeded, failed, cancelled, timed_out, blocked, unknown)",
)
.option("--direction <direction>", "Filter message direction (inbound or outbound)")
.option("--channel <channel>", "Filter message channel")
.option("--after <timestamp>", "Include records at/after ISO time or Unix milliseconds")
.option("--before <timestamp>", "Include records at/before ISO time or Unix milliseconds")
.option("--cursor <sequence>", "Continue from a previous result cursor")
@@ -38,6 +40,8 @@ export function registerAuditCommand(program: Command): void {
runId: opts.run as string | undefined,
kind: opts.kind as AuditListCommandOptions["kind"],
status: opts.status as AuditListCommandOptions["status"],
direction: opts.direction as AuditListCommandOptions["direction"],
channel: opts.channel as string | undefined,
after: opts.after as string | undefined,
before: opts.before as string | undefined,
cursor: opts.cursor as string | undefined,