Skip to content

Releases: cap-js/audit-logging

v0.5.1

30 Nov 15:07
@github-actions github-actions
v0.5.1
7315fd5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.1

Fixed

  • Falsy early exit during bootstrapping in case a service does not contain personal data
Loading

v0.5.0

22 Nov 10:35
@github-actions github-actions
v0.5.0
a1bc496
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.0

Added

  • Common log entry fields uuid, tenant, user and time can be provided manually
Loading

v0.4.0

24 Oct 12:51
@github-actions github-actions
v0.4.0
89d3a4c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.4.0

Added

  • Support for Premium plan of SAP Audit Log Service
  • Support for XSUAA credential type x509
  • Support for generic outbox

Changed

  • Always use outbox (as configured in project)

Fixed

  • Avoid dangling SELECTs to resolve data subject IDs, which resulted in "Transaction already closed" errors
Loading

v0.3.2

11 Oct 19:42
@github-actions github-actions
v0.3.2
92e30a3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.3.2

Fixed

  • If the request has no tenant (e.g., Unauthorized), the audit log shall be sent to the provider account
Loading

v0.3.1

26 Sep 07:05
@github-actions github-actions
v0.3.1
bf979e8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.3.1

Fixed

  • Defaulting of @PersonalData.DataSubjectRole to entity name
  • Overriding service configuration
Loading

v0.3.0

06 Sep 11:21
@github-actions github-actions
v0.3.0
4541f81
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.3.0

Changed

  • Default value for cds.requires['audit-log'].handle changed to ['READ', 'WRITE'], i.e., accessing sensitive data is now logged by default.
Loading

v0.2.0

01 Sep 09:00
@github-actions github-actions
v0.2.0
c1a2410
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.0

Added

  • Export class AuditLogService for extending in custom implementations as follows: 
    const { AuditLogService } = require('@cap-js/audit-logging')
class MyAuditLogService extends AuditLogService {
  async init() {
    [...]
    // call AuditLogService's init
    await super.init()
  }
}
module.exports = MyAuditLogService
Loading

v0.1.0

18 Aug 07:10
@github-actions github-actions
v0.1.0
d580615
Compare
Choose a tag to compare
v0.1.0

Added

  • New API:
    • audit.log('<event>', <data>) for asynchronous logs (cf. emit)
    • await audit.logSync('<event>', <data>) for synchronous logs (cf. send)
  • New REST API-based schema with auto-filled LogEntry aspect
  • New events SensitiveDataRead, PersonalDataModified, ConfigurationModified, and SecurityEvent
  • Full support for OAuth2 plan of SAP Audit Log Service

Changed

  • Whether reading sensitive data and modifying personal data is logged is determined by cds.requires['audit-log'].handle: [...].
    Possible values in the array are READ and/ or WRITE, with WRITE as the sole default entry.
    Hence, accessing sensitive data is not logged by default.
  • Integration with SAP Audit Log Service via REST API instead of client library (@sap/audit-logging)

Fixed

  • Various glitches in log calculation

Removed

  • Old events dataAccessLog, dataModificationLog, configChangeLog, and securityLog
  • @AuditLog.Operation annotations are ignored. Having the plugin as dependency signals the intent to audit log.
  • cds.features.audit_personal_data: true is no longer necessary. Instead, simply add the plugin as a dependency.
Loading