rcsofttech/audit-trail-bundle

Enterprise-grade, high-performance Symfony audit trail bundle. Automatically track Doctrine entity changes with split-phase architecture, multiple transports (HTTP, Queue, Doctrine), and sensitive data masking.

Maintainers

Package info

github.com/rcsofttech85/AuditTrailBundle

Type:symfony-bundle

pkg:composer/rcsofttech/audit-trail-bundle

Fund package maintenance!

rcsofttech85

Statistics

Installs: 5 502

Dependents: 0

Suggesters: 0

Stars: 115

Open Issues: 2

Security

Advisories: 0

Aikido package health analysis

v4.3.2 2026-06-05 09:22 UTC

Requires

Requires (Dev)

Suggests

MIT 13548f71bdf875c77c5c75284fd9be96d53f8458

  • Rahul Chavan <rcsoftech85.woop@gmail.com>

symfonydoctrineAuditaudit-trailactivity-logcompliancedata-integrityasync-auditsymfony-auditenvershmac-signing

This package is auto-updated.

Last update: 2026-06-05 16:36:29 UTC

README

CI Version Downloads License Codacy Badge Codacy Badge Mutation Testing

AuditTrailBundle records Doctrine ORM entity changes in Symfony applications. It captures changes during Doctrine flush, stores audit logs, supports multiple delivery transports, and provides tools for integrity verification, review, export, and recovery.

Documentation

Full documentation now lives on GitHub Pages:

For older versions, use the README and docs from the matching GitHub tag unless archived public docs are added later.

Features

  • Doctrine entity audit logs for create, update, delete, soft-delete, restore, access, and revert flows
  • Split-phase architecture that avoids nested Doctrine flush() calls
  • Database, async database, queue, HTTP, and chain-style delivery options
  • PHP attributes for #[Auditable], #[AuditCondition], #[AuditAccess], and #[Sensitive]
  • Sensitive data masking with #[SensitiveParameter] and bundle-level sensitive fields
  • AuditReader API for history, filtering, diffs, changed fields, pagination, and existence checks
  • EasyAdmin integration, Symfony profiler support, CLI commands, exports, and revert tooling
  • HMAC signing for stored audit logs and transport payloads
  • Extension points for voters, context contributors, transports, AI metadata, and revert handlers

Quick Start

Install

composer require rcsofttech/audit-trail-bundle

Optional packages depend on the features you enable:

composer require symfony/messenger          # async database or queue transport
composer require symfony/http-client       # HTTP transport
composer require easycorp/easyadmin-bundle # EasyAdmin dashboard

Prepare The Database

The database transport is enabled by default. Generate and run a Doctrine migration for the audit log table:

php bin/console make:migration
php bin/console doctrine:migrations:migrate

Mark An Entity As Auditable

The example uses PHP 8.4 asymmetric property visibility (public private(set)) and constructor property promotion for normal entity fields. Keep the generated ID outside the constructor so callers cannot pass it accidentally.

<?php

declare(strict_types=1);

namespace App\Entity;

use Doctrine\ORM\Mapping as ORM;
use Rcsofttech\AuditTrailBundle\Attribute\Auditable;

#[ORM\Entity]
#[Auditable(ignoredProperties: ['internalCode'])]
class Product
{
    #[ORM\Id]
    #[ORM\GeneratedValue]
    #[ORM\Column]
    public private(set) ?int $id = null;

    public function __construct(
        #[ORM\Column(length: 180)]
        public private(set) string $name,

        #[ORM\Column]
        public private(set) int $priceInCents,

        #[ORM\Column(length: 40, nullable: true)]
        public private(set) ?string $internalCode = null,
    ) {
    }
}

Minimal Configuration

# config/packages/audit_trail.yaml
audit_trail:
    enabled: true
    ignored_properties: ['updatedAt', 'updated_at']
    retention_days: 365
    transports:
        database:
            enabled: true
            async: false

Requirements

  • PHP 8.4+
  • Symfony 7.4 or 8.0
  • Doctrine ORM 3.6+
  • DoctrineBundle 3.1+
  • ext-mbstring

Links

License

MIT License.