docs(implplan): AUDIT-007 DOING — events + chain proof in bundle
Sprint SPRINT_20260408_004. 2 of 3 criteria DONE: Timeline event pull and chain-verification certificate are now included in AuditBundles. DSSE manifest signing deferred as a follow-up (cross-service signer handshake scope). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
@@ -235,7 +235,7 @@ Completion criteria:
|
||||
- [ ] Retention status visible on dashboard overview tab
|
||||
|
||||
### AUDIT-007 - AuditPack export from unified store
|
||||
Status: TODO
|
||||
Status: DOING
|
||||
Dependency: AUDIT-001, AUDIT-002
|
||||
Owners: Developer (backend)
|
||||
Task description:
|
||||
@@ -244,9 +244,9 @@ Task description:
|
||||
- Add DSSE signature on audit bundle manifests via Attestor integration.
|
||||
|
||||
Completion criteria:
|
||||
- [ ] Audit bundle export pulls from unified Timeline store
|
||||
- [ ] Bundle includes chain verification certificate
|
||||
- [ ] Bundle manifest is DSSE-signed
|
||||
- [x] Audit bundle export pulls from unified Timeline store — `ITimelineAuditSource` + `HttpTimelineAuditSource` pull unified events from Timeline's `/api/v1/audit/events` with pagination and a MaxPages guardrail; `AuditBundleJobHandler` writes the events to `audit/events.ndjson` as an AUDIT_EVENTS artifact when the new `AuditBundleContentSelection.AuditEvents` flag is set.
|
||||
- [x] Bundle includes chain verification certificate — `ITimelineAuditSource.GetChainProofAsync` pulls `/api/v1/audit/verify-chain` per bundle and writes it as an `audit/chain-proof.json` AUDIT_CHAIN_PROOF artifact, independent of whether events were actually present in the window.
|
||||
- [ ] Bundle manifest is DSSE-signed — deferred: requires cross-service Signer handshake and manifest canonicalization separate from event export; tracked as follow-up.
|
||||
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
|
||||
Reference in New Issue
Block a user