🚀 Feature: Modification audit, commented #106

New Issue

Closed

opened 2025-10-07 23:53:21 +03:00 by OVERLORD · 3 comments

OVERLORD commented 2025-10-07 23:53:21 +03:00

Owner

Copy Link

Originally created by @jtagcat on GitHub.

Feature description

Audit log for user modifications (or considering PII laws, accessing/viewing).

I heavily recommend a text box (with a placeholder) for an optional 'commit message' next to the Save button. For design inspiration, see editing files in web for GitHub, GitLab, Gitea, etc.

Pitch

We store our users in Git, which is synced by ArgoCD to passmower. The advantages:

• Committing encourages a commit message. Audit log is great for blaming 'what by whom?', but 'why?' is much more useful to debug people operations, especially with many independent editors.
• Everything is plaintext. Mass modification, surgical filtering with yq is trivial. Time has shown it also answers 'whose phone nr?' or finding the guy with 3 alias-names with ripgrep.
• It may be bad, but adding to the 'why' factor, we have comments in yaml to cite a source for the piece of information, or warn against repeat headaches.

This is our niche use-case with technocrats running the show.

Originally created by @jtagcat on GitHub. ### Feature description Audit log for user modifications (or considering PII laws, accessing/viewing). I heavily recommend a text box (with a [placeholder](https://developer.mozilla.org/en-US/docs/Web/CSS/::placeholder)) for an optional 'commit message' next to the Save button. For design inspiration, see editing files in web for GitHub, GitLab, Gitea, etc. ### Pitch We store our users in Git, which is synced by ArgoCD to [passmower](https://github.com/passmower/passmower). The advantages: - Committing encourages a commit message. Audit log is great for blaming 'what by whom?', but 'why?' is much more useful to debug people operations, especially with many independent editors. - Everything is plaintext. Mass modification, surgical filtering with yq is trivial. Time has shown it also answers 'whose phone nr?' or finding the guy with 3 alias-names with ripgrep. - It may be bad, but adding to the 'why' factor, we have comments in yaml to cite a source for the piece of information, or warn against repeat headaches. This is our niche use-case with technocrats running the show.

OVERLORD closed this issue 2025-10-07 23:53:22 +03:00

OVERLORD commented 2025-10-07 23:53:23 +03:00

Author

Owner

Copy Link

@jtagcat commented on GitHub:

What about uncommented audit logs? Honestly, I expected modifications (/ admin actions, including viewing) under the current audit logs, but don't be bothered by my opinion.

@jtagcat commented on GitHub: What about uncommented audit logs? Honestly, I expected modifications (/ admin actions, including viewing) under the current audit logs, but don't be bothered by my opinion.

OVERLORD commented 2025-10-07 23:53:24 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

Thank you for your suggestion. While I think the idea is not bad, I believe this feature is too complex for a simple OIDC provider like Pocket ID. Commented audit logs seem more suited for an enterprise-level IDP, which Pocket ID is not.

@stonith404 commented on GitHub: Thank you for your suggestion. While I think the idea is not bad, I believe this feature is too complex for a simple OIDC provider like Pocket ID. Commented audit logs seem more suited for an enterprise-level IDP, which Pocket ID is not.

OVERLORD commented 2025-10-07 23:53:24 +03:00

Author

Owner

Copy Link

@kmendell commented on GitHub:

I think this may be overkill and would add bloat to the UI when its a niche feature, that a small subset of users would use, but ill leave it up to @stonith404

@kmendell commented on GitHub: I think this may be overkill and would add bloat to the UI when its a niche feature, that a small subset of users would use, but ill leave it up to @stonith404

OVERLORD referenced this issue 2025-10-08 00:20:22 +03:00

[PR #106] [MERGED] feat: add LDAP sync #954

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

oidc-scopes

breaking/v2

i18n_crowdin

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#106