# @repo/core-audit

Optional core package providing DPA-compliant audit logging. Scaffold via `pnpm turbo gen core-package audit`.

## Structure

```
src/
  audit-log.interface.ts          # IAuditLog extends AuditLogProtocol
  audit-logs-collection.ts        # Payload collection (append-only)
  noop-audit-log.ts               # NoopAuditLog
  payload-audit-log.ts            # PayloadAuditLog (local cache impl)
  stdout-json-audit-log.ts        # StdoutJsonAuditLog (log-shipper sink)
  multi-sink-audit-log.ts         # MultiSinkAuditLog (fan-out wrapper)
  trace-id-enriching-audit-log.ts # OTel correlation decorator
  pseudonymize.ts                 # sha256-with-salt for GDPR pseudonymization
  di/bind-audit.ts                # bindAudit binder
  integrations/api/router.ts      # admin tRPC procedure
  hooks/                          # Payload hook factories
```

## Compliance posture

- `AuditEntry` type (in `@repo/core-shared/audit`) has no `payload`/`body`/`oldValue`/`newValue` fields — type system enforces DPA "what NOT to log".
- Append-only Payload collection (`update: () => false`); erasure uses `overrideAccess: true` for the privileged path.
- `AUDIT_PSEUDONYM_SALT` env REQUIRED in production. Validated at bind time.

See `docs/guides/audit-and-compliance.md` for the full guide.