Skip to content
ModularityKit.Mutator ModularityKit.Mutator Docs
  • Home
  • Core
  • Governance
  • Redis
  • API
Search Results for

    ADR-005: Mutation Audit Abstractions

    Tag

    #adr_005

    Status

    Accepted

    Date

    2026-01-22

    Scope

    ModularityKit.Mutators.Abstractions.Audit

    Context

    The mutation engine must be fully auditable, enabling tracking of all operations on application state. Each mutation can be executed in different contexts, by different actors, and is subject to security policies and business rules. To maintain consistency, transparency, and compliance, a clear and unambiguous method for recording and retrieving mutation information is required.

    Auditing should operate independently of mutation logic and should not introduce runtime or infrastructure dependencies. The audit model must be readable, immutable, and ready to integrate with various backends (databases, event stores, logging systems), while enabling reconstruction of the complete operation flow without constraining specific storage implementations.

    Decision

    IMutationAuditor

    Responsibilities:

    • Record the execution of mutations.
    • Provide audit query capabilities.

    MutationAuditEntry

    Responsibilities:

    • Store a complete snapshot of a mutation (intent, context, changes, policy decisions).
    • Ensure immutability and suitability as audit evidence.

    Data Categories in MutationAuditEntry

    • Identity & Correlation: ExecutionId, StateId, StateType
    • Intent & Context: MutationIntent, MutationContext
    • Effect Evidence: ChangeSet, IsSuccess, ErrorMessage
    • Policy Trace: PolicyDecisions
    • Temporal Metrics: Timestamp, Duration
    • Source Attribution: SourceIpAddress, UserAgent
    • Extensibility: Metadata

    Design Rationale

    • Auditing is treated as a separate layer that does not affect mutation execution logic.
    • The model is broad enough to support various interceptors and integrations.
    • Immutability and structured categorization make audit entries reliable as evidence and facilitate downstream analytics and compliance processes.
    • Edit this page
    In this article
    ModularityKit.Mutator Generated from XML docs and published from main. Back to top