Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Auditor Doctrine Provider
Assessments

Auditor Doctrine Provider Laravel Package

damienharper/auditor-doctrine-provider

Doctrine ORM provider for DamienHarper/auditor. Automatically records audit logs for Doctrine entities (create/update/delete) with DBAL/ORM integration and configurable auditing, making change tracking and accountability easy in PHP applications.

View on GitHub
Deep Wiki
Context7

Technical Evaluation

Architecture Fit

  • Purpose Alignment: The package (damienharper/auditor-doctrine-provider) remains well-aligned for Doctrine ORM-based audit logging, particularly for CRUD-heavy applications requiring fine-grained change tracking (e.g., compliance, financial systems). The 1.2.0 fix for inverse-side OneToMany associations addresses a critical gap in audit completeness, making it more reliable for complex entity relationships (e.g., OrderOrderItem).
  • Laravel Compatibility: Unchanged—still requires Doctrine ORM (not Eloquent) and is best suited for:
    • Hybrid Laravel/Symfony stacks.
    • Projects using laravel-doctrine/orm.
    • APIs with Doctrine-managed aggregates (e.g., DDD).
  • Key Features (Updated):
    • Fixed Bug: Now correctly audits inverse-side OneToMany associations when multiple entities are flushed together (previously missed some ASSOCIATE entries).
    • Metadata Flexibility: Supports custom fields (e.g., audited_by, reason) via annotations/YAML.
    • Event-Driven: Still hooks into Doctrine’s lifecycle events (prePersist, preUpdate, etc.), but the fix reduces edge-case inconsistencies.

Integration Feasibility

  • Doctrine ORM Dependency: Unchanged—requires Doctrine ORM v2.5+ (not DBAL alone). Laravel’s Eloquent remains incompatible without a bridge (e.g., laravel-doctrine/orm).
  • Audit Storage:
    • Defaults to same database as entities (via Doctrine events).
    • Can be extended to external systems (e.g., Elasticsearch, dedicated audit DB).
  • Event-Driven Improvements:
    • The 1.2.0 fix resolves a subtle but critical bug where inverse-side associations (e.g., OrderItemOrder) might not be fully audited when multiple entities are saved in a batch.
    • Impact: Previously, some ASSOCIATE operations (e.g., reparenting OrderItem to a new Order) could be missed. Now, these are consistently logged.

Technical Risk

Risk Area Description Mitigation Strategy
ORM Mismatch Laravel’s Eloquent ≠ Doctrine ORM; requires additional setup. Use laravel-doctrine/orm or hybrid architecture.
Performance Overhead Audit logging adds DB writes on every entity change. Fixed bug may increase writes slightly during batch operations. Benchmark with production-like loads; use async logging (e.g., queues) if needed.
Schema Changes May require new tables for audit logs (e.g., audit_entries). Bug fix may alter log structure for associations. Design schema upfront; test migrations thoroughly.
Event Conflicts Doctrine events may clash with existing listeners. Bug fix reduces but doesn’t eliminate this risk. Test in isolation; prioritize event binding order.
Maintenance Burden Package is niche (2 stars, low activity). No breaking changes in 1.2.0, but long-term viability remains uncertain. Monitor for updates; consider forking if critical.

Key Questions

  1. Why Doctrine?
    • Is Doctrine already in use, or is this a greenfield decision? (Unchanged)
    • Could Eloquent’s native observers or model events suffice? (Unchanged)
  2. Audit Requirements
    • Updated: Does your use case involve complex associations (e.g., OneToMany inverse-side changes)? If so, the 1.2.0 fix is critical.
    • Are there compliance mandates (e.g., GDPR, HIPAA) requiring immutable, complete logs? (Unchanged)
  3. Storage Backend
    • Will audit logs share the primary DB, or use a dedicated system? (Unchanged)
  4. Performance Tradeoffs
    • Updated: The bug fix may increase write operations during batch saves. Is async logging feasible? (New consideration)
  5. Long-Term Viability
    • Updated: The package is now more stable for association-heavy workflows, but maintenance remains a risk. Are there alternatives (e.g., spatie/laravel-activitylog for Eloquent)? (Unchanged)

Integration Approach

Stack Fit

  • Target Environments: Unchanged
    • Laravel + Doctrine (via laravel-doctrine/orm).
    • Hybrid APIs with Doctrine-managed aggregates.
    • Legacy systems migrating to Laravel with audit needs.
  • Alternatives Considered: Unchanged

Migration Path

  1. Assess Current State: Unchanged
    • Audit existing entity models for Doctrine compatibility.
    • Identify critical paths (e.g., OrderOrderItem for association testing).
  2. Setup Doctrine: Unchanged
  3. Integrate Auditor: Updated
    • Install the package: 
      composer require damienharper/auditor-doctrine-provider:^1.2
    • Test Association Auditing:
      • Verify inverse-side OneToMany changes (e.g., reparenting OrderItem) are logged.
      • Example: 
        $order1 = new Order();
$order2 = new Order();
$item = new OrderItem();
$item->setOrder($order1); // Audit should log ASSOCIATE for $order1
$item->setOrder($order2); // Audit should now correctly log ASSOCIATE for $order2 (fixed in 1.2.0)
  4. Test Incrementally: Updated
    • Prioritize association-heavy entities (e.g., OrderOrderItem) to validate the 1.2.0 fix.
    • Use: 
      $auditLog = $auditor->fetchAuditLog(OrderItem::class, $itemId);
  5. Optimize: Unchanged
    • Add indexes to audit tables.
    • Implement async logging if performance is impacted by the bug fix.

Compatibility

  • Doctrine Version: Unchanged—Tested with ORM v2.5+. Ensure Laravel’s Doctrine bridge supports this.
  • PHP Version: Unchanged—Requires PHP 8.0+.
  • Database: Unchanged—Supports Doctrine-supported DBs (MySQL, PostgreSQL, etc.).
  • Laravel Services: Unchanged
    • Register Doctrine and Auditor in config/app.php.
    • Bind custom services if extending functionality.

Sequencing

  1. Phase 1: Proof of Concept
    • Updated: Test the 1.2.0 fix with a OneToMany relationship (e.g., OrderOrderItem).
    • Validate that all association changes (owning and inverse side) are logged.
  2. Phase 2: Core Entities
    • Roll out to high-value entities with complex associations.
  3. Phase 3: Full Rollout
    • Extend to all audited entities.
  4. Phase 4: Optimization
    • Monitor for increased write load due to the bug fix.
    • Implement async logging if needed.

Operational Impact

Maintenance

  • Dependencies: Updated
    • Doctrine ORM: Sync updates with Laravel’s Doctrine bridge.
    • Auditor Package: 1.2.0 is a bug fix only—no breaking changes. Monitor for future updates.
  • Configuration Drift: Unchanged
    • Audit rules may need updates as entities evolve.
  • Tooling: Unchanged
    • Use Doctrine’s schema tool for migrations.
    • Custom artisan commands for audit queries.

Support

  • Debugging: Updated
    • The 1.2.0 fix reduces but doesn’t eliminate edge cases (e.g., custom event listeners overriding audit logic).
    • Use $auditor->fetchAuditLog() to verify association logs.
  • Documentation: Updated
    • **New
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
daikazu/eloquent-salesforce-objects
unseen-codes/chat
romalytar/yammi-jobs-monitoring-laravel
kisame76/filament-db-table-state
nqxcode/laravel-lucene-search
dpfx/laravel-livewire-wizards
workos/workos-php-laravel
sofa/laravel-global-scope
nawasara/auth-primitives
adhocrat-io/arkhe-main
make-dev/orca-harpoon
itsemon245/lamet
baks-dev/dashboard
amoifr/pickle-panther-bundle
make-dev/orca
dmstr/symfony-system-resources-bundle
dmstr/symfony-job-queue-bundle
dmstr/openapi-json-schema-bundle
dmstr/keycloak-security-bundle
dmstr/doctrine-audit-log-bundle