Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message

Entity Audit Bundle Laravel Package

sonata-project/entity-audit-bundle

Doctrine 2 entity versioning for Symfony, inspired by Hibernate Envers. Tracks changes to audited entities and associations, storing revision history you can browse and compare for full audit trails.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Compliance & Governance: Enables automated tracking of entity changes for audit trails, critical for industries like finance, healthcare, or legal where regulatory compliance (e.g., GDPR, HIPAA, SOX) requires immutable records of data modifications.
  • Feature Roadmap: Accelerates development of "time-travel" features (e.g., "Restore to previous version," "Compare changes between revisions") without custom engineering.
  • Build vs. Buy: Eliminates the need to build a custom audit solution, reducing technical debt and maintenance overhead. Ideal for teams prioritizing speed over bespoke control.
  • Use Cases:
    • Data Integrity: Track who modified sensitive fields (e.g., user roles, financial transactions) and when.
    • Debugging: Reconstruct system state at specific points in time to diagnose issues (e.g., "Why did this order fail?").
    • User-Facing Tools: Power admin dashboards (e.g., "Activity Log," "Change History") with minimal backend effort.
    • Security Investigations: Correlate entity changes with user actions (e.g., "Who deleted this record at 3 AM?").
    • Multi-Tenant SaaS: Isolate audit trails per tenant without duplicating infrastructure.

When to Consider This Package

  • Adopt if:

    • Your application uses Doctrine ORM and requires immutable audit logs for critical entities.
    • You need automated revision tracking (inserts, updates, deletes) with minimal code changes.
    • Your team lacks resources to build a custom audit system but requires enterprise-grade reliability.
    • You’re using Symfony (or standalone Doctrine) and want zero-configuration integration for basic use cases.
    • Compliance or security teams demand tamper-proof change histories without manual logging.
  • Look elsewhere if:

    • You need fine-grained control over audit triggers (e.g., skip audits for specific methods/fields dynamically).
    • Your entities use complex inheritance (e.g., Joined-Table Inheritance) or non-auto-increment primary keys (limited support).
    • You require real-time audit streaming (e.g., Kafka integration) or cross-database synchronization.
    • Your team prefers event sourcing or CQRS over traditional auditing (this package is not an event store).
    • You’re using non-Doctrine ORMs (e.g., Eloquent, Propel) or NoSQL databases.
    • You need role-based audit filtering (e.g., "Show only changes made by admins")—this requires custom logic on top of the bundle.

How to Pitch It (Stakeholders)

For Executives:

"This package lets us automatically track every change to critical data—like a time machine for our database—without writing custom code. For compliance, security, or debugging, we’ll save thousands in dev hours and reduce risks from undetected data corruption. It’s like adding an ‘undo’ button for the entire system, but for auditors. Zero upfront cost, just enable it and start benefiting immediately."

Key Outcomes:

  • Regulatory compliance out of the box (GDPR, SOX, etc.).
  • Faster incident response with full change histories.
  • Reduced dev burden—no more manual logging or custom scripts.
  • Scalable—works for 10 users or 10 million.

For Engineering Teams:

"This is a drop-in Doctrine audit solution that handles the heavy lifting of tracking entity revisions (inserts, updates, deletes) with zero performance overhead during normal operations. It’s battle-tested (used in production by 600+ repos) and integrates seamlessly with Symfony. Here’s how we’ll use it:

  1. Enable audits for high-risk entities (e.g., User, Order, Payment) in config/packages/entity_audit.yaml.
  2. Query past states via AuditReader (e.g., findRevisions(), find()) to build admin tools.
  3. Leverage the built-in Symfony routes (/audit) for quick debugging or expose a custom API for frontend integration.
  4. Exclude noise (e.g., updated_at timestamps) via global_ignore_columns.

It’s not a silver bullet—you’ll need to handle edge cases (e.g., inheritance, custom primary keys) yourself—but it cuts 80% of the work compared to rolling your own. Tradeoff: Minimal control for maximum speed."

Tech Deep Dive:

  • How it works: Creates _audit tables for each entity, logs revisions with timestamps/usernames via Doctrine events.
  • Performance: Only triggers on entity changes; queries are optimized for read-heavy audit use cases.
  • Extensibility: Hook into username_callable for custom auth or override AuditReader for advanced queries.
  • Limitations: No support for soft deletes (use Doctrine lifecycle callbacks instead) or multi-database setups out of the box.
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
bugban/symfony
beyonder-capi/workflow-extensions-bundle
beyonder-capi/job-queue-bundle
capell-app/block-library
axium/identity
cetria/laravel-dummy-models
cetria/reflection-helper
agropredict/sso-auth-bundle
evolvestudio/spam-protection
datacore/hub-sdk
develia/commons
cuci/prototurk-sdk
cuci/prototurk-sdk-symfony
develia/geo-bundle
dreamzy/livewire-charts
touchestate-sdk/php-sdk
22h/doctrine-garbage-collection-bundle
agtp/agtp-php
agtp/mod-php
splash/sonata-admin