[codex] always tag audit event source

[tianzhou]

Summary

• Always emit an audit source value for generated events: web for web-app login/logout/SQL/export events and existing mcp for MCP SQL execution.
• Show the source badge in the System audit tab as well as the Connection tab.
• Update audit log docs and tests to cover web, MCP, and system event source values.

Why

The previous implementation only populated source when SQL came through the MCP path. UI/web-originated SQL events, exports, and auth events could therefore display a blank source. This makes the origin explicit for every audit event we emit today.

Validation

• pnpm test tests/audit.test.ts
• pnpm build

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
pgconsole	Ready	Preview, Comment	Jun 26, 2026 7:15am

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
pgconsole	🟢 Ready	View Preview	Jun 26, 2026, 6:29 AM

💡 Tip: Enable Workflows to automatically generate PRs for you.

[Copilot]

Pull request overview

This PR ensures every emitted audit event includes an explicit source value so the UI and downstream log consumers can reliably attribute audit events to their origin (web app vs MCP).

Changes:

• Make source non-optional on audit event types and default SQL events to source: 'web' unless explicitly tagged as MCP.
• Display the source badge in the System audit tab as well as the Connection tab.
• Expand audit tests and documentation to cover source across auth, SQL, and export events.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
server/lib/audit.ts	Makes source required across audit event types and always sets it when emitting events (web default, mcp via opts).
src/pages/AuditLog.tsx	Passes entry.source into the action cell so the source badge renders in the System tab as well.
tests/audit.test.ts	Adds assertions/tests ensuring source is present for web, MCP, and system auth events.
docs/features/audit-log.mdx	Updates examples/field docs to document the source field for each relevant event.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[greptile-apps]

Greptile Summary

This PR ensures every audit event carries an explicit source value — "web" for browser-originated login, logout, SQL, and export events, and the existing "mcp" for MCP-path SQL — eliminating the blank-source case for non-MCP events. It also wires source into the ActionCell badge so the System tab now surfaces the origin just like the Connection tab.

• server/lib/audit.ts: source is promoted from an optional 'mcp'-only field on SQLExecuteEvent to a required 'web' | 'mcp' field across all four event types; auditSQL defaults to 'web' via opts?.source ?? 'web', preserving the MCP opt-in path.
• src/pages/AuditLog.tsx: Single-line change passes entry.source to ActionCell in the System tab (Connection tab was already wired).
• tests/audit.test.ts / docs/features/audit-log.mdx: New tests cover web, MCP, and auth-event source values; docs updated to show source in all four event examples and field tables.

Confidence Score: 5/5

Safe to merge — the change is additive, all callers are updated, the proto already carried the source field, and the server mapper already handled it.

The core logic is straightforward: a required field replaces an optional one, every emitter is updated, and the opts?.source ?? 'web' default correctly preserves the MCP path. The proto definition (field 12) and the toAuditLogEntry mapper were already in place, so no wire-format or API changes are needed. The only findings are cosmetic — redundant type guards in tests and a missing field table in the logout docs section.

No files require special attention; tests/audit.test.ts has minor style cleanup and docs/features/audit-log.mdx is missing a field table for the auth.logout section.

Important Files Changed

Filename	Overview
server/lib/audit.ts	Makes source a required field on all four event interfaces and populates it in every emitter; default-to-'web' logic in auditSQL correctly preserves the existing MCP path.
src/pages/AuditLog.tsx	Adds source prop to ActionCell and passes entry.source in the System tab; Connection tab already had the same wiring; single-line, targeted change.
tests/audit.test.ts	Adds three assertions/tests for source tagging; uses a now-redundant 'source' in narrowing guard because source is required on every AuditEvent subtype after this PR.
docs/features/audit-log.mdx	Adds source to all JSON examples and field tables; auth.logout gains the JSON example but still lacks a field-description table, unlike every other event section.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[User Browser] -->|login/logout/SQL/export| B[Web Handler]
    C[MCP Client] -->|SQL via MCP tool| D[MCP Handler]

    B -->|auditLogin / auditLogout| E["source: 'web'"]
    B -->|auditSQL no opts| E
    B -->|auditExport| E
    D -->|auditSQL opts.source='mcp'| F["source: 'mcp'"]

    E --> G[AuditEvent store]
    F --> G

    G -->|listAuditEvents| H[Connection tab]
    G -->|listSystemAuditEvents| I[System tab]

    H --> J["ActionCell + source badge"]
    I --> J

Loading

%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[User Browser] -->|login/logout/SQL/export| B[Web Handler]
    C[MCP Client] -->|SQL via MCP tool| D[MCP Handler]

    B -->|auditLogin / auditLogout| E["source: 'web'"]
    B -->|auditSQL no opts| E
    B -->|auditExport| E
    D -->|auditSQL opts.source='mcp'| F["source: 'mcp'"]

    E --> G[AuditEvent store]
    F --> G

    G -->|listAuditEvents| H[Connection tab]
    G -->|listSystemAuditEvents| I[System tab]

    H --> J["ActionCell + source badge"]
    I --> J

Loading

_{Reviews (1): Last reviewed commit: "fix: always tag audit event source" | Re-trigger Greptile}