Audit-log Gitea MCP mutating actions with execution profile metadata #18
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Parent
Roadmap #10 — Task-scoped MCP execution profiles for LLM-operated Gitea workflows
Problem
When LLMs perform workflow actions, audit logs must show which MCP profile and authenticated Gitea user performed each mutation.
Scope
Define and implement audit logging for Gitea MCP mutating actions.
Audit events should include:
Mutating actions to audit
Acceptance criteria
Non-goals
Proposed labels
mcp·gitea·audit·security·mutatingClaimed. Starting implementation.
Planned branch:
feat/issue-18-audit-log-mutating-actions(from latestmaster).Scope: audit logging for Gitea MCP mutating actions per acceptance criteria (timestamp, repo, issue/PR, action, profile, authenticated username, result, redacted metadata). Secrets/tokens redacted; no Jenkins/Ops/deploy behavior.