fix(audit): address /code-review findings

- scheduler _run_changed: count a run as "changed" only on a truthy NUMERIC
  value — status-string no-op dicts like {"skipped":"disabled"} (Plex off, the
  default) or {"skipped":"no demo account"} were flooding the trail every interval.
- audit.record: truncate target_id to the column width (128) like summary[:255],
  so an over-long target (e.g. a 128+ char demo email) can't abort the mutation
  the audit row is committed alongside.
- config set/reset: redact URL userinfo (user:pass@) from logged non-secret
  values — a proxy setting can embed credentials that shouldn't land in the trail.
- config set: skip the audit row when a non-secret value didn't actually change
  (no-op re-save shouldn't add noise); secrets are write-only so always logged.
- audit page title (pageMeta): add the missing "audit" case so the browser tab
  reads "Audit log · Siftlode" instead of falling back to "Feed".
This commit is contained in:
npeter83 2026-07-12 07:47:07 +02:00
parent 318fdc4812
commit 32d8575f79
4 changed files with 34 additions and 12 deletions

View file

@ -26,6 +26,8 @@ export function pageTitleKey(page: Page): string {
return "header.configuration";
case "users":
return "header.users";
case "audit":
return "audit.title";
case "settings":
return "settings.title";
default: