Log CLI scan events to audit.log and add append test by Jeffrin-dev · Pull Request #12 · Jeffrin-dev/ShadowAudit

Jeffrin-dev · 2026-03-29T06:01:08Z

Add an auditable record for CLI-initiated scans so scan outcomes are persisted for reporting and review.
Ensure the CLI logging is append-safe by validating that consecutive runs create multiple JSON Lines entries in audit.log.

Updated shadowaudit/cli.py to import AuditLogger, AuditEvent, and datetime.timezone, and to use a scan_result variable after PIIScanner and SecretsDetector run.
Constructed an AuditEvent with timestamp=datetime.now(timezone.utc).isoformat(), request_id=scan_result.request_id, scan_result=scan_result, policy_applied="none", model_target="cli", and response_clean=True, then appended it with AuditLogger("audit.log").append(...).
Added test_scan_command_writes_and_appends_audit_log in tests/test_cli_scan.py which runs the scan command twice in a temporary directory and asserts audit.log exists and contains two JSONL lines.

Ran pytest -q tests/test_cli_scan.py and the test file passed with 3 passed.

Log CLI scan events to audit.log

84c8eeb

Jeffrin-dev added the codex label Mar 29, 2026 — with ChatGPT Codex Connector

Jeffrin-dev merged commit 3d42e33 into main Mar 29, 2026
1 check passed

Provide feedback