API Reference

Classes

AuditAdminContributor

Admin panel contributor for audit log management.

Registered via lexigram.admin.contributors entry point. Provides audit log search, filter, export, and verification status. Dependencies are resolved from the container in on_admin_boot.

def __init__() -> None

async def on_admin_boot(container: ContainerResolverProtocol) -> None

Resolve audit dependencies from the DI container.

Parameters

Parameter	Type	Description
`container`	ContainerResolverProtocol	The DI container resolver.

async def get_menu_items() -> list[dict[str, str]]

Return admin menu items for the audit module.

async def search(query: AuditQuery) -> list[AuditEntry]

Search audit entries by query filters.

Parameters

Parameter	Type	Description
`query`	AuditQuery	Filter criteria.

Returns

Type	Description
list[AuditEntry]	Matching audit entries, newest-first.

async def export(
    query: AuditQuery,
    format: str = 'json'
) -> bytes

Export filtered audit entries as JSON or CSV.

Parameters

Parameter	Type	Description
`query`	AuditQuery	Filter criteria.
`format`	str	``"json"`` or ``"csv"``.

Returns

Type	Description
bytes	Encoded bytes of the export.

async def verification_status() -> dict[str, Any]

Return latest verification results.

Returns

Type	Description
dict[str, Any]	Dict with ``verified`` bool and ``mismatches`` count.

---

AuditBundleProvider

Composite provider that wires the full Lexigram audit stack.

Composes AuditCoreProvider, AuditRetentionProvider, AuditVerifierProvider, and optionally AuditAdminProvider.

Parameters

Parameter	Type	Description
`config`		Audit configuration. Defaults to AuditConfig() if not provided.
`enable_admin`		Whether to register the admin panel contributor.

def __init__(
    config: AuditConfig | None = None,
    enable_admin: bool = True
) -> None

async def register(container: ContainerRegistrarProtocol) -> None

Delegate registration to all sub-providers.

async def boot(container: ContainerResolverProtocol) -> None

Delegate boot to all sub-providers.

async def shutdown() -> None

Shutdown in reverse registration order.

---

AuditConfig

Configuration for the audit subsystem.

Attributes: store_backend: Backend type — "sql" or "memory". table_name: SQL table name for the unified audit store. hmac_key: HMAC key for checksum computation (bytes). retention_policy: Retention rules; defaults to 365 days. verification_schedule: Cron expression for scheduled verification. verification_batch_size: Entries to verify per verification run. enable_admin: Whether to register the AuditAdminContributor.

---

AuditLogger

Core audit logger implementing AuditLoggerProtocol.

Fire-tolerant: log() catches all exceptions and emits a warning. Audit failure must never block the operation that triggered it.

Parameters

Parameter	Type	Description
`store`		Underlying storage backend (AuditStoreProtocol).
`retention`		Optional retention policy for computing entry expiry.

def __init__(
    store: AuditStoreProtocol,
    retention: RetentionPolicyProtocol | None = None
) -> None

async def log(entry: AuditEntry) -> None

Record an audit entry. Never raises.

Parameters

Parameter	Type	Description
`entry`	AuditEntry	The audit event to persist.

async def query(query: AuditQuery) -> list[AuditEntry]

Query entries matching filters. Returns empty list on error.

Parameters

Parameter	Type	Description
`query`	AuditQuery	Filter criteria encapsulated in an AuditQuery object.

Returns

Type	Description
list[AuditEntry]	List of matching entries, newest-first.

---

AuditModule

Lexigram audit module.

Registers the full audit stack including store, logger, retention, verification, and optional admin panel contributor.

Usage

app = Application()
app.use(AuditModule.configure(
    hmac_key=b"secret",
    retention_days=365,
))

def configure(
    cls,
    *,
    hmac_key: bytes | None = None,
    store_backend: str = 'sql',
    table_name: str = 'audit_log',
    retention_days: int = 365,
    enable_admin: bool = True,
    **overrides: Any
) -> DynamicModule

Configure the audit module.

Parameters

Parameter	Type	Description
`hmac_key`	bytes | None	HMAC key for checksum computation.
`store_backend`	str	``"sql"`` or ``"memory"``.
`table_name`	str	SQL table name.
`retention_days`	int	Default retention in days.
`enable_admin`	bool	Register admin contributor. **overrides: Additional AuditConfig fields.

Returns

Type	Description
DynamicModule	DynamicModule ready for ``app.use()``.

---

AuditPurger

Purges expired audit entries and emits a meta-audit log on each run.

Parameters

Parameter	Type	Description
`store`		The underlying store to purge entries from.
`retention`		Retention policy to evaluate entries.
`audit_logger`		Optional audit logger for meta-audit events.

def __init__(
    store: AuditStoreProtocol,
    retention: RetentionPolicyProtocol,
    audit_logger: AuditLoggerProtocol | None = None
) -> None

async def purge_expired() -> int

Evaluate all entries and purge those past expiry.

Returns

Type	Description
int	Number of entries purged.

---

AuditVerifier

Tamper detection via HMAC-SHA256 checksum verification.

Implements AuditVerifierProtocol. Checksum verification is only meaningful when entries are stored with checksums (i.e. the SQL backend with an HMAC key configured). The in-memory store does not persist checksums, so verify_recent and verify_entry are no-ops in that case.

Parameters

Parameter	Type	Description
`store`		Audit store backend (any AuditStoreProtocol implementation).
`config`		Audit configuration containing the HMAC key.

def __init__(
    store: AuditStoreProtocol,
    config: AuditConfig
) -> None

async def verify_recent(
    *,
    limit: int = 100
) -> list[AuditMismatch]

Verify checksums for the most recent entries.

Because AuditEntry does not carry a stored checksum field, full tamper-detection is only possible when the SQL backend is in use and checksums are persisted in the DB column. Without stored checksums this method logs the entries and returns an empty list (no mismatches detected / not applicable).

Parameters

Parameter	Type	Description
`limit`	int	Number of recent entries to verify.

Returns

Type	Description
list[AuditMismatch]	List of AuditMismatch objects (empty = all verified or not applicable).

async def verify_entry(entry_id: str) -> bool

Verify checksum for a single entry.

This is a no-op at the protocol level because AuditEntry does not carry a stored checksum field. When using the SQL backend with HMAC enabled, verification should be performed directly against the DB row rather than through the store protocol.

Parameters

Parameter	Type	Description
`entry_id`	str	ID of the entry to verify.

Returns

Type	Description
bool	True (checksum verification not applicable at protocol level).

---

InMemoryAuditStore

In-memory audit store implementing AuditStoreProtocol.

Uses a bounded deque. Thread-safe for single-event-loop async usage.

Parameters

Parameter	Type	Description
`max_entries`		Maximum capacity. Oldest entries dropped when full.

def __init__(max_entries: int = 10000) -> None

async def append(entry: AuditEntry) -> None

Persist a single audit entry.

async def query(query: AuditQuery) -> list[AuditEntry]

Retrieve entries matching filters, newest-first.

async def count(query: AuditQuery) -> int

Return count of entries matching filters.

def clear() -> None

Clear all entries (test helper).

---

PolicyBasedRetention

Evaluates retention policies to determine entry expiry.

Implements RetentionPolicyProtocol.

Parameters

Parameter	Type	Description
`policy`		Retention policy configuration.

def __init__(policy: RetentionPolicy) -> None

async def evaluate(entry: AuditEntry) -> RetentionDecision

Determine retention decision based on severity and source.

Parameters

Parameter	Type	Description
`entry`	AuditEntry	The audit entry to evaluate.

Returns

Type	Description
RetentionDecision	RetentionDecision.RETAIN if indefinite, RETAIN_UNTIL otherwise.

async def get_expiry(entry: AuditEntry) -> datetime | None

Return expiry datetime for an entry, or None for indefinite retention.

Parameters

Parameter	Type	Description
`entry`	AuditEntry	The audit entry to evaluate.

Returns

Type	Description
datetime | None	UTC expiry datetime, or None.

---

Functions

compute_audit_checksum

def compute_audit_checksum(
    entry_data: dict[str, Any],
    key: bytes
) -> str

Compute HMAC-SHA256 hex digest for audit entry data.

Parameters

Parameter	Type	Description
`entry_data`	dict[str, Any]	Dictionary of audit entry fields.
`key`	bytes	HMAC secret key bytes.

Returns

Type	Description
str	Hex-encoded HMAC-SHA256 digest.

---

verify_audit_checksum

def verify_audit_checksum(
    entry_data: dict[str, Any],
    key: bytes,
    expected: str
) -> bool

Verify expected checksum matches computed checksum using constant-time comparison.

Parameters

Parameter	Type	Description
`entry_data`	dict[str, Any]	Dictionary of audit entry fields.
`key`	bytes	HMAC secret key bytes.
`expected`	str	Previously stored checksum hex string.

Returns

Type	Description
bool	True if checksum matches, False if tampered.

---