PHPackages rasuvaeff/yii3-audit-log - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Logging & Monitoring](/categories/logging) 4. / 5. rasuvaeff/yii3-audit-log ActiveLibrary[Logging & Monitoring](/categories/logging) rasuvaeff/yii3-audit-log ======================== Audit trail for Yii3 applications: who changed what and when, with sensitive value masking 1.0.0(today)027↑2677.8%1BSD-3-ClausePHPPHP 8.3 - 8.5CI passing Since Jun 20Pushed todayCompare [ Source](https://github.com/rasuvaeff/yii3-audit-log)[ Packagist](https://packagist.org/packages/rasuvaeff/yii3-audit-log)[ Docs](https://github.com/rasuvaeff/yii3-audit-log)[ RSS](/packages/rasuvaeff-yii3-audit-log/feed)WikiDiscussions master Synced today READMEChangelogDependencies (9)Versions (2)Used By (1) rasuvaeff/yii3-audit-log ======================== [](#rasuvaeffyii3-audit-log) [![Stable Version](https://camo.githubusercontent.com/ef14e6b947fc7a43cec17f5685b884b4f31ed937b6f84b6b6d0add519cf4819f/68747470733a2f2f706f7365722e707567782e6f72672f7261737576616566662f796969332d61756469742d6c6f672f762f737461626c65)](https://packagist.org/packages/rasuvaeff/yii3-audit-log)[![Total Downloads](https://camo.githubusercontent.com/bfed4093fe29cb39a766554850b3e7fd5d6c7856ceb3d5496a6c89ad52eece47/68747470733a2f2f706f7365722e707567782e6f72672f7261737576616566662f796969332d61756469742d6c6f672f646f776e6c6f616473)](https://packagist.org/packages/rasuvaeff/yii3-audit-log)[![Build](https://github.com/rasuvaeff/yii3-audit-log/actions/workflows/build.yml/badge.svg)](https://github.com/rasuvaeff/yii3-audit-log/actions)[![Static analysis](https://github.com/rasuvaeff/yii3-audit-log/actions/workflows/static-analysis.yml/badge.svg)](https://github.com/rasuvaeff/yii3-audit-log/actions)[![Psalm Level](https://camo.githubusercontent.com/5e5e79fd1b093692b423bd295ebf4e37760faae8a8b430049df0ca1018187336/68747470733a2f2f73686570686572642e6465762f6769746875622f7261737576616566662f796969332d61756469742d6c6f672f6c6576656c2e737667)](https://shepherd.dev/github/rasuvaeff/yii3-audit-log)[![PHP](https://camo.githubusercontent.com/8f9e9ca6cda1fd9420ec6488e0c391c67f722833baa78377fb10b50e8ca710e3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f646570656e64656e63792d762f7261737576616566662f796969332d61756469742d6c6f672f706870)](https://packagist.org/packages/rasuvaeff/yii3-audit-log)[![License](https://camo.githubusercontent.com/94e8b50940b4cafd483e571c452ce357656c9e0cc3ae6632532c545045a7e76b/68747470733a2f2f706f7365722e707567782e6f72672f7261737576616566662f796969332d61756469742d6c6f672f6c6963656e7365)](https://packagist.org/packages/rasuvaeff/yii3-audit-log) Audit trail for Yii3 applications: who changed what and when, with sensitive value masking. Stateless core — bring your own writer (DB adapter lives in a separate package). > Using an AI coding assistant? [llms.txt](llms.txt) has a compact API reference you can use. Requirements ------------ [](#requirements) - PHP 8.3+ - `psr/clock` ^1.0 Installation ------------ [](#installation) ``` composer require rasuvaeff/yii3-audit-log ``` Yii3 config-plugin ------------------ [](#yii3-config-plugin) The package ships `config/di.php` and `config/params.php` via config-plugin. It wires `AuditLogger` and `SensitiveValueMasker`, but intentionally does not bind `AuditWriter` or `Psr\Clock\ClockInterface`. Install exactly one writer adapter or bind `AuditWriter` in your application config: ``` use Psr\Clock\ClockInterface; use Rasuvaeff\Yii3AuditLog\AuditWriter; return [ AuditWriter::class => MyAuditWriter::class, ClockInterface::class => MyClock::class, ]; ``` Default params: ``` return [ 'rasuvaeff/yii3-audit-log' => [ 'sensitiveKeys' => ['password', 'secret', 'token', 'api_key', 'credit_card'], 'skipEmptyChangeSets' => true, ], ]; ``` Usage ----- [](#usage) ### Basic logging [](#basic-logging) ``` use Rasuvaeff\Yii3AuditLog\AuditActor; use Rasuvaeff\Yii3AuditLog\AuditChangeSet; use Rasuvaeff\Yii3AuditLog\AuditLogger; use Rasuvaeff\Yii3AuditLog\AuditSubject; use Rasuvaeff\Yii3AuditLog\InMemoryAuditWriter; $logger = new AuditLogger(writer: $writer, clock: $clock); $logger->logChange( actor: AuditActor::user(id: $userId, name: 'John'), subject: AuditSubject::of(type: 'order', id: (string) $orderId), changes: AuditChangeSet::fromArrays( old: ['status' => 'new', 'total' => 0], new: ['status' => 'paid', 'total' => 99.95], ), ); ``` ### Implementing a writer [](#implementing-a-writer) ``` use Rasuvaeff\Yii3AuditLog\AuditEvent; use Rasuvaeff\Yii3AuditLog\AuditWriter; final readonly class DbAuditWriter implements AuditWriter { public function write(AuditEvent $event): void { // INSERT INTO audit_log ... // $event->getId(), $event->getActor(), $event->getAction(), // $event->getSubject(), $event->getChangeSet(), $event->getOccurredAt() } } ``` ### Sensitive value masking [](#sensitive-value-masking) ``` use Rasuvaeff\Yii3AuditLog\AuditLogger; use Rasuvaeff\Yii3AuditLog\SensitiveValueMasker; $logger = new AuditLogger( writer: $writer, clock: $clock, masker: new SensitiveValueMasker(), // masks password, secret, token, api_key, credit_card ); // Custom sensitive keys: $masker = new SensitiveValueMasker(sensitiveKeys: ['ssn', 'pin', 'password']); ``` ### System actor [](#system-actor) ``` $logger->logCreate( actor: AuditActor::system(), subject: AuditSubject::of(type: 'config', id: 'smtp'), changes: AuditChangeSet::fromArrays(old: [], new: ['host' => 'mail.example.com']), ); ``` ### Request metadata [](#request-metadata) ``` use Rasuvaeff\Yii3AuditLog\AuditMetadata; $logger->logChange( actor: $actor, subject: $subject, changes: $changes, metadata: new AuditMetadata( requestId: $request->getHeaderLine('X-Request-Id'), ip: $request->getServerParams()['REMOTE_ADDR'] ?? null, userAgent: $request->getHeaderLine('User-Agent'), ), ); ``` API reference ------------- [](#api-reference) ### AuditLogger [](#auditlogger) MethodDescription`__construct(writer, clock, masker?, skipEmptyChangeSets?)`Default: skip empty sets = true`log(actor, action, subject, changes, metadata?)`Generic log`logCreate(actor, subject, changes, metadata?)`action = `'create'``logChange(actor, subject, changes, metadata?)`action = `'update'``logDelete(actor, subject, changes, metadata?)`action = `'delete'`### AuditActor [](#auditactor) MethodDescription`::user(id, name?)`User actor`::system()`System actor (id = null)`getType()``'user'`, `'system'`, or custom`getId()``?string``getName()``?string``isSystem()``bool`### AuditSubject [](#auditsubject) MethodDescription`::of(type, id)`Factory`getType()`Resource type`getId()`Resource ID### AuditChangeSet [](#auditchangeset) MethodDescription`::fromArrays(old, new)`Computes diff; only changed fields included`::empty()`Empty change set`getChanges()``list``isEmpty()``bool``count()`Number of changes### AuditChange [](#auditchange) MethodDescription`getField()`Field name`getOldValue()``mixed``getNewValue()``mixed`### SensitiveValueMasker [](#sensitivevaluemasker) MethodDescription`__construct(sensitiveKeys?)`Default: `password, secret, token, api_key, credit_card``mask(array)`Returns array with sensitive values replaced by `***``maskChangeSet(AuditChangeSet)`Returns new `AuditChangeSet` with masked valuesSecurity -------- [](#security) - Masker is applied inside `AuditLogger` before the event reaches the writer — secrets never reach storage. - Masking is case-insensitive: `Password`, `PASSWORD`, `password` all masked. - DB writer implementations must use parameterized queries. Examples -------- [](#examples) See [examples/](examples/) for complete usage examples. Development ----------- [](#development) ``` make install make build make cs-fix make test make test-coverage make mutation make release-check ``` `make test-coverage` and `make mutation` bootstrap `pcov` inside the `composer:2` container because the base image has no coverage driver. License ------- [](#license) BSD-3-Clause. See [LICENSE.md](LICENSE.md). ### Health Score 44 — FairBetter than 91% of packages Maintenance100 Actively maintained with recent releases Popularity10 Limited adoption so far Community8 Small or concentrated contributor base Maturity50 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 0d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b0812d5572a7041dfe36e222d295b2e6dc55833a605350fcde58a51a5965ed30?d=identicon)[rasuvaeff](/maintainers/rasuvaeff) --- Top Contributors [![rasuvaeff](https://avatars.githubusercontent.com/u/1352718?v=4)](https://github.com/rasuvaeff "rasuvaeff (4 commits)") --- Tags loggingAuditaudit-trailyii3audit-log ### Code Quality TestsPHPUnit Static AnalysisPsalm, Rector Code StylePHP CS Fixer Type Coverage Yes ### Embed Badge ![Health badge](/badges/rasuvaeff-yii3-audit-log/health.svg) ``` [![Health](https://phpackages.com/badges/rasuvaeff-yii3-audit-log/health.svg)](https://phpackages.com/packages/rasuvaeff-yii3-audit-log) ``` ### Alternatives [bedezign/yii2-audit Yii2 Audit records and displays web/cli requests, database changes, php/js errors and associated data. 200688.7k4](/packages/bedezign-yii2-audit)[muhammadsadeeq/laravel-activitylog-ui A beautiful, modern UI for Spatie's Activity Log with advanced filtering, analytics, and real-time features. 17614.3k](/packages/muhammadsadeeq-laravel-activitylog-ui)[xiidea/easy-audit A Symfony Bundle To Log Selective Events. It is easy to configure and easy to customize for your need 91181.2k](/packages/xiidea-easy-audit)[robwilkerson/cakephp-audit-log-plugin Audit Plugin for CakePHP 10068.1k](/packages/robwilkerson-cakephp-audit-log-plugin)[sammaye/yii2-audittrail A port of audit trail 39414.9k](/packages/sammaye-yii2-audittrail)[alizharb/filament-activity-log A powerful, feature-rich activity logging solution for FilamentPHP v4 & v5 with timeline views, dashboard widgets, and revert actions. 2655.3k1](/packages/alizharb-filament-activity-log) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)