Audit Read Path in Show Outputs

[SorraTheOrc]

Audit Read Path in Show Outputs (WL-0MMNCOJ0V0IFM2SN)

Headline
Add a clear, machine-parseable audit object to wl show --json and render a safe, human-friendly audit summary in both single-item and children/list human outputs.

Problem statement
Add a reliable read-path for the new structured audit field so operators and automation can discover audit metadata in both JSON and human wl show outputs. Currently the project is standardizing on a structured audit field (time, author, text) but the show/read surfaces are incomplete.

Users

• Operators and maintainers who use wl show to inspect work items (examples: record of migrations, manual fixes, handoffs).
• Automation and CI scripts that parse wl show --json to detect or record recent audits.

Example user stories

• As a maintainer, I want wl show WL-... to display a short, readable audit summary so I can quickly confirm recent manual actions.
• As an automation author, I want wl show <id> --json to include audit so scripts can rely on structured metadata for reporting and gating.

Success criteria

1. wl show <id> --json includes an audit object when present; when absent, no audit key is emitted or it is null/omitted per existing JSON conventions.
2. Human wl show <id> (single-item view) renders a readable audit summary following the repository's redaction/safety rules (see WL-0MMNCOIYS15A1YSI).
3. Human children/list outputs include the same concise audit summary (one-line) alongside item metadata so audit presence is visible without opening every item.
4. Items without audit do not show noisy empty placeholders in any human view.
5. Tests: unit and integration tests cover JSON inclusion/omission, human single-item and list rendering, snapshot tests for human output, and an integration roundtrip with the write-path (WL-0MMNCOIYF18YPLFB).

Constraints

• Follow the repository's Redaction and Safety Rules for Audit Text (WL-0MMNCOIYS15A1YSI); do not display sensitive content in human output.
• Maintain backward compatibility: add audit as an additive field in JSON and keep existing output contracts unchanged except for additive audit metadata.
• Rendering changes should be conservative and reversible; prefer reuse of existing display helpers in src/commands/helpers.ts and CLI formatting conventions.
• This read-path depends on the Data Model & Migration work (WL-0MMNCNT1M16ESD04) and the CLI write-path (WL-0MMNCOIYF18YPLFB); coordinate with those items rather than attempting data-model changes here.

Existing state

• Work item: Audit Read Path in Show Outputs (WL-0MMNCOJ0V0IFM2SN) already exists and is staged idea. Its description lists src/commands/show.ts, src/commands/helpers.ts, and src/types.ts as relevant locations.
• Related work: a write-path intake exists (Audit Write Path via CLI Update WL-0MMNCOIYF18YPLFB), a parent item to replace comment-based audits (WL-0MLDJ34RQ1ODWRY0), data-model/migration work (WL-0MMNCNT1M16ESD04), and a redaction/safety item (WL-0MMNCOIYS15A1YSI).
• Code locations with audit mentions include src/github-sync.ts and persistent store code; tests referencing FieldChange/audit-like records exist under tests/.

Desired change

• Update src/commands/show.ts and related display helpers to:
  • Include audit in wl show --json output when present.
  • Render a concise, one-line human summary of audit in both single-item and child/list human outputs, following redaction rules and truncation policy from WL-0MMNCOIYS15A1YSI.
  • Ensure items without audit do not render noisy placeholders.
• Add tests: unit tests for JSON inclusion/omission, snapshot tests for human output (single-item and list), and an integration test validating roundtrip with the CLI write-path (WL-0MMNCOIYF18YPLFB).

Related work

• Audit Write Path via CLI Update (WL-0MMNCOIYF18YPLFB) — write-path that sets audit.time, audit.author, and audit.text via wl update --audit-text. This read-path should be compatible with that write behavior.
• Replace comment-based audits with structured audit field (WL-0MLDJ34RQ1ODWRY0) — parent/umbrella work to consolidate audit-related changes.
• Audit Data Model and Migration (WL-0MMNCNT1M16ESD04) — ensures DB and store support structured audit field; read-path depends on migration being available.
• Redaction and Safety Rules for Audit Text (WL-0MMNCOIYS15A1YSI) — defines what must be redacted or truncated from human output; read implementation must use these rules.
• src/commands/show.ts — primary code to update.
• src/commands/helpers.ts — reuse formatting helpers where possible.
• src/types.ts — ensure audit type is present and exported for formatters.

Notes / Implementation guidance

• Keep JSON output additive and stable: include audit only when present to avoid breaking JSON consumers.
• For human outputs, render a one-line summary in lists and under metadata for single-item displays. The one-line should include time, author and a truncated/redacted text excerpt per WL-0MMNCOIYS15A1YSI.
• Coordinate with the authors of WL-0MMNCOIYF18YPLFB and WL-0MMNCNT1M16ESD04 for migration order and integration tests.
• Tests should include both presence and absence cases and validate no noisy placeholders appear.

Risks & assumptions

• Risk: Scope creep — additional formatting requests or feature asks may expand scope. Mitigation: record new feature requests or refactors as separate work items linked to this one; do not expand scope in this change.
• Risk: Sensitive content leakage — audit.text may contain secrets or PII. Mitigation: apply the Redaction and Safety Rules (WL-0MMNCOIYS15A1YSI) and truncate human output; full text remains in JSON only for authorized automation.
• Risk: Migration ordering — reading audit requires the data model/migration (WL-0MMNCNT1M16ESD04) to be applied. Mitigation: add an explicit integration test that is skipped or mocked if migration is not present and coordinate release ordering with the migration work item.
• Assumption: The audit field is a single latest-entry object (time, author, text) as defined by related work (WL-0MMNCOIYF18YPLFB); we are not implementing an audit history array in this item.

Final summary
Add a safe, human-friendly read path for the structured audit field: include audit in wl show --json and render a redacted, truncated one-line audit summary in both single-item and list/children human outputs so operators and automation can reliably discover recent audits.

Acceptance mapping (how success criteria map to deliverables)

• Code: src/commands/show.ts, src/commands/helpers.ts, src/types.ts — implements JSON and human rendering.
• Tests: unit + snapshot + integration roundtrip with write-path.
• Docs: small note in CLI docs describing audit read behavior and how human output is redacted/truncated (reference WL-0MMNCOIYS15A1YSI).

Next action
Please review the draft above and either approve it or request changes (specify edits or clarifications). Do you approve this intake brief as-is, or would you like changes?

[SorraTheOrc]

Map

Draft intake created: see .opencode/tmp/intake-draft-Audit-Read-Path-in-Show-Outputs-WL-0MMNCOJ0V0IFM2SN.md

[SorraTheOrc]

effort_and_risk_skill

Effort and Risk Report

Effort | Small | 4.33h
Risk | Medium | 9/20
Confidence | 92% | unknowns: none

{
  "effort": {
    "unit": "hours",
    "tshirt": "Small",
    "o": 2.0,
    "m": 4.0,
    "p": 8.0,
    "expected": 4.33,
    "recommended": 8.33,
    "range": [
      6.0,
      12.0
    ]
  },
  "risk": {
    "probability": 3.04,
    "impact": 3.04,
    "score": 9,
    "level": "Medium",
    "top_drivers": [
      "Implement JSON read-path and types",
      "Human output: compact audit summary in show/list",
      "Tests: JSON + human output + integration roundtrip"
    ],
    "mitigations": [
      "Add targeted tests and integration checks",
      "Lock dependencies and add compatibility tests",
      "Schedule extra review for risky components"
    ]
  },
  "confidence_percent": 92,
  "assumptions": [],
  "unknowns": []
}