Stratara.EventSourcing.Pipeline.CommandAudit 3.1.4

.NET 10.0 This package targets .NET 10.0. The package is compatible with this framework or higher. 
dotnet add package Stratara.EventSourcing.Pipeline.CommandAudit --version 3.1.4
                    


                    

                
NuGet\Install-Package Stratara.EventSourcing.Pipeline.CommandAudit -Version 3.1.4
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Stratara.EventSourcing.Pipeline.CommandAudit" Version="3.1.4" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Stratara.EventSourcing.Pipeline.CommandAudit" Version="3.1.4" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Stratara.EventSourcing.Pipeline.CommandAudit" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Stratara.EventSourcing.Pipeline.CommandAudit --version 3.1.4
                    


                    

                
#r "nuget: Stratara.EventSourcing.Pipeline.CommandAudit, 3.1.4"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Stratara.EventSourcing.Pipeline.CommandAudit@3.1.4
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Stratara.EventSourcing.Pipeline.CommandAudit&version=3.1.4
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Stratara.EventSourcing.Pipeline.CommandAudit&version=3.1.4
                    


                            Install as a Cake Tool

Stratara.EventSourcing.Pipeline.CommandAudit

License: FSL-1.1-MIT (Functional Source License — source-available; converts to MIT after 2 years). Not OSI-approved OSS.

Mediator pipeline behavior that records an audit row for every dispatched command in the Stratara event-sourced stack. Both arities are provided so consumers can register a single behavior pair and have it apply to all command shapes.

What's in the box

Type Purpose
CommandAuditBehavior<TRequest> Runs the audit-write step before delegating to next() for IRequest (commands without result).
CommandAuditBehavior<TRequest, TResult> Same, for IRequest<TResult> (commands with result + queries). Only records when the request also implements ICommandBase — queries flow through untouched.
CommandAuditWriter (internal) Opens a transaction on IWriteUnitOfWork, writes via ICommandAuditRepository.AddAsync, commits.

The behavior only audits commands — query requests reach the same generic interface but are filtered by the is ICommandBase check, so registering both behaviors application-wide is safe.

Quick start

// At composition time, alongside the other framework pipeline behaviors:
builder.Services
    .AddPipelineBehaviorWithResult(typeof(CommandAuditBehavior<,>))
    .AddPipelineBehavior(typeof(CommandAuditBehavior<>));

The behaviors resolve IWriteUnitOfWork from DI (ships with Stratara.EventSourcing.EntityFrameworkCore in the default deployment). No additional registration is needed.

Dependencies

  • Stratara.Abstractions — for IPipelineBehavior<,>, IRequest/IRequest<T>, ICommandBase, IWriteUnitOfWork, ICommandAuditRepository.
  • JetBrains.Annotations[UsedImplicitly] on the public behavior classes (DI-instantiated, no static call site).

At runtime an IWriteUnitOfWork implementation must be registered — typically by referencing Stratara.EventSourcing.EntityFrameworkCore and calling AddWriteStore(IConfiguration).

Security note — command payload contents

The audit row stores CommandTypeName and the serialized CommandJson of the dispatched command. Whatever fields your commands carry land in the audit table. Sensitive data (passwords, tokens, API keys, encryption material) MUST NOT live on a command record — or must be marked with [EncryptData] so the registered ISecureJsonSerializer encrypts them before persistence.

The default Stratara registration uses ISecureJsonSerializer (AES-GCM + tenant-scoped AAD) for the audit serialization, so [EncryptData]-annotated properties are protected. Plain-text properties go to disk unencrypted — treat the audit table accordingly when designing command shapes.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
3.1.4 89 6/15/2026
3.1.3 98 6/10/2026
3.1.2 108 6/5/2026
3.1.1 185 6/1/2026
3.1.0 102 5/30/2026
3.0.23 97 5/28/2026

### Added

- **Command-workload isolation (heavy-command lane)** — long-running commands can now be routed to a
 dedicated worker lane so they cannot starve interactive commands. Mark a command with the new
 `Stratara.Abstractions.Mediator.IHeavyCommand` marker and the `ICommandOutboxDispatcher`
 automatically publishes it to a separate heavy-command topic (`IMessagingIdentifier.HeavyCommandTopic` /
 `HeavyCommandSubscription`, configurable under `Messaging:HeavyCommand`, defaulting to `heavy-command` /
 `heavy-command-subscription`). Run a dedicated heavy-command worker with the new
 `services.AddHeavyCommandWorker(degreeOfParallelism?)` extension, or the
 `builder.AddHeavyCommandWorkerServices(degreeOfParallelism?)` host composite — in the same process as
 the interactive worker (two lanes) or in a separately scaled host. Each worker's degree of parallelism
 is configurable per lane. `IMessagingIdentifier` gains `HeavyCommandTopic`, `HeavyCommandSubscription`,
 and the `GetCommandTopic(Type)` / `GetCommandSubscription(Type)` routing helpers. The interactive lane
 (`AddMediatorWorker()`) is unchanged and remains the default; commands not marked heavy keep their
 existing routing. If a heavy command is dispatched while no heavy worker is bound, the publish is
 rejected and the command is preserved in the outbox until a heavy-command worker comes online — it is
 never dropped. Works over both the RabbitMQ and Azure Service Bus message buses (Azure Service Bus
 requires the heavy-command topic/subscription to be provisioned, like the existing command topic). New
 log-event ID `105_005` (`CommandWorkerLaneStarted`) in `Stratara.Diagnostics`.
- **Observability metrics across the worker pipeline** (`Stratara.Diagnostics`) — the shared
 `Stratara.Service` meter now publishes throughput and latency instruments so operators can see how the
 event-sourcing pipeline is behaving instead of flying blind on a single counter. New instruments:
 `event_source.events.appended` (counter, tagged by `event.type` / `aggregate.type`),
 `outbox.published` (counter, tagged by `outbox.kind` = `command` / `event`), `command.duration`
 (histogram, ms, tagged by `request.type` / `outcome`), `projection.events.processed` (counter) +
 `projection.bundle.duration` (histogram, ms), `saga.events.processed` (counter) +
 `saga.bundle.duration` (histogram, ms), and `saga.inflight` (up/down counter). They are recorded by the
 event source, command worker, projection worker, saga worker, and outbox worker respectively. Because
 projections and sagas are real-time bus subscribers without a persisted checkpoint, these report
 **throughput and latency**, not consumer lag. No configuration is required — point any OpenTelemetry
 metrics exporter at the `Stratara.Service` meter.
- **Operational health checks for the event store and outbox** (`Stratara.EventSourcing.EntityFrameworkCore`) —
 two opt-in readiness checks added to any `IHealthChecksBuilder`: `AddEventStoreHealthCheck()` verifies
 the write-side database is reachable, and `AddOutboxHealthCheck(degradedThreshold?, unhealthyThreshold?)`
 reports the pending outbox backlog (exposed under the `pending` data key) and escalates to
 `Degraded` / `Unhealthy` when the backlog crosses the supplied thresholds. Both are tagged `ready` by
 default (so they map to a readiness endpoint, not liveness) and require the Stratara write store to be
 registered. The write-store DbContext is now also resolvable as a scoped `IWriteDbContext` service to
 support these checks.
- **Polly-backed mediator resilience behavior** (`Stratara.Resilience`) — an opt-in pipeline behavior
 wraps the in-process dispatch of a request marked with the new
 `Stratara.Abstractions.Resilience.IResilientRequest` in the named Polly pipeline the request selects
 (`ResiliencePipelineName`). Register it with the new `AddStrataraResilienceBehavior()` (after
 `AddStrataraValidation()` / `AddStrataraTenantIsolation()` so the retry wraps the handler, not the
 guards); requests without the marker are unaffected. A new built-in pipeline
 `ResilienceNames.ConcurrencyConflict` retries **only** on
 `Stratara.Abstractions.Persistence.ConcurrencyConflictException` (5 attempts, short exponential
 backoff) so a handler that re-reads and re-applies on an optimistic-concurrency clash succeeds without
 bespoke retry loops; it is registered by `AddResiliencePipelines()` alongside the existing message-bus
 and dispatcher pipelines. Only mark handlers that are safe to re-run (idempotent or concurrency-guarded).