legionio 1.5.7 → 1.5.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f1b428e7647279cf546f324872dfcc8a4cfaa18cd86239295d6d970ed3a535f3
-  data.tar.gz: 300e15076db8273550bcc7e8431b0cbff2b644489f1a784213b81732f10dcc11
+  metadata.gz: dd1e62d0c34e503458b9648de476a15dd5c03a163bb506db8a4723da486aef24
+  data.tar.gz: 43147d5ba26541cf62f3d5255ce973480fccb1362a5d8daf224ff16b82b6e55f
 SHA512:
-  metadata.gz: ed8f794e30b35f60492ff8ffea4c6a0a7103ebd90781a132029c60985cf50e8f5118a4f80fa792947ce346f8df3ede23368cf66d9592b1a6e0cf23259651ef77
-  data.tar.gz: 0cb1b113f52cb6748825d75c15b23c149a1c3f0991e2bf5d77577b256516a002592dc9a18ba2bbb2ba52f8b05dba2df3d0978fcc4265b60cad49d74e9c9548df
+  metadata.gz: af364276c4d9589d8ee414a2e563640be7c49c472a0ef566a035b502198d7396acd055f42f576756a9bbd0beda57f09e0bb098bcb15b387da8dbf31baa728120
+  data.tar.gz: 44671d558a7e20e9dbda648e0ad71efd0c9db546d37507c0e21d3367a9e4c896b79476f8158597e36eb310c46415d1084dea9cfbe389405b7940a74c10609c63

data/CHANGELOG.md

@@ -1,7 +1,23 @@
 # Legion Changelog
 
+## [1.5.8] - 2026-03-24
+
+### Added
+- `Legion::Compliance::PhiTag` — PHI data classification tagging with `phi?`, `tag`, `tagged_cache_key` methods; gated by `compliance.phi_enabled` setting
+- `Legion::Compliance::PhiAccessLog` — PHI access audit bridge that calls `Legion::Audit.record` with `event_type: 'phi_access'`; gated by `compliance.phi_enabled` setting
+- `Legion::Compliance::PhiErasure` — orchestrates cryptographic erasure via `Legion::Crypt::Erasure`, cache key purge, access log, and verification; all steps guarded by `defined?` checks
+
 ## [1.5.7] - 2026-03-24
 
+### Added
+- `Legion::Audit::Archiver` — tiered hot/warm/cold audit retention orchestrator; delegates hot→warm to `Legion::Data::Retention`, exports warm→cold as compressed JSONL via `ColdStorage`, records manifests, verifies hash chain after each run
+- `Legion::Audit::ColdStorage` — upload/download abstraction with `:local` (filesystem) and `:s3` (aws-sdk-s3, optional) backends; raises `BackendNotAvailableError` when aws-sdk-s3 not installed
+- `Legion::Audit::ArchiverActor` — thread-based weekly scheduled actor with hour/day-of-week cron guard; started by `Service#setup_audit_archiver` after telemetry
+- `legion audit archive --dry-run / --execute` — preview or execute tiered archival from CLI
+- `legion audit verify_chain --tier --start --end` — direct hash chain integrity check for hot or warm tier
+- `legion audit restore --date` — restore cold JSONL archives back to warm tier for querying
+- Feature flag: `audit.retention.enabled` (default `false`); settings: `hot_days`, `warm_days`, `cold_years`, `cold_storage`, `cold_backend`, `archive_schedule`, `verify_on_archive`
+
 ### Changed
 - `Legion::Service` starts `CertRotation` after `Crypt.start` when `security.mtls.enabled: true`
 - `Legion::Service#shutdown` stops `CertRotation` before `Crypt.shutdown`

data/lib/legion/compliance/phi_erasure.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+module Legion
+  module Compliance
+    module PhiErasure
+      class << self
+        def erase(task_id:, reason:)
+          result = { task_id: task_id, erased: false, steps: {} }
+
+          result[:steps][:key_erasure] = erase_key(task_id)
+          result[:steps][:cache_purge] = purge_cache(task_id)
+          log_erasure(task_id: task_id, reason: reason)
+          result[:steps][:verification] = verify_erasure(task_id)
+
+          key_result    = result[:steps][:key_erasure]
+          verify_result = result[:steps][:verification]
+
+          result[:erased] = key_result.nil? || (key_result.is_a?(Hash) && key_result[:erased] != false &&
+            verify_result.is_a?(Hash) && verify_result[:erased] != false)
+          result
+        rescue StandardError => e
+          Legion::Logging.error "[Compliance] PhiErasure#erase failed task_id=#{task_id}: #{e.message}" if defined?(Legion::Logging)
+          { task_id: task_id, erased: false, error: e.message }
+        end
+
+        private
+
+        def erase_key(task_id)
+          return nil unless defined?(Legion::Crypt::Erasure)
+
+          Legion::Crypt::Erasure.erase_tenant(tenant_id: task_id)
+        end
+
+        def purge_cache(task_id)
+          return nil unless defined?(Legion::Cache)
+
+          prefix = "phi:#{task_id}:"
+          Legion::Cache.delete(prefix)
+          { purged: true, prefix: prefix }
+        rescue StandardError => e
+          { purged: false, error: e.message }
+        end
+
+        def log_erasure(task_id:, reason:)
+          return unless defined?(Legion::Compliance::PhiAccessLog)
+
+          Legion::Compliance::PhiAccessLog.log_access(
+            resource: task_id,
+            action:   'erasure',
+            actor:    'system:phi_erasure',
+            reason:   reason
+          )
+        end
+
+        def verify_erasure(task_id)
+          return nil unless defined?(Legion::Crypt::Erasure)
+
+          Legion::Crypt::Erasure.verify_erasure(tenant_id: task_id)
+        end
+      end
+    end
+  end
+end

data/lib/legion/compliance.rb

@@ -2,6 +2,7 @@
 
 require 'legion/compliance/phi_tag'
 require 'legion/compliance/phi_access_log'
+require 'legion/compliance/phi_erasure'
 
 module Legion
   module Compliance

data/lib/legion/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Legion
-  VERSION = '1.5.7'
+  VERSION = '1.5.8'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legionio
 version: !ruby/object:Gem::Version
-  version: 1.5.7
+  version: 1.5.8
 platform: ruby
 authors:
 - Esity
@@ -673,6 +673,7 @@ files:
 - lib/legion/cluster/lock.rb
 - lib/legion/compliance.rb
 - lib/legion/compliance/phi_access_log.rb
+- lib/legion/compliance/phi_erasure.rb
 - lib/legion/compliance/phi_tag.rb
 - lib/legion/context.rb
 - lib/legion/data/local_migrations/20260319000001_create_extension_catalog.rb