Implements the --audit-log FILE flag on serve, mcp --bind, and inspect subcommands.
Emits per-request NDJSON audit lines with ts, client_ip, tool, fingerprint, duration_ms,
status, and diagnostics fields. The AuditLogWriter wraps a BufWriter<File> behind a Mutex
and flushes after each line for crash safety.
Core changes:
- Added pdftract-core/src/audit.rs with AuditRecord schema and AuditLogWriter
- Added chrono dependency to pdftract-core/Cargo.toml for timestamp generation
- Added crates/pdftract-cli/src/middleware/audit.rs with axum middleware
- Integrated AuditState into ServeState, McpServerState, and InspectorState
- Added --audit-log flag to Serve, Mcp, and InspectArgs CLI structures
- Stdio MCP mode: audit goes to stderr (not stdout, which is JSON-RPC)
Acceptance criteria:
- pdftract serve --audit-log /var/log/pdftract.ndjson → per-request NDJSON lines appear
- Each line is single-line valid JSON (no embedded newlines in values)
- client_ip captured from X-Real-IP or X-Forwarded-For header
- Stdio MCP audit goes to stderr (with --audit-log /dev/stderr or implicitly)
- Concurrent requests: writes don't interleave (Mutex ensures atomic line writes)
- Crash mid-request: log line either fully present or fully absent (BufWriter flushes after each write)
Closes: pdftract-5boxq
Implement bead 7.8.2: Build the per-search matcher from GrepArgs.
Compile PATTERN into either a literal Aho-Corasick automaton (-F mode,
default) or a regex::Regex (-E mode). Apply -i (case-insensitive) and
-w (word-boundary) wrappers. Provide a uniform Matcher::find_iter(text)
-> Iter<MatchRange> API used by the per-span matcher.
Key changes:
- Add aho-corasick dependency for fast literal matching
- Create grep/matcher.rs with MatchRange and Matcher enum
- Reorganize grep.rs -> grep/mod.rs for proper module structure
- Implement literal mode with Aho-Corasick automaton
- Implement regex mode with regex::Regex
- Support case-insensitive matching in both modes
- Support word-boundary matching (\b anchors for regex, post-match check for literal)
- Comprehensive unit tests for all modes and edge cases
Closes: pdftract-ixzbg
Implements the span layer renderer for the inspector debug viewer.
Renders SVG outline rectangles for each text span, color-coded by
extraction confidence. Red (< 0.5), yellow (0.5-0.8), and green (> 0.8)
indicate low, medium, and high confidence respectively. Gray indicates
direct extraction without OCR.
Each rect includes data-* attributes for tooltip and click consumption:
- data-text: the extracted text content (XML-escaped)
- data-confidence: confidence score or empty string
- data-font: font name (XML-escaped)
- data-size: font size in points
All 10 unit tests pass. The implementation follows the existing SVG
generation pattern in pdftract-core/src/receipts/svg.rs.
Closes: pdftract-p4vzu