✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Greptile Summary

This PR fixes a gap in audit logging for ACME certificate flows by threading req.auditLogInfo (containing ipAddress, userAgent, userAgentType, and actor) through five ACME service methods that were previously creating audit log entries without those fields.

• createAcmeAccount, createAcmeOrder, finalizeAcmeOrder, downloadAcmeCertificate, and respondToAcmeChallenge all receive auditLogInfo from the router and spread it into auditLogService.createAuditLog.
• The explicit ACME-specific actor (either ActorType.ACME_PROFILE or ActorType.ACME_ACCOUNT) is set after the spread and correctly overrides the request-level actor from auditLogInfo, which is the expected pattern for ACME flows.
• All six createAuditLog call-sites within the service (including both the "existing account found" and "new account created" branches of createAcmeAccount) have been updated consistently.
• deactivateAcmeAccount is intentionally untouched — it is currently a FIXME stub with no audit log call.
• Type definitions in pki-acme-types.ts are kept in sync with the service implementation.

Confidence Score: 5/5

• This PR is safe to merge — it is a purely additive, non-breaking change that fills in missing audit log fields without touching any business logic.
• All changed code paths are straightforward parameter-threading changes. Every audit log call-site that needed auditLogInfo has been updated, the type definitions are kept in sync, and no security or correctness concerns were found.
• No files require special attention.

Important Files Changed

_{Last reviewed commit: "Fix ACME audit logs"}