All Posts
February 12, 20260.1.7Calmony Sanctions Monitor

v0.1.7 — feat: batch re-screening, auth/RBAC, audit logging, privacy & credits

Release v0.1.7: Batch Re-Screening, Auth/RBAC, Audit Logging, GDPR & Credits Integration

12 February 2026

What changed

  • Batch re-screening — Monitored people are now automatically re-screened whenever any sanctions list (OFSI, EU, UN, OFAC) updates. Reviewer decisions (confirmed, dismissed, investigating) are preserved; only pending matches are re-evaluated. New rescreen_runs table tracks each run. Manual triggers available via POST /api/screening/batch-rescreen.
  • Authentication & RBAC — New role-based access control with admin/user roles and multi-tenant isolation via organisationId. Admin role required for manual batch re-screen triggers. Access violations are audit-logged.
  • Audit logging (SOC 2) — Enhanced immutable audit log now captures IP address and user agent. New writeAuditLogWithRequest() helper extracts headers from Vercel/Cloudflare. Typed AuditActions constant for all action strings.
  • Privacy & cookie consent (GDPR) — New /privacy and /terms pages. Cookie consent banner with Accept All, Necessary Only, and granular analytics/marketing preferences. Consent persisted to database via /api/cookie-consent with IP/UA for GDPR record-keeping.
  • Credits integration — Batch re-screening and nightly sync are now fully wired into the PAYG credit system with audit logging.

Why it matters

This is the release that turns Calmony Sanction Monitor from a one-time screening tool into a continuous monitoring platform. People are now re-screened automatically — not just at import — closing the biggest feature gap. SOC 2 and GDPR foundations are in place for compliance-conscious customers.

Technical notes

  • New DB tables: rescreen_runs, cookie_consent
  • Schema changes: role and organisationId added to users; ip_address, user_agent, and new indexes added to audit_log
  • New libraries: src/lib/batch-rescreen.ts, src/lib/rbac.ts, src/lib/audit.ts
  • Nightly sync workflow gains rescreen_only option and increased timeouts (120s → 300s)
  • /privacy, /terms, /api/cookie-consent, /api/screening/batch-rescreen added as public routes

Release Notes

Successfully merged PR #21 and published release v0.1.7 for Calmony Sanctions Monitor.

PR #21 merged via squash merge (SHA: 923f4db258884f08dd5a8a8ed58fa3f85421c0d1)

Release v0.1.7 published at: https://github.com/LetMC/CalmonySanctionsMonitor/releases/tag/v0.1.7

Key features in this release:

  1. Batch Re-Screening — Continuous monitoring is now live. All monitored people are automatically re-screened whenever any sanctions list (OFSI, EU, UN, OFAC) is updated, with reviewer decision preservation.
  2. Authentication & RBAC — Admin/User roles with multi-tenant isolation via organisationId, role-gated endpoints, and access violation logging.
  3. Audit Logging (SOC 2) — Enhanced immutable audit log with IP/UA tracking, typed actions, and request-aware logging helpers.
  4. Privacy & Cookie Consent (GDPR) — Privacy policy, terms of service pages, cookie consent banner with granular preferences, and consent persistence API.
  5. PAYG Credits Integration — Batch re-screening and nightly sync fully connected to the credit/billing system with audit logging.

14 files changed: 1,542 additions, 79 deletions.

More Posts

v0.1.33 — perf: replace N sequential UPDATEs in bulkUpdateOrder with single batch SQL0.1.33
Feb 15
v0.1.32 — feat: add dark-aware brand color injection to template globals.css0.1.32
Feb 15
v0.1.31 — feat(billing): add billing guard to competitorMonitor cron0.1.31
Feb 15