Skip to content

ENG-2764: Add context_snapshot and last_evaluated_at to privacy_assessment#7530

Merged
galvana merged 12 commits intomainfrom
ENG-2764-assessment-re-evaluation-model
Mar 21, 2026
Merged

ENG-2764: Add context_snapshot and last_evaluated_at to privacy_assessment#7530
galvana merged 12 commits intomainfrom
ENG-2764-assessment-re-evaluation-model

Conversation

@galvana
Copy link
Copy Markdown
Contributor

@galvana galvana commented Feb 28, 2026
edited by atlassian bot
Loading

Ticket ENG-2764

Description Of Changes

Add data model foundation for scheduled re-evaluation of privacy assessments. This is PR 1 of 3 for ENG-2764.

  • New context_snapshot (JSONB) column on privacy_assessment to store a snapshot of the privacy context and template question state at generation time, enabling material change detection during re-evaluation
  • New last_evaluated_at (DateTime) column to track when the assessment was last evaluated
  • Two new EventAuditType enum values: privacy_assessment_re_evaluated and privacy_assessment_re_evaluated_unchanged for auditing re-evaluation outcomes

Code Changes

  • src/fides/api/alembic/migrations/versions/xx_2026_02_28_1200_190e4603ad38_add_context_snapshot_to_assessment.py - New Alembic migration adding context_snapshot and last_evaluated_at columns
  • src/fides/api/models/privacy_assessment.py - Add new columns to PrivacyAssessment model
  • src/fides/api/models/event_audit.py - Add privacy_assessment_re_evaluated and privacy_assessment_re_evaluated_unchanged enum values

Steps to Confirm

  1. Run the migration: alembic upgrade head
  2. Verify the privacy_assessment table has the new context_snapshot (JSONB, nullable) and last_evaluated_at (DateTime, nullable) columns
  3. Verify the downgrade removes both columns cleanly

Pre-Merge Checklist

  • Issue requirements met
  • All CI pipelines succeeded
  • CHANGELOG.md updated
  • Database migrations:
    • Ensure that your downrev is up to date with the latest revision on main
    • Ensure that your downgrade() migration is correct and works
  • Documentation:
    • No documentation updates required

Made with Cursor

ENG-2764: Add context_snapshot and last_evaluated_at to privacy_asses…
5a2c181 
…sment

Add data model foundation for scheduled re-evaluation of privacy
assessments. New JSONB column stores a snapshot of the privacy context
and template state at generation time, enabling material change
detection on subsequent re-evaluations. New EventAuditType values
support auditing re-evaluation outcomes.

Made-with: Cursor
@vercel
Copy link
Copy Markdown
Contributor

vercel bot commented Feb 28, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments
Project Deployment Actions Updated (UTC)
fides-plus-nightly Ignored Ignored Preview Mar 21, 2026 6:15am
fides-privacy-center Ignored Ignored Mar 21, 2026 6:15am

Request Review

@claude
ENG-2764: Add high_risk_only column to privacy_assessment_task
2e7223d 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@galvana galvana marked this pull request as ready for review March 15, 2026 22:53
@galvana galvana requested a review from a team as a code owner March 15, 2026 22:53
@galvana galvana requested review from erosselli and thabofletcher and removed request for a team and erosselli March 15, 2026 22:53
@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Mar 15, 2026

Greptile Summary

This PR adds data model foundations for scheduled re-evaluation of privacy assessments: a context_snapshot (JSONB) column and last_evaluated_at (DateTime) column on privacy_assessment, a high_risk_only (Boolean) column on privacy_assessment_task, and two new EventAuditType enum values for auditing re-evaluation outcomes.

  • Migration down_revision conflict: The new migration (190e4603ad38) and the existing ca2c622bad39 (questionnaire_tone_prompt) both set down_revision = "074796d61d8a", creating multiple Alembic heads. This will cause alembic upgrade head to fail and must be fixed before merge.
  • The model changes and enum additions are clean and follow existing codebase conventions.
  • The changelog entry omits the high_risk_only column that was also added in this PR.

Confidence Score: 2/5

  • This PR has a migration conflict that will break alembic upgrades — must be resolved before merge.
  • The model and enum changes are straightforward and safe, but the migration file has a duplicate down_revision that creates branched Alembic history. This will prevent alembic upgrade head from running, blocking all deployments. The fix is simple (update the down_revision), but the PR cannot be merged as-is.
  • Pay close attention to the migration file: src/fides/api/alembic/migrations/versions/xx_2026_02_28_1200_190e4603ad38_add_context_snapshot_to_assessment.py

Important Files Changed

Filename Overview
src/fides/api/alembic/migrations/versions/xx_2026_02_28_1200_190e4603ad38_add_context_snapshot_to_assessment.py New Alembic migration adding context_snapshot, last_evaluated_at, and high_risk_only columns. Has a down_revision conflict with ca2c622bad39 — both point to 074796d61d8a, creating multiple Alembic heads that will block upgrades.
src/fides/api/models/privacy_assessment.py Adds context_snapshot (JSONB), last_evaluated_at (DateTime), and high_risk_only (Boolean) columns to the model classes. Clean implementation consistent with existing patterns.
src/fides/api/models/event_audit.py Adds two new EventAuditType enum values for re-evaluation audit events. Straightforward addition following existing conventions.
changelog/7530-assessment-re-evaluation-model.yaml Changelog entry for the new columns. Only mentions context_snapshot and last_evaluated_at — omits the high_risk_only column also added in this PR.

Last reviewed commit: 2e7223d

Adrian Galvan and others added 4 commits March 15, 2026 16:04
@claude
fix migration downrev to chain off current main head
6c373ac 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@claude
fix migration downrev to chain off ea20059aee77 (current main head)
a262464 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@claude
add new columns to db_dataset.yml for fides_db_scan
f2a6223 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@galvana
Merge branch 'main' into ENG-2764-assessment-re-evaluation-model
b6c2d34
thabofletcher
thabofletcher approved these changes Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@thabofletcher thabofletcher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved - will send over a review doc with some minor recommendations and the tests that were run. There is probably a new downrev needed as well

Adrian Galvan and others added 2 commits March 20, 2026 22:26
@claude
ENG-2764: Fix migration downrev, make high_risk_only nullable, update…
f21f702 
… changelog

Fix migration down_revision from ea20059aee77 to 38071fffda39 (current
main head). Remove server_default and make high_risk_only nullable so
callers must explicitly pass the value. Add high_risk_only to changelog
description for completeness.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@galvana
Merge branch 'main' into ENG-2764-assessment-re-evaluation-model
ab89748
@claude
ENG-2764: Change high_risk_only default to false (not nullable)
49e2867 
Use a clear boolean with server_default="false" instead of nullable.
Default false means all assessments are evaluated unless the caller
explicitly opts into high-risk-only filtering.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@galvana galvana added this pull request to the merge queue Mar 21, 2026
Merged via the queue into main with commit 4b9ff6b Mar 21, 2026
57 checks passed
@galvana galvana deleted the ENG-2764-assessment-re-evaluation-model branch March 21, 2026 07:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thabofletcher thabofletcher thabofletcher approved these changes

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@galvana @thabofletcher