Metadata database tracks all uploads with project, package, tag, and timestamp queryable via API

CHANGELOG.md

@@ -7,6 +7,51 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 ### Added
+- Added global artifacts endpoint `GET /api/v1/artifacts` with project/package/tag/size/date filters (#18)
+- Added global tags endpoint `GET /api/v1/tags` with project/package/search/date filters (#18)
+- Added wildcard pattern matching (`*`) for tag filters across all endpoints (#18)
+- Added comma-separated multi-value support for tag filters (#18)
+- Added `search` parameter to `/api/v1/uploads` for filename search (#18)
+- Added `tag` filter to `/api/v1/uploads` endpoint (#18)
+- Added `sort` and `order` parameters to `/api/v1/uploads` endpoint (#18)
+- Added `min_size` and `max_size` filters to package artifacts endpoint (#18)
+- Added `sort` and `order` parameters to package artifacts endpoint (#18)
+- Added `from` and `to` date filters to package tags endpoint (#18)
+- Added `GlobalArtifactResponse` and `GlobalTagResponse` schemas (#18)
+- Added S3 object verification before database commit during upload (#19)
+- Added S3 object cleanup on database commit failure (#19)
+- Added upload duration tracking (`duration_ms` field) (#19)
+- Added `User-Agent` header capture during uploads (#19)
+- Added `X-Checksum-SHA256` header support for client-side checksum verification (#19)
+- Added `status`, `error_message`, `client_checksum` columns to uploads table (#19)
+- Added `upload_locks` table for future concurrent upload conflict detection (#19)
+- Added consistency check endpoint `GET /api/v1/admin/consistency-check` (#19)
+- Added `PUT /api/v1/projects/{project}` endpoint for project updates with audit logging (#20)
+- Added `PUT /api/v1/project/{project}/packages/{package}` endpoint for package updates with audit logging (#20)
+- Added `artifact.download` audit logging to download endpoint (#20)
+- Added `ProjectHistory` and `PackageHistory` models with database triggers (#20)
+- Added migration `004_history_tables.sql` for project/package history (#20)
+- Added migration `005_upload_enhancements.sql` for upload status tracking (#19)
+- Added 9 integration tests for global artifacts/tags endpoints (#18)
+- Added global uploads query endpoint `GET /api/v1/uploads` with project/package/user/date filters (#18)
+- Added project-level uploads endpoint `GET /api/v1/project/{project}/uploads` (#18)
+- Added `has_more` field to pagination metadata for easier pagination UI (#18)
+- Added `upload_id`, `content_type`, `original_name`, `created_at` fields to upload response (#19)
+- Added audit log API endpoints with filtering and pagination (#20)
+  - `GET /api/v1/audit-logs` - list all audit logs with action/resource/user/date filters
+  - `GET /api/v1/projects/{project}/audit-logs` - project-scoped audit logs
+  - `GET /api/v1/project/{project}/{package}/audit-logs` - package-scoped audit logs
+- Added upload history API endpoints (#20)
+  - `GET /api/v1/project/{project}/{package}/uploads` - list upload events for a package
+  - `GET /api/v1/artifact/{id}/uploads` - list all uploads of a specific artifact
+- Added artifact provenance endpoint `GET /api/v1/artifact/{id}/history` (#20)
+  - Returns full artifact history including packages, tags, and upload events
+- Added audit logging for project.create, package.create, tag.create, tag.update, artifact.upload actions (#20)
+- Added `AuditLogResponse`, `UploadHistoryResponse`, `ArtifactProvenanceResponse` schemas (#20)
+- Added `TagHistoryDetailResponse` schema with artifact metadata (#20)
+- Added 31 integration tests for audit log, history, and upload query endpoints (#22)
+### Changed
+- Standardized audit action naming to `{entity}.{action}` pattern (project.delete, package.delete, tag.delete) (#20)
 - Added `StorageBackend` protocol/interface for backend-agnostic storage (#33)
 - Added `health_check()` method to storage backend with `/health` endpoint integration (#33)
 - Added `verify_integrity()` method for post-upload hash validation (#33)