config/services.yaml

@@ -44,6 +44,7 @@ services:
             $dataStartDate: '%env(RTT_START_DATE)%'
 
     App\Repository\Contract\AbsenceReadRepositoryInterface: '@App\Repository\AbsenceRepository'
+    App\Repository\Contract\AuditLogReadRepositoryInterface: '@App\Repository\AuditLogRepository'
     App\Repository\Contract\EmployeeContractPeriodReadRepositoryInterface: '@App\Repository\EmployeeContractPeriodRepository'
     App\Repository\Contract\EmployeeScopedRepositoryInterface: '@App\Repository\EmployeeRepository'
     App\Repository\Contract\FormationReadRepositoryInterface: '@App\Repository\FormationRepository'

src/Service/AuditLogger.php

@@ -46,6 +46,10 @@ readonly class AuditLogger
             if (null !== $deviceId) {
                 $deviceId = mb_substr($deviceId, 0, 64);
             }
+            // The user agent comes from an untrusted client header; cap it to prevent storage bloat.
+            if (null !== $userAgent) {
+                $userAgent = mb_substr($userAgent, 0, 1024);
+            }
         }
 
         $auditLog = new AuditLog();