The audit query API of Envers has currently only support for -to-one associations.
However, all sorts of to-many associations should be supported. This is one-to-many and many-to-many associations, both unidirectional and bidirectional. For bidirectional associations the association should be traversable from the owning side as well as from the inverse side of the association. Associations where the referenced entity is not audited should also be supported. Both join types, inner joins and left joins should be supported.
Associations where the referenced entity is not audited will not be supported for bidirectional one-to-many and many-to-many if the not audited entity is the association owner. This limitation is caused by Envers, since Envers does not support these associations.
The traversal of to-many associations might have performance impacts since additional table joins are required to join the entities where each table has to be filtered for correct revisions. Best practice might be to use ValidityAuditStrategy instead of DefaultAuditStrategy. Also, the use of bidirectional one-to-many associations is suggested where possible since no middle table is required for these associations.