fix(web): 保留治理頁 enum 顯示清理
Some checks failed
Code Review / ai-code-review (push) Successful in 14s
CD Pipeline / tests (push) Successful in 1m34s
CD Pipeline / build-and-deploy (push) Successful in 5m17s
CD Pipeline / post-deploy-checks (push) Successful in 1m33s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
Some checks failed
Code Review / ai-code-review (push) Successful in 14s
CD Pipeline / tests (push) Successful in 1m34s
CD Pipeline / build-and-deploy (push) Successful in 5m17s
CD Pipeline / post-deploy-checks (push) Successful in 1m33s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
This commit is contained in:
Your Name
@@ -227,14 +227,20 @@ const PUBLIC_TEXT_REPLACEMENTS: Array<[RegExp, string]> = [
|
||||
[/live write count/gi, '正式寫入數'],
|
||||
[/live write/gi, '正式寫入'],
|
||||
[/live writer/gi, '正式寫入器'],
|
||||
[/live worker/gi, '正式 worker'],
|
||||
[/auto worker/gi, '自動 worker'],
|
||||
[/live execution/gi, '正式執行'],
|
||||
[/live Telegram send/gi, 'Telegram 正式發送'],
|
||||
[/Telegram send/gi, 'Telegram 發送'],
|
||||
[/Direct Bot API/gi, '直接 Bot API'],
|
||||
[/direct Bot API/gi, '直接 Bot API'],
|
||||
[/Bot API call/gi, 'Bot API 呼叫'],
|
||||
[/Gateway queue write/gi, 'Gateway 佇列寫入'],
|
||||
[/queue write/gi, '佇列寫入'],
|
||||
[/receipt write/gi, '回執寫入'],
|
||||
[/receipt production write/gi, '回執正式寫入'],
|
||||
[/production write/gi, '正式環境寫入'],
|
||||
[/verifier live readback/gi, '驗證器正式讀回'],
|
||||
[/host write/gi, '主機寫入'],
|
||||
[/secret read/gi, '機密讀取'],
|
||||
[/kubectl action/gi, 'kubectl 操作'],
|
||||
@@ -245,6 +251,8 @@ const PUBLIC_TEXT_REPLACEMENTS: Array<[RegExp, string]> = [
|
||||
[/owner acceptance/gi, '負責人驗收'],
|
||||
[/owner approval/gi, '負責人批准'],
|
||||
[/owner review/gi, '負責人審查'],
|
||||
[/dual approval/gi, '雙重批准'],
|
||||
[/writer idempotency/gi, '寫入器冪等性'],
|
||||
[/Owner Queue/gi, '負責人佇列'],
|
||||
[/owner queue/gi, '負責人佇列'],
|
||||
[/direct Bot API migration/gi, 'direct Bot API 遷移'],
|
||||
@@ -298,6 +306,16 @@ const PUBLIC_SNAPSHOT_RAW_KEYS = new Set([
|
||||
'risk_tier',
|
||||
'owner_agent',
|
||||
'canonical_room_env',
|
||||
'approval_gate',
|
||||
'automation_level',
|
||||
'deployment_state',
|
||||
'telegram_policy',
|
||||
'permission_lane',
|
||||
'lane_id',
|
||||
'mode',
|
||||
'decision',
|
||||
'readiness',
|
||||
'overall_readiness',
|
||||
])
|
||||
|
||||
function shouldPreserveSnapshotValue(key?: string): boolean {
|
||||
@@ -310,6 +328,15 @@ function shouldPreserveSnapshotValue(key?: string): boolean {
|
||||
|| key.endsWith('_tier')
|
||||
|| key.endsWith('_agent')
|
||||
|| key.endsWith('_env')
|
||||
|| key.endsWith('_policy')
|
||||
|| key.endsWith('_policies')
|
||||
|| key.endsWith('_level')
|
||||
|| key.endsWith('_levels')
|
||||
|| key.endsWith('_lane')
|
||||
|| key.endsWith('_lanes')
|
||||
|| key.endsWith('_mode')
|
||||
|| key.endsWith('_decision')
|
||||
|| key.endsWith('_readiness')
|
||||
}
|
||||
|
||||
function sanitizePublicSnapshot<T>(value: T, key?: string): T {
|
||||
|
||||
@@ -1,3 +1,31 @@
|
||||
## 2026-06-19|治理頁 sanitizer enum 保留修正本地完成
|
||||
|
||||
**背景**:`bf0c58aa` 已由 deploy marker `060f36a5 chore(cd): deploy bf0c58a [skip ci]` 正式部署;production desktop smoke 確認 `/zh-TW/governance?tab=automation-inventory` 主要 P2-407~P2-411 / P3-009 卡片可見、無水平溢出、無工作視窗片語。但整頁仍命中 `live worker`、`Direct Bot API`、`dual approval`,且 console 出現多筆 `MISSING_MESSAGE`,原因是公開顯示 sanitizer 把 `approval_required` 這類 enum 值先翻成中文,導致後續拿去組 i18n key 時變成 `..._需批准`。
|
||||
|
||||
**完成內容**:
|
||||
- `apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx` 擴充公開 glossary:`Direct Bot API`、`direct Bot API`、`dual approval`、`live worker`、`auto worker`、`receipt write`、`verifier live readback`、`writer idempotency` 等詞會在顯示端轉成繁中安全語。
|
||||
- `sanitizePublicSnapshot()` 的保留規則新增 enum / i18n lookup 欄位:`approval_gate`、`automation_level`、`deployment_state`、`telegram_policy`、`permission_lane`、`lane_id`、`mode`、`decision`、`readiness`、`overall_readiness`,以及 `_policy`、`_policies`、`_level`、`_levels`、`_lane`、`_lanes`、`_mode`、`_decision`、`_readiness` 後綴。
|
||||
- 目的:資料 state 保留可查表的原始 enum;真正輸出到卡片 / KPI / Chip 時仍透過 `redactPublicText()` 做公開顯示清理。
|
||||
- 未修改 API、snapshot、worker、Telegram sender、Bot API、Gateway queue、DB、KM、PlayBook、主機、K8s、Nginx 或 workflow。
|
||||
|
||||
**本地驗證**:
|
||||
- `git diff --check` 通過。
|
||||
- `SECURITY_MIRROR_PROGRESS_GUARD_OK`。
|
||||
- `TELEGRAM_ALERT_READABILITY_GUARD_OK tests=10 ai_lanes=6 host_lanes=6 runtime_gate=0`。
|
||||
- `IWOOOS_CONFIG_CONTROL_GUARD_OK`。
|
||||
- `DOC_SECRET_SANITY_OK scanned_files=934`。
|
||||
- `pnpm --filter @awoooi/web typecheck` 在隔離 worktree 因未安裝 `node_modules`、`tsc` 不存在而無法本地執行;本輪需由 Gitea code-review / CD 乾淨環境補驗。
|
||||
|
||||
**完成度同步**:
|
||||
- 治理頁公開 sanitizer enum 保留修正:本地 `100%`,正式部署 / desktop / mobile readback `0%`。
|
||||
- 治理頁舊卡片流程詞繁中收斂:部署 `100%`,但 production smoke 發現殘留與 MISSING_MESSAGE,正式驗收回到 `70%`,待本修正部署後重驗。
|
||||
- IwoooS headline:仍維持 `64%`;active runtime gate 仍 `0`。
|
||||
- Owner response accepted、event bus publish、audit DB write、timeline write、KM write、PlayBook trust write、Gateway queue write、Telegram send、Bot API call、worker dispatch、receipt production write、host write、kubectl action、destructive operation:全部仍 `0 / false`。
|
||||
|
||||
**下一步**:推送 Gitea main,等待 code-review / CD / post-deploy checks;部署後重跑 production desktop / mobile smoke,目標是 `targetHits=[]`、`workWindowHits=[]`、`horizontalOverflow=false`、主要卡片可見,並確認 MISSING_MESSAGE 不再新增。
|
||||
|
||||
**邊界**:此修正只處理前端公開顯示與 i18n key 穩定性,不代表 runtime remediation、Telegram 實發、Wazuh active response、Kali scan、Nginx / 主機處置或任何自動修復已授權。
|
||||
|
||||
## 2026-06-19|治理頁舊卡片流程詞繁中收斂本地完成
|
||||
|
||||
**背景**:`753f15be` 正式部署後,治理頁 desktop smoke 已確認主要 P2-407~P2-411 / P3-009 卡片可見且無水平溢出;但整頁深層 DOM 仍能在舊卡片與 committed snapshot 文案中看到 `dry-run`、`Gateway queue write`、`Telegram send`、`secret read`、`queue write`、`direct API` 等半原始流程詞。這些不應直接出現在前端,尤其在資訊安全頁面會讓使用者誤以為系統已開 runtime 寫入或實發通道。
|
||||
|
||||
Reference in New Issue
Block a user