docs(security): add github target owner status ledger

This commit is contained in:
Your Name
2026-05-18 14:33:36 +08:00
parent 7be8868e5a
commit 91edf18552
31 changed files with 336 additions and 59 deletions

View File

@@ -126,7 +126,7 @@
"risk": "HIGH",
"state": "pending_approval",
"recommended_awooop_mode": "approve_required",
"requested_decision": "是否依 S4.10 request packet 逐 repo 收到並驗收 GitHub target、owner、visibility、canonical response並依 S4.12 驗收 workflow / secret 名稱 owner response此 bundle 不授權執行。",
"requested_decision": "是否依 S4.10 request packet / template status ledger 逐 repo 收到並驗收 GitHub target、owner、visibility、canonical response並依 S4.12 驗收 workflow / secret 名稱 owner response此 bundle 不授權執行。",
"blocked_until_approved": true,
"required_reviewers": [
"migration-engineer",
@@ -143,7 +143,7 @@
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json"
],
"allowed_after_approval": [
"依 S4.10 request packet 驗收 owner decision response",
"依 S4.10 request packet / template status ledger 驗收 owner decision response",
"依 S4.12 驗收 workflow / secret 名稱 owner response",
"逐 repo 更新 owner/visibility/canonical decision",
"更新 workflow / secret name parity read-only wording",
@@ -153,7 +153,7 @@
"still_forbidden": [
"建立 repo",
"修改 visibility",
"把 S4.10 request packet 或 response packet 當成 repo creation 或 visibility approval",
"把 S4.10 request packet、template status ledger 或 response packet 當成 repo creation 或 visibility approval",
"把 S4.12 response packet 當成 secret value collection、workflow modification 或 runner enablement approval",
"push refs",
"delete refs",