fix(web): 收斂治理頁舊卡片流程詞
Some checks failed
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m34s
CD Pipeline / build-and-deploy (push) Successful in 4m51s
CD Pipeline / post-deploy-checks (push) Successful in 1m34s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
Some checks failed
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m34s
CD Pipeline / build-and-deploy (push) Successful in 4m51s
CD Pipeline / post-deploy-checks (push) Successful in 1m34s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
This commit is contained in:
Your Name
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -1,3 +1,33 @@
|
||||
## 2026-06-19|治理頁舊卡片流程詞繁中收斂本地完成
|
||||
|
||||
**背景**:`753f15be` 正式部署後,治理頁 desktop smoke 已確認主要 P2-407~P2-411 / P3-009 卡片可見且無水平溢出;但整頁深層 DOM 仍能在舊卡片與 committed snapshot 文案中看到 `dry-run`、`Gateway queue write`、`Telegram send`、`secret read`、`queue write`、`direct API` 等半原始流程詞。這些不應直接出現在前端,尤其在資訊安全頁面會讓使用者誤以為系統已開 runtime 寫入或實發通道。
|
||||
|
||||
**完成內容**:
|
||||
- 以 JSON parser 遞迴處理 `apps/web/messages/zh-TW.json` / `apps/web/messages/en.json` 的字串值,只改公開顯示文案,不改任何 message key、schema、API 欄位或狀態判斷。
|
||||
- 將 `dry-run`、`Gateway queue write`、`Telegram send`、`secret read`、`live worker`、`runtime enabled`、`prod write`、`direct API`、`queue write`、`Queue write`、`Production write`、`runtime write`、`Direct Bot API`、`owner approval`、`dual approval`、`Secret display`、`Action button` 等可見詞收斂為繁中安全語。
|
||||
- `apps/web/messages/en.json` 仍維持與 `zh-TW` 同步鏡像,避免目前鏡像頁面重新露出英文流程詞。
|
||||
- 未修改 API、snapshot、worker、Telegram sender、Bot API、Gateway queue、DB、KM、PlayBook、主機、K8s、Nginx 或 workflow。
|
||||
|
||||
**本地驗證**:
|
||||
- `apps/web/messages/zh-TW.json` / `apps/web/messages/en.json` JSON parse 通過。
|
||||
- `WEB_MESSAGES_MIRROR_OK`。
|
||||
- 目標殘留掃描為 `0`:`dry-run`、`Dry-run`、`Gateway queue write`、`Telegram send`、`secret read`、`live worker`、`runtime enabled`、`prod write`、`direct API`、`queue write`、`Queue write`、`Production write`、`runtime write`、`Direct Bot API`、`owner approval`、`dual approval`、`Secret display`、`Action button` 皆未命中。
|
||||
- `SECURITY_MIRROR_PROGRESS_GUARD_OK`。
|
||||
- `TELEGRAM_ALERT_READABILITY_GUARD_OK tests=10 ai_lanes=6 host_lanes=6 runtime_gate=0`。
|
||||
- `IWOOOS_CONFIG_CONTROL_GUARD_OK`。
|
||||
- `DOC_SECRET_SANITY_OK scanned_files=934`。
|
||||
- `git diff --check` 通過。
|
||||
- `pnpm --filter @awoooi/web typecheck` 在隔離 worktree 因未安裝 `node_modules`、`tsc` 不存在而無法本地執行;本輪需由 Gitea code-review / CD 乾淨環境補驗。
|
||||
|
||||
**完成度同步**:
|
||||
- 治理頁舊卡片流程詞繁中收斂:本地 `100%`,正式部署 / desktop / mobile readback `0%`。
|
||||
- IwoooS headline:仍維持 `64%`;active runtime gate 仍 `0`。
|
||||
- Owner response accepted、event bus publish、audit DB write、timeline write、KM write、PlayBook trust write、Gateway queue write、Telegram send、Bot API call、worker dispatch、receipt production write、host write、kubectl action、destructive operation:全部仍 `0 / false`。
|
||||
|
||||
**下一步**:跑 IwoooS guard、推送 Gitea main、等待 code-review / CD / post-deploy checks;正式部署後重跑 `/zh-TW/governance?tab=automation-inventory` desktop / mobile,確認整頁流程詞掃描、工作視窗片語、水平溢出與主要安全卡片可見性。
|
||||
|
||||
**邊界**:這只是前端公開文案專業化,不代表 Telegram 實發、Gateway 佇列寫入、runtime remediation、Wazuh active response、Kali scan、Nginx / 主機處置或任何自動修復已授權。
|
||||
|
||||
## 2026-06-19|治理頁 snapshot 公開顯示清理層本地完成
|
||||
|
||||
**背景**:`476227d2` 正式部署後,desktop / mobile smoke 已確認 P2-407~P2-411 與 P3-009 主要卡片無目標英文 drift、無水平溢出、無工作視窗片語;但整頁深層 DOM 仍能在舊 committed snapshot 區塊看到 `audit event template`、`event envelope`、`post-write verifier`、`runtime write`、`live write`、`owner response acceptance readback` 等半英文證據字串。這些不是 runtime 事件,而是 evaluation snapshot 的固定證據內容被前端直接投影,對使用者仍不夠專業、也不符合全站繁中要求。
|
||||
|
||||
Reference in New Issue
Block a user