fix(governance): 同步服務健康通知紅線契約

2026-06-05 15:50:55 +08:00
parent d2963c16f5
commit d66effe62e
4 changed files with 26 additions and 26 deletions
--- a/apps/api/src/services/service_health_failure_notification_policy.py
+++ b/apps/api/src/services/service_health_failure_notification_policy.py
@@ -6,7 +6,7 @@ policy defines success-noise suppression, failure/action-required escalation,
 message redaction, and frontend display limits. It never sends Telegram or
 AwoooP notifications, writes operator events, probes live systems, restarts
 services, changes endpoints, triggers workflows, reads secrets, or displays
-work-window conversation transcripts.
+internal conversation transcripts.
 """

 from __future__ import annotations
@@ -220,17 +220,17 @@ def _require_frontend_redaction_contract(payload: dict[str, Any], label: str) ->

    forbidden = set(contract.get("forbidden_frontend_content") or [])
    required_forbidden = {
-        "工作視窗對話內容",
-        "Codex / user 訊息逐字稿",
-        "prompt / chain-of-thought",
-        "session id / browser context",
-        "secret / token / authorization header",
+        "內部對話內容",
+        "Codex / 使用者訊息逐字稿",
+        "提示詞 / 思考鏈",
+        "工作階段識別碼 / 瀏覽器脈絡",
+        "機密 / 權杖 / 授權標頭",
    }
    if not required_forbidden.issubset(forbidden):
        raise ValueError(f"{label}: display_redaction_contract is missing required forbidden content")

    allowed_fields = set(contract.get("allowed_frontend_fields") or [])
-    if "committed evidence ref" not in allowed_fields or "policy rule summary" not in allowed_fields:
+    if "已提交證據參照" not in allowed_fields or "政策規則摘要" not in allowed_fields:
        raise ValueError(f"{label}: display_redaction_contract must limit frontend to committed policy evidence")


--- a/apps/api/tests/test_service_health_failure_notification_policy.py
+++ b/apps/api/tests/test_service_health_failure_notification_policy.py
@@ -180,13 +180,13 @@ def _snapshot(
            "conversation_transcript_display_allowed": False,
            "redaction_required": True,
            "forbidden_frontend_content": [
-                "工作視窗對話內容",
-                "Codex / user 訊息逐字稿",
-                "prompt / chain-of-thought",
-                "session id / browser context",
-                "secret / token / authorization header",
+                "內部對話內容",
+                "Codex / 使用者訊息逐字稿",
+                "提示詞 / 思考鏈",
+                "工作階段識別碼 / 瀏覽器脈絡",
+                "機密 / 權杖 / 授權標頭",
            ],
-            "allowed_frontend_fields": ["committed evidence ref", "policy rule summary"],
+            "allowed_frontend_fields": ["已提交證據參照", "政策規則摘要"],
        },
        "agent_roles": [],
        "operation_boundaries": {
--- a/apps/api/tests/test_service_health_failure_notification_policy_api.py
+++ b/apps/api/tests/test_service_health_failure_notification_policy_api.py
@@ -42,7 +42,7 @@ def test_service_health_failure_notification_policy_endpoint_returns_committed_s
    assert "work_window_transcript" in data["message_template_contract"]["forbidden_fields"]
    assert data["display_redaction_contract"]["conversation_transcript_display_allowed"] is False
    assert data["display_redaction_contract"]["redaction_required"] is True
-    assert "工作視窗對話內容" in data["display_redaction_contract"]["forbidden_frontend_content"]
+    assert "內部對話內容" in data["display_redaction_contract"]["forbidden_frontend_content"]
    assert all(
        rule["decision"] == "suppress_immediate_success"
        for rule in data["policy_rules"]
--- a/docs/evaluations/service_health_failure_notification_policy_2026-06-05.json
+++ b/docs/evaluations/service_health_failure_notification_policy_2026-06-05.json
@@ -281,21 +281,21 @@
    "runtime_execution_approved": false
  },
  "display_redaction_contract": {
-    "frontend_display_policy": "前端只顯示 committed policy evidence、規則摘要與 sanitized message contract；不得顯示內部對話、prompt、session 或 browser context。",
+    "frontend_display_policy": "前端只顯示已提交政策證據、規則摘要與已脫敏訊息合約；不得顯示內部對話、提示詞、工作階段識別碼或瀏覽器脈絡。",
    "allowed_frontend_fields": [
-      "committed evidence ref",
-      "policy rule summary",
-      "decision rollup",
-      "channel boundary",
-      "next action",
-      "blocked operation summary"
+      "已提交證據參照",
+      "政策規則摘要",
+      "決策彙總",
+      "通道邊界",
+      "下一步",
+      "阻擋操作摘要"
    ],
    "forbidden_frontend_content": [
-      "工作視窗對話內容",
-      "Codex / user 訊息逐字稿",
-      "prompt / chain-of-thought",
-      "session id / browser context",
-      "secret / token / authorization header"
+      "內部對話內容",
+      "Codex / 使用者訊息逐字稿",
+      "提示詞 / 思考鏈",
+      "工作階段識別碼 / 瀏覽器脈絡",
+      "機密 / 權杖 / 授權標頭"
    ],
    "conversation_transcript_display_allowed": false,
    "redaction_required": true