fix(web): add IwoooS S4.9 draft detail layer
Some checks failed
CD Pipeline / tests (push) Successful in 1m28s
Code Review / ai-code-review (push) Successful in 14s
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled

This commit is contained in:
Your Name
2026-06-01 20:48:12 +08:00
parent b387598d7a
commit f0daaccbba
8 changed files with 670 additions and 0 deletions

View File

@@ -1,3 +1,52 @@
## 2026-06-01IwoooS S4.9 補件草稿詳情層落地
**背景**
- S4.9 前台已能看到五張補件題目卡,但使用者仍需要知道每一題要填哪些欄位、不能做哪些事,以及為何尚未開啟執行閘門。
- 本階段延續初期資安框架原則只做可視化、read-only evidence 與人工 gate不啟動 Kali 掃描、SSH 修復、主機更新、repo 變更或 runtime execution。
**本次調整**
- `apps/web/src/app/[locale]/iwooos/page.tsx`
- 新增 `IwoooSS49RequestDraftDetailBoard`,把 D1-D5 拆成五列詳情層。
- 每列顯示必要欄位 `6 欄`、禁止事項 `10 禁`、證據格式 `脫敏 refs`,並維持 `待負責人確認`
- 邊界顯示 `request_sent=false``owner_response_received_count=0``owner_response_accepted_count=0``secret_plaintext_collection_allowed=false``active_runtime_gate_count=0`
- `apps/web/messages/zh-TW.json` / `en.json`
- 新增 `iwooos.s49RequestDraftDetail` 文案;英文語系維持繁中文案鏡像。
- `docs/security/iwooos-posture-projection.snapshot.json`
- 新增 `s4_9_request_draft_detail_*` summary 與五筆詳情列機器證據。
- 鎖定 `required_field_count=6``forbidden_action_count=10``redacted_evidence_refs_only=true``runtime_execution_authorized=false`
- `docs/security/gitea-inventory-owner-attestation-request-draft.snapshot.json`
- 新增 `frontstage_detail_visible=true``frontstage_detail_row_count=5``frontstage_required_field_total=30``frontstage_forbidden_action_count=10`
- `docs/security/security-mirror-status-rollup.snapshot.json`
- 新增 S2.161 台帳,標記這是 framework detail不是 headline percent 或 runtime delta。
- `scripts/security/security-mirror-progress-guard.py`
- 新增 S4.9 詳情層 guard防止詳情列被誤讀成已送出、已收件、已接受、已審批、已收機密或已開執行期 gate。
**驗證**
- `python3 -m json.tool apps/web/messages/zh-TW.json`
- `python3 -m json.tool apps/web/messages/en.json`
- `cmp -s apps/web/messages/zh-TW.json apps/web/messages/en.json`
- `python3 -m json.tool docs/security/iwooos-posture-projection.snapshot.json`
- `python3 -m json.tool docs/security/security-mirror-status-rollup.snapshot.json`
- `python3 -m json.tool docs/security/gitea-inventory-owner-attestation-request-draft.snapshot.json`
- `git diff --check`
- `python3 scripts/security/source-control-owner-response-guard.py --root .``SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK`
- `python3 scripts/security/security-mirror-progress-guard.py --root .``SECURITY_MIRROR_PROGRESS_GUARD_OK`
- `pnpm --dir apps/web exec tsc --noEmit --tsBuildInfoFile /tmp/iwooos-s49-detail-layer-20260601.tsbuildinfo`
- `NEXT_PUBLIC_API_URL=https://awoooi.wooo.work NEXT_PRIVATE_BUILD_WORKER_COUNT=1 pnpm --dir apps/web run build`
- Browser / Playwright local visual verification
- Desktop `1440x1100`S4.9 詳情層存在、五列題目存在、必要邊界字串存在、內部對話語氣不存在、horizontal overflow `0`
- Mobile `390x844`S4.9 詳情層存在、五列題目存在、必要邊界字串存在、內部對話語氣不存在、horizontal overflow `0`
**目前整體進度(本階段完成後)**
- 完整 IwoooS / 資安網總進度:維持 `61%`;本階段讓 S4.9 補件草稿更可執行,但仍未收到負責人回覆。
- 框架 / 治理 / 文件 / schema / read-only evidence`86-88%`S4.9 題目、欄位、禁區與證據格式已能被前台、snapshot 與 guard 同步看見。
- Runtime ingestion / GitHub primary / AwoooP production landing`40-45%``request_sent_count=0``owner_response_received_count=0``owner_response_accepted_count=0``active_runtime_gate_count=0`
- Kali `192.168.0.112` 與開發主機 `192.168.0.111` / `192.168.0.168` 仍維持已納入框架、未啟動掃描 / 修復 / 更新 / 重啟的邊界。
## 2026-06-01ADR-100 observe-only PlayBook 補救工作項落地
**背景**

View File

@@ -13,6 +13,10 @@
"request_draft_template_ready_count": 5,
"frontstage_package_visible": true,
"frontstage_card_count": 5,
"frontstage_detail_visible": true,
"frontstage_detail_row_count": 5,
"frontstage_required_field_total": 30,
"frontstage_forbidden_action_count": 10,
"request_sent": false,
"request_sent_count": 0,
"recipients_confirmed_count": 0,

View File

@@ -70,6 +70,14 @@
"s4_9_request_draft_package_owner_response_received_count": 0,
"s4_9_request_draft_package_owner_response_accepted_count": 0,
"s4_9_request_draft_package_runtime_gate_count": 0,
"s4_9_request_draft_detail_first_layer": true,
"s4_9_request_draft_detail_row_count": 5,
"s4_9_request_draft_detail_required_field_total": 30,
"s4_9_request_draft_detail_forbidden_action_count": 10,
"s4_9_request_draft_detail_request_sent_count": 0,
"s4_9_request_draft_detail_owner_response_received_count": 0,
"s4_9_request_draft_detail_owner_response_accepted_count": 0,
"s4_9_request_draft_detail_runtime_gate_count": 0,
"visual_command_dashboard_widget_count": 14,
"visual_command_dashboard_first_layer": true,
"visual_command_dashboard_default_visible": false,
@@ -577,6 +585,103 @@
"not_authorization": true
}
],
"s4_9_request_draft_detail_rows": [
{
"row_id": "publicGap",
"display_order": 1,
"source_template_id": "response-public-only-vs-local-gitea-gap",
"template_label": "D1",
"display_mode": "first_screen_s4_9_request_draft_detail",
"draft_status": "ready_not_sent",
"required_field_count": 6,
"forbidden_action_count": 10,
"redacted_evidence_refs_only": true,
"secret_plaintext_collection_allowed": false,
"request_sent_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"runtime_gate_count": 0,
"runtime_execution_authorized": false,
"action_buttons_allowed": false,
"not_authorization": true
},
{
"row_id": "namespaceIdentity",
"display_order": 2,
"source_template_id": "response-org-user-endpoint-identity",
"template_label": "D2",
"display_mode": "first_screen_s4_9_request_draft_detail",
"draft_status": "ready_not_sent",
"required_field_count": 6,
"forbidden_action_count": 10,
"redacted_evidence_refs_only": true,
"secret_plaintext_collection_allowed": false,
"request_sent_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"runtime_gate_count": 0,
"runtime_execution_authorized": false,
"action_buttons_allowed": false,
"not_authorization": true
},
{
"row_id": "adjacentScope",
"display_order": 3,
"source_template_id": "response-internal-110-adjacent-scope",
"template_label": "D3",
"display_mode": "first_screen_s4_9_request_draft_detail",
"draft_status": "ready_not_sent",
"required_field_count": 6,
"forbidden_action_count": 10,
"redacted_evidence_refs_only": true,
"secret_plaintext_collection_allowed": false,
"request_sent_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"runtime_gate_count": 0,
"runtime_execution_authorized": false,
"action_buttons_allowed": false,
"not_authorization": true
},
{
"row_id": "canonicalOwner",
"display_order": 4,
"source_template_id": "response-repo-owner-canonical-scope",
"template_label": "D4",
"display_mode": "first_screen_s4_9_request_draft_detail",
"draft_status": "ready_not_sent",
"required_field_count": 6,
"forbidden_action_count": 10,
"redacted_evidence_refs_only": true,
"secret_plaintext_collection_allowed": false,
"request_sent_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"runtime_gate_count": 0,
"runtime_execution_authorized": false,
"action_buttons_allowed": false,
"not_authorization": true
},
{
"row_id": "legacyDisposition",
"display_order": 5,
"source_template_id": "response-legacy-or-inaccessible-disposition",
"template_label": "D5",
"display_mode": "first_screen_s4_9_request_draft_detail",
"draft_status": "ready_not_sent",
"required_field_count": 6,
"forbidden_action_count": 10,
"redacted_evidence_refs_only": true,
"secret_plaintext_collection_allowed": false,
"request_sent_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"runtime_gate_count": 0,
"runtime_execution_authorized": false,
"action_buttons_allowed": false,
"not_authorization": true
}
],
"first_progress_unlock_path_steps": [
{
"step_id": "owner_response_scope",

View File

@@ -2401,6 +2401,18 @@
"runtime_delta": false,
"execution_authorized": false,
"not_authorization": true
},
{
"delta_id": "s2_161_iwooos_s49_request_draft_detail_layer",
"display_order": 190,
"completed_stage": "S2.161 IwoooS S4.9 補件草稿詳情層",
"progress_axis": "framework_detail",
"headline_percent_delta": 0,
"framework_delta_visible": true,
"why_headline_unchanged": "IwoooS 只把 S4.9 五個補件題目拆成前台可讀詳情層,顯示每題 required field count、forbidden action count 與 redacted evidence refs onlys4_9_owner_attestation_request_draft_detail_frontstage_row_count=5、s4_9_owner_attestation_request_draft_detail_required_field_total=30、s4_9_owner_attestation_request_draft_detail_forbidden_action_count=10、s4_9_owner_attestation_request_sent=false、s4_9_owner_attestation_owner_response_received_count=0、s4_9_owner_attestation_owner_response_accepted_count=0、secret_plaintext_collection_allowed=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false不把詳情層當請求送出、負責人回覆收到、審查接受、審批紀錄、掃描、修復、部署、主機更新、GitHub primary 切換或 Gitea 停用。",
"runtime_delta": false,
"execution_authorized": false,
"not_authorization": true
}
],
"next_safe_actions": [