{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "urn:awoooi:security-approval-queue-v1",
  "title": "AWOOOI Security Supply Chain Approval Queue (v1)",
  "description": "集中整理 Security Supply Chain 初期需要 AwoooP 顯示、排隊、等待人工批准的高風險或敏感邊界項目。此契約不授權執行。",
  "type": "object",
  "required": [
    "schema_version",
    "status",
    "date",
    "default_mode",
    "execution_authorized",
    "runtime_changes_authorized",
    "raw_secret_storage_authorized",
    "summary",
    "queue_items",
    "next_recommended_review_order"
  ],
  "properties": {
    "schema_version": {
      "const": "security_approval_queue_v1"
    },
    "status": {
      "type": "string",
      "enum": ["draft"]
    },
    "date": {
      "type": "string"
    },
    "default_mode": {
      "type": "string",
      "enum": ["approval_only"]
    },
    "execution_authorized": {
      "type": "boolean",
      "const": false
    },
    "runtime_changes_authorized": {
      "type": "boolean",
      "const": false
    },
    "raw_secret_storage_authorized": {
      "type": "boolean",
      "const": false
    },
    "summary": {
      "type": "object",
      "required": [
        "total_items",
        "pending_approval_count",
        "block_candidate_count",
        "observe_or_warn_count"
      ],
      "properties": {
        "total_items": {"type": "integer", "minimum": 0},
        "pending_approval_count": {"type": "integer", "minimum": 0},
        "block_candidate_count": {"type": "integer", "minimum": 0},
        "observe_or_warn_count": {"type": "integer", "minimum": 0}
      },
      "additionalProperties": false
    },
    "queue_items": {
      "type": "array",
      "items": {
        "type": "object",
        "required": [
          "queue_item_id",
          "source_contract",
          "source_event_id",
          "title",
          "risk",
          "state",
          "recommended_awooop_mode",
          "requested_decision",
          "blocked_until_approved",
          "required_reviewers",
          "evidence_refs",
          "allowed_after_approval",
          "still_forbidden"
        ],
        "properties": {
          "queue_item_id": {"type": "string"},
          "source_contract": {"type": "string"},
          "source_event_id": {"type": "string"},
          "title": {"type": "string"},
          "risk": {
            "type": "string",
            "enum": ["LOW", "MEDIUM", "HIGH", "CRITICAL"]
          },
          "state": {
            "type": "string",
            "enum": ["observe_only", "warn_only", "pending_approval", "block_candidate"]
          },
          "recommended_awooop_mode": {
            "type": "string",
            "enum": ["observe", "warn", "approve_required", "block_candidate"]
          },
          "requested_decision": {"type": "string"},
          "blocked_until_approved": {"type": "boolean"},
          "required_reviewers": {
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "critic",
                "vuln-verifier",
                "migration-engineer",
                "security-commander",
                "human-owner"
              ]
            },
            "uniqueItems": true
          },
          "evidence_refs": {
            "type": "array",
            "items": {"type": "string"}
          },
          "allowed_after_approval": {
            "type": "array",
            "items": {"type": "string"}
          },
          "still_forbidden": {
            "type": "array",
            "items": {"type": "string"}
          },
          "expires_at": {
            "type": "string",
            "format": "date-time"
          }
        },
        "additionalProperties": false
      }
    },
    "next_recommended_review_order": {
      "type": "array",
      "items": {"type": "string"}
    }
  },
  "additionalProperties": false
}