{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "urn:awoooi:security-approval-state-transition-v1", "title": "資安供應鏈人工決策狀態轉移契約 v1", "description": "定義 AwoooP 在 Security Supply Chain 人工審查後，如何把 approve/reject/defer/request_more_evidence/keep_blocked 轉成只讀狀態。此契約不授權 runtime execution。", "type": "object", "required": [ "schema_version", "status", "date", "mode", "runtime_execution_authorized", "source_indexes", "summary", "transition_rules", "transition_rules_global", "forbidden_actions" ], "properties": { "schema_version": { "const": "security_approval_state_transition_v1" }, "status": { "type": "string", "enum": ["draft"] }, "date": { "type": "string" }, "mode": { "type": "string", "enum": ["approval_state_transition_only"] }, "runtime_execution_authorized": { "type": "boolean", "const": false }, "source_indexes": { "type": "array", "items": { "type": "string" }, "minItems": 1 }, "summary": { "type": "object", "required": [ "total_transition_rules", "decision_options_covered", "runtime_actions_authorized", "immediate_execution_allowed", "action_buttons_allowed", "raw_secret_storage_authorized" ], "properties": { "total_transition_rules": { "type": "integer", "minimum": 0 }, "decision_options_covered": { "type": "array", "items": { "type": "string", "enum": ["approve_scope", "reject", "defer", "request_more_evidence", "keep_blocked"] }, "minItems": 1, "uniqueItems": true }, "runtime_actions_authorized": { "type": "boolean", "const": false }, "immediate_execution_allowed": { "type": "boolean", "const": false }, "action_buttons_allowed": { "type": "boolean", "const": false }, "raw_secret_storage_authorized": { "type": "boolean", "const": false } }, "additionalProperties": false }, "transition_rules": { "type": "array", "minItems": 1, "items": { "type": "object", "required": [ "rule_id", "decision", "from_review_states", "next_state", "allowed_state_updates", "allowed_next_artifacts", "still_forbidden", "followup_runtime_gate_required", "execution_authorized" ], "properties": { "rule_id": { "type": "string" }, "decision": { "type": "string", "enum": ["approve_scope", "reject", "defer", "request_more_evidence", "keep_blocked"] }, "from_review_states": { "type": "array", "items": { "type": "string", "enum": ["ready_for_human_review", "block_candidate"] }, "minItems": 1, "uniqueItems": true }, "next_state": { "type": "string", "enum": [ "scope_approved_waiting_runtime_gate", "closed_rejected_no_action", "deferred_pending_owner_timing", "evidence_requested_waiting_snapshot_update", "blocked_by_default" ] }, "allowed_state_updates": { "type": "array", "items": { "type": "string" }, "minItems": 1 }, "allowed_next_artifacts": { "type": "array", "items": { "type": "string" }, "minItems": 1 }, "still_forbidden": { "type": "array", "items": { "type": "string" }, "minItems": 1 }, "followup_runtime_gate_required": { "type": "boolean" }, "execution_authorized": { "type": "boolean", "const": false } }, "additionalProperties": false } }, "transition_rules_global": { "type": "array", "items": { "type": "string" }, "minItems": 1 }, "forbidden_actions": { "type": "array", "items": { "type": "string" }, "minItems": 1 } }, "additionalProperties": false }