{
  "schema_version": "gitea_authenticated_inventory_import_acceptance_v1",
  "status": "draft_waiting_redacted_inventory_payload",
  "date": "2026-05-13",
  "mode": "redacted_payload_acceptance_only",
  "runtime_execution_authorized": false,
  "source_contract": "gitea_repo_inventory_v1",
  "source_request_contract": "gitea_authenticated_inventory_export_request_v1",
  "source_indexes": [
    "docs/security/gitea-authenticated-inventory-export-request.snapshot.json",
    "docs/security/gitea-repo-inventory.snapshot.json",
    "docs/security/gitea-public-repo-search.snapshot.json",
    "docs/security/gitea-org-repo-inventory-blocked.snapshot.json",
    "docs/security/local-git-remote-inventory.snapshot.json",
    "docs/security/security-mirror-quarantine.snapshot.json"
  ],
  "summary": {
    "target_contract": "gitea_repo_inventory_v1.status=ok",
    "import_payload_status": "waiting_redacted_payload",
    "accepted_visibility_scopes": ["authenticated", "admin_export"],
    "minimum_repo_count": 2,
    "local_gitea_unique_repo_count": 4,
    "required_gap_explanation_count": 3,
    "received_payload_count": 0,
    "accepted_payload_count": 0,
    "rejected_payload_count": 0,
    "acceptance_check_count": 10,
    "rejection_rule_count": 10,
    "quarantine_required_for_sensitive_payload": true,
    "token_value_collection_allowed": false,
    "raw_secret_allowed": false,
    "db_dump_allowed": false,
    "git_object_import_allowed": false,
    "repo_write_allowed": false,
    "refs_sync_allowed": false,
    "github_primary_switch_authorized": false,
    "action_buttons_allowed": false
  },
  "payload_shape": {
    "required_top_level_fields": [
      "schema_version",
      "base_url",
      "org",
      "visibility_scope",
      "token_present",
      "status",
      "repo_count",
      "repos",
      "coverage_gap_explanation",
      "redaction_attestation"
    ],
    "required_repo_fields": [
      "full_name",
      "name",
      "owner.login",
      "private",
      "archived",
      "empty",
      "default_branch",
      "clone_url_redacted",
      "ssh_url_redacted",
      "github_repo_candidate"
    ],
    "required_attestations": [
      "no_token_value",
      "no_write_token",
      "no_webhook_secret",
      "no_deploy_key_private_key",
      "no_runner_registration_token",
      "no_cookie_or_session",
      "no_gitea_db_dump",
      "no_git_object_pack"
    ],
    "field_constraints": [
      "`visibility_scope` 必須是 `authenticated` 或 `admin_export`",
      "`status` 必須是 `ok`",
      "`repo_count` 必須大於或等於 2，並且必須等於 `repos.length`",
      "`coverage_gap_explanation` 必須解釋 public-only 2 repos、本機 Gitea 4 unique repos 與 internal 110 adjacent source 的差異",
      "所有 URL 必須 redacted，且不得含 username、password、token 或 secret query string"
    ]
  },
  "acceptance_checks": [
    {
      "check_id": "schema_and_status_ok",
      "title": "Schema 與狀態正確",
      "required": true,
      "pass_condition": "`schema_version=gitea_repo_inventory_v1` 且 `status=ok`",
      "failure_lane": "reject_payload",
      "execution_authorized": false
    },
    {
      "check_id": "visibility_scope_allowed",
      "title": "可接受的可見範圍",
      "required": true,
      "pass_condition": "`visibility_scope` 為 `authenticated` 或 `admin_export`",
      "failure_lane": "reject_payload",
      "execution_authorized": false
    },
    {
      "check_id": "repo_count_consistent",
      "title": "repo_count 與 repos 數量一致",
      "required": true,
      "pass_condition": "`repo_count >= 2` 且等於 `repos.length`",
      "failure_lane": "request_more_evidence",
      "execution_authorized": false
    },
    {
      "check_id": "local_gitea_gap_explained",
      "title": "本機 Gitea 覆蓋缺口已說明",
      "required": true,
      "pass_condition": "payload 解釋 public-only 2 repos 與本機 4 unique Gitea repos 的差異",
      "failure_lane": "request_more_evidence",
      "execution_authorized": false
    },
    {
      "check_id": "internal_110_scope_explained",
      "title": "110 內部相鄰來源已說明",
      "required": true,
      "pass_condition": "payload 說明 internal 110 repos 是否屬於本輪 GitHub migration scope",
      "failure_lane": "request_owner_scope_decision",
      "execution_authorized": false
    },
    {
      "check_id": "redaction_attestation_present",
      "title": "脫敏聲明存在",
      "required": true,
      "pass_condition": "payload 明確聲明不含 token、secret、private key、cookie、session、DB dump 或 git object pack",
      "failure_lane": "quarantine_sensitive_payload",
      "execution_authorized": false
    },
    {
      "check_id": "urls_are_redacted",
      "title": "URL 已脫敏",
      "required": true,
      "pass_condition": "clone / ssh URL 不含 username、password、token、cookie 或 secret query string",
      "failure_lane": "quarantine_sensitive_payload",
      "execution_authorized": false
    },
    {
      "check_id": "token_scope_readonly",
      "title": "token scope 只讀或不保存",
      "required": true,
      "pass_condition": "只保存 `token_present=true|false`，且 owner 聲明沒有 write/admin/secret scope",
      "failure_lane": "reject_payload",
      "execution_authorized": false
    },
    {
      "check_id": "repo_identity_unique",
      "title": "repo identity 可唯一判讀",
      "required": true,
      "pass_condition": "每筆 repo 都有 `full_name` 或 `owner.login + name`，且不得重複",
      "failure_lane": "request_more_evidence",
      "execution_authorized": false
    },
    {
      "check_id": "output_is_contract_update_only",
      "title": "輸出只允許更新契約與證據",
      "required": true,
      "pass_condition": "只更新 `gitea_repo_inventory_v1` snapshot、migration matrix、decision table、readiness gate 與 LOGBOOK",
      "failure_lane": "reject_runtime_or_source_control_action",
      "execution_authorized": false
    }
  ],
  "rejection_rules": [
    "payload 含 token value、PAT、cookie、session、CSRF token 或 partial token 時必須拒收。",
    "payload 含 webhook secret、repository secret value、runner registration token 或 deploy key private key 時必須拒收。",
    "payload 含 Gitea DB dump、完整 git object pack、裸 repo tarball 或可還原 credential 的 artifact 時必須拒收。",
    "payload 要求使用 write-capable token、admin token 或 secret scope token 時必須拒收。",
    "payload 要求建立、刪除、封存或修改 Gitea repo 時必須拒收。",
    "payload 要求建立 GitHub repo、修改 visibility、sync refs、delete refs 或 force push 時必須拒收。",
    "payload 未解釋 public-only 與本機 Gitea 覆蓋差異時不得標記 inventory complete。",
    "payload 未說明 internal 110 adjacent source scope 時不得進 GitHub primary readiness。",
    "payload 只提供截圖、文字描述或不完整 repo metadata 時必須要求補 evidence。",
    "任何不確定是否含敏感值的 payload 必須先進 mirror quarantine，不得人工手改後直接入庫。"
  ],
  "quarantine_mapping": [
    {
      "condition": "出現 token、password、cookie、session、private key、webhook secret 或 runner registration token",
      "target_lane": "sensitive_value_payload_quarantine",
      "execution_authorized": false
    },
    {
      "condition": "出現 Gitea DB dump、git object pack、裸 repo tarball 或完整 artifact",
      "target_lane": "oversized_or_wrong_artifact_quarantine",
      "execution_authorized": false
    },
    {
      "condition": "欄位不足、repo_count 不一致或 coverage gap 未解釋",
      "target_lane": "schema_or_evidence_gap_quarantine",
      "execution_authorized": false
    },
    {
      "condition": "payload 夾帶 repo 建立、refs sync、primary switch 或 workflow/secret 修改要求",
      "target_lane": "execution_request_quarantine",
      "execution_authorized": false
    }
  ],
  "allowed_outputs": [
    "產出或更新脫敏後的 `gitea_repo_inventory_v1.status=ok` snapshot",
    "更新 `SOURCE-CONTROL-MIGRATION-MATRIX.md` 與 source-control decision table",
    "更新 `source_control_primary_readiness_gate_v1` 的 Gitea inventory blocker 狀態",
    "更新 `security_mirror_status_rollup_v1` 與 `docs/LOGBOOK.md`",
    "對缺口建立人工 owner review lane，不建立 execution action"
  ],
  "forbidden_actions": [
    "store_token_value",
    "store_raw_secret",
    "store_cookie_or_session",
    "import_gitea_db_dump",
    "import_git_object_pack",
    "use_write_capable_token",
    "write_to_gitea",
    "create_gitea_repo",
    "delete_or_archive_gitea_repo",
    "create_github_repo",
    "change_repo_visibility",
    "sync_git_refs",
    "delete_git_refs",
    "force_push",
    "switch_github_primary",
    "disable_gitea",
    "add_action_button"
  ]
}