{
  "schema_version": "gitea_inventory_owner_attestation_request_draft_v1",
  "status": "request_draft_ready_not_sent",
  "date": "2026-06-04",
  "stage_id": "S4.9",
  "mode": "owner_request_draft_only",
  "runtime_execution_authorized": false,
  "source_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
  "source_snapshot": "docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
  "summary": {
    "request_draft_package_ready": true,
    "request_draft_template_count": 5,
    "request_draft_template_ready_count": 5,
    "frontstage_package_visible": true,
    "frontstage_card_count": 5,
    "frontstage_detail_visible": true,
    "frontstage_detail_row_count": 5,
    "frontstage_required_field_total": 30,
    "frontstage_forbidden_action_count": 10,
    "dispatch_preflight_package_ready": true,
    "dispatch_preflight_completion_percent": 100,
    "dispatch_preflight_check_count": 7,
    "dispatch_packet_field_count": 11,
    "dispatch_authorized": false,
    "request_dispatch_allowed_without_human_operator": false,
    "post_dispatch_count_increment_allowed_without_evidence": false,
    "request_sent": false,
    "request_sent_count": 0,
    "recipients_confirmed_count": 0,
    "owner_response_received_count": 0,
    "owner_response_accepted_count": 0,
    "owner_response_rejected_count": 0,
    "audit_events_emitted_count": 0,
    "runtime_gate_opened": false,
    "action_buttons_allowed": false,
    "not_authorization": true
  },
  "request_draft_templates": [
    {
      "template_id": "response-public-only-vs-local-gitea-gap",
      "display_order": 1,
      "attestation_item_id": "public_only_vs_local_gitea_gap",
      "draft_status": "ready_not_sent",
      "owner_question": "判定 wooo/clawbot-v5 與 wooo/wooo-aiops 是否屬本輪 inventory / migration scope。",
      "required_fields": ["owner_role_or_team", "decision", "decision_reason", "affected_repos", "evidence_refs", "followup_owner"]
    },
    {
      "template_id": "response-org-user-endpoint-identity",
      "display_order": 2,
      "attestation_item_id": "org_user_endpoint_identity",
      "draft_status": "ready_not_sent",
      "owner_question": "說明 wooo 在 Gitea 中應以 user、org 或兩者盤點。",
      "required_fields": ["owner_role_or_team", "decision", "decision_reason", "canonical_namespace", "evidence_refs", "followup_owner"]
    },
    {
      "template_id": "response-internal-110-adjacent-scope",
      "display_order": 3,
      "attestation_item_id": "internal_110_adjacent_scope",
      "draft_status": "ready_not_sent",
      "owner_question": "逐項判定 bitan-pharmacy、root/momo-pro-system、tsenyang-website、wooo/wooo-infra-config 是否納入本輪 scope。",
      "required_fields": ["owner_role_or_team", "decision", "decision_reason", "affected_sources", "evidence_refs", "followup_owner"]
    },
    {
      "template_id": "response-repo-owner-canonical-scope",
      "display_order": 4,
      "attestation_item_id": "repo_owner_canonical_scope",
      "draft_status": "ready_not_sent",
      "owner_question": "為 in-scope repo 指定 owner、canonical source、GitHub target candidate 與 visibility review owner。",
      "required_fields": ["owner_role_or_team", "decision", "decision_reason", "affected_repos", "evidence_refs", "followup_owner"]
    },
    {
      "template_id": "response-legacy-or-inaccessible-disposition",
      "display_order": 5,
      "attestation_item_id": "legacy_or_inaccessible_repo_disposition",
      "draft_status": "ready_not_sent",
      "owner_question": "對 legacy、inaccessible 或 external repo 留下 disposition、理由與後續 owner。",
      "required_fields": ["owner_role_or_team", "decision", "decision_reason", "affected_repos", "evidence_refs", "followup_owner"]
    }
  ],
  "dispatch_preflight_checks": [
    {
      "check_id": "dispatch-baseline-sync",
      "display_order": 1,
      "check": "送件前確認 gitea/main 與另一個 AwoooP Session 最新 commit，不使用舊 refs 或舊 deploy marker。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    },
    {
      "check_id": "dispatch-template-version",
      "display_order": 2,
      "check": "五題 template id、必填欄位與收件包版本需一致。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    },
    {
      "check_id": "dispatch-recipient-role-only",
      "display_order": 3,
      "check": "收件對象只記錄 role / team，不收個人敏感資料或憑證。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    },
    {
      "check_id": "dispatch-redacted-evidence-refs",
      "display_order": 4,
      "check": "僅附 repo 內文件、snapshot、ticket id、hash 或脫敏 metadata ref。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    },
    {
      "check_id": "dispatch-forbidden-action-banner",
      "display_order": 5,
      "check": "明確標示此包不是 approval、不是 execution、不是 source-control mutation。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    },
    {
      "check_id": "dispatch-audit-metadata-only-after-send",
      "display_order": 6,
      "check": "只有實際送件後才可記錄 request shown metadata；不得預填已送出。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    },
    {
      "check_id": "dispatch-counts-remain-zero",
      "display_order": 7,
      "check": "無實際送件證據前，request_sent_count、received、accepted、rejected 全部維持 0。",
      "current_status": "defined_not_dispatched",
      "execution_authorized": false
    }
  ],
  "dispatch_packet_template": {
    "request_id": "s4_9_gitea_owner_attestation_response_request",
    "stage_id": "S4.9",
    "requested_templates": [
      "response-public-only-vs-local-gitea-gap",
      "response-org-user-endpoint-identity",
      "response-internal-110-adjacent-scope",
      "response-repo-owner-canonical-scope",
      "response-legacy-or-inaccessible-disposition"
    ],
    "recipient_role_or_team_required": true,
    "sender_role_or_team_required": true,
    "requested_response_deadline_or_window_optional": true,
    "allowed_response_format": [
      "owner_role_or_team",
      "decision",
      "decision_reason",
      "affected_scope",
      "redacted_evidence_refs",
      "followup_owner"
    ],
    "redacted_evidence_refs_only": true,
    "forbidden_payloads": [
      "secret_plaintext",
      "repo_archive",
      "database_dump",
      "runner_registration_token",
      "deploy_key_private_key",
      "git_object_pack"
    ],
    "followup_owner_required": true,
    "not_approval": true,
    "runtime_execution_authorized": false
  },
  "post_dispatch_invariants": [
    "request_sent_count 只能在有可稽核人工送件 metadata 後調整。",
    "送件後不得同步提高 owner_response_received_count、owner_response_accepted_count 或 owner_response_rejected_count。",
    "收到回覆後仍需經過 S4.9 response preflight、敏感材料隔離、跨包一致性檢查與 reviewer 驗收。",
    "任何 GitHub primary、repo / refs / workflow / secret、Kali、SSH、主機維護或 runtime gate 都必須另走人工批准與 rollback / post-check。"
  ],
  "allowed_outputs": [
    "owner role/team metadata",
    "decision and decision reason",
    "affected repo/source/namespace metadata",
    "redacted evidence refs",
    "followup owner"
  ],
  "forbidden_actions": [
    "collect_secret_plaintext",
    "collect_repo_archive",
    "write_gitea",
    "create_github_repo",
    "change_repo_visibility",
    "sync_or_delete_refs",
    "force_push_refs",
    "switch_github_primary",
    "disable_gitea",
    "open_runtime_gate"
  ],
  "not_authorization": true
}