{ "schema_version": "source_control_ref_truth_owner_response_v1", "status": "draft_waiting_owner_response", "date": "2026-06-04", "mode": "owner_ref_truth_response_intake_only", "runtime_execution_authorized": false, "source_contract": "source_control_ref_truth_classification_v1", "target_contract": "source_control_reconcile_plan_v1", "source_indexes": [ "docs/security/source-control-ref-truth-classification.snapshot.json", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md", "docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md", "docs/security/source-control-reconcile-plan.snapshot.json", "docs/security/source-control-primary-readiness-gate.snapshot.json", "docs/security/security-approval-review-packet.snapshot.json", "docs/security/security-followup-runtime-gate.snapshot.json" ], "summary": { "owner_response_status": "waiting_owner_response", "repo_count": 3, "total_ref_review_item_count": 194, "manual_truth_required_count": 4, "deprecated_candidate_count": 142, "release_tag_review_count": 3, "github_only_review_count": 20, "owner_response_request_packet_count": 1, "owner_response_template_status_count": 5, "owner_response_audit_event_template_count": 3, "owner_response_redaction_example_count": 5, "owner_response_collection_check_count": 6, "intake_preflight_check_count": 6, "response_template_count": 5, "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "acceptance_check_count": 8, "rejection_rule_count": 10, "refs_sync_authorized": false, "refs_delete_authorized": false, "force_push_authorized": false, "github_primary_switch_authorized": false, "secret_value_collection_allowed": false, "action_buttons_allowed": false }, "owner_response_request_packet": { "request_id": "s4_11_ref_truth_owner_response_request", "display_status": "ready_to_request_owner_response", "requested_packet": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md", "required_response_item_count": 5, "requested_template_ids": [ "response-main-branch-truth-source", "response-active-dev-branch-truth-source", "response-drift-deprecated-candidate-batch", "response-release-tag-retention", "response-github-only-ref-review" ], "owner_instruction_summary": "請 owner 只依 S4.11 五個 templates 回覆 main/dev truth、deprecated drift、release tag retention 與 GitHub-only refs disposition,並只引用脫敏 evidence refs;不要貼 token、secret、private clone URL credential、git object、repo archive、API request body 或任何可執行 refs payload。", "allowed_response_fields": [ "owner_role_or_team", "decision", "decision_reason", "repo", "ref_name", "tag_name", "ref_pattern_or_ref_list", "truth_source_or_sha", "branch_disposition", "retention_disposition", "github_only_owner", "deploy_marker_owner", "production_source_owner", "rollback_point_owner", "workflow_owner", "artifact_owner", "audit_owner", "backfill_candidate_reason", "evidence_refs", "followup_owner" ], "evidence_ref_rules": [ "只允許 repo 內既有文件、snapshot 或已脫敏 owner metadata pointer。", "main/dev truth 必須逐 repo/ref 標示候選真相來源或補證 owner,不得只寫全域結論。", "deprecated candidate 與 backfill candidate 只能是 read-only disposition,不得視為 delete、push 或 sync approval。", "release tag 必須指定 artifact、deploy marker、rollback 或補證 owner。", "不得提供 token value、secret value、private clone URL credential、cookie、session、deploy key value 或截圖中的敏感值。", "不確定是否含敏感值時先走 mirror quarantine,不得直接貼入 response。" ], "forbidden_payloads": [ "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "fetch_refs_request", "push_refs_request", "delete_refs_request", "force_push_request", "mirror_sync_request", "tag_rewrite_request", "branch_rewrite_request", "github_primary_switch_request", "repo_creation_command", "visibility_change_command", "repo_archive", "git_object_pack", "db_dump", "api_request_or_response_body", "execution_request_payload" ], "allowed_submission_modes": [ "markdown_table_redacted_metadata", "json_redacted_metadata_pointer", "existing_repo_doc_reference", "awooop_manual_review_note" ], "awooop_display_mode": "display_owner_response_request_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "不 fetch refs", "不 push refs", "不 delete refs", "不 force push", "不 rewrite branch 或 tag", "不切 GitHub primary", "不建立 repo 或修改 visibility", "不停用、刪除、封存或降級 Gitea repo", "不保存 secret / token / private key / cookie / session / deploy key value", "不新增 AwoooP execution action button" ] }, "owner_response_template_statuses": [ { "template_id": "response-main-branch-truth-source", "lane": "main_truth_required", "display_order": 1, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需逐 repo 回覆 main branch truth source、deploy marker owner、production source owner 與 rollback point owner;不得把 request ready 當成 refs sync approval。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "不 fetch refs", "不 push refs", "不 delete refs", "不 force push", "不切 GitHub primary" ] }, { "template_id": "response-active-dev-branch-truth-source", "lane": "active_branch_truth_required", "display_order": 2, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `wooo/awoooi dev` 是否仍為 active workflow、legacy candidate 或需補 workflow owner;不得把 legacy candidate 當成 delete approval。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "不 fetch refs", "不 push refs", "不 delete refs", "不 force push", "不 rewrite branch" ] }, { "template_id": "response-drift-deprecated-candidate-batch", "lane": "archive_or_deprecate_candidate", "display_order": 3, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `drift/adopt-*` batch 的 deprecated、audit retention 或 split batch disposition;不得把 deprecated candidate 當成 prune/delete approval。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "不 prune refs", "不 delete refs", "不 force push", "不把 batch disposition 當執行批准" ] }, { "template_id": "response-release-tag-retention", "lane": "release_tag_missing_on_github", "display_order": 4, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 release tag retention、artifact owner 與 deploy marker owner;不得把 tag retention 當成 tag push、rewrite 或 delete approval。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "不 push tag", "不 rewrite tag", "不 delete tag", "不切 GitHub primary" ] }, { "template_id": "response-github-only-ref-review", "lane": "github_only_manual_review", "display_order": 5, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 GitHub-only branch / UAT tags 的保留、backfill candidate、legacy 或補證 owner;不得把 backfill candidate 當成 push approval。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "不 push refs", "不 delete GitHub-only refs", "不 backfill refs", "不切 GitHub primary" ] } ], "owner_response_audit_event_templates": [ { "event_template_id": "audit-ref-truth-response-request-shown", "display_order": 1, "event_status": "template_only_not_emitted", "trigger": "AwoooP 顯示 S4.11 refs truth owner response request packet 時。", "purpose": "只記錄 request packet 已可顯示或已顯示的 metadata,不代表 request 已送出、owner response 已收到或 refs action 已授權。", "allowed_metadata_fields": [ "event_template_id", "request_id", "requested_template_ids", "source_contract", "target_contract", "displayed_by_role", "displayed_at_taipei", "source_document_ref" ], "forbidden_payloads": [ "owner_response_raw_body", "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "fetch_refs_request", "push_refs_request", "delete_refs_request", "force_push_request", "mirror_sync_request", "tag_rewrite_request", "branch_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "api_request_or_response_body", "execution_request_payload" ], "emitted_event_count": 0, "stored_raw_payload_allowed": false, "awooop_display_mode": "display_audit_template_only", "execution_authorized": false, "not_approval": true }, { "event_template_id": "audit-ref-truth-response-received-metadata", "display_order": 2, "event_status": "template_only_not_emitted", "trigger": "Owner 提供 S4.11 refs truth response metadata pointer 時。", "purpose": "只記錄 response 已收到的脫敏 metadata pointer;不得保存 response 原文、git object、repo archive、API raw body 或敏感 payload。", "allowed_metadata_fields": [ "event_template_id", "template_id", "lane", "repo", "ref_name_or_pattern", "owner_role_or_team", "received_at_taipei", "redacted_evidence_refs", "source_document_ref" ], "forbidden_payloads": [ "owner_response_raw_body", "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "fetch_refs_request", "push_refs_request", "delete_refs_request", "force_push_request", "mirror_sync_request", "tag_rewrite_request", "branch_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "api_request_or_response_body", "execution_request_payload" ], "emitted_event_count": 0, "stored_raw_payload_allowed": false, "awooop_display_mode": "display_audit_template_only", "execution_authorized": false, "not_approval": true }, { "event_template_id": "audit-ref-truth-response-outcome-classified", "display_order": 3, "event_status": "template_only_not_emitted", "trigger": "AwoooP 依 S4.11 acceptance checks 與 rejection rules 分類 refs truth owner response 時。", "purpose": "只記錄分類結果與下一步提示;不得把 outcome、owner wording 或單項 response 當成 refs sync、delete、force push、backfill、tag rewrite 或 GitHub primary 授權。", "allowed_metadata_fields": [ "event_template_id", "template_id", "lane", "repo", "ref_name_or_pattern", "collection_status", "latest_outcome_lane", "next_owner_action", "classified_at_taipei", "classified_by_role" ], "forbidden_payloads": [ "owner_response_raw_body", "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "fetch_refs_request", "push_refs_request", "delete_refs_request", "force_push_request", "mirror_sync_request", "tag_rewrite_request", "branch_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "api_request_or_response_body", "execution_request_payload" ], "emitted_event_count": 0, "stored_raw_payload_allowed": false, "awooop_display_mode": "display_audit_template_only", "execution_authorized": false, "not_approval": true } ], "owner_response_redaction_examples": [ { "example_id": "redaction-ref-truth-existing-doc-ref", "display_order": 1, "example_status": "template_example_only", "category": "ref_truth_existing_document_reference", "safe_response_shape": [ "template_id=response-main-branch-truth-source", "repo=wooo/awoooi", "ref_name=main", "decision=hold_pending_deploy_marker", "evidence_refs=[docs/security/source-control-ref-truth-classification.snapshot.json, docs/security/source-control-primary-readiness-gate.snapshot.json]", "decision_reason=引用既有 snapshot 與 readiness blocker,不貼 git object、repo archive 或 API raw body" ], "required_redactions": [ "外部 evidence 只保留 repo 內文件路徑、snapshot 路徑或已脫敏 metadata pointer", "若引用 commit 或 deploy marker,只能寫短 SHA、文件 ref 或 owner metadata,不貼完整 object pack", "不得貼完整 API request/response body、private clone URL、token 或 repo archive" ], "forbidden_raw_values": [ "token_value", "secret_value", "private_clone_url_credential", "api_request_or_response_body", "repo_archive", "git_object_pack" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-main-branch-truth-metadata", "display_order": 2, "example_status": "template_example_only", "category": "main_branch_truth_source_metadata", "safe_response_shape": [ "owner_role_or_team=repo-owner-or-platform-team", "repo=wooo/clawbot-v5", "ref_name=main", "truth_source_or_sha=short_sha_or_existing_snapshot_ref", "deploy_marker_owner=platform-ops", "rollback_point_owner=release-owner" ], "required_redactions": [ "truth_source_or_sha 只能填短 SHA、既有 snapshot ref 或補證 owner,不貼完整 git object", "owner 欄位只寫角色或團隊,不寫密碼、session、one-time code、token 或個人敏感資訊", "deploy / rollback 說明只代表 owner metadata,不代表 push、tag rewrite、primary switch 或 rollback 執行" ], "forbidden_raw_values": [ "password", "cookie", "session", "one_time_code", "deploy_key_value", "approval_phrase_as_execution_authorization" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-deprecated-batch-disposition", "display_order": 3, "example_status": "template_example_only", "category": "deprecated_ref_batch_disposition", "safe_response_shape": [ "template_id=response-drift-deprecated-candidate-batch", "repo=wooo/awoooi", "ref_pattern_or_ref_list=drift/adopt-*", "decision=mark_deprecated_candidate", "retention_owner=audit-owner", "audit_or_rollback_use=metadata_only" ], "required_redactions": [ "批次範圍必須可重現,但只能用 ref pattern、count 或已脫敏 ref list,不貼 object pack", "deprecated candidate 只代表 read-only disposition,不代表 prune、delete refs 或 force push approval", "若需要拆批,回覆 split_batch_requires_more_evidence 並引用 repo 內 snapshot 或 redacted metadata pointer" ], "forbidden_raw_values": [ "git_object_pack", "repo_archive", "prune_refs_command", "delete_refs_command", "force_push_command", "mirror_sync_request" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-release-tag-retention-metadata", "display_order": 4, "example_status": "template_example_only", "category": "release_tag_retention_metadata", "safe_response_shape": [ "template_id=response-release-tag-retention", "repo=wooo/awoooi", "tag_name=v2026-redacted", "decision=keep_release_tag_candidate", "artifact_owner=release-owner", "rollback_point_owner=platform-ops", "evidence_refs=[docs/security/source-control-ref-detail-diff.snapshot.json]" ], "required_redactions": [ "tag name 與 artifact owner 只能作 retention metadata,不代表 tag push、rewrite 或 delete approval", "artifact evidence 只引用 repo 內文件或 redacted metadata pointer,不貼 artifact binary、archive 或 secret", "若缺 artifact owner,應回覆 hold_pending_artifact_owner,不可用同意字樣補成執行批准" ], "forbidden_raw_values": [ "artifact_binary", "repo_archive", "tag_push_command", "tag_rewrite_command", "delete_tag_command", "secret_value" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-ref-truth-quarantine-pointer", "display_order": 5, "example_status": "template_example_only", "category": "uncertain_sensitive_ref_truth_payload", "safe_response_shape": [ "collection_status=quarantine_sensitive_payload", "quarantine_reason=疑似含 token、private clone URL credential、git object pack、repo archive、API raw body 或未脫敏截圖", "raw_payload_stored_in_repo=false", "next_owner_action=request_redacted_metadata_pointer" ], "required_redactions": [ "不確定是否含敏感值時先產生 quarantine pointer", "只留下原因、來源類型、責任 owner 與下一步,不留下原文", "解除 quarantine 前不得更新 received / accepted count、classification wording 或 reconcile plan wording" ], "forbidden_raw_values": [ "owner_response_raw_body", "token_value", "secret_value", "private_clone_url_credential", "credential_file", "git_object_pack", "repo_archive", "execution_request_payload" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true } ], "owner_response_collection_checks": [ { "check_id": "collection-ref-truth-request-packet-displayed", "display_order": 1, "title": "已顯示 refs truth owner response request packet", "required": true, "pass_condition": "AwoooP 必須只顯示 `owner_response_request_packet` 的 5 個 refs truth templates、允許欄位、脫敏 evidence 規則與禁止 payload,不得附加 fetch、push、delete、force push、tag rewrite、backfill 或 primary switch 要求。", "failure_lane": "keep_waiting_owner_response", "awooop_display": "display_request_packet_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-ref-truth-read-only-submission-mode", "display_order": 2, "title": "refs truth 收件模式維持 read-only", "required": true, "pass_condition": "owner 只能用 read-only markdown response、redacted metadata pointer、existing repo doc reference 或 AwoooP manual review note;不得提交 token、repo archive、git object pack、API raw body 或 execution request。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "display_read_only_submission_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-five-ref-truth-template-tracking", "display_order": 3, "title": "五個 refs truth templates 分開追蹤", "required": true, "pass_condition": "S4.11 五個 requested_template_ids 必須逐 lane 追蹤 received / accepted / rejected 狀態;不可用單一整體同意取代 main/dev truth、deprecated batch、release tag retention 或 GitHub-only refs disposition。", "failure_lane": "request_more_evidence", "awooop_display": "display_per_ref_truth_lane_tracking", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-ref-truth-redacted-evidence-only", "display_order": 4, "title": "只收 refs truth 脫敏 evidence refs", "required": true, "pass_condition": "收件內容只能包含 repo 內路徑、snapshot path、短 SHA 或已脫敏 metadata pointer;任何不確定是否含 token、private URL credential、secret、repo archive、git object、API raw body 或未脫敏截圖的資料都先進 quarantine。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "display_redacted_evidence_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-ref-truth-no-approval-language", "display_order": 5, "title": "不得把 refs truth 回覆語意升級成批准", "required": true, "pass_condition": "即使 owner response 文字包含同意、OK、可進行或批准,也只能視為 truth source、retention 或 disposition response;不得視為 refs sync、delete refs、force push、tag rewrite、backfill 或 GitHub primary approval。", "failure_lane": "reject_execution_request", "awooop_display": "display_scope_response_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-ref-truth-audit-metadata-only", "display_order": 6, "title": "只記錄 refs truth audit metadata", "required": true, "pass_condition": "AwoooP 只能記錄 request shown、response received metadata、template id、lane、repo、ref name 或 pattern、owner role/team、redacted evidence refs 與 outcome lane;不得保存 token value、secret value、private clone URL credential、repo archive、git object pack、API raw body 或可執行 payload。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "display_audit_metadata_only", "execution_authorized": false, "not_approval": true } ], "intake_preflight_checks": [ { "check_id": "preflight-known-ref-truth-lane", "display_order": 1, "title": "回覆必須對應已知 refs truth lane", "required": true, "pass_condition": "`template_id` 或 `lane` 必須對應 S4.11 五個 refs truth templates 之一,不得新增未盤點 repo/ref、未分類 branch/tag 或把 GitHub-only/backfill candidate 自動視為可執行。", "failure_lane": "request_owner_correction", "awooop_display": "request_more_evidence", "execution_authorized": false }, { "check_id": "preflight-required-ref-truth-owner-fields", "display_order": 2, "title": "refs truth 必填欄位完整", "required": true, "pass_condition": "每筆 response 必須有 owner role/team、decision、decision_reason、repo、ref scope、truth source 或 disposition、必要的 deploy/artifact/rollback/workflow owner 與 evidence_refs;批次回覆必須有可重現範圍。", "failure_lane": "request_more_evidence", "awooop_display": "request_more_evidence", "execution_authorized": false }, { "check_id": "preflight-allowed-ref-truth-decision", "display_order": 3, "title": "refs truth decision 在模板允許值內", "required": true, "pass_condition": "`decision` 必須落在對應 response template 的 acceptable_decisions;口頭同意、整體 OK、可進行或未列出的執行語句都不得進入 accepted。", "failure_lane": "request_owner_correction", "awooop_display": "request_more_evidence", "execution_authorized": false }, { "check_id": "preflight-ref-truth-redacted-evidence-only", "display_order": 4, "title": "只接受 refs truth 脫敏 evidence refs", "required": true, "pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot、短 SHA 或 owner 提供的脫敏 metadata pointer,不得含 token、secret、cookie、session、private key、private clone URL credential、repo archive、git object pack、API raw body 或未脫敏截圖。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "quarantine_sensitive_payload", "execution_authorized": false }, { "check_id": "preflight-no-refs-execution-request", "display_order": 5, "title": "不得夾帶 refs 執行要求", "required": true, "pass_condition": "response 不得要求 fetch、push refs、delete refs、force push、mirror sync、tag rewrite、branch rewrite、backfill、GitHub primary switch、repo creation、visibility change、workflow/secret/runner 變更、Kali scan 或任何 runtime action。", "failure_lane": "reject_execution_request", "awooop_display": "reject_execution_request", "execution_authorized": false }, { "check_id": "preflight-all-five-ref-truth-lanes-before-accepted", "display_order": 6, "title": "接受前需覆蓋五個 refs truth templates", "required": true, "pass_condition": "S4.11 要被標示 accepted 前,五個 response templates 都必須收到可驗收的 owner response;部分回覆只能維持 waiting、ready_for_owner_review、request_more_evidence 或 quarantine。", "failure_lane": "keep_waiting_owner_response", "awooop_display": "ready_for_owner_review", "execution_authorized": false } ], "response_templates": [ { "template_id": "response-main-branch-truth-source", "lane": "main_truth_required", "affected_repos": [ "wooo/awoooi -> owenhytsai/awoooi", "wooo/clawbot-v5 -> owenhytsai/clawbot-v5", "wooo/wooo-aiops -> owenhytsai/wooo-aiops" ], "risk": "HIGH", "covered_item_count": 3, "requested_owner_decision": "判定三個 main branch 的真相來源、deploy marker owner、production source owner 與 rollback point owner;維持 refs action disabled。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "repo", "ref_name", "truth_source_or_sha", "deploy_marker_owner", "production_source_owner", "rollback_point_owner", "evidence_refs" ], "acceptable_decisions": [ "choose_gitea_as_truth_candidate", "choose_github_as_truth_candidate", "choose_specific_sha_as_truth_candidate", "hold_pending_deploy_marker", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/source-control-ref-truth-classification.snapshot.json", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/source-control-primary-readiness-gate.snapshot.json" ], "acceptance_criteria": [ "必須逐 repo 標示 main branch 的候選真相來源,不可只寫全域結論。", "必須說明 deploy marker、production source 與 rollback point 的 owner 或補證 owner。", "必須承認通過收件後只更新 read-only classification / reconcile / readiness wording,不授權 refs sync。" ], "rejection_conditions": [ "把 main branch truth response 當成可直接 push refs 或切 primary。", "沒有 repo、ref_name、truth_source_or_sha 或 deploy evidence owner。", "含有 token、credential、private URL 憑證或未脫敏截圖。" ], "allowed_outputs": [ "更新 `source-control-ref-truth-classification.snapshot.json` 的 read-only owner response 欄位。", "更新 `SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md` 的 owner response 摘要。", "更新 `source-control-primary-readiness-gate.snapshot.json` 的 blocker wording,且 primary_ready_count 維持 0。" ], "execution_authorized": false }, { "template_id": "response-active-dev-branch-truth-source", "lane": "active_branch_truth_required", "affected_repos": [ "wooo/awoooi -> owenhytsai/awoooi" ], "risk": "HIGH", "covered_item_count": 1, "requested_owner_decision": "判定 `wooo/awoooi` 的 `dev` branch 是否仍是 active workflow、legacy branch 或需補證;維持 refs action disabled。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "repo", "ref_name", "workflow_owner", "branch_disposition", "evidence_refs" ], "acceptable_decisions": [ "keep_active_branch_candidate", "mark_branch_legacy_candidate", "hold_pending_workflow_owner", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/source-control-ref-truth-classification.snapshot.json", "docs/security/source-control-reconcile-plan.snapshot.json", "docs/security/security-approval-review-packet.snapshot.json" ], "acceptance_criteria": [ "必須指出 `dev` 是否仍有開發、部署、CI 或 release workflow 用途。", "若標為 legacy,只能標記 candidate,不代表刪除或封存批准。", "必須提供 workflow owner 或 request_more_evidence owner。" ], "rejection_conditions": [ "要求立即刪除或同步 `dev` branch。", "沒有 workflow owner 或 branch disposition。", "把 legacy candidate 當成 delete approval。" ], "allowed_outputs": [ "更新 `dev` branch 的 read-only disposition 欄位。", "更新 draft reconcile plan 的 blocked reason。", "建立 request_more_evidence lane。" ], "execution_authorized": false }, { "template_id": "response-drift-deprecated-candidate-batch", "lane": "archive_or_deprecate_candidate", "affected_repos": [ "wooo/awoooi drift/adopt-*" ], "risk": "LOW", "covered_item_count": 142, "requested_owner_decision": "批次判定 `drift/adopt-*` refs 是否可列為 deprecated candidate、audit retention candidate 或需拆批補證;標記 deprecated candidate 不等於 delete approval。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "repo", "ref_pattern_or_ref_list", "retention_owner", "audit_or_rollback_use", "evidence_refs" ], "acceptable_decisions": [ "mark_deprecated_candidate", "keep_audit_retention_candidate", "split_batch_requires_more_evidence", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/source-control-ref-truth-classification.snapshot.json", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md" ], "acceptance_criteria": [ "必須明確說明這是批次 owner disposition,不是刪除批准。", "必須提供 retention owner 或補證 owner。", "若需要拆批,必須說明拆分準則與下一個 evidence owner。" ], "rejection_conditions": [ "把 deprecated candidate 當成 delete approval。", "要求刪除、rewrite、force push 或 prune refs。", "未說明 audit / rollback / retention 用途是否仍存在。" ], "allowed_outputs": [ "更新 classification 的 deprecated candidate owner response 欄位。", "更新人工 review checklist。", "維持 refs delete / push / force push 禁用。" ], "execution_authorized": false }, { "template_id": "response-release-tag-retention", "lane": "release_tag_missing_on_github", "affected_repos": [ "wooo/awoooi v7.2.0", "wooo/awoooi v7.3.0", "wooo/clawbot-v5 v5.5-sprint1" ], "risk": "MEDIUM", "covered_item_count": 3, "requested_owner_decision": "判定 release tags 是否需要保留、是否為 legacy candidate,或是否等待 artifact / deploy owner 補證;維持 tag action disabled。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "repo", "tag_name", "artifact_owner", "deploy_marker_owner", "retention_disposition", "evidence_refs" ], "acceptable_decisions": [ "keep_release_tag_candidate", "mark_tag_legacy_candidate", "hold_pending_artifact_owner", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/source-control-ref-truth-classification.snapshot.json", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/source-control-primary-rollback-adr.snapshot.json" ], "acceptance_criteria": [ "必須逐 tag 指定 artifact owner、deploy marker owner 或補證 owner。", "必須說明保留或 legacy candidate 的依據。", "必須明確不授權 tag push、tag rewrite 或 tag delete。" ], "rejection_conditions": [ "要求立即同步、重寫或刪除 tag。", "缺 artifact owner 或 deploy marker owner。", "把 tag retention response 當成 release approval。" ], "allowed_outputs": [ "更新 release tag review lane。", "更新 rollback ADR 的 evidence gap wording。", "維持 tag action disabled。" ], "execution_authorized": false }, { "template_id": "response-github-only-ref-review", "lane": "github_only_manual_review", "affected_repos": [ "wooo/wooo-aiops refactor/phase-9.3", "wooo/wooo-aiops 19 UAT tags" ], "risk": "MEDIUM", "covered_item_count": 20, "requested_owner_decision": "判定 GitHub-only branch / UAT tags 是否保留、回補候選、legacy candidate 或需稽核 owner 補證;backfill 只能是 candidate,不代表 push。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "repo", "ref_name_or_pattern", "github_only_owner", "audit_owner", "backfill_candidate_reason", "evidence_refs" ], "acceptable_decisions": [ "keep_github_only_candidate", "backfill_to_gitea_candidate", "mark_legacy_github_only_candidate", "hold_pending_audit_owner", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/source-control-ref-truth-classification.snapshot.json", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/SOURCE-CONTROL-WOOO-AIOPS-SNAPSHOT.md" ], "acceptance_criteria": [ "必須說明 GitHub-only refs 的用途、owner 或補證 owner。", "若選 backfill_to_gitea_candidate,必須明確標示只是候選,不授權 push。", "必須維持 GitHub primary readiness blocked。" ], "rejection_conditions": [ "把 backfill candidate 當成 push approval。", "要求刪除 GitHub-only refs 或直接同步到 Gitea。", "缺 GitHub-only owner 或 audit owner。" ], "allowed_outputs": [ "更新 GitHub-only review lane。", "更新 draft reconcile plan 的 candidate wording。", "維持 refs action disabled。" ], "execution_authorized": false } ], "acceptance_checks": [ { "check_id": "maps_to_known_ref_truth_lane", "title": "回覆對應既有 refs truth lane", "required": true, "pass_condition": "`lane` 必須對應 source_control_ref_truth_classification_v1 既有 lane:main_truth_required、active_branch_truth_required、archive_or_deprecate_candidate、release_tag_missing_on_github 或 github_only_manual_review。", "failure_lane": "reject_unknown_ref_truth_lane", "execution_authorized": false }, { "check_id": "decision_value_allowed", "title": "決策值在允許範圍內", "required": true, "pass_condition": "`decision` 必須是該 response template 的 acceptable_decisions 之一。", "failure_lane": "request_owner_correction", "execution_authorized": false }, { "check_id": "repo_and_ref_scope_present", "title": "repo 與 ref scope 已標示", "required": true, "pass_condition": "每筆回覆必須有 repo 與 ref_name、tag_name、ref_pattern 或 ref_list;批次回覆必須有可重現範圍。", "failure_lane": "request_more_evidence", "execution_authorized": false }, { "check_id": "truth_source_or_disposition_present", "title": "真相來源或 disposition 已說明", "required": true, "pass_condition": "main/dev lane 必須有 truth source 或 workflow disposition;deprecated/release/GitHub-only lane 必須有 retention、legacy、backfill candidate 或補證 disposition。", "failure_lane": "keep_ref_truth_blocked", "execution_authorized": false }, { "check_id": "deploy_or_artifact_evidence_present_for_high_risk", "title": "高風險 ref 有 deploy 或 artifact owner", "required": true, "pass_condition": "main branch 與 release tag response 必須提供 deploy marker、production source、rollback point 或 artifact owner;未知時必須選 hold/unknown。", "failure_lane": "request_deploy_or_artifact_owner", "execution_authorized": false }, { "check_id": "no_refs_action_requested", "title": "不含 refs 執行要求", "required": true, "pass_condition": "回覆不得要求 fetch、push refs、delete refs、force push、mirror sync、tag rewrite、branch rewrite 或 prune refs。", "failure_lane": "reject_refs_action", "execution_authorized": false }, { "check_id": "no_primary_or_repo_change_requested", "title": "不含 primary 或 repo 變更要求", "required": true, "pass_condition": "回覆不得要求切 GitHub primary、建立 repo、修改 visibility、停用 Gitea、刪除 Gitea 或封存 Gitea。", "failure_lane": "reject_primary_or_repo_action", "execution_authorized": false }, { "check_id": "secret_values_absent", "title": "未包含 secret value", "required": true, "pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot 或已脫敏 owner metadata,不得含 token、credential、secret value、private key、deploy key value、cookie 或 session。", "failure_lane": "quarantine_sensitive_payload", "execution_authorized": false } ], "rejection_rules": [ "回覆含 token value、PAT、cookie、session、CSRF token、private key、deploy key value 或 partial credential 時必須拒收。", "回覆要求 fetch、push refs、delete refs、force push、mirror sync、tag rewrite、branch rewrite 或 prune refs 時必須拒收。", "回覆要求切 GitHub primary 或把 GitHub primary readiness 視為已完成時必須拒收。", "回覆要求建立 repo、修改 repo visibility 或改 remote URL 時必須拒收。", "回覆把 deprecated_candidate 當成 delete approval 時必須拒收。", "回覆把 backfill_to_gitea_candidate 當成 push approval 時必須拒收。", "回覆缺 repo/ref/lane 或批次範圍無法重現時不得標記 accepted。", "main / release high-risk 回覆缺 deploy marker、artifact、rollback 或補證 owner 時不得標記 accepted。", "回覆要求停用、刪除、封存或降級 Gitea 時必須拒收。", "任何不確定是否含敏感值、私有 URL 憑證或未脫敏截圖的回覆必須先進 mirror quarantine。" ], "allowed_outputs": [ "更新 `source-control-ref-truth-classification.snapshot.json` 的 read-only owner response 欄位。", "更新 `SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md` 的 owner response 摘要。", "更新 `source-control-reconcile-plan.snapshot.json` 的 draft wording。", "更新 `source-control-primary-readiness-gate.snapshot.json` 的 blocker wording。", "建立 request_more_evidence / quarantine lane。", "維持 `github_primary_ready_count=0` 與所有 refs / repo / primary execution flags false。" ], "forbidden_actions": [ "fetch refs。", "push refs。", "delete refs。", "force push。", "rewrite branch 或 tag。", "切 GitHub primary。", "建立 GitHub repo 或修改 visibility。", "停用、刪除、封存或降級 Gitea repo。", "保存 secret value、token value、private key、cookie、session 或 deploy key value。", "新增 AwoooP execution action button。" ] }