{ "schema_version": "github_target_owner_decision_response_v1", "status": "draft_waiting_owner_response", "date": "2026-06-04", "mode": "owner_decision_response_intake_only", "runtime_execution_authorized": false, "source_contract": "github_target_decision_v1", "target_contract": "github_target_repo_approval_package_v1", "source_indexes": [ "docs/security/github-target-decision.snapshot.json", "docs/security/github-target-repo-approval-package.snapshot.json", "docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md", "docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md", "docs/security/source-control-approval-board.snapshot.json", "docs/security/source-control-primary-readiness-gate.snapshot.json", "docs/security/security-approval-review-packet.snapshot.json", "docs/security/security-followup-runtime-gate.snapshot.json" ], "summary": { "owner_response_status": "waiting_owner_response", "target_decision_count": 8, "approval_required_target_count": 7, "owner_response_request_packet_count": 1, "owner_response_template_status_count": 7, "owner_response_audit_event_template_count": 3, "owner_response_redaction_example_count": 5, "owner_response_collection_check_count": 6, "intake_preflight_check_count": 6, "response_template_count": 7, "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "acceptance_check_count": 8, "rejection_rule_count": 10, "repo_creation_authorized": false, "visibility_change_authorized": false, "refs_sync_authorized": false, "github_primary_switch_authorized": false, "secret_value_collection_allowed": false, "action_buttons_allowed": false, "target_owner_handoff_package_ready": true, "target_owner_handoff_completion_percent": 100, "target_owner_handoff_check_count": 6, "target_owner_handoff_packet_field_count": 9, "target_owner_request_dispatch_authorized": false, "not_found_or_private_as_absent_allowed": false, "repo_creation_allowed_without_owner_response": false, "visibility_change_allowed_without_owner_response": false, "github_target_owner_response_handoff_not_approval": true }, "target_owner_handoff_preflight_checks": [ { "check_id": "p1-3-baseline-sync", "display_order": 1, "check": "送件前確認 gitea/main、GitHub target probe、S4.9 / P1-2 最新狀態。", "current_status": "defined_not_dispatched", "execution_authorized": false }, { "check_id": "p1-3-seven-target-scope", "display_order": 2, "check": "只向 7 個 approval-required targets 收 owner / visibility / canonical 回覆。", "current_status": "defined_not_dispatched", "execution_authorized": false }, { "check_id": "p1-3-external-scope-summary", "display_order": 3, "check": "nexu-io/open-design 只作 external scope evidence,不納入 AWOOOI target approval queue。", "current_status": "defined_not_dispatched", "execution_authorized": false }, { "check_id": "p1-3-not-found-or-private-semantics", "display_order": 4, "check": "not_found_or_private 只能表示 read-only probe 看不到;不得視為 repo 不存在或可直接建立。", "current_status": "defined_not_dispatched", "execution_authorized": false }, { "check_id": "p1-3-required-owner-fields", "display_order": 5, "check": "必須有 owner role/team、decision、reason、canonical source、target disposition、visibility review owner、redacted evidence refs。", "current_status": "defined_not_dispatched", "execution_authorized": false }, { "check_id": "p1-3-execution-request-rejected", "display_order": 6, "check": "repo creation、visibility change、refs sync、workflow / secret 修改、primary switch 全部 hard reject。", "current_status": "defined_not_dispatched", "execution_authorized": false } ], "target_owner_handoff_packet": { "request_id": "p1_3_github_target_owner_response_handoff", "stage_id": "S4.10", "prerequisite_gates": [ "S4.9 owner response gate", "P1-2 Gitea authenticated inventory request handoff" ], "requested_templates": [ "target-awoooi-refs-blocked", "target-clawbot-v5-refs-blocked", "target-wooo-aiops-refs-blocked", "target-wooo-infra-config-internal-remote", "target-ewoooc-private-or-new", "target-bitan-pharmacy-private-or-new", "target-tsenyang-website-private-or-new" ], "target_probe_summary": { "candidate_count": 8, "exists_count": 5, "not_found_or_private_count": 3, "external_scope_summary_repo": "nexu-io/open-design" }, "recipient_role_or_team_required": true, "required_response_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "github_target_disposition", "visibility_review_owner", "redacted_evidence_refs", "followup_owner" ], "forbidden_inputs": [ "token_value", "secret_value", "private_key", "private_clone_url_credential", "repo_archive", "git_object_pack", "api_request_body", "repo_creation_command", "visibility_change_command", "refs_sync_or_delete_request", "github_primary_switch_request" ], "not_approval": true, "execution_authorized": false }, "post_dispatch_invariants": [ "Owner response 到來後仍需先進 S4.10 intake preflight 與 reviewer validation。", "not_found_or_private 不得自動視為 repo 不存在或可建立。", "通過後只可更新 read-only target decision table、approval package、approval board 與 readiness wording。", "不得直接建立 repo、修改 visibility、sync/delete refs、force push、改 workflow / secret、切 GitHub primary 或停用 Gitea。" ], "owner_response_request_packet": { "request_id": "s4_10_github_target_owner_decision_response_request", "display_status": "ready_to_request_owner_response", "requested_packet": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md", "required_response_item_count": 7, "requested_template_ids": [ "target-awoooi-refs-blocked", "target-clawbot-v5-refs-blocked", "target-wooo-aiops-refs-blocked", "target-wooo-infra-config-internal-remote", "target-ewoooc-private-or-new", "target-bitan-pharmacy-private-or-new", "target-tsenyang-website-private-or-new" ], "owner_instruction_summary": "請 owner 只依 S4.10 七個 templates 回覆 GitHub target 的 owner / visibility / canonical / target disposition,並只引用脫敏 evidence refs;不要貼 token、secret、private clone URL credential、repo archive、git object、API request body 或任何可執行 payload。", "allowed_response_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "github_target_disposition", "visibility_review_owner", "refs_truth_review_owner", "tag_disposition_owner", "github_only_refs_owner", "internal_remote_disposition", "secret_name_inventory_owner", "server_side_refs_diff_owner", "active_status", "evidence_refs", "followup_owner" ], "evidence_ref_rules": [ "只允許 repo 內既有文件、snapshot 或已脫敏 owner metadata pointer", "not_found_or_private 只能作為需補證或 private access request 的 evidence,不得自動視為 repo 不存在", "canonical_source 未知時必須明確選 unknown_requires_more_evidence 或指定補證 owner", "不得提供 token value、secret value、private clone URL credential、cookie、session、deploy key value 或截圖中的敏感值", "不確定是否含敏感值時先走 mirror quarantine,不得直接貼入 response" ], "forbidden_payloads": [ "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "repo_creation_command", "visibility_change_command", "write_or_admin_api_request", "refs_sync_or_delete_request", "force_push_or_tag_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "unrelated_history_merge_request" ], "allowed_submission_modes": [ "read_only_markdown_response", "redacted_metadata_pointer", "request_more_evidence", "out_of_scope_disposition" ], "awooop_display_mode": "display_owner_response_request_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, "owner_response_template_statuses": [ { "template_id": "target-awoooi-refs-blocked", "github_repo": "owenhytsai/awoooi", "source_key": "wooo/awoooi", "display_order": 1, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/awoooi` 的 canonical source、visibility review owner 與 refs truth owner;不得把既有 GitHub target 視為可直接 primary。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, { "template_id": "target-clawbot-v5-refs-blocked", "github_repo": "owenhytsai/clawbot-v5", "source_key": "wooo/clawbot-v5", "display_order": 2, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/clawbot-v5` 的 main SHA / tag 真相來源與 tag disposition owner;不得用單一句話批准 refs sync。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, { "template_id": "target-wooo-aiops-refs-blocked", "github_repo": "owenhytsai/wooo-aiops", "source_key": "wooo/wooo-aiops", "display_order": 3, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/wooo-aiops` 的 GitHub-only refs owner 與 disposition;不得刪除 GitHub-only refs。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, { "template_id": "target-wooo-infra-config-internal-remote", "github_repo": "owenhytsai/wooo-infra-config", "source_key": "wooo/wooo-infra-config", "display_order": 4, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/wooo-infra-config` 的 110 internal remote 用途與 secret name inventory owner;不得刪除 remote 或搬移 secret value。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, { "template_id": "target-ewoooc-private-or-new", "github_repo": "owenhytsai/ewoooc", "source_key": "wooo/ewoooc / root/momo-pro-system / momo working trees", "display_order": 5, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/ewoooc` 與 momo-pro-system 的 canonical 關係、private access request 或 new target candidate disposition;不得自動建立 repo 或合併 unrelated histories。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, { "template_id": "target-bitan-pharmacy-private-or-new", "github_repo": "owenhytsai/bitan-pharmacy", "source_key": "bitan-pharmacy", "display_order": 6, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/bitan-pharmacy` 是否仍 active、GitHub target disposition 與 visibility review owner;不得把 not_found_or_private 當成可直接建立 repo。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] }, { "template_id": "target-tsenyang-website-private-or-new", "github_repo": "owenhytsai/tsenyang-website", "source_key": "tsenyang-website", "display_order": 7, "collection_status": "waiting_owner_response", "request_status": "request_ready_not_sent", "received_response_count": 0, "accepted_response_count": 0, "rejected_response_count": 0, "latest_outcome_lane": "keep_waiting_owner_response", "next_owner_action": "Owner 需回覆 `owenhytsai/tsenyang-website` 是否仍 active、GitHub target disposition 與 visibility review owner;不得把 not_found_or_private 當成可直接建立 repo。", "awooop_display_mode": "display_template_status_only", "execution_authorized": false, "not_approval": true, "still_forbidden": [ "create_github_repo", "change_repo_visibility", "push_refs", "delete_refs", "force_push", "switch_github_primary", "store_secret_value", "store_token_value" ] } ], "owner_response_audit_event_templates": [ { "event_template_id": "audit-github-target-response-request-shown", "display_order": 1, "event_status": "template_only_not_emitted", "trigger": "AwoooP 顯示 S4.10 owner response request packet 時。", "purpose": "只記錄 request packet 已可顯示或已顯示的 metadata,不代表 owner response 已收到。", "allowed_metadata_fields": [ "event_template_id", "request_id", "requested_template_ids", "target_contract", "displayed_by_role", "displayed_at_taipei", "source_document_ref" ], "forbidden_payloads": [ "owner_response_raw_body", "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "repo_creation_command", "visibility_change_command", "write_or_admin_api_request", "refs_sync_or_delete_request", "force_push_or_tag_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "execution_request_payload" ], "emitted_event_count": 0, "stored_raw_payload_allowed": false, "awooop_display_mode": "display_audit_template_only", "execution_authorized": false, "not_approval": true }, { "event_template_id": "audit-github-target-response-received-metadata", "display_order": 2, "event_status": "template_only_not_emitted", "trigger": "Owner 提供 S4.10 GitHub target response metadata pointer 時。", "purpose": "只記錄 response 已收到的脫敏 metadata pointer;不得保存 response 原文、repo archive、git object 或敏感 payload。", "allowed_metadata_fields": [ "event_template_id", "template_id", "github_repo", "owner_role_or_team", "received_at_taipei", "redacted_evidence_refs", "source_document_ref" ], "forbidden_payloads": [ "owner_response_raw_body", "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "repo_creation_command", "visibility_change_command", "write_or_admin_api_request", "refs_sync_or_delete_request", "force_push_or_tag_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "execution_request_payload" ], "emitted_event_count": 0, "stored_raw_payload_allowed": false, "awooop_display_mode": "display_audit_template_only", "execution_authorized": false, "not_approval": true }, { "event_template_id": "audit-github-target-response-outcome-classified", "display_order": 3, "event_status": "template_only_not_emitted", "trigger": "AwoooP 依 S4.10 acceptance checks 與 rejection rules 分類 GitHub target owner response 時。", "purpose": "只記錄分類結果與下一步提示;不得把 outcome、owner wording 或單項 response 當成 repo / refs / primary 執行授權。", "allowed_metadata_fields": [ "event_template_id", "template_id", "github_repo", "collection_status", "latest_outcome_lane", "next_owner_action", "classified_at_taipei", "classified_by_role" ], "forbidden_payloads": [ "owner_response_raw_body", "token_value", "secret_value", "private_key", "cookie_or_session", "private_clone_url_credential", "repo_creation_command", "visibility_change_command", "write_or_admin_api_request", "refs_sync_or_delete_request", "force_push_or_tag_rewrite_request", "github_primary_switch_request", "repo_archive", "git_object_pack", "db_dump", "execution_request_payload" ], "emitted_event_count": 0, "stored_raw_payload_allowed": false, "awooop_display_mode": "display_audit_template_only", "execution_authorized": false, "not_approval": true } ], "owner_response_redaction_examples": [ { "example_id": "redaction-github-target-doc-ref", "display_order": 1, "example_status": "template_example_only", "category": "github_target_existing_document_reference", "safe_response_shape": [ "template_id=target-awoooi-refs-blocked", "decision=hold_pending_refs_truth", "canonical_source=wooo/awoooi", "evidence_refs=[docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md, docs/security/source-control-ref-detail-diff.snapshot.json]", "decision_reason=引用既有 snapshot 與決策表,不貼 API raw body 或 repo archive" ], "required_redactions": [ "外部 evidence 只保留 repo 內文件路徑、snapshot 路徑或已脫敏 metadata pointer", "GitHub API 查詢結果只能摘要為 repo slug、status、review owner 與 evidence ref", "不得貼完整 API request/response body、header 或 private clone URL" ], "forbidden_raw_values": [ "token_value", "secret_value", "private_clone_url_credential", "api_request_header", "api_response_raw_body", "repo_archive" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-owner-visibility-canonical-metadata", "display_order": 2, "example_status": "template_example_only", "category": "owner_visibility_canonical_metadata", "safe_response_shape": [ "owner_role_or_team=repo-owner-or-platform-team", "visibility_review_owner=security-commander", "canonical_source=unknown_requires_more_evidence", "decision=unknown_requires_more_evidence", "followup_owner=source-control-owner" ], "required_redactions": [ "只寫角色或團隊,不寫個人密碼、session、one-time code 或 API token", "visibility decision reason 不得包含可重播的管理操作步驟或憑證", "followup_owner 只代表責任 owner,不代表 repo creation、visibility change 或 primary approval" ], "forbidden_raw_values": [ "password", "cookie", "session", "one_time_code", "approval_phrase_as_execution_authorization", "admin_console_screenshot_with_secret" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-private-target-access-metadata", "display_order": 3, "example_status": "template_example_only", "category": "private_or_new_target_metadata", "safe_response_shape": [ "template_id=target-ewoooc-private-or-new", "github_repo=owenhytsai/ewoooc", "decision=approve_private_target_access_request", "github_target_disposition=private_access_request_only", "credential_value_stored=false" ], "required_redactions": [ "private target 只能寫 repo slug、access request status 與 owner metadata", "完整 clone URL 只能保留 host、namespace、repo slug;若含 userinfo、query token 或 header 必須移除值", "不得把 private access request 當成可建立 repo、可 fetch、可 push 或可改 visibility 的指令" ], "forbidden_raw_values": [ "https_userinfo_credential", "query_token", "authorization_header", "ssh_private_key", "deploy_key_value", "git_remote_with_secret" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-refs-truth-dependency-summary", "display_order": 4, "example_status": "template_example_only", "category": "refs_truth_dependency_summary", "safe_response_shape": [ "template_id=target-clawbot-v5-refs-blocked", "decision=hold_pending_refs_truth", "refs_truth_review_owner=source-control-owner", "server_side_refs_diff_owner=platform-ops", "blocked_until=[S4.11 refs truth owner response, S4.12 workflow secret name owner response]" ], "required_redactions": [ "只保留 refs truth 責任 owner、blocking contract 與 evidence ref", "若引用外部 diff,必須先轉成 repo 內 snapshot 或 redacted metadata pointer", "不得貼 git object pack、repo archive、可執行 sync/delete/force-push 指令或 unrelated history merge request" ], "forbidden_raw_values": [ "git_object_pack", "repo_archive", "refs_sync_command", "delete_refs_command", "force_push_command", "unrelated_history_merge_request" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true }, { "example_id": "redaction-github-target-quarantine-pointer", "display_order": 5, "example_status": "template_example_only", "category": "uncertain_sensitive_payload", "safe_response_shape": [ "collection_status=quarantine_sensitive_payload", "quarantine_reason=疑似含 GitHub token、private URL credential、repo archive 或未脫敏截圖", "raw_payload_stored_in_repo=false", "next_owner_action=request_redacted_metadata_pointer" ], "required_redactions": [ "不確定是否含敏感值時先產生 quarantine pointer", "只留下原因、來源類型、責任 owner 與下一步,不留下原文", "解除 quarantine 前不得更新 received / accepted count 或 target decision wording" ], "forbidden_raw_values": [ "owner_response_raw_body", "github_token_or_pat", "secret_screenshot", "private_clone_url_credential", "credential_file", "repo_archive", "execution_request_payload" ], "stored_raw_payload_allowed": false, "awooop_display_mode": "display_redaction_example_only", "execution_authorized": false, "not_approval": true } ], "owner_response_collection_checks": [ { "check_id": "collection-github-target-request-packet-displayed", "display_order": 1, "title": "已顯示 GitHub target owner response request packet", "required": true, "pass_condition": "AwoooP 必須只顯示 `owner_response_request_packet` 的 7 個 target templates、允許欄位、脫敏 evidence 規則與禁止 payload,不得附加 repo creation、visibility change、refs sync 或 primary switch 要求。", "failure_lane": "keep_waiting_owner_response", "awooop_display": "display_request_packet_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-github-target-read-only-submission-mode", "display_order": 2, "title": "GitHub target 收件模式維持 read-only", "required": true, "pass_condition": "owner 只能用 read-only markdown response、redacted metadata pointer、request_more_evidence 或 out_of_scope_disposition;不得提交 token、repo archive、git object pack、API write request 或 execution request。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "display_read_only_submission_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-seven-target-template-tracking", "display_order": 3, "title": "七個 GitHub targets 分開追蹤", "required": true, "pass_condition": "S4.10 七個 requested_template_ids 必須逐 target 追蹤 received / accepted / rejected 狀態;不可用單一整體同意取代逐 repo owner / visibility / canonical response。", "failure_lane": "request_more_evidence", "awooop_display": "display_per_target_tracking", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-github-target-redacted-evidence-only", "display_order": 4, "title": "只收 GitHub target 脫敏 evidence refs", "required": true, "pass_condition": "收件內容只能包含 repo 內路徑、snapshot path 或已脫敏 metadata pointer;任何不確定是否含 token、private URL credential、secret、repo archive 或 git object 的資料都先進 quarantine。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "display_redacted_evidence_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-github-target-no-approval-language", "display_order": 5, "title": "不得把 GitHub target 回覆語意升級成批准", "required": true, "pass_condition": "即使 owner response 文字包含同意、OK、可進行或批准,也只能視為 owner / visibility / canonical disposition response;不得視為 repo creation、visibility change、refs sync、delete refs、force push 或 GitHub primary approval。", "failure_lane": "reject_execution_request", "awooop_display": "display_scope_response_only", "execution_authorized": false, "not_approval": true }, { "check_id": "collection-github-target-audit-metadata-only", "display_order": 6, "title": "只記錄 GitHub target audit metadata", "required": true, "pass_condition": "AwoooP 只能記錄 request shown、response received metadata、template id、github repo、owner role/team、redacted evidence refs 與 outcome lane;不得保存 token value、secret value、private clone URL credential、repo archive、git object pack 或可執行 payload。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "display_audit_metadata_only", "execution_authorized": false, "not_approval": true } ], "intake_preflight_checks": [ { "check_id": "preflight-known-github-target", "display_order": 1, "title": "回覆必須對應已知 GitHub target", "required": true, "pass_condition": "`github_repo` 或 `template_id` 必須對應 S4.10 七個 approval-required targets 之一,不得新增未盤點 repo 或把 not_found_or_private 自動視為可建立。", "failure_lane": "request_owner_correction", "awooop_display": "request_more_evidence", "execution_authorized": false }, { "check_id": "preflight-required-github-target-owner-fields", "display_order": 2, "title": "GitHub target 必填欄位完整", "required": true, "pass_condition": "每筆 response 必須有 owner role/team、decision、decision_reason、canonical_source、target disposition 或 out-of-scope disposition、visibility review owner 與 evidence_refs。", "failure_lane": "request_more_evidence", "awooop_display": "request_more_evidence", "execution_authorized": false }, { "check_id": "preflight-allowed-github-target-decision", "display_order": 3, "title": "GitHub target decision 在模板允許值內", "required": true, "pass_condition": "`decision` 必須落在對應 response template 的 acceptable_decisions;口頭同意、整體 OK 或未列出的執行語句都不得進入 accepted。", "failure_lane": "request_owner_correction", "awooop_display": "request_more_evidence", "execution_authorized": false }, { "check_id": "preflight-github-target-redacted-evidence-only", "display_order": 4, "title": "只接受 GitHub target 脫敏 evidence refs", "required": true, "pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot 或 owner 提供的脫敏 metadata pointer,不得含 token、secret、cookie、session、private key、private clone URL credential、repo archive 或 git object。", "failure_lane": "quarantine_sensitive_payload", "awooop_display": "quarantine_sensitive_payload", "execution_authorized": false }, { "check_id": "preflight-no-source-control-execution-request", "display_order": 5, "title": "不得夾帶 source-control 執行要求", "required": true, "pass_condition": "response 不得要求 repo 建立、visibility 修改、refs sync/delete/force-push、workflow/secret/runner 變更、GitHub primary switch、Gitea 停用、Kali scan 或任何 runtime action。", "failure_lane": "reject_execution_request", "awooop_display": "reject_execution_request", "execution_authorized": false }, { "check_id": "preflight-all-seven-targets-before-accepted", "display_order": 6, "title": "接受前需覆蓋七個 GitHub targets", "required": true, "pass_condition": "S4.10 要被標示 accepted 前,七個 response templates 都必須收到可驗收 owner / visibility / canonical response;部分回覆只能維持 waiting 或 request_more_evidence。", "failure_lane": "keep_waiting_owner_response", "awooop_display": "ready_for_owner_review", "execution_authorized": false } ], "response_templates": [ { "template_id": "target-awoooi-refs-blocked", "github_repo": "owenhytsai/awoooi", "source_key": "wooo/awoooi", "target_state": "exists_refs_blocked", "risk": "HIGH", "requested_owner_decision": "指定 owner、canonical source、visibility review owner 與 refs truth review owner;維持 refs action disabled。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "github_target_disposition", "visibility_review_owner", "refs_truth_review_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_existing_target_as_candidate", "hold_pending_refs_truth", "hold_pending_canonical_review", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/GITEA-GITHUB-MIGRATION-SNAPSHOT.md", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/source-control-workflow-secret-name-inventory.snapshot.json" ], "acceptance_criteria": [ "必須明確指定 `wooo/awoooi` 的 canonical source 與 owner review 責任人。", "必須承認 refs truth / workflow-secret parity / rollback ADR 未完成前不得推 refs 或切 primary。", "若 decision 是 hold,必須說明下一個 evidence owner。" ], "rejection_conditions": [ "把既有 GitHub repo 視為可直接 primary。", "要求 push、delete、force push refs 或修改 visibility。", "缺 canonical source、visibility review owner 或 refs truth review owner。" ], "allowed_outputs": [ "更新 GitHub target decision table 的 owner / canonical / visibility read-only 欄位。", "更新 repo approval package 的 blocked_until 說明。", "維持 primary readiness blocked。" ], "execution_authorized": false }, { "template_id": "target-clawbot-v5-refs-blocked", "github_repo": "owenhytsai/clawbot-v5", "source_key": "wooo/clawbot-v5", "target_state": "exists_refs_blocked", "risk": "MEDIUM", "requested_owner_decision": "指定 main SHA / tag 真相來源與 owner;維持 refs action disabled。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "tag_disposition_owner", "visibility_review_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_existing_target_as_candidate", "hold_pending_refs_truth", "mark_external_or_out_of_scope", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/SOURCE-CONTROL-CLAWBOT-V5-SNAPSHOT.md", "docs/security/source-control-reconcile-plan.snapshot.json", "docs/security/source-control-ref-truth-classification.snapshot.json" ], "acceptance_criteria": [ "必須說明 main SHA 與 tag 差異要由哪個 owner 判定。", "若仍 active,必須保留 refs review lane。", "若排除 scope,必須附 owner 理由與後續 disposition。" ], "rejection_conditions": [ "用單一句話批准 refs sync。", "未處理 GitHub 缺 Gitea tag 的 disposition。", "要求刪除任一端 repo 或 refs。" ], "allowed_outputs": [ "更新 refs truth review lane。", "更新 approval package 的 owner decision 欄位。", "維持 refs action disabled。" ], "execution_authorized": false }, { "template_id": "target-wooo-aiops-refs-blocked", "github_repo": "owenhytsai/wooo-aiops", "source_key": "wooo/wooo-aiops", "target_state": "exists_refs_blocked", "risk": "MEDIUM", "requested_owner_decision": "指定 GitHub-only branch / tags 的來源 owner 與 disposition;維持 refs action disabled。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "github_only_refs_owner", "visibility_review_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_existing_target_as_candidate", "hold_pending_refs_truth", "mark_external_or_out_of_scope", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/SOURCE-CONTROL-WOOO-AIOPS-SNAPSHOT.md", "docs/security/source-control-ref-detail-diff.snapshot.json", "docs/security/source-control-ref-truth-classification.snapshot.json" ], "acceptance_criteria": [ "必須指定 GitHub-only branch / tags 的 owner 或補證 owner。", "必須說明 main SHA truth source 尚未判定時要維持 blocked。", "若標為 out_of_scope,必須說明與 AwoooP / AWOOOI scope 的關係。" ], "rejection_conditions": [ "要求刪除 GitHub-only refs。", "未指定 GitHub-only refs owner。", "把 refs classification 當成已批准 sync。" ], "allowed_outputs": [ "更新 refs truth classification 的 owner review 欄位。", "更新 GitHub target decision table。", "維持 GitHub primary readiness blocked。" ], "execution_authorized": false }, { "template_id": "target-wooo-infra-config-internal-remote", "github_repo": "owenhytsai/wooo-infra-config", "source_key": "wooo/wooo-infra-config", "target_state": "exists_aligned", "risk": "MEDIUM", "requested_owner_decision": "判定 110 internal remote 用途、infra owner 與 secret name inventory owner。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "internal_remote_disposition", "secret_name_inventory_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_existing_target_as_candidate", "hold_pending_canonical_review", "mark_external_or_out_of_scope", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/GIT-REMOTE-REFS-WOOO-INFRA-CONFIG-SNAPSHOT.md", "docs/security/source-control-workflow-secret-name-inventory.snapshot.json", "docs/security/source-control-workflow-secret-name-export-request.snapshot.json" ], "acceptance_criteria": [ "必須判定 110 internal remote 是 active source、mirror、legacy 或需要補證。", "必須指定 infra secret 名稱 inventory owner。", "不得把 internal remote disposition 當成刪除 remote 的批准。" ], "rejection_conditions": [ "要求直接刪除 remote 或改 remote URL。", "要求搬移或貼出 secret value。", "未說明 110 internal remote 用途。" ], "allowed_outputs": [ "更新 canonical decision table 的 remote disposition。", "更新 workflow / secret name inventory 的 owner gap。", "維持 repo / secret / refs 執行 disabled。" ], "execution_authorized": false }, { "template_id": "target-ewoooc-private-or-new", "github_repo": "owenhytsai/ewoooc", "source_key": "wooo/ewoooc / root/momo-pro-system / momo working trees", "target_state": "not_found_or_private", "risk": "HIGH", "requested_owner_decision": "判定 ewoooc / momo-pro-system canonical 關係與 GitHub target 是既有 private repo、候選新 repo 或需補證。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "canonical_source", "github_target_disposition", "visibility_review_owner", "server_side_refs_diff_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_private_target_access_request", "approve_new_target_creation_candidate", "hold_pending_canonical_review", "mark_external_or_out_of_scope", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/GITEA-PUBLIC-REPO-SEARCH-SNAPSHOT.md", "docs/security/LOCAL-REPO-CANONICAL-EWOOOC-MOMO-SNAPSHOT.md", "docs/security/github-target-decision.snapshot.json" ], "acceptance_criteria": [ "必須明確說明 `not_found_or_private` 不能自動視為不存在。", "必須指定 ewoooc / momo-pro-system canonical 判定 owner。", "若只是批准候選新 repo,仍不得建立 repo,必須先產生 migration plan。" ], "rejection_conditions": [ "把 `not_found_or_private` 當成建立 repo 的直接批准。", "自動合併 unrelated histories。", "要求刪除任一 momo / ewoooc working tree。" ], "allowed_outputs": [ "更新 target decision table 的 disposition。", "更新 approval package 的 canonical blocker。", "建立 request_more_evidence lane。" ], "execution_authorized": false }, { "template_id": "target-bitan-pharmacy-private-or-new", "github_repo": "owenhytsai/bitan-pharmacy", "source_key": "bitan-pharmacy", "target_state": "not_found_or_private", "risk": "MEDIUM", "requested_owner_decision": "判定 repo 是否仍 active、GitHub target disposition、owner 與 visibility review owner。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "active_status", "canonical_source", "github_target_disposition", "visibility_review_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_private_target_access_request", "approve_new_target_creation_candidate", "hold_pending_canonical_review", "mark_external_or_out_of_scope", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/GIT-REMOTE-REFS-BITAN-TSENYANG-SNAPSHOT.md", "docs/security/github-target-decision.snapshot.json", "docs/security/source-control-primary-readiness-gate.snapshot.json" ], "acceptance_criteria": [ "必須說明 repo 是否仍 active。", "必須指定 GitHub target 是既有 private、候選新 repo、out-of-scope 或需補證。", "若 active,必須保留 workflow / secret name parity gate。" ], "rejection_conditions": [ "把 target 看不到當成可直接建立 repo。", "沒有 active_status 或 visibility review owner。", "要求自動 push refs 或刪除 110 remote。" ], "allowed_outputs": [ "更新 target decision table 的 active / disposition 欄位。", "更新 approval package 的 blocked_until。", "維持 repo creation 與 refs action disabled。" ], "execution_authorized": false }, { "template_id": "target-tsenyang-website-private-or-new", "github_repo": "owenhytsai/tsenyang-website", "source_key": "tsenyang-website", "target_state": "not_found_or_private", "risk": "MEDIUM", "requested_owner_decision": "判定 repo 是否仍 active、GitHub target disposition、owner 與 visibility review owner。", "required_owner_fields": [ "owner_role_or_team", "decision", "decision_reason", "active_status", "canonical_source", "github_target_disposition", "visibility_review_owner", "evidence_refs" ], "acceptable_decisions": [ "approve_private_target_access_request", "approve_new_target_creation_candidate", "hold_pending_canonical_review", "mark_external_or_out_of_scope", "unknown_requires_more_evidence" ], "minimum_evidence_refs": [ "docs/security/GIT-REMOTE-REFS-BITAN-TSENYANG-SNAPSHOT.md", "docs/security/github-target-decision.snapshot.json", "docs/security/source-control-primary-readiness-gate.snapshot.json" ], "acceptance_criteria": [ "必須說明 repo 是否仍 active。", "必須指定 GitHub target 是既有 private、候選新 repo、out-of-scope 或需補證。", "若 active,必須保留 workflow / secret name parity gate。" ], "rejection_conditions": [ "把 target 看不到當成可直接建立 repo。", "沒有 active_status 或 visibility review owner。", "要求自動 push refs 或刪除 110 remote。" ], "allowed_outputs": [ "更新 target decision table 的 active / disposition 欄位。", "更新 approval package 的 blocked_until。", "維持 repo creation 與 refs action disabled。" ], "execution_authorized": false } ], "acceptance_checks": [ { "check_id": "maps_to_known_github_target", "title": "回覆對應既有 GitHub target", "required": true, "pass_condition": "`github_repo` 必須對應 github_target_decision_v1 的 7 個 approval-required targets 之一。", "failure_lane": "reject_unknown_target", "execution_authorized": false }, { "check_id": "decision_value_allowed", "title": "決策值在允許範圍內", "required": true, "pass_condition": "`decision` 必須是該 target template 的 acceptable_decisions 之一。", "failure_lane": "request_owner_correction", "execution_authorized": false }, { "check_id": "owner_and_visibility_present", "title": "owner 與 visibility review 責任存在", "required": true, "pass_condition": "每筆回覆必須有 owner role/team、visibility review owner 或明確 out-of-scope disposition。", "failure_lane": "request_more_evidence", "execution_authorized": false }, { "check_id": "canonical_source_present", "title": "canonical source 已說明", "required": true, "pass_condition": "in-scope 或 candidate target 必須標示 canonical source;未知時必須選 unknown_requires_more_evidence。", "failure_lane": "keep_primary_blocked", "execution_authorized": false }, { "check_id": "blocked_until_respected", "title": "blocked_until 不被繞過", "required": true, "pass_condition": "回覆不得把 refs truth、workflow-secret parity、Gitea inventory、rollback ADR 或 server-side diff 缺口視為已完成。", "failure_lane": "reject_scope_jump", "execution_authorized": false }, { "check_id": "no_repo_creation_or_visibility_change", "title": "不含 repo creation 或 visibility change 指令", "required": true, "pass_condition": "回覆只能批准候選方向或補證方向,不得包含立即建立 repo 或修改 visibility 的執行要求。", "failure_lane": "reject_runtime_source_control_action", "execution_authorized": false }, { "check_id": "no_refs_or_primary_action", "title": "不含 refs 或 primary action", "required": true, "pass_condition": "回覆不得要求 push、delete、force push、mirror sync、primary switch 或 disable Gitea。", "failure_lane": "reject_refs_or_primary_action", "execution_authorized": false }, { "check_id": "secret_values_absent", "title": "未包含 secret value", "required": true, "pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot 或已脫敏 owner metadata,不得含 token、credential、secret value、private key 或 deploy key value。", "failure_lane": "quarantine_sensitive_payload", "execution_authorized": false } ], "rejection_rules": [ "回覆含 token value、PAT、cookie、session、CSRF token、private key 或 partial credential 時必須拒收。", "回覆含 repo creation command、API request body、CLI command 或 automation payload 時必須拒收。", "回覆含 visibility change command 或要求立即修改 public/private/internal visibility 時必須拒收。", "回覆要求 push refs、delete refs、force push、mirror sync、tag rewrite 或 branch rewrite 時必須拒收。", "回覆要求切 GitHub primary、停用 Gitea、刪除 Gitea、封存 Gitea 或移除 fallback 時必須拒收。", "回覆缺 owner、visibility review owner、canonical source 或 out-of-scope disposition 時不得標記 accepted。", "回覆把 `not_found_or_private` 自動解釋為 repo 不存在或可建立時必須拒收。", "回覆要求自動合併 unrelated histories 或刪除 momo / ewoooc working tree 時必須拒收。", "回覆把 owner decision response 當成 repo migration approval、refs sync approval 或 primary approval 時必須拒收。", "任何不確定是否含敏感值、私有 URL 憑證或未脫敏截圖的回覆必須先進 mirror quarantine。" ], "allowed_outputs": [ "更新 `github-target-decision.snapshot.json` 的 read-only owner / visibility / canonical decision 欄位。", "更新 `github-target-repo-approval-package.snapshot.json` 的 blocked_until、review owner 與 evidence refs。", "更新 `source-control-primary-readiness-gate.snapshot.json` 的 blocker wording。", "更新 `source-control-approval-board.snapshot.json` 的 review lane。", "建立 request_more_evidence / quarantine lane。", "維持 `github_primary_ready_count=0` 與所有 execution flags false。" ], "forbidden_actions": [ "建立 GitHub repo。", "修改 GitHub repo visibility。", "push、delete、force push、mirror sync 或 rewrite refs。", "切 GitHub primary。", "停用、刪除、封存或降級 Gitea repo。", "保存 secret value、token value、private key、cookie、session 或 deploy key value。", "把 response packet 當成 migration execution approval。", "新增 AwoooP execution action button。" ] }