wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
Files
main
awoooi/docs/evaluations/dependency_risk_policy_2026-06-04.json
Your Name cfb866d055
Some checks failed
Ansible Lint / lint (push) Successful in 35s
Details
CD Pipeline / tests (push) Failing after 13s
Details
CD Pipeline / build-and-deploy (push) Has been skipped
Details
CD Pipeline / post-deploy-checks (push) Has been skipped
Details
Code Review / ai-code-review (push) Failing after 11s
Details
feat(governance): add agent market automation surfaces
2026-06-04 21:50:55 +08:00

538 lines
21 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "dependency_risk_policy_v1",
"generated_at": "2026-06-04T20:30:12+08:00",
"program_status": {
"overall_completion_percent": 98,
"current_priority": "P1",
"current_task_id": "P1-204",
"next_task_id": "P1-205",
"read_only_mode": true
},
"source_refs": [
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json",
"docs/evaluations/javascript_package_inventory_2026-06-04.json",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json",
"apps/api/pyproject.toml",
"apps/api/requirements.txt",
"apps/web/package.json",
"pnpm-lock.yaml",
"apps/api/Dockerfile",
"apps/web/Dockerfile"
],
"risk_taxonomy": {
"severity_levels": [
{
"severity": "critical",
"definition": "已批准外部查詢後,確認為 actively exploited / known exploited且影響 production runtime、公開入口、憑證路徑、備份 / restore、AI Router 或資料完整性。",
"default_gate": "OpenClaw 仲裁 + 人工批准 + 回滾方案NemoTron 僅能提供離線比較建議。"
},
{
"severity": "high",
"definition": "影響 runtime 或 build trust chain可能導致不可重現 build、供應鏈污染、授權違規、digest / binary source 不可追溯,或 manifest 權威性衝突。",
"default_gate": "OpenClaw 風險仲裁Hermes 產生批准包任何安裝、升級、rebuild、push 都需人工批准。"
},
{
"severity": "medium",
"definition": "尚未造成已知 exploit但會提高漂移、freshness、健康檢查、publish boundary 或 build-time network fetch 風險。",
"default_gate": "Hermes 維持只讀追蹤OpenClaw 決定是否升級為批准包。"
},
{
"severity": "low",
"definition": "目前證據顯示一致或已被接受,但仍需排入週期性只讀監控。",
"default_gate": "read-only monitor不得自動變更。"
}
],
"statuses": [
"accepted",
"action_required",
"planned_next",
"blocked"
],
"policy_states": [
"monitor_only",
"approval_package_required",
"external_lookup_required",
"blocked_until_approval"
]
},
"rollups": {
"total_rules": 12,
"by_severity": {
"critical": 1,
"high": 5,
"medium": 5,
"low": 1
},
"by_status": {
"action_required": 8,
"planned_next": 3,
"accepted": 1
},
"action_required_rule_ids": [
"python_manifest_authority_drift",
"python_no_lockfile_reproducibility_gap",
"js_caret_range_high_impact",
"shared_types_publish_boundary",
"docker_base_not_digest_pinned",
"binary_source_without_checksum",
"build_time_network_fetch_unpinned",
"web_runtime_healthcheck_gap"
],
"planned_next_rule_ids": [
"cve_critical_known_exploited",
"cve_high_runtime_exposure",
"license_strong_copyleft_or_unknown"
],
"accepted_rule_ids": [
"js_lockfile_currently_in_sync"
]
},
"severity_rules": [
{
"rule_id": "cve_critical_known_exploited",
"domain": "cve",
"severity": "critical",
"status": "planned_next",
"trigger": "已批准外部 CVE / advisory 查詢後,確認依賴或 image 有 known exploited / actively exploited 記錄,且位於 production runtime 或公開入口鏈路。",
"current_evidence": "本輪未查外部 CVE / advisory只建立政策與批准邊界。",
"required_gate": "external_lookup_approval + OpenClaw arbitration + HITL approval",
"blocked_operations": [
"external_cve_lookup",
"package_install",
"package_upgrade",
"lockfile_write",
"docker_build",
"image_pull",
"image_rebuild",
"registry_push",
"production_routing"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 只做仲裁與批准包判定;不得自動修復或切流量。",
"evidence_refs": [
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
],
"next_action": "P1-205 建立外部 CVE / advisory data source 批准包,先定義來源、頻率、成本、速率與失敗告警。"
},
{
"rule_id": "cve_high_runtime_exposure",
"domain": "cve",
"severity": "high",
"status": "planned_next",
"trigger": "已批准外部查詢後production/runtime dependency 或 base image 出現 high CVE且缺少固定版本、digest、rollback 或 smoke gate。",
"current_evidence": "本輪未查外部 CVEPython / JS / Docker 只讀基線已建立。",
"required_gate": "external_lookup_approval + upgrade_approval_package",
"blocked_operations": [
"external_cve_lookup",
"package_upgrade",
"lockfile_write",
"docker_build",
"image_pull",
"image_rebuild",
"registry_push"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 判定 high CVE 是否需要升級包Hermes 才能整理執行候選清單。",
"evidence_refs": [
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json",
"docs/evaluations/javascript_package_inventory_2026-06-04.json",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
],
"next_action": "P1-205 先建立 read-only freshness / advisory cadenceP1-206 才能產生升級批准包。"
},
{
"rule_id": "license_strong_copyleft_or_unknown",
"domain": "license",
"severity": "high",
"status": "planned_next",
"trigger": "已批准 license database 查詢後production path 出現 AGPL / GPL 類強 copyleft、unknown license或 package metadata 與 publish boundary 衝突。",
"current_evidence": "本輪未查外部 license databaseshared-types publish boundary 已標為 action_required。",
"required_gate": "external_license_lookup_approval + legal_or_owner_review",
"blocked_operations": [
"external_license_lookup",
"package_install",
"package_upgrade",
"lockfile_write",
"package_publish"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 決定 license 風險分級NemoTron 可做離線比較與條款摘要,不得替代人工授權判定。",
"evidence_refs": [
"packages/shared-types/package.json",
"docs/evaluations/javascript_package_inventory_2026-06-04.json"
],
"next_action": "P1-205 把 license source、cache、審核人與失敗告警寫進批准包。"
},
{
"rule_id": "python_manifest_authority_drift",
"domain": "python",
"severity": "high",
"status": "action_required",
"trigger": "同一 runtime 存在 pyproject.toml 與 requirements.txt且依賴集合或版本下限不一致。",
"current_evidence": "apps/api/pyproject.toml 與 apps/api/requirements.txt 不一致Dockerfile 目前使用 pyproject + uv。",
"required_gate": "manifest_authority_decision_package",
"blocked_operations": [
"package_install",
"package_upgrade",
"requirements_delete",
"lockfile_write",
"docker_build"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 決定權威 manifest 與廢止策略Hermes 只能整理差異與後續 PR 範本。",
"evidence_refs": [
"apps/api/pyproject.toml",
"apps/api/requirements.txt",
"apps/api/Dockerfile",
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json"
],
"next_action": "P1-206 產生 Python manifest authority / constraints 批准包。"
},
{
"rule_id": "python_no_lockfile_reproducibility_gap",
"domain": "python",
"severity": "medium",
"status": "action_required",
"trigger": "Python runtime / package surfaces 以 range constraints 為主,未發現 uv.lock、poetry.lock、Pipfile.lock 或等價 constraints policy。",
"current_evidence": "P1-201 已確認 Python 6 個表面未形成完整 lockfile policy。",
"required_gate": "reproducible_build_policy_package",
"blocked_operations": [
"lockfile_write",
"package_install",
"package_upgrade",
"docker_build"
],
"owner_agent": "hermes",
"role_contract": "Hermes 整理 constraints / lockfile 選項OpenClaw 決定採用與否。",
"evidence_refs": [
"apps/api/pyproject.toml",
"packages/lewooogo-data/pyproject.toml",
"packages/lewooogo-brain/pyproject.toml",
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json"
],
"next_action": "P1-206 將 lockfile / constraints 策略納入升級批准包模板。"
},
{
"rule_id": "js_lockfile_currently_in_sync",
"domain": "javascript",
"severity": "low",
"status": "accepted",
"trigger": "pnpm-lock.yaml importer specifier 與 6 個 workspace package.json manifest 同步missing、mismatch、extra 均為 0。",
"current_evidence": "P1-202 已確認 manifest / lockfile drift 為 0。",
"required_gate": "read_only_monitor",
"blocked_operations": [
"pnpm_install",
"npm_audit",
"package_upgrade",
"lockfile_write"
],
"owner_agent": "hermes",
"role_contract": "Hermes 維持只讀 drift 監控;不得因 accepted 狀態自動執行 install 或 audit。",
"evidence_refs": [
"docs/evaluations/javascript_package_inventory_2026-06-04.json",
"pnpm-lock.yaml"
],
"next_action": "P1-205 建立週期性只讀 lockfile drift 檢查,不寫 lockfile。"
},
{
"rule_id": "js_caret_range_high_impact",
"domain": "javascript",
"severity": "medium",
"status": "action_required",
"trigger": "高影響 workspace 使用大量 caret range雖然 lockfile 目前固定解析結果,但 version freshness、CVE 與 upgrade blast radius 尚未分級。",
"current_evidence": "@awoooi/web 有 33 條 direct dependencies其中 28 條使用 caret range全 repo 44 條 caret specs。",
"required_gate": "js_dependency_drift_policy_package",
"blocked_operations": [
"pnpm_install",
"npm_update",
"npm_audit",
"package_upgrade",
"lockfile_write"
],
"owner_agent": "hermes",
"role_contract": "Hermes 追蹤 drift 與高影響套件清單OpenClaw 決定升級候選是否進批准包。",
"evidence_refs": [
"apps/web/package.json",
"docs/evaluations/javascript_package_inventory_2026-06-04.json"
],
"next_action": "P1-205 產生 Next / React / Sentry / Playwright / visualization 套件的 read-only freshness cadence。"
},
{
"rule_id": "shared_types_publish_boundary",
"domain": "javascript",
"severity": "medium",
"status": "action_required",
"trigger": "workspace package 未標記 private=true且含 publishConfig access=public需要確認是否為刻意 publish contract。",
"current_evidence": "@awoooi/shared-types 未標記 private=truepublishConfig access=public。",
"required_gate": "publish_boundary_approval_package",
"blocked_operations": [
"package_publish",
"package_metadata_change",
"package_upgrade",
"lockfile_write"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 仲裁 publish boundaryHermes 只產生差異證據與 PR 範本。",
"evidence_refs": [
"packages/shared-types/package.json",
"docs/evaluations/javascript_package_inventory_2026-06-04.json"
],
"next_action": "P1-206 產生 shared-types publish boundary 批准包。"
},
{
"rule_id": "docker_base_not_digest_pinned",
"domain": "docker",
"severity": "high",
"status": "action_required",
"trigger": "Dockerfile 使用 tag-pinned external images但沒有 digest pinbase image freshness 與 rebuild provenance 不可追溯。",
"current_evidence": "python:3.11-slim、node:20-alpine、ghcr.io/astral-sh/uv:0.6.9 均未 digest-pinned。",
"required_gate": "image_digest_pin_approval_package",
"blocked_operations": [
"image_pull",
"docker_build",
"image_rebuild",
"registry_push",
"production_routing"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 決定 digest pin 與 rebuild policyHermes 只能整理 Dockerfile 證據。",
"evidence_refs": [
"apps/api/Dockerfile",
"apps/web/Dockerfile",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
],
"next_action": "P1-206 產生 base image digest pin / rollback / smoke gate 批准包。"
},
{
"rule_id": "binary_source_without_checksum",
"domain": "docker",
"severity": "high",
"status": "action_required",
"trigger": "Docker build-time binary 透過網路下載,但缺少 checksum / signature policy。",
"current_evidence": "API Dockerfile 以 curl 下載 kubectl v1.29.0,未呈現 checksum / signature 驗證 policy。",
"required_gate": "binary_source_verification_package",
"blocked_operations": [
"docker_build",
"image_rebuild",
"registry_push"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 判定 binary source trust chainHermes 產生替代方案與驗證 gate。",
"evidence_refs": [
"apps/api/Dockerfile",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
],
"next_action": "P1-206 將 checksum / signature 驗證納入 image rebuild 批准包。"
},
{
"rule_id": "build_time_network_fetch_unpinned",
"domain": "docker",
"severity": "medium",
"status": "action_required",
"trigger": "Docker build 需要 apt-get、curl、corepack prepare 或 pnpm install 等 build-time network fetch且外部來源白名單 / cache / 失敗告警尚未定義。",
"current_evidence": "P1-203 已盤點 4 個 build-time network fetches。",
"required_gate": "build_network_source_policy_package",
"blocked_operations": [
"docker_build",
"image_pull",
"image_rebuild",
"registry_push"
],
"owner_agent": "hermes",
"role_contract": "Hermes 整理外部來源、cache 與失敗模式OpenClaw 決定 gate。",
"evidence_refs": [
"apps/api/Dockerfile",
"apps/web/Dockerfile",
"pnpm-lock.yaml",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
],
"next_action": "P1-205 建立 read-only build source freshness 檢查設計,不執行 build。"
},
{
"rule_id": "web_runtime_healthcheck_gap",
"domain": "docker",
"severity": "medium",
"status": "action_required",
"trigger": "Web runtime stage 缺少 Dockerfile HEALTHCHECK需要確認 K8s probe 是否是唯一健康檢查來源。",
"current_evidence": "P1-203 已確認 API 有 healthcheckWeb Dockerfile 未定義 HEALTHCHECK。",
"required_gate": "runtime_health_contract_review",
"blocked_operations": [
"docker_build",
"image_rebuild",
"production_routing"
],
"owner_agent": "openclaw",
"role_contract": "OpenClaw 決定 Dockerfile healthcheck 與 K8s probe contractHermes 只整理證據。",
"evidence_refs": [
"apps/web/Dockerfile",
"k8s/",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
],
"next_action": "P1-206 或 P1-001 對齊 runtime health contract不得直接改 image。"
}
],
"domain_policies": [
{
"policy_id": "python_dependency_policy",
"domain": "python",
"status": "action_required",
"owner_agent": "openclaw",
"policy_summary": "Python 依賴先決定 pyproject / requirements 權威性與 lockfile / constraints 策略,再談升級;目前只允許 read-only diff。",
"allowed_now": [
"read_only_manifest_diff",
"read_only_policy_report"
],
"blocked_now": [
"pip_install",
"uv_sync",
"requirements_delete",
"lockfile_write",
"docker_build"
],
"required_next_gate": "P1-206 manifest authority approval package",
"evidence_refs": [
"apps/api/pyproject.toml",
"apps/api/requirements.txt",
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json"
]
},
{
"policy_id": "javascript_dependency_policy",
"domain": "javascript",
"status": "action_required",
"owner_agent": "hermes",
"policy_summary": "pnpm-lock.yaml 目前與 manifest 同步;後續只能做 read-only drift / freshness 報告,不執行 pnpm install、npm audit 或 lockfile rewrite。",
"allowed_now": [
"read_only_lockfile_drift",
"read_only_workspace_rollup"
],
"blocked_now": [
"pnpm_install",
"pnpm_update",
"npm_audit",
"package_upgrade",
"lockfile_write",
"package_publish"
],
"required_next_gate": "P1-205 scheduled drift check design",
"evidence_refs": [
"apps/web/package.json",
"packages/shared-types/package.json",
"pnpm-lock.yaml",
"docs/evaluations/javascript_package_inventory_2026-06-04.json"
]
},
{
"policy_id": "docker_supply_chain_policy",
"domain": "docker",
"status": "action_required",
"owner_agent": "openclaw",
"policy_summary": "Docker build surface 必須先有 digest pin、binary checksum、build source cache 與 rollback policy目前禁止 build / pull / push / rebuild。",
"allowed_now": [
"read_only_dockerfile_inventory",
"read_only_build_surface_report"
],
"blocked_now": [
"docker_build",
"image_pull",
"image_rebuild",
"registry_push",
"production_routing"
],
"required_next_gate": "P1-206 image rebuild approval package",
"evidence_refs": [
"apps/api/Dockerfile",
"apps/web/Dockerfile",
"docs/evaluations/docker_build_surface_inventory_2026-06-04.json"
]
},
{
"policy_id": "external_source_policy",
"domain": "external_sources",
"status": "planned_next",
"owner_agent": "openclaw",
"policy_summary": "CVE、license、registry freshness 與 AI Agent 市場版本監控都必須先列出來源、成本、頻率、速率限制、cache、失敗告警與資料保留再申請定期執行。",
"allowed_now": [
"read_only_source_proposal",
"offline_policy_comparison"
],
"blocked_now": [
"external_cve_lookup",
"external_license_lookup",
"paid_api_call",
"sdk_installation",
"shadow_or_canary"
],
"required_next_gate": "P1-205 external source approval package",
"evidence_refs": [
"docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md",
"docs/HARD_RULES.md"
]
}
],
"action_queue": [
{
"task_id": "P1-205",
"priority": "P1",
"status": "planned_next",
"owner_agent": "hermes",
"title": "建立定期依賴漂移 / 外部資料來源檢查設計",
"blocked_operations": [
"sdk_installation",
"external_cve_lookup_without_approval",
"external_license_lookup_without_approval",
"package_install",
"lockfile_write"
],
"acceptance_criteria": [
"列出 CVE、license、registry freshness、AI Agent 市場版本監控來源",
"定義頻率、cache、rate limit、失敗告警、資料保存與成本邊界",
"只產生設計與 read-only API不新增 SDK、不安裝套件、不呼叫付費 API"
]
},
{
"task_id": "P1-206",
"priority": "P1",
"status": "planned",
"owner_agent": "openclaw",
"title": "產生依賴升級 / digest pin / publish boundary 批准包模板",
"blocked_operations": [
"package_upgrade",
"lockfile_write",
"docker_build",
"image_rebuild",
"registry_push",
"package_publish"
],
"acceptance_criteria": [
"批准包必須包含證據、風險分級、blast radius、rollback、測試與人工批准欄位",
"NemoTron 僅提供離線比較建議,不做裁決或執行",
"不得在模板建立時修改任何 manifest、lockfile、Dockerfile 或 registry 狀態"
]
}
],
"operation_boundaries": {
"read_only_policy_allowed": true,
"external_cve_lookup_allowed": false,
"external_license_lookup_allowed": false,
"package_installation_allowed": false,
"package_upgrade_allowed": false,
"lockfile_write_allowed": false,
"docker_build_allowed": false,
"image_pull_allowed": false,
"image_rebuild_allowed": false,
"registry_push_allowed": false,
"paid_api_call_allowed": false,
"shadow_or_canary_allowed": false,
"production_routing_allowed": false
},
"approval_boundaries": {
"sdk_installation_allowed": false,
"paid_api_call_allowed": false,
"shadow_or_canary_allowed": false,
"production_routing_allowed": false,
"destructive_operation_allowed": false
}
}
Reference in New Issue View Git Blame Copy Permalink