wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
Files
main
awoooi/docs/schemas/security_followup_runtime_gate_v1.schema.json
Your Name 9e15fd08b3
All checks were successful
CD Pipeline / tests (push) Successful in 1m39s
Details
Code Review / ai-code-review (push) Successful in 15s
Details
CD Pipeline / build-and-deploy (push) Successful in 5m19s
Details
CD Pipeline / post-deploy-checks (push) Successful in 2m11s
Details
feat(web): land iwooos security posture surfaces
2026-05-25 20:35:52 +08:00

203 lines
5.1 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "urn:awoooi:security-followup-runtime-gate-v1",
"title": "資安供應鏈後續 Runtime Gate 準備契約 v1",
"description": "定義 Security Supply Chain 在 approve_scope 之後,若未來要進入 runtime gateAwoooP 需要顯示哪些前置條件。此契約只做準備,不授權 runtime execution。",
"type": "object",
"required": [
"schema_version",
"status",
"date",
"mode",
"runtime_execution_authorized",
"source_indexes",
"summary",
"gate_templates",
"gate_rules",
"forbidden_actions"
],
"properties": {
"schema_version": {
"const": "security_followup_runtime_gate_v1"
},
"status": {
"type": "string",
"enum": ["draft"]
},
"date": {
"type": "string"
},
"mode": {
"type": "string",
"enum": ["runtime_gate_preparation_only"]
},
"runtime_execution_authorized": {
"type": "boolean",
"const": false
},
"source_indexes": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"summary": {
"type": "object",
"required": [
"total_gate_templates",
"active_runtime_gates",
"approved_scope_count",
"runtime_actions_authorized",
"action_buttons_allowed",
"raw_secret_storage_authorized"
],
"properties": {
"total_gate_templates": {
"type": "integer",
"minimum": 0
},
"active_runtime_gates": {
"type": "integer",
"minimum": 0
},
"approved_scope_count": {
"type": "integer",
"minimum": 0
},
"runtime_actions_authorized": {
"type": "boolean",
"const": false
},
"action_buttons_allowed": {
"type": "boolean",
"const": false
},
"raw_secret_storage_authorized": {
"type": "boolean",
"const": false
}
},
"additionalProperties": false
},
"gate_templates": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": [
"template_id",
"source_packet_id",
"source_gate_id",
"action_family",
"risk",
"gate_state",
"applies_after_decision",
"minimum_required_evidence",
"required_reviewers",
"preflight_checks",
"allowed_pre_runtime_artifacts",
"rollback_or_disable_requirement",
"still_forbidden",
"execution_authorized"
],
"properties": {
"template_id": {
"type": "string"
},
"source_packet_id": {
"type": "string"
},
"source_gate_id": {
"type": "string"
},
"action_family": {
"type": "string",
"enum": [
"redacted_finding_ingestion",
"safe_web_crawl_scope",
"gitea_readonly_inventory",
"github_target_decision",
"ref_truth_review",
"credentialed_scan_exception",
"kali_full_upgrade_reboot_window",
"kali_execute_endpoint_exception"
]
},
"risk": {
"type": "string",
"enum": ["MEDIUM", "HIGH", "CRITICAL"]
},
"gate_state": {
"type": "string",
"enum": ["template_only_not_active", "waiting_approved_scope", "blocked_by_default"]
},
"applies_after_decision": {
"type": "string",
"enum": ["approve_scope", "keep_blocked"]
},
"minimum_required_evidence": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"required_reviewers": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1,
"uniqueItems": true
},
"preflight_checks": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"allowed_pre_runtime_artifacts": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"rollback_or_disable_requirement": {
"type": "string"
},
"still_forbidden": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"execution_authorized": {
"type": "boolean",
"const": false
}
},
"additionalProperties": false
}
},
"gate_rules": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"forbidden_actions": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
}
},
"additionalProperties": false
}
Reference in New Issue View Git Blame Copy Permalink