94 KiB
AwoooP x Security Supply Chain 整合 Handoff
| 項目 | 內容 |
|---|---|
| 日期 | 2026-05-06 |
| 狀態 | 已同步給 AwoooP 主線,僅文件與契約整合,尚未做 runtime 變更;2026-05-12 開始第一波 read-only 工具化 |
| 目的 | 讓 AwoooP Session 與 Kali/GitHub/Codex/Gitea 資安供應鏈 Session 在同一條治理主線上推進 |
| 低摩擦 policy | docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md |
| Contract manifest | docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md |
| 原則 | 低摩擦分階段、雙 Session 推進、共享契約、AwoooP 做治理控制面,資安供應鏈做 evidence 與執行來源 |
0. 給 AwoooP Session 的立即同步訊息
統帥已批准本支線開始推進,並要求以下工作納入同一個資安工作項目:
- Kali
192.168.0.112建置完整資訊安全網。 - 開發主機
192.168.0.111、192.168.0.168納入 observe-only 資安資產。 - Code Review 後需要 coding 的工作串接 Codex。
- 長期改為 GitHub primary,Gitea 降級為本地 mirror / fallback。
- Gitea 目前所有專案版本都必須完整盤點並轉移/同步到 GitHub。
- 上述事項必須與 AwoooP 治理控制面整合,不可形成第二套資安流程。
本文件是給 AwoooP Session 的同步入口。請先把這份 handoff 視為共享契約,不要直接把 Kali 掃描、Codex patch 或 GitHub 遷移邏輯塞進 AwoooP runtime。
統帥補充原則:初期不要把資安等級一次拉太高。AwoooP 初期應先支援 mirror / observe / warn / approval candidate,而不是把所有 findings、repo 狀態或流程差異都變成阻擋條件。
0.1 2026-05-17 進度同步
目前跨 Session 共用進度採用 security_mirror_status_rollup_v1.progress_estimate:
| 面向 | 目前進度 | AwoooP 判讀 |
|---|---|---|
| 整體資安網 | 58% | 框架健康、尚未進入 runtime enforcement |
| 框架 / 治理 / 文件 / schema / read-only evidence | 80-85% | 可優先建立 read-only mirror 與 Audit evidence |
| runtime ingestion / owner response / GitHub primary / production landing | 35-40% | 只能顯示缺口與 approval candidate,不得新增執行按鈕 |
AwoooP 目前應同步顯示 S4.9-S4.13 owner response 缺口、Gitea authenticated inventory partial 狀態、GitHub primary ready 0/7、workflow / secret inventory complete 0,以及 Kali /execute block candidate。這些狀態只供治理與人工審查,不代表 scan、repo 建立、refs sync、workflow 修改、secret 搬移、runner 啟用或 GitHub primary cutover 已獲授權。
2026-05-19 補充:58% 是 headline progress,近期 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 與 S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 屬於 framework detail,所以會列入 progress_delta_ledger,但 headline_percent_delta=0。headline 要再往上,需要 owner response received / accepted、redacted payload ingestion、active runtime gate、GitHub primary readiness 或 AwoooP production ingestion 等實質 evidence。
同步驗收時可先跑:
python3 scripts/security/security-mirror-progress-guard.py
此腳本只讀 committed snapshots,確認進度估算、contract count、owner response、runtime gate、GitHub primary 與 forbidden actions 仍維持 mirror-only 邊界。
Source-control owner response 缺口可另跑:
python3 scripts/security/source-control-owner-response-guard.py
此腳本只讀 S4.9 / S4.10 / S4.11 / S4.12 四包 response snapshots 與 S4.13 validation rollup / evidence routing rules / display sections / state transition rules / reviewer checklist / reviewer outcome lanes / reviewer audit event templates / reviewer audit display sections / reviewer audit collection checks / reviewer audit redaction examples / reviewer audit retention rules / reviewer audit retention checks / reviewer audit handoff packets / reviewer audit handoff checks / parallel session sync checks / parallel session conflict lanes / parallel session recovery checks、parallel session recovery outcome lanes,確認目前 response received / accepted 仍為 0、reviewer audit emitted 仍為 0,且 repo、refs、workflow、secret、runner、GitHub primary 與 runtime action 皆未授權。
AwoooP 顯示 S4.13 時,應把 missing_response_lanes 當成 Operator Console 的主要缺口摘要:4 條 lane、22 個 response templates、目前 received / accepted 皆為 0;同時顯示 6 條 owner_response_evidence_routing_rules、8 個 owner_response_validation_display_sections、7 條 owner_response_validation_state_transition_rules、9 個 owner_response_validation_reviewer_checklist items、7 條 owner_response_validation_reviewer_outcome_lanes、4 個 owner_response_validation_reviewer_audit_event_templates、5 個 owner_response_validation_reviewer_audit_display_sections、6 個 owner_response_validation_reviewer_audit_collection_checks、5 個 owner_response_validation_reviewer_audit_redaction_examples、5 條 owner_response_validation_reviewer_audit_retention_rules、6 個 owner_response_validation_reviewer_audit_retention_checks、6 個 owner_response_validation_reviewer_audit_handoff_packets、6 個 owner_response_validation_reviewer_audit_handoff_checks、6 個 owner_response_validation_parallel_session_sync_checks、6 條 owner_response_validation_parallel_session_conflict_lanes 與 6 個 owner_response_validation_parallel_session_recovery_checks,讓 reviewer 知道 evidence pointer 應補證、隔離、拒收、送跨包 review 或只讀更新,UI 應如何固定顯示總覽、缺口、收件順序、下一個收件、checks、routing、quarantine 與本機驗證,以及 waiting / pending validation / read-only update / waiting runtime gate 的狀態語義,也讓 reviewer 能把結果歸到等待、補證、隔離、拒收、跨包 review、只讀候選或等待後續 runtime gate,並只用脫敏 metadata 形狀留痕,同時固定顯示 audit templates、允許 metadata、禁止 payload、0 emitted 狀態、非授權邊界、只讀收件檢查、安全 metadata 顯示範例、metadata retention 邊界、只讀 retention 驗證、跨 Session 只讀交接、平行 Session 同步檢查、衝突 lane、復原前檢查與復原結果分類。這只是在告訴 reviewer 下一步要補哪些 owner response、evidence 該如何安全路由、狀態應如何判讀、結果如何只讀分類、audit metadata 如何脫敏、audit 顯示如何不越界、audit collection check 如何不產生副作用、redaction example 如何避免顯示 payload、retention rule 如何避免保存 raw payload、retention check 如何避免變成 ingestion、parallel session sync / conflict lane / recovery checks 如何避免分支、ledger、衝突或復原誤判,不代表可以建立 repo、sync refs、修改 workflow / secret、啟用 runner、寫入 production ingestion 或切 GitHub primary。
建議顯示 owner_response_collection_order 作為下一步收件順序:先 S4.9 Gitea scope / canonical owner,再 S4.10 GitHub target owner / visibility / canonical,再 S4.11 refs truth,最後 S4.12 workflow / secret name parity。這只是 review 順序,不是 approval queue 或 execution queue。
可同步顯示 next_collection_candidate,目前只指向 S4.9 Gitea owner attestation response:需要 5 個 Gitea coverage attestation items、received / accepted 皆為 0、顯示模式為 display_next_collection_item_only。這個欄位只提示下一包 response,不是 approval,也不代表 S4.10 / S4.11 / S4.12 可被提前接受。
S4.9 也提供 1 個 owner_response_request_packet:AwoooP 可直接顯示 owner 需要回覆的 5 個 template、允許欄位、脫敏 evidence 規則、禁止 payload 與允許提交模式。這只是收件提示,不是 approval、不授權 inventory、不授權 repo 建立、不授權 refs sync,也不授權切 GitHub primary。
S4.9 也提供 5 個 owner_response_template_statuses:逐 template 顯示 waiting_owner_response、request_ready_not_sent、received / accepted / rejected 皆為 0,以及下一步 owner action。這只是 status ledger,不是 approval queue,也不能讓 request ready 自動變成 request sent。
S4.9 也提供 3 個 owner_response_audit_event_templates:request shown、response received metadata、outcome classified。這些都維持 template_only_not_emitted、emitted_event_count=0,只描述未來可記錄的脫敏 metadata 欄位;不得保存 owner response raw body、token、secret、private key、cookie、session、DB dump、git object、repo archive 或 execution request payload,也不代表 AwoooP production ingestion 已啟用。
S4.9 也提供 5 個 owner_response_redaction_examples:既有文件引用、owner decision metadata、private URL metadata、API/export summary、quarantine pointer。這些都是 template_example_only,只用來教 AwoooP / owner 以脫敏 metadata 回覆;不得把 redaction example 當成 response received、accepted、production ingestion 或執行授權。
S4.9 也提供 8 個 owner_response_display_sections:summary、request packet、template ledger、audit templates、redaction examples、collection checks、preflight/outcome lanes、acceptance/rejection rules。這些都是 display_contract_only,只定義 Operator Console 顯示順序,不得新增 action button、不得標記 received / accepted,也不得觸發 repo、refs、workflow、secret、runner 或 primary 動作。
S4.9 也提供 6 個 owner_response_collection_checks:request packet 已顯示、read-only submission mode、五個 templates 分開追蹤、脫敏 evidence only、不得把回覆語意升級成批准、只記錄 audit metadata。AwoooP 應用它把 request sent、response received、response accepted 三種狀態分開,不得因為 request 已發出就增加 received / accepted count。
S4.9 也提供 6 個 intake_preflight_checks:已知 item、必填欄位、允許 decision、脫敏 evidence、不得夾帶執行要求、接受前覆蓋五個 items。AwoooP 只能用它判斷可收、補證、隔離或拒收,不得把 preflight pass 當成 inventory runtime、repo migration 或 primary approval。
同時顯示 5 個 intake_outcome_lanes:ready_for_owner_review、request_more_evidence、quarantine_sensitive_payload、reject_execution_request、keep_waiting_owner_response。這些 lanes 只決定 Operator Console 顯示與 audit 分類,不會讓 received / accepted count 自動增加,也不會解除 S4.13 的 waiting 狀態。
1. Session 分工
AwoooP 主線 Session
負責:
- Policy / EffectivePolicy。
- Approval gate。
- Channel Event。
- Operator Console。
- MCP Gateway。
- 執行狀態 / 稽核匯入。
- Contract packages / validators。
- Governance event 與 exception policy。
不得直接接手:
- Kali scan 執行。
- exploit verification。
- production deploy。
- secret rotation。
- firewall / RBAC / NetworkPolicy 修改。
- GitHub/Gitea 主控切換。
Security Supply Chain Session
負責:
- Kali findings 與
security_finding_v1。 - Code Review findings 與
coding_task_v1。 - GitHub primary / Gitea mirror 遷移盤點。
- Gitea 全量版本轉移 inventory。
- Source control / CI/CD supply chain evidence。
- Codex patch-only / suggest-only 接力設計。
- 112/111/168 asset seed 與 observe-only scope。
不得直接接手:
- AwoooP DB migration。
- EffectivePolicy runtime enforcement。
- MCP Gateway runtime gate。
- Channel Hub runtime 實作。
- Operator Console 主線 UI。
2. 共享目標架構
Kali / Code Review / GitHub / Gitea / Codex
-> security_supply_chain_contract_manifest_v1
-> security_mirror_readiness_v1 / security_mirror_intake_plan_v1 / security_mirror_event_v1 / security_mirror_route_v1 / security_mirror_acceptance_v1 / security_mirror_quarantine_v1 / security_mirror_dry_run_v1 / security_mirror_status_rollup_v1 / security_finding_v1 / kali_scan_scope_approval_v1 / security_approval_queue_v1 / security_approval_gate_v1 / security_approval_decision_record_v1 / security_approval_review_packet_v1 / security_approval_state_transition_v1 / security_followup_runtime_gate_v1 / source_control_primary_readiness_gate_v1 / source_control_primary_rollback_adr_v1 / source_control_workflow_secret_name_inventory_v1 / source_control_workflow_secret_name_owner_response_v1 / source_control_owner_response_validation_rollup_v1 / coding_task_v1 / source_control_migration_event_v1 / gitea_repo_inventory_v1 / local_git_remote_inventory_v1 / github_target_probe_v1 / github_target_decision_v1 / github_target_owner_decision_response_v1 / github_target_repo_approval_package_v1 / security_rollout_policy_v1
-> AWOOOI ingestion / asset_inventory / AIOps KPI / AOL
-> mirror 到 AwoooP Runtime State / Channel Event / Audit
-> AwoooP Policy / Approval / Exception / Operator Console
-> 人工批准後才進本地 deployment plane
初期只允許 mirror / read-only / suggest-only,不允許 AwoooP 直接觸發高風險執行。
3. 必須共享的事件契約
security_finding_v1
用途:承接 Kali、Trivy、ZAP、Semgrep、detect-secrets、kube posture 等 findings。
Schema:docs/schemas/security_finding_v1.schema.json
關鍵欄位:
{
"schema_version": "security_finding_v1",
"finding_id": "stable fingerprint",
"scan_run_id": "string",
"scanner": "kali|trivy|zap|semgrep|detect-secrets|kube-bench",
"asset_key": "string",
"target_type": "host|website|api_endpoint|container|package|repo|k8s_resource|tool",
"target": "redacted identifier",
"category": "exposure|cve|secret|misconfig|auth|tls|web|code|supply_chain|network",
"severity": "LOW|MEDIUM|HIGH|CRITICAL",
"confidence": "LOW|MEDIUM|HIGH",
"recommended_mode": "observe|warn|approve_required|block_candidate",
"evidence_ref": "redacted evidence pointer",
"summary": "繁體中文摘要",
"recommended_action": "繁體中文建議"
}
AwoooP 初期處理方式:mirror 成 Runtime State / Channel Event,不 enforcement。
kali_scan_scope_approval_v1
用途:定義 Kali 112、111/168 dev hosts、核心 runtime hosts、公開網站與 Kali high-risk path 的 scan scope、掃描深度與 approval gate。
Schema:docs/schemas/kali_scan_scope_approval_v1.schema.json
Snapshot:docs/security/kali-scan-scope-approval.snapshot.json
AwoooP 初期處理方式:只顯示 scope group 與 approval gate,可建立 approval candidate,但不得啟動 scan、不得呼叫 /execute、不得把 LOW / MEDIUM observation 變成 blocking gate。
security_approval_queue_v1
用途:集中整理 Security Supply Chain 現階段需要 AwoooP 顯示、排隊、等待人工決策的 pending approval / block candidate。
Schema:docs/schemas/security_approval_queue_v1.schema.json
Snapshot:docs/security/security-approval-queue.snapshot.json
目前 queue:8 items,7 個 pending approval,1 個 block candidate。建議先 review redacted Kali finding ingestion,再 review safe web crawl;Gitea lane 必須先顯示 S4.7 的 5 個 owner attestation items,owner scope decision 接受前不得進入 read-only inventory。
AwoooP 初期處理方式:只顯示 review order、blocked reason、required reviewers 與 evidence refs,可建立 approval candidate,但不得執行 queue item。
security_approval_gate_v1
用途:定義 S3 人工批准 gate 的決策語言、批准範圍、required reviewers、仍然禁止事項與 follow-up runtime gate。
Schema:docs/schemas/security_approval_gate_v1.schema.json
Snapshot:docs/security/security-approval-gate.snapshot.json
目前 gate:8 items,7 個 pending human decision,1 個 block candidate,0 個 approved。Gitea gate 已對齊 S4.7 owner coverage attestation 先行條件;批准後仍不得自動執行。
AwoooP 初期處理方式:只記錄人工決策、audit evidence 與批准範圍;不得把 gate item 接成 runner,不得在批准後自動啟動 scan、repo、refs、deploy 或 secret 類動作。
security_approval_decision_record_v1
用途:定義 S3 人工決策紀錄格式,保存 approve / reject / defer / request more evidence / keep blocked 的稽核資料。
Schema:docs/schemas/security_approval_decision_record_v1.schema.json
Snapshot:docs/security/security-approval-decision-record.snapshot.json
目前 decision records:0 筆;所有紀錄都必須維持 execution_authorized=false,且批准後仍需 follow-up runtime gate。
AwoooP 初期處理方式:只保存 reviewer、時間、evidence refs、批准範圍與決策結果;不得把 decision record 當成執行命令。
security_approval_review_packet_v1
用途:定義 S3 人工審查封包,將 approval queue 與 approval gate 包成 AwoooP 可顯示的 review packet。
Schema:docs/schemas/security_approval_review_packet_v1.schema.json
Snapshot:docs/security/security-approval-review-packet.snapshot.json
目前 review packets:8 筆;7 個 ready for human review、1 個 block candidate。Gitea review packet 必須顯示 S4.7 的 5 個 attestation items、received_attestation_count=0 與仍禁止事項;所有 packet 都必須維持 execution_authorized=false,且 action_buttons_allowed=false。
AwoooP 初期處理方式:只顯示 review order、review lane、required reviewers、requested decision、evidence refs 與 still forbidden;不得把 review packet 視為批准或執行授權。
security_approval_state_transition_v1
用途:定義 S3 人工決策後的只讀狀態轉移語義,避免 approve_scope 被誤解成可立即執行。
Schema:docs/schemas/security_approval_state_transition_v1.schema.json
Snapshot:docs/security/security-approval-state-transition.snapshot.json
目前 transition rules:5 筆,涵蓋 approve_scope、reject、defer、request_more_evidence、keep_blocked。所有 transition 都必須維持 execution_authorized=false。
AwoooP 初期處理方式:只顯示 next state,例如 scope_approved_waiting_runtime_gate、closed_rejected_no_action 或 blocked_by_default;不得把 transition rule 當成執行命令。
security_followup_runtime_gate_v1
用途:定義 S3.4 後續 runtime gate 的準備模板,讓 AwoooP 在 approve_scope 後知道未來若要進一步執行,必須先看到哪些 minimum evidence、preflight checks、rollback / disable requirement 與仍然禁止事項。
Schema:docs/schemas/security_followup_runtime_gate_v1.schema.json
Snapshot:docs/security/security-followup-runtime-gate.snapshot.json
目前 templates:8 筆,對應 redacted finding ingestion、safe web crawl、Gitea owner attestation + read-only inventory、GitHub target decisions、ref truth review、credentialed scan、Kali full-upgrade/reboot 與 Kali /execute block candidate。Gitea follow-up template 必須先檢查 S4.7 owner scope decision;ref truth follow-up template 必須先檢查 S4.11 owner response 驗收結果;active_runtime_gates=0、approved_scope_count=0、runtime_actions_authorized=false。
AwoooP 初期處理方式:只顯示準備條件與禁止事項,不新增 action button,不啟用 runtime gate,不執行 scan、repo、refs、deploy、secret、RBAC、NetworkPolicy 或 firewall 類動作。
source_control_primary_readiness_gate_v1
用途:定義 S4.0 GitHub primary readiness gate,讓 AwoooP 在任何 primary cutover 前能顯示 Gitea inventory、refs truth、workflow/runner/secret name parity、owner/visibility/canonical 與 rollback ADR 缺口。
Schema:docs/schemas/source_control_primary_readiness_gate_v1.schema.json
Snapshot:docs/security/source-control-primary-readiness-gate.snapshot.json
目前 readiness gate:10 個 candidate repos、9 個 in-scope blocked repos、1 個 external scope review、0 個 primary ready。所有 repo / refs / primary switch 動作都必須維持 disabled。
AwoooP 初期處理方式:只顯示 blockers、evidence refs 與 required review,不建立 GitHub repo、不修改 visibility、不 sync refs、不切 primary、不停用 Gitea。
source_control_ref_truth_owner_response_v1
用途:定義 S4.11 refs truth owner response request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 與收件包,讓 AwoooP 在處理 source_control_ref_truth_classification_v1 前,先看到 owner 要回覆哪 5 類 refs truth 問題、各 template 是否仍 waiting、0 emitted 的脫敏 audit metadata 模板、安全回覆範例、request / received / accepted 分離檢查、只讀 preflight 分類,以及 main/dev truth、deprecated drift、release tag 與 GitHub-only refs 的 response 欄位、可接受決策、驗收規則與拒收規則。
Schema:docs/schemas/source_control_ref_truth_owner_response_v1.schema.json
Snapshot:docs/security/source-control-ref-truth-owner-response.snapshot.json
目前 response packet:5 個 response templates、8 個 acceptance checks、10 個 rejection rules;received_response_count=0、accepted_response_count=0、rejected_response_count=0。所有 refs sync / delete / force push / primary switch 動作都必須維持 disabled。
AwoooP 初期處理方式:只顯示 response templates、rejection rules 與 owner 補證缺口;收到 response 後只更新 read-only classification、draft reconcile plan 與 readiness blocker wording,不 fetch、不 push、不 delete refs、不 rewrite branch/tag、不切 GitHub primary。
source_control_primary_rollback_adr_v1
用途:定義 S4.4 GitHub primary rollback ADR 草案,讓 AwoooP 在任何 primary cutover 前能顯示 rollback owner、validation window、rollback triggers 與逐 repo owner review。
Schema:docs/schemas/source_control_primary_rollback_adr_v1.schema.json
Snapshot:docs/security/source-control-primary-rollback-adr.snapshot.json
目前 rollback ADR:7 個 in-scope repo rollback drafts、1 個 external scope review、0 個 owner approved、0 個 dry-run completed、0 個 active cutover。所有 rollback / primary switch / refs sync 動作都必須維持 disabled。
AwoooP 初期處理方式:只顯示 rollback ADR 草案、owner review、validation window 與仍然禁止事項,不執行 rollback、不切 GitHub primary、不停用 Gitea。
source_control_workflow_secret_name_inventory_v1
用途:定義 S4.1 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱 inventory gate,補上 GitHub primary 前不能缺的 CI/CD 與 secret hygiene evidence。
Schema:docs/schemas/source_control_workflow_secret_name_inventory_v1.schema.json
Snapshot:docs/security/source-control-workflow-secret-name-inventory.snapshot.json
目前 inventory:10 個 candidate repos、9 個 in-scope repos、1 個 external review;inventory_complete_count=0、missing_inventory_count=9、secret_value_collection_allowed=false。
S4.2 local evidence:已新增本機只讀 collector 與 snapshot,9 個 local repos visible、5 個 local evidence repos、33 個 workflow files、42 個 referenced secret names、5 個 runner labels、secret_value_detected=false。webhook、deploy key、branch protection 與 repository secret parity 仍需後續 redacted evidence。
S4.3 export request:已新增 source_control_workflow_secret_name_export_request_v1 supporting schema、snapshot 與人讀版;9 個 in-scope repos、5 類 export lanes:webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity。write_token_allowed=false、secret_value_collection_allowed=false。
S4.12 owner response:已新增 source_control_workflow_secret_name_owner_response_v1 supporting schema、snapshot 與人讀版;1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks 與 5 個 response templates 對應 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity。received_response_count=0、accepted_response_count=0、audit_events_emitted=0、secret_value_collection_allowed=false、write_token_allowed=false。
AwoooP 初期處理方式:只顯示 inventory lane 缺口、S4.2 local evidence、S4.3 export request、S4.12 owner response request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / templates、要求 redacted snapshot 與人工 review;不得收集 secret value、修改 workflow、rotate secret、啟用 GitHub hosted runner、sync refs 或切 GitHub primary。
security_mirror_readiness_v1
用途:集中整理 Security Supply Chain contracts 的 mirror readiness,讓 AwoooP 先知道哪些可 mirror、哪些 partial、哪些 contract-only。
Schema:docs/schemas/security_mirror_readiness_v1.schema.json
Snapshot:docs/security/security-mirror-readiness.snapshot.json
目前 readiness:36 個 contracts,33 個 ready for mirror,2 個 partial ready,1 個 contract-only,0 個 blocked。所有 contract 都是 execution_allowed=false。
AwoooP 初期處理方式:先 mirror readiness index,再依 readiness 分批 mirror 其他 snapshots;不得把 readiness 當 execution authorization。
security_mirror_intake_plan_v1
用途:定義 AwoooP 初期 mirror-only intake waves、destinations、allowed / blocked processing 與 acceptance gates。
Schema:docs/schemas/security_mirror_intake_plan_v1.schema.json
Snapshot:docs/security/security-mirror-intake-plan.snapshot.json
目前 intake plan:5 個 waves,從 index bootstrap、Kali visibility、source-control visibility、approval candidates 到 Codex patch-only backlog。所有 waves 都是 runtime_execution_authorized=false。
AwoooP 初期處理方式:照 wave 顯示與 mirror,不新增 scan / execute / repo / refs / deploy / secret 類執行按鈕。
security_mirror_event_v1
用途:AwoooP 鏡像資安供應鏈 contracts 時使用的統一事件信封,避免鏡像 evidence 被誤解成 execution authorization。
Schema:docs/schemas/security_mirror_event_v1.schema.json
範例:docs/security/security-mirror-event-sample.snapshot.json
必要邊界:每筆 event 都必須是 execution_authorized=false、action_buttons_allowed=false,並標示 redaction_status、source_contract、source_snapshot_path、destinations 與 blocked_actions。
AwoooP 初期處理方式:只把 mirror event 寫入 Operator Console / Runtime State / Channel Event / Audit / Approval Queue,不新增任何執行按鈕。
security_mirror_route_v1
用途:定義 AwoooP 消費資安供應鏈 contracts 時的只讀分流矩陣,包含目的地、channel policy 與 review lane。
Schema:docs/schemas/security_mirror_route_v1.schema.json
Snapshot:docs/security/security-mirror-route.snapshot.json
目前 route:5 個 route groups,涵蓋 36 個 contracts;所有 route 都是 runtime_execution_authorized=false。
AwoooP 初期處理方式:只依 route group 顯示 Operator Console / Runtime State / Channel Event / Audit / Approval Queue,不把 route 轉成 execution router。
security_mirror_acceptance_v1
用途:定義 AwoooP 接收 mirror-only 資安資料時的驗收 checks,避免 contract count、event envelope、route coverage 或 redaction 不一致。
Schema:docs/schemas/security_mirror_acceptance_v1.schema.json
Snapshot:docs/security/security-mirror-acceptance.snapshot.json
目前 acceptance:7 個 checks;其中 blocking checks 只阻擋不完整或未脫敏的鏡像資料,不阻擋 runtime。
AwoooP 初期處理方式:顯示驗收結果與失敗原因;不得把 acceptance contract 轉成 runtime blocker 或 execution queue。
security_mirror_quarantine_v1
用途:定義 AwoooP mirror-only 資安資料驗收失敗時的隔離 lane、recovery request 與 retry gate。
Schema:docs/schemas/security_mirror_quarantine_v1.schema.json
Snapshot:docs/security/security-mirror-quarantine.snapshot.json
目前 quarantine:5 個 lanes;同一份失敗 payload 不自動 retry,必須等新的 snapshot commit 後重新驗收。
AwoooP 初期處理方式:只隔離壞的 mirror payload、顯示原因與修復要求;不得轉成 runtime blocker 或 execution queue。
security_mirror_dry_run_v1
用途:定義 AwoooP mirror-only 接入演練時應回報的 dry-run 結果格式。
Schema:docs/schemas/security_mirror_dry_run_v1.schema.json
Snapshot:docs/security/security-mirror-dry-run.snapshot.json
目前 dry-run:8 個 steps,已包含 CHECK_PROGRESS_GUARD 與 CHECK_OWNER_RESPONSE_GUARD;dry_run_status=contract_defined_not_executed,尚未代表 AwoooP 已實際執行 dry-run或 production ingestion。
AwoooP 初期處理方式:只顯示 dry-run 報告與各 step 狀態;不得把 guard pass 當成 owner response 已收到,也不得轉成 production ingestion 或任何 runtime action。
security_mirror_status_rollup_v1
用途:定義 AwoooP 與 Security Supply Chain Session 的共同狀態摘要,彙整 S0-S4、contract readiness、approval queue summary、dry-run 狀態與下一個安全 gate。
Schema:docs/schemas/security_mirror_status_rollup_v1.schema.json
Snapshot:docs/security/security-mirror-status-rollup.snapshot.json
目前 rollup:framework_ready_waiting_approval;36 個 contracts、33 ready、2 partial、1 contract-only、0 blocked;approval queue 仍為 8 items,其中 7 pending approval、1 block candidate;review packets 8 筆;state transition rules 5 筆;follow-up runtime gate templates 8 筆;active runtime gates 0 筆;GitHub primary candidate repos 10 筆、primary ready 0 筆;IwoooS posture projection 已建立,但只顯示姿態、progress、non-blocking lanes、evidence refs 與 forbidden actions;S4.10 GitHub target owner response request packet 1 筆、template statuses 9 筆、audit event templates 3 筆、redaction examples 5 筆、collection checks 6 筆、intake preflight checks 6 筆、owner decision response templates 9 筆、received response 0 筆、accepted response 0 筆;S4.11 refs truth owner response request packet 1 筆、template statuses 5 筆、audit event templates 3 筆、redaction examples 5 筆、collection checks 6 筆、intake preflight checks 6 筆、templates 5 筆、received response 0 筆、accepted response 0 筆、audit events emitted 0 筆;S4.13 owner response validation rollup 彙整 4 包、24 個 templates、6 條 evidence routing rules、8 個 display sections、7 條 state transition rules、9 個 reviewer checklist items、7 條 reviewer outcome lanes、4 個 reviewer audit event templates、5 個 reviewer audit display sections、6 個 reviewer audit collection checks、5 個 reviewer audit redaction examples、5 條 reviewer audit retention rules、6 個 reviewer audit retention checks、6 個 reviewer audit handoff packets、6 個 reviewer audit handoff checks、6 個 parallel session sync checks、6 條 parallel session conflict lanes、6 個 parallel session recovery checks、7 條 parallel session recovery outcome lanes、received response 0 筆、accepted response 0 筆、reviewer audit emitted 0 筆;Gitea inventory 目前 partial_waiting_authenticated_inventory,public-only repo 2 個、本機可見 Gitea unique repo 4 個、export source options 2 類、S4.6 import acceptance payload 0 筆、S4.7 owner attestation items 5 筆、received attestation 0 筆、S4.9 owner response request packet 1 筆、template statuses 5 筆、audit event templates 3 筆、redaction examples 5 筆、display sections 8 筆、collection checks 6 筆、S4.9 owner response templates 5 筆、intake preflight checks 6 筆、outcome lanes 5 筆、received response 0 筆、audit events emitted 0 筆、quarantine required=true、token value collection allowed=false;workflow / secret 名稱 inventory candidate repos 10 筆、complete 0 筆、S4.12 owner response request packet 1 筆、S4.12 template statuses 5 筆、S4.12 audit event templates 3 筆、S4.12 redaction examples 5 筆、S4.12 collection checks 6 筆、S4.12 intake preflight checks 6 筆、S4.12 owner response templates 5 筆、received response 0 筆、accepted response 0 筆、audit events emitted 0 筆;S4.2 local evidence repos 5 筆、workflow files 33 筆、referenced secret names 42 筆;decision records 目前 0 筆。
AwoooP 初期處理方式:只顯示階段狀態、下一個 gate 與禁止事項,可寫入 Audit evidence;不得把 rollup 當 runtime authorization。
security_rollout_policy_v1
用途:定義 Security Supply Chain 初期的低摩擦 rollout policy,避免把 observation 全部變成 blocking controls。
Schema:docs/schemas/security_rollout_policy_v1.schema.json
最小欄位:
{
"schema_version": "security_rollout_policy_v1",
"status": "draft",
"default_mode": "observe",
"enforcement_level": "mirror_only",
"non_blocking_escalation_lane_count": 7
}
AwoooP 初期處理方式:只作為 read-only policy 與 Operator Console 顯示,不做 runtime enforcement。
2026-05-19 追加:security_rollout_policy_v1 已補 7 條 non-blocking escalation lanes,涵蓋 LOW / MEDIUM observation、owner response missing、mirror data incomplete、source-control drift draft、Kali observe finding、workflow / secret name gap 與 progress display holding。AwoooP 可顯示 lane 與建立 follow-up,但每條 lane 都維持 owner_review_required_before_blocking=true、runtime_blocking_allowed=false 與 not_authorization=true,不得直接升 runtime blocker 或 action button。
security_supply_chain_contract_manifest_v1
用途:集中列出 Security Supply Chain 初期可供 AwoooP 消費的 schema、snapshot、人讀文件、允許動作與禁止動作。
Schema:docs/schemas/security_supply_chain_contract_manifest_v1.schema.json
最小欄位:
{
"schema_version": "security_supply_chain_contract_manifest_v1",
"status": "draft",
"default_enforcement_level": "mirror_only",
"contract_count": 35
}
AwoooP 初期處理方式:作為 contract registry 與 Operator Console 入口,只路由 mirror/read-only/approval queue,不作 execution router。
coding_task_v1
用途:承接 Code Review 後需要 Codex coding 的項目。
Schema:docs/schemas/coding_task_v1.schema.json
最小欄位:
{
"schema_version": "coding_task_v1",
"source": "github_code_review|gitea_code_review|codex_security|manual_review",
"repo": "string",
"branch": "string",
"base_sha": "string",
"head_sha": "string",
"risk": "LOW|MEDIUM|HIGH|CRITICAL",
"summary": "繁體中文摘要",
"allowed_actions": ["create_patch", "add_tests", "open_draft_pr"],
"blocked_actions": ["auto_merge", "production_deploy", "force_push", "secret_rotation", "network_policy_change"],
"required_reviewers": ["critic", "vuln-verifier"]
}
AwoooP 初期處理方式:作為 approval-ready work item,不自動執行。
source_control_migration_event_v1
用途:追蹤 Gitea 全量版本轉移到 GitHub 的供應鏈安全證據。
Schema:docs/schemas/source_control_migration_event_v1.schema.json
最小欄位:
{
"schema_version": "source_control_migration_event_v1",
"gitea_repo": "string",
"github_repo": "string",
"branch_count_gitea": 0,
"branch_count_github": 0,
"tag_count_gitea": 0,
"tag_count_github": 0,
"latest_sha_gitea": "string",
"latest_sha_github": "string",
"workflows_mapped": true,
"webhooks_mapped": true,
"secrets_inventory_only": true,
"status": "inventory|mirrored|verified|blocked",
"blocking_reason": "繁體中文說明"
}
AwoooP 初期處理方式:作為 supply chain governance evidence,不觸發 deploy。
gitea_repo_inventory_v1
用途:追蹤 Gitea org/user repo list 的全量盤點,作為「所有 Gitea 專案版本轉移到 GitHub」的前置 evidence。
Schema:docs/schemas/gitea_repo_inventory_v1.schema.json
最小欄位:
{
"schema_version": "gitea_repo_inventory_v1",
"base_url": "http://192.168.0.110:3001",
"org": "wooo",
"query_mode": "user",
"visibility_scope": "public_only",
"github_owner": "owenhytsai",
"token_present": false,
"http_status": 200,
"status": "partial",
"repo_count": 2,
"repos": [
{
"gitea_repo": "wooo/awoooi",
"name": "awoooi",
"owner": "wooo",
"private": false,
"empty": false,
"archived": false,
"default_branch": "main",
"clone_url_redacted": "http://192.168.0.110:3001/wooo/awoooi.git",
"ssh_url_redacted": "ssh://localhost:2222/wooo/awoooi.git",
"github_repo_candidate": "owenhytsai/awoooi"
},
{
"gitea_repo": "wooo/ewoooc",
"name": "ewoooc",
"owner": "wooo",
"private": false,
"empty": false,
"archived": false,
"default_branch": "main",
"clone_url_redacted": "http://192.168.0.110:3001/wooo/ewoooc.git",
"ssh_url_redacted": "ssh://localhost:2222/wooo/ewoooc.git",
"github_repo_candidate": "owenhytsai/ewoooc"
}
]
}
AwoooP 初期處理方式:作為 migration matrix 的 read-only evidence;partial 只代表 public-only 可見範圍,不得觸發 repo 建立、刪除、封存或 GitHub primary 切換。
S4.5 支援性請求:已新增 docs/schemas/gitea_authenticated_inventory_export_request_v1.schema.json、docs/security/gitea-authenticated-inventory-export-request.snapshot.json 與 docs/security/GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md。此請求不新增第 36 個主 contract,而是補強 gitea_repo_inventory_v1:目前未認證公開範圍可見 repo 2 個、本機可見 Gitea unique repo 4 個、覆蓋缺口 2 個;允許的來源只有只讀 token API 清冊或已脫敏管理匯出清冊;token_value_collection_allowed=false、write_token_allowed=false、repo_write_allowed=false、refs_sync_allowed=false、github_primary_switch_authorized=false。
S4.6 支援性驗收:已新增 docs/schemas/gitea_authenticated_inventory_import_acceptance_v1.schema.json、docs/security/gitea-authenticated-inventory-import-acceptance.snapshot.json 與 docs/security/GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md。此驗收仍不新增第 36 個主 contract,只定義 owner / 管理者提供脫敏 payload 後的 schema、redaction、coverage gap、quarantine 與 allowed output;目前 received_payload_count=0、accepted_payload_count=0、runtime_execution_authorized=false,不得把驗收格式視為 inventory 已完成或 primary cutover approval。
S4.7 支援性 owner attestation:已新增 docs/schemas/gitea_inventory_coverage_attestation_v1.schema.json、docs/security/gitea-inventory-coverage-attestation.snapshot.json 與 docs/security/GITEA-INVENTORY-COVERAGE-ATTESTATION.md。此 attestation 仍不新增第 36 個主 contract,只定義 public-only / local remote gap、org/user endpoint、110 internal adjacent source、canonical owner 與 legacy/inaccessible disposition 的 owner decision;目前 required_attestation_item_count=5、received_attestation_count=0、accepted_attestation_count=0、runtime_execution_authorized=false,不得把 attestation request 視為 repo migration approval。
S4.9 支援性 owner response request packet 與收件包:已新增 docs/schemas/gitea_inventory_owner_attestation_response_v1.schema.json、docs/security/gitea-inventory-owner-attestation-response.snapshot.json 與 docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md。此 response packet 仍不新增第 36 個主 contract,只定義 AwoooP 可顯示給 owner 的回覆請求、template status ledger、audit event templates、redaction examples、display sections、collection checks、owner 回覆 S4.7 五個 items 時的必填欄位、intake preflight checks、outcome lanes、驗收規則、拒收規則與 allowed output;目前 owner_response_request_packet_count=1、owner_response_template_status_count=5、owner_response_audit_event_template_count=3、owner_response_redaction_example_count=5、owner_response_display_section_count=8、owner_response_collection_check_count=6、required_response_item_count=5、intake_preflight_check_count=6、intake_outcome_lane_count=5、received_response_count=0、accepted_response_count=0、runtime_execution_authorized=false,不得把 request packet、template status ledger、audit event templates、redaction examples、display sections、collection checks 或 response packet 視為 read-only inventory 已執行、audit production ingestion、repo migration approval 或 GitHub primary approval。
local_git_remote_inventory_v1
用途:在 Gitea API 受阻時,盤點本機可見 Git working tree 的 remote URL,找出仍指向 Gitea、GitHub、110 內部 Git 或 GitLab 類 remote 的專案。
Schema:docs/schemas/local_git_remote_inventory_v1.schema.json
最小欄位:
{
"schema_version": "local_git_remote_inventory_v1",
"status": "partial",
"repo_count": 13,
"gitea_linked_count": 6,
"github_linked_count": 6,
"internal_110_only_count": 3
}
AwoooP 初期處理方式:作為 migration matrix 的輔助 evidence;不得把它視為 Gitea server 全量清單。
local_repo_canonical_probe_v1
用途:在多個本機 working tree 名稱相近但 remote/HEAD 不一致時,提供 read-only lineage evidence,避免自動把不同歷史誤合併。
Schema:docs/schemas/local_repo_canonical_probe_v1.schema.json
最小欄位:
{
"schema_version": "local_repo_canonical_probe_v1",
"group_name": "ewoooc-momo-pro-system",
"status": "unrelated",
"repo_count": 3,
"comparison_count": 3
}
AwoooP 初期處理方式:只作為 canonical decision evidence;不得觸發 merge、repo creation、repo deletion 或 mirror。
git_remote_refs_probe_v1
用途:對指定本機 repo 的 remote refs 做 read-only 探測,確認本機 HEAD 是否與 remote branch 對齊。
Schema:docs/schemas/git_remote_refs_probe_v1.schema.json
最小欄位:
{
"schema_version": "git_remote_refs_probe_v1",
"group_name": "internal-110-bitan-tsenyang",
"status": "ok",
"repo_count": 2,
"aligned_current_branch_count": 2
}
AwoooP 初期處理方式:只作為 source-control readiness evidence;不得觸發 fetch、push、mirror、repo creation 或 primary switch。
github_target_probe_v1
用途:對候選 GitHub repo 做 read-only 可見性與 refs probe,區分已存在、不可見、或外部 scope。
Schema:docs/schemas/github_target_probe_v1.schema.json
最小欄位:
{
"schema_version": "github_target_probe_v1",
"status": "ok",
"candidate_count": 8,
"exists_count": 5,
"not_found_or_private_count": 3
}
AwoooP 初期處理方式:只作為 migration target evidence;not_found_or_private 不等同確認不存在,不得自動建立 repo。
github_target_decision_v1
用途:追蹤候選 GitHub repo 的建立、可見性、封存或待判定決策,讓 target ownership 與 approval 狀態可被 AwoooP mirror。
Schema:docs/schemas/github_target_decision_v1.schema.json
最小欄位:
{
"schema_version": "github_target_decision_v1",
"status": "draft",
"decision_count": 8,
"approval_required_count": 7
}
AwoooP 初期處理方式:作為 approval candidate 與 migration target evidence;需同時顯示 S4.10 owner response request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks、owner decision response templates、received_response_count=0 與 rejection rules;不得直接建立 GitHub repo、修改 visibility、同步 refs 或切 GitHub primary。
github_target_owner_decision_response_v1
用途:定義 9 個 approval-required GitHub targets 的 owner / visibility / canonical response request packet、收件欄位、驗收規則與拒收規則。
Schema:docs/schemas/github_target_owner_decision_response_v1.schema.json
最小欄位:
{
"schema_version": "github_target_owner_decision_response_v1",
"status": "draft_waiting_owner_response",
"owner_response_request_packet_count": 1,
"owner_response_template_status_count": 7,
"owner_response_audit_event_template_count": 3,
"response_template_count": 7,
"received_response_count": 0,
"accepted_response_count": 0
}
AwoooP 初期處理方式:mirror 成 owner response request / status / review lane。request packet 只顯示要請 owner 回覆哪 9 個 target 與不得貼什麼,template status ledger 只逐項顯示 waiting / request ready,audit event templates 只定義 0 emitted 的脫敏 metadata,redaction examples 只示範脫敏 metadata shape,collection checks 只維持 request / received / accepted 分離;response 通過後只更新 read-only decision table、approval package、approval board 與 primary readiness gate;不得把 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 或 response packet 當成 repo creation、visibility change、refs sync 或 GitHub primary approval。
github_target_repo_approval_package_v1
用途:把 github_target_decision_v1 中需要人工批准的 target 拆成逐 repo approval package,降低一次性審批的複雜度。
Schema:docs/schemas/github_target_repo_approval_package_v1.schema.json
最小欄位:
{
"schema_version": "github_target_repo_approval_package_v1",
"status": "draft",
"package_count": 7,
"approval_items": []
}
AwoooP 初期處理方式:mirror 成 approval queue draft,並連到 S4.10 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / response 收件包。低摩擦原則下,read-only evidence 不被阻擋;只有 repo creation、visibility change、refs sync、primary switch 等高風險執行才需要 approval。
approval_required_event_v1
用途:把高風險資安修補、Codex patch、source control 主控切換送進 AwoooP approval。
Schema:docs/schemas/approval_required_event_v1.schema.json
必須進 approval 的情況:
severity=HIGH|CRITICAL。- 會改 secrets、RBAC、NetworkPolicy、firewall、CORS。
- 會改 production deploy controller。
- 會切換 GitHub primary / Gitea mirror 主控面。
- 會啟用 credentialed scan 或 active DAST。
- 會使用 Gitea read-only token 或匯入管理匯出補 private/internal repo list。
- 會讓 Codex patch 自動合併或自動部署。
4. AwoooP 整合順序
Phase S0:文件與契約同步
狀態:本文件建立後即完成第一步同步。
交付:
- 本 handoff。
- LOGBOOK 條目。
security_supply_chain_contract_manifest_v1、security_finding_v1、coding_task_v1、source_control_migration_event_v1、gitea_repo_inventory_v1、local_git_remote_inventory_v1、github_target_probe_v1、github_target_decision_v1、github_target_repo_approval_package_v1、security_rollout_policy_v1、local_repo_canonical_probe_v1、git_remote_refs_probe_v1、approval_required_event_v1JSON Schema 草案。
Phase S1:Mirror-only
目標:讓 AwoooP 看見事件,但不改變行為。
允許:
- 將 security findings mirror 成 Runtime State。
- 將 coding tasks mirror 成 approval candidate。
- 將 source control migration inventory mirror 成 supply chain evidence。
- 將 Gitea repo inventory mirror 成 migration matrix evidence。
- 將本機 Git remote inventory mirror 成 source-control coverage evidence。
- 將 GitHub target 決策 mirror 成 approval candidate。
- 將 GitHub target repo-by-repo package mirror 成 approval queue draft。
- 將低摩擦 rollout policy mirror 成 read-only policy。
- 將 contract manifest mirror 成 contract registry。
- 將 status rollup mirror 成跨 Session 共同狀態入口。
- 將 workflow / secret 名稱 inventory gate mirror 成 source-control review evidence。
禁止:
- 直接 enforcement。
- 直接啟動 scan。
- 直接呼叫 Codex patch runner。
- 直接切 GitHub/Gitea 主控。
- 直接刪除、封存或建立 repo。
- 直接修改 GitHub repo visibility。
Phase S2:Read-only Policy
目標:AwoooP 只計算 policy,不執行。
範例:
security_finding_v1進來後,AwoooP 回傳observe|warn|approve_required建議。coding_task_v1進來後,AwoooP 回傳是否需要critic/vuln-verifier。source_control_migration_event_v1進來後,AwoooP 回傳是否缺 branch/tag/workflow/webhook/permission evidence。local_git_remote_inventory_v1進來後,AwoooP 回傳是否仍有 local-only / internal-110-only source-control risk。github_target_decision_v1進來後,AwoooP 回傳是否需要 owner / visibility / canonical approval。github_target_repo_approval_package_v1進來後,AwoooP 回傳逐 repo approval queue draft,不阻擋 read-only evidence。security_rollout_policy_v1進來後,AwoooP 回傳 observe / warn / approve_required 建議,不做 enforcement。security_supply_chain_contract_manifest_v1進來後,AwoooP 回傳可消費 contract 清單,不新增 execution router。source_control_workflow_secret_name_inventory_v1進來後,AwoooP 回傳缺哪些 redacted workflow / secret name evidence,並顯示 S4.3 export request 的 webhook / runner / deploy key / branch protection / repository secret parity lanes;不收集 secret value、不修改 workflow。
Phase S3:Approval Gate
目標:高風險行為必須經 AwoooP approval。
先納入:
- Codex patch 合併前。
- HIGH/CRITICAL findings 修補前。
- GitHub primary 切換前。
- credentialed scan 前。
Phase S4:Operator Console
目標:讓操作者在 AwoooP Console 看見:
- 資安 posture。
- open findings。
- coding task 狀態。
- GitHub/Gitea migration matrix。
- approval queue。
- accepted risk / false positive / exception。
Console 初期不提供高風險執行按鈕。
5. 兩邊 Session 的衝突邊界
| 區域 | AwoooP Session | Security Supply Chain Session | 衝突避免 |
|---|---|---|---|
| Contract schema | 主責 | 提供草案與需求 | AwoooP 決定 canonical package |
| DB migration | 主責 | 不碰 | findings 先文件化,不建表 |
| Runtime enforcement | 主責 | 不碰 | 先 mirror/read-only |
| Kali scan | 不直接執行 | 主責規劃 | AwoooP 只管 approval/policy |
| Codex patch | 不直接執行 | 主責規劃 | AwoooP 只管 approval/audit |
| GitHub/Gitea 遷移 | 治理 gate | inventory 與遷移設計 | 主控切換需雙方 handoff |
| MCP Gateway | 主責 | 只提出 access needs | 不新增 direct tool bypass |
| Channel Event | 主責 | 提供事件需求 | Channel adapter 不做 policy |
6. AwoooP Session 需要消費的工作項
請 AwoooP 主線在後續規劃時預留:
- Runtime State 可容納
security_finding_v1mirror。 - Approval model 可容納
coding_task_v1與source_control_migration_event_v1。 - EffectivePolicy 可判斷
observe|warn|approve_required|block_candidate。 - Channel Event 可承載資安 findings 與供應鏈遷移事件。
- Audit Sink 必須脫敏,不可儲存 raw secret、token、cookie、exploit payload。
- Operator Console 需要 supply chain / security posture 視圖,但初期不要高風險 action。
- MCP Gateway 後續要能限制 Codex/Kali/GitHub 工具權限。
- Migration matrix 可容納
gitea_repo_inventory_v1,但初期只讀。 - Migration matrix 可容納
local_git_remote_inventory_v1,但不得視為 server 全量。 - Approval queue 可容納
github_target_decision_v1與github_target_repo_approval_package_v1,但不得直接建立 repo 或改 visibility。 - Read-only policy 可容納
security_rollout_policy_v1,但初期不得把它變成 runtime blocking rule。 - Contract registry 可容納
security_supply_chain_contract_manifest_v1,但初期不得把它變成 direct tool router。 - Source-control review 可容納
source_control_workflow_secret_name_inventory_v1與 S4.3 redacted export request,但只能顯示 workflow / secret 名稱缺口、owner export lanes 與 hosted runner 額度風險,不得收集 value 或修改 workflow。 - Source-control review 可容納 S4.13
source_control_owner_response_validation_rollup_v1,集中顯示 S4.9 / S4.10 / S4.11 / S4.12 四包 owner response validation 狀態、evidence routing rules、display sections、state transition rules、reviewer checklist、reviewer outcome lanes、reviewer audit event templates、reviewer audit display sections、reviewer audit collection checks、reviewer audit redaction examples、reviewer audit retention rules、reviewer audit retention checks、reviewer audit handoff packets、reviewer audit handoff checks、parallel session sync checks、parallel session conflict lanes、parallel session recovery checks 與 parallel session recovery outcome lanes;不得把 rollup、routing、sections、transition rules、reviewer checklist、reviewer outcome lanes、reviewer audit templates、reviewer audit display sections、reviewer audit collection checks、reviewer audit redaction examples、reviewer audit retention rules、reviewer audit retention checks、reviewer audit handoff packets / checks、parallel session sync checks、parallel session conflict lanes、parallel session recovery checks 或 parallel session recovery outcome lanes 當成 approval、runtime gate、production ingestion 或 execution authorization。
7. Security Supply Chain Session 下一步
已批准開始推進後,本支線第一波只做:
- Gitea/GitHub 全量版本盤點設計。
coding_task_v1schema 文件化。security_finding_v1schema 文件化。source_control_migration_event_v1schema 文件化。gitea_repo_inventory_v1schema 文件化。local_git_remote_inventory_v1schema 文件化。github_target_probe_v1schema 文件化。local_repo_canonical_probe_v1schema 文件化。git_remote_refs_probe_v1schema 文件化。github_target_decision_v1schema 文件化。approval_required_event_v1schema 文件化。- 112/111/168 observe-only asset mapping。
- Codex patch-only handoff prompt。
- AwoooP mirror-only integration notes。
第一版 inventory 已建立於 docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md。目前只完成 awoooi repo read-only 初步盤點,已確認 GitHub / Gitea 存在 branches、tags 與 main SHA 差異,因此主控切換必須保持 blocked,直到全量同步驗證完成。
第一版 observe-only host mapping 已建立於 docs/security/DEV-HOSTS-112-111-168-OBSERVE-ONLY-MAPPING.md。第一版 Codex patch-only handoff prompt 已建立於 docs/security/CODEX-PATCH-ONLY-HANDOFF-PROMPT.md。
2026-05-12 更新:已新增 scripts/security/source-control-migration-inventory.py,並產出 docs/security/gitea-github-awoooi-inventory.snapshot.json。目前 source_control_migration_event_v1.status=blocked,因 Gitea heads 117、GitHub heads 2、Gitea tags 2、GitHub tags 0,且 main SHA 不一致。AwoooP Session 應將此視為 supply-chain evidence,不得視為可切 GitHub primary。
2026-05-12 追加:已新增 scripts/security/gitea-repo-inventory.py、docs/schemas/gitea_repo_inventory_v1.schema.json,並產出 docs/security/gitea-repo-inventory.snapshot.json。目前 gitea_repo_inventory_v1.status=partial,因未提供 token 時只能取得 public-only wooo/awoooi 與 wooo/ewoooc;完整全量仍需只讀 token 或管理匯出。
2026-05-12 Gitea endpoint 判定追加:已新增 docs/security/gitea-org-repo-inventory-blocked.snapshot.json 與 docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md,保留 orgs/wooo/repos 未認證 404 evidence;後續 server-side inventory 以 users/wooo/repos、只讀 token 或管理匯出為主。
2026-05-12 server-side inventory runbook 追加:已新增 docs/security/GITEA-SERVER-SIDE-INVENTORY-RUNBOOK.md,定義 public-only、只讀 token、管理匯出 JSON 三種路徑。AwoooP 可 mirror runbook 狀態,但不得要求 Security Supply Chain Session 提供 token value。
2026-05-12 Gitea approval package 追加:已新增 docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md 與 docs/security/gitea-readonly-inventory-approval.snapshot.json,用 approval_required_event_v1 描述 run_gitea_readonly_inventory 的人工 gate。AwoooP 可建立 approval candidate,但不得保存 token value 或觸發任何 repo 建立、visibility 修改、refs sync。
2026-05-12 再追加:已新增 scripts/security/local-git-remote-inventory.py、docs/schemas/local_git_remote_inventory_v1.schema.json,並產出 docs/security/local-git-remote-inventory.snapshot.json。目前 local_git_remote_inventory_v1.status=partial,找到本機可見 working trees 13 個,其中 Gitea linked 6、GitHub linked 6、110 internal-only 3;此結果只作為 Gitea API 受阻時的輔助 evidence。
2026-05-12 矩陣追加:已新增 docs/security/SOURCE-CONTROL-MIGRATION-MATRIX.md,將本機可見 source-control targets 拆成 P0/P1/P2。AwoooP 可 mirror 此矩陣作為 migration planning evidence,但不得依此自動建立、刪除、同步 repo 或切換 primary。
2026-05-12 refs diff 追加:已新增 docs/security/source-control-clawbot-v5.snapshot.json、docs/security/source-control-wooo-aiops.snapshot.json。wooo/clawbot-v5 與 wooo/wooo-aiops 目前都為 source_control_migration_event_v1.status=blocked,不得視為 GitHub primary ready。
2026-05-12 draft reconcile plan 追加:已新增 scripts/security/source-control-reconcile-plan.py、docs/schemas/source_control_reconcile_plan_v1.schema.json,並產出 docs/security/source-control-reconcile-plan.snapshot.json 與 docs/security/SOURCE-CONTROL-RECONCILE-PLAN.md。此 plan 只涵蓋 awoooi、clawbot-v5、wooo-aiops 三個 refs-blocked mapped repos,狀態為 draft_blocked;AwoooP 可 mirror 成 approval candidate,但不得 push refs、force push、刪 refs、切 GitHub primary。
2026-05-13 branch/tag detail diff 追加:已新增 scripts/security/source-control-ref-detail-diff.py、docs/schemas/source_control_ref_detail_diff_v1.schema.json,並產出 docs/security/source-control-ref-detail-diff.snapshot.json 與 docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md。最新 read-only diff 忽略本 PR 分支後,awoooi 仍有 Gitea-only branches 115、Gitea-only tags 2、main SHA 不一致;clawbot-v5 main SHA 不一致且 GitHub 缺 Gitea tag;wooo-aiops GitHub 有 1 條額外 branch 與 19 個 GitHub-only tags。AwoooP 可 mirror 此 evidence,但不得 fetch、push、delete refs 或切 primary。
2026-05-13 ref truth classification 追加:已新增 scripts/security/source-control-ref-truth-classification.py、docs/schemas/source_control_ref_truth_classification_v1.schema.json,並產出 docs/security/source-control-ref-truth-classification.snapshot.json 與 docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md。目前 194 個 refs review items 已拆成 4 個 manual_truth_required、142 個 manual_review_deprecated_candidate、3 個 manual_review_release_tag、20 個 manual_review_github_only。AwoooP 可建立 repo owner review queue,但不得把分類結果直接執行成 refs sync、delete、force push 或 GitHub primary switch。
2026-05-17 S4.11 ref truth owner response 追加,2026-05-18 至 2026-05-19 補 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks:已新增 docs/schemas/source_control_ref_truth_owner_response_v1.schema.json、docs/security/source-control-ref-truth-owner-response.snapshot.json 與 docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md。目前 1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks 與 5 個 response templates 對應 main/dev truth、deprecated drift、release tag retention 與 GitHub-only refs review;received / accepted response 皆為 0,audit events emitted 仍為 0。AwoooP 可 mirror 成 owner response intake queue,但不得把 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 或 response packet 當成 refs sync、delete、force push 或 GitHub primary approval。
2026-05-12 public search / canonical 追加:Gitea public search 在未提供 token 時可見 wooo/awoooi、wooo/ewoooc。已新增 docs/security/SOURCE-CONTROL-CANONICAL-DECISION-TABLE.md,其中 wooo/ewoooc、root/momo-pro-system、momo-pro-system、momo_pro_system 仍需人工判定 canonical 關係,不得自動合併。
2026-05-12 GitHub target probe 追加:已新增 scripts/security/github-target-probe.py、docs/schemas/github_target_probe_v1.schema.json 與 docs/security/github-target-probe.snapshot.json。8 個候選中 5 個可讀,owenhytsai/ewoooc、owenhytsai/bitan-pharmacy、owenhytsai/tsenyang-website 為 not_found_or_private。
2026-05-12 canonical lineage 追加:已新增 scripts/security/local-repo-canonical-probe.py、docs/schemas/local_repo_canonical_probe_v1.schema.json 與 docs/security/local-repo-canonical-ewoooc-momo.snapshot.json。ewoooc-momo-pro-system 群組目前為 unrelated,三個本機 working tree 在 sample 內沒有共同 commit,不得自動合併。
2026-05-12 internal refs 追加:已新增 scripts/security/git-remote-refs-probe.py、docs/schemas/git_remote_refs_probe_v1.schema.json 與 docs/security/git-remote-refs-bitan-tsenyang.snapshot.json。bitan-pharmacy、tsenyang-website 的本機 main 與 110 remote main 對齊,但 GitHub target 仍未確認。另新增 docs/security/git-remote-refs-wooo-infra-config.snapshot.json;wooo-infra-config 的 GitHub remote 與本機 main 對齊,110 internal remote 目前不可讀。
2026-05-12 GitHub target 決策追加:已新增 docs/schemas/github_target_decision_v1.schema.json、docs/security/github-target-decision.snapshot.json 與 docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md。10 個 target 候選中 9 個需人工批准;AwoooP 只能 mirror 為 approval candidate,不得自動建立 repo、修改 visibility、同步 refs 或切 GitHub primary。
2026-05-12 GitHub target repo-by-repo approval package 追加:已新增 docs/schemas/github_target_repo_approval_package_v1.schema.json、docs/security/github-target-repo-approval-package.snapshot.json 與 docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md。9 個 approval-required targets 已拆成逐 repo pending package;依統帥提醒採低摩擦分階段,不把 read-only evidence 變成阻擋條件。
2026-05-17 S4.10 GitHub target owner decision response 收件包追加,2026-05-18 補 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks:已新增 docs/schemas/github_target_owner_decision_response_v1.schema.json、docs/security/github-target-owner-decision-response.snapshot.json 與 docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md。AwoooP 可顯示 1 個 owner response request packet、9 個 template statuses、3 個 audit event templates、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks、9 個 response templates、8 個 acceptance checks 與 10 個 rejection rules;目前收到 response 0 筆、接受 0 筆,仍不得建立 repo、修改 visibility、sync refs、切 GitHub primary 或停用 Gitea。
2026-05-12 低摩擦 rollout policy 追加,2026-05-19 補 non-blocking escalation lanes:已新增 docs/schemas/security_rollout_policy_v1.schema.json、docs/security/security-rollout-policy.snapshot.json 與 docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md。AwoooP 初期應採 observe-first / mirror-only,不把 LOW / MEDIUM observation、缺 owner response、partial mirror、source-control drift、Kali observe finding、workflow / secret name gap 或 headline holding 變成 blocking controls。
2026-05-12 contract manifest 追加:已新增 docs/schemas/security_supply_chain_contract_manifest_v1.schema.json、docs/security/security-supply-chain-contract-manifest.snapshot.json 與 docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md。AwoooP 應先讀 manifest 作為 mirror-only contract registry,不把 manifest 當 execution router。
2026-05-13 mirror route 追加,2026-05-19 補 IwoooS posture projection coverage:已新增 docs/schemas/security_mirror_route_v1.schema.json、docs/security/security-mirror-route.snapshot.json 與 docs/security/SECURITY-MIRROR-ROUTE.md。AwoooP 可依 5 個 route groups 將 36 個 contracts 分流到 Operator Console、Runtime State、Channel Event、Audit evidence 與 Approval Queue;route 只決定目的地、channel policy 與 review lane,不是 execution router。
2026-05-13 mirror acceptance 追加,2026-05-18 已對齊 progress guard:已新增 docs/schemas/security_mirror_acceptance_v1.schema.json、docs/security/security-mirror-acceptance.snapshot.json 與 docs/security/SECURITY-MIRROR-ACCEPTANCE.md。AwoooP 可用 8 個 acceptance checks 驗收 mirror ingestion;blocking checks 只針對 contract count mismatch、缺 event envelope、route coverage 不完整、未脫敏 evidence 或進度估算被誤當授權,不得阻擋 runtime 流程。
2026-05-13 mirror quarantine 追加:已新增 docs/schemas/security_mirror_quarantine_v1.schema.json、docs/security/security-mirror-quarantine.snapshot.json 與 docs/security/SECURITY-MIRROR-QUARANTINE.md。AwoooP 可用 5 個 quarantine lanes 隔離驗收失敗 payload,顯示 owner、recovery request 與 retry gate;不得自動重試、不得猜測缺漏 contract、不得阻擋 runtime 流程。
2026-05-13 mirror dry-run 追加,2026-05-18 已對齊 progress guard 與 owner response guard:已新增 docs/schemas/security_mirror_dry_run_v1.schema.json、docs/security/security-mirror-dry-run.snapshot.json 與 docs/security/SECURITY-MIRROR-DRY-RUN.md。AwoooP 未來可用 8 個 dry-run steps 回報接入演練結果;本 snapshot 狀態為 contract_defined_not_executed,不得視為 production ingestion 已啟用。
2026-05-13 mirror status rollup 追加,2026-05-18 補 progress display policy / delta ledger,2026-05-19 補 IwoooS posture projection:已新增 docs/schemas/security_mirror_status_rollup_v1.schema.json、docs/security/security-mirror-status-rollup.snapshot.json 與 docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md。AwoooP 與 Security Supply Chain Session 可用同一份 rollup 同步 S0-S4、36 個 contracts、IwoooS posture projection、approval queue summary、review packet summary、state transition summary、follow-up runtime gate template summary、GitHub primary readiness summary、rollback ADR summary、workflow / secret name inventory summary、58% headline progress、micro progress delta ledger 與下一個安全 gate;本契約不授權任何 runtime action。
2026-05-13 S3 approval gate 追加:已新增 docs/schemas/security_approval_gate_v1.schema.json、docs/security/security-approval-gate.snapshot.json 與 docs/security/SECURITY-APPROVAL-GATE.md。AwoooP 可用 8 個 gate items 記錄人工批准、拒絕、延後或補 evidence;批准後仍需 follow-up runtime gate,不得直接執行。
2026-05-13 S3 decision record 追加:已新增 docs/schemas/security_approval_decision_record_v1.schema.json、docs/security/security-approval-decision-record.snapshot.json 與 docs/security/SECURITY-APPROVAL-DECISION-RECORD.md。AwoooP 可保存人工決策稽核紀錄;目前 0 筆 decision records,所有紀錄都必須 execution_authorized=false。
2026-05-13 S3 review packet 追加:已新增 docs/schemas/security_approval_review_packet_v1.schema.json、docs/security/security-approval-review-packet.snapshot.json 與 docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md。AwoooP 可顯示 8 個人工審查封包、review lane、required reviewers 與 still forbidden;review packet 不代表批准,也不授權執行。
2026-05-13 S3 state transition 追加:已新增 docs/schemas/security_approval_state_transition_v1.schema.json、docs/security/security-approval-state-transition.snapshot.json 與 docs/security/SECURITY-APPROVAL-STATE-TRANSITION.md。AwoooP 可顯示 5 個人工決策後 next state;approve_scope 只進入 scope_approved_waiting_runtime_gate,仍不得直接執行 scan、repo、refs、deploy 或 secret 類動作。
2026-05-13 S3 follow-up runtime gate 準備追加:已新增 docs/schemas/security_followup_runtime_gate_v1.schema.json、docs/security/security-followup-runtime-gate.snapshot.json 與 docs/security/SECURITY-FOLLOWUP-RUNTIME-GATE.md。AwoooP 可顯示 8 個後續 runtime gate 準備模板、minimum evidence、preflight checks 與 rollback / disable requirement;目前 active_runtime_gates=0,不得新增 action button 或啟用 runtime gate。
2026-05-13 S4.0 GitHub primary readiness gate 追加:已新增 docs/schemas/source_control_primary_readiness_gate_v1.schema.json、docs/security/source-control-primary-readiness-gate.snapshot.json 與 docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md。AwoooP 可顯示 10 個 candidate repos、9 個 in-scope blocked repos、Gitea inventory、refs truth、workflow/runner/secret name parity 與 rollback ADR 缺口;目前 primary_ready_count=0,不得建立 repo、sync refs、切 GitHub primary 或停用 Gitea。
2026-05-13 S4.1 workflow / secret name inventory 追加:已新增 docs/schemas/source_control_workflow_secret_name_inventory_v1.schema.json、docs/security/source-control-workflow-secret-name-inventory.snapshot.json 與 docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md。AwoooP 可顯示 10 個 candidate repos 的 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱 inventory 缺口;目前 inventory_complete_count=0、secret_value_collection_allowed=false,不得收集 secret value、修改 workflow、rotate secret、sync refs 或切 GitHub primary。
2026-05-13 S4.2 workflow / secret name local evidence 追加:已新增 scripts/security/source-control-workflow-secret-name-local-inventory.py、docs/schemas/source_control_workflow_secret_name_local_evidence_v1.schema.json、docs/security/source-control-workflow-secret-name-local-evidence.snapshot.json 與 docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-LOCAL-EVIDENCE.md。本輪只從本機 working tree 的 .github/workflows、.gitea/workflows 與 CODEOWNERS 萃取名稱級 metadata:9 個 local repos visible、5 個 local evidence repos、33 個 workflow files、42 個 referenced secret names、secret_value_detected=false;不得視為 GitHub primary ready。
2026-05-13 S4.3 workflow / secret name redacted export request 追加:已新增 docs/schemas/source_control_workflow_secret_name_export_request_v1.schema.json、docs/security/source-control-workflow-secret-name-export-request.snapshot.json 與 docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-EXPORT-REQUEST.md。本輪只定義 9 個 in-scope repos、5 類 export lanes 的 owner / read-only export 欄位與拒收規則:webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity;write_token_allowed=false、secret_value_collection_allowed=false,不得呼叫 API 或修改 GitHub/Gitea。
2026-05-17 S4.12 workflow / secret name owner response 追加,2026-05-19 補 request packet、template status ledger、audit event templates、redaction examples 與 collection checks:已新增 docs/schemas/source_control_workflow_secret_name_owner_response_v1.schema.json、docs/security/source-control-workflow-secret-name-owner-response.snapshot.json 與 docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md。目前 1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks 與 5 個 response templates 對應 webhook、runner、deploy key、branch protection / CODEOWNERS 與 repository secret name parity;received / accepted response 皆為 0、audit events emitted 仍為 0。AwoooP 可 mirror 成 owner response intake queue,但不得把 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 或 response packet 當成 secret value collection、workflow modification、GitHub hosted runner enablement 或 GitHub primary approval。
2026-05-17 S4.13 owner response validation rollup 追加:已新增 docs/schemas/source_control_owner_response_validation_rollup_v1.schema.json、docs/security/source-control-owner-response-validation-rollup.snapshot.json 與 docs/security/SOURCE-CONTROL-OWNER-RESPONSE-VALIDATION-ROLLUP.md。目前彙整 S4.9 / S4.10 / S4.11 / S4.12 四包 response packets,24 個 response templates、received / accepted / rejected response 皆為 0、cross-packet checks 10 個;2026-05-19 再補 6 條 evidence routing rules、8 個 display sections、7 條 state transition rules、9 個 reviewer checklist items、7 條 reviewer outcome lanes、4 個 reviewer audit event templates、5 個 reviewer audit display sections、6 個 reviewer audit collection checks、5 個 reviewer audit redaction examples、5 條 reviewer audit retention rules、6 個 reviewer audit retention checks、6 個 reviewer audit handoff packets、6 個 reviewer audit handoff checks、6 個 parallel session sync checks、6 條 parallel session conflict lanes、6 個 parallel session recovery checks 與 7 條 parallel session recovery outcome lanes,讓 AwoooP 只讀判斷補證、隔離、拒收、跨包 review、只讀更新、平行 Session 同步、衝突分流或復原前檢查與復原結果分類,固定 Operator Console 顯示順序,顯示 waiting、pending validation、read-only update 與 waiting runtime gate 的狀態語義,提供人工審查順序,把 reviewer 結果只讀分類成等待、補證、隔離、拒收、跨包 review、只讀候選或等待後續 runtime gate,定義未來可留痕的脫敏 metadata 形狀,固定 audit templates、允許 metadata、禁止 payload、0 emitted 狀態與非授權邊界的顯示方式,確認 metadata-only、forbidden payload blocked、emitted=0、無 runtime side effect 與 counters 不變,示範 reviewer role lane、classification reason、quarantine pointer、read-only update target 與 runtime gate counter 的安全 metadata 顯示形狀,固定未來只能保留已脫敏 metadata、reason code、pointer 與 counters,確認 retention rules 可見、raw payload / secret retention blocked、counter snapshot-only 與無 runtime side effect,並確認平行 Session 接手前需對齊同一 PR 分支、latest delta、0 counters、false flags、source-control mutation 禁令與 S4.9 next focus;衝突時只進停下重讀或人工 review;復原前只能重抓遠端、重讀 latest ledger、重跑只讀 guards、review staged diff、確認 runtime false flags 與回到 S4.9 next focus,目前 reviewer audit emitted 仍為 0。AwoooP 可 mirror 成只讀驗收總覽,但不得把 rollup、routing、sections、transition rules、reviewer checklist、reviewer outcome lanes、reviewer audit templates、reviewer audit display sections、reviewer audit collection checks、reviewer audit redaction examples、reviewer audit retention rules、reviewer audit retention checks、reviewer audit handoff packets / checks、parallel session sync checks、parallel session conflict lanes、parallel session recovery checks 或 parallel session recovery outcome lanes 當成 approval、runtime gate、production ingestion、repo / refs / workflow / secret / runner 執行授權或 GitHub primary approval。
2026-05-13 S4.4 GitHub primary rollback ADR 追加:已新增 docs/schemas/source_control_primary_rollback_adr_v1.schema.json、docs/security/source-control-primary-rollback-adr.snapshot.json 與 docs/security/SOURCE-CONTROL-PRIMARY-ROLLBACK-ADR.md。本輪只定義 9 個 in-scope repos 的 rollback ADR 草案、precondition、trigger、validation window 與 owner review;owner_approved_count=0、dry_run_completed_count=0、active_cutover_count=0,不得切 GitHub primary、不得執行 rollback、不得停用 Gitea。
2026-05-13 S4.5 Gitea 認證清冊匯出請求追加:已新增 docs/schemas/gitea_authenticated_inventory_export_request_v1.schema.json、docs/security/gitea-authenticated-inventory-export-request.snapshot.json 與 docs/security/GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md。本輪只定義 Gitea 私有 / 內部全量清冊的脫敏匯出請求;目前未認證公開範圍 repo 2 個、本機可見 Gitea unique repo 4 個、覆蓋缺口 2 個、匯出來源選項 2 類;不得保存 token value、不得使用 write token、不得寫入 Gitea、不得建立或刪除 repo、不得 sync refs、不得切 GitHub primary。
2026-05-13 S4.6 Gitea 認證清冊匯入驗收追加:已新增 docs/schemas/gitea_authenticated_inventory_import_acceptance_v1.schema.json、docs/security/gitea-authenticated-inventory-import-acceptance.snapshot.json 與 docs/security/GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md。本輪只定義 owner / 管理者提供脫敏 payload 後的驗收、拒收與隔離規則;目前收到 payload 0 筆、接受 0 筆、拒收 0 筆;不得保存 token value、不得匯入 DB dump 或 git object、不得寫 Gitea、不得 sync refs、不得切 GitHub primary。
2026-05-17 S4.7 Gitea 清冊覆蓋 owner attestation 追加:已新增 docs/schemas/gitea_inventory_coverage_attestation_v1.schema.json、docs/security/gitea-inventory-coverage-attestation.snapshot.json 與 docs/security/GITEA-INVENTORY-COVERAGE-ATTESTATION.md。本輪只定義 5 個 owner scope decision items:public-only / local remote gap、org/user endpoint、110 internal adjacent source、canonical owner 與 legacy/inaccessible repo disposition;目前收到 attestation 0 筆、接受 0 筆;不得保存 token value、不得寫 Gitea、不得建立 GitHub repo、不得 sync refs、不得切 GitHub primary。
2026-05-17 S4.8 Gitea owner attestation approval lane 對齊追加:已更新既有 security_approval_queue_v1、security_approval_gate_v1、security_approval_review_packet_v1 與 security_followup_runtime_gate_v1 的 Gitea lane,要求 AwoooP 先顯示 S4.7 的 5 個 owner attestation items 與 scope decision evidence。queue / review packet / follow-up template 數量維持 8 / 8 / 8,active_runtime_gates=0,不得新增 action button、不得執行 read-only inventory、不得把 owner attestation 視為 repo migration approval 或 GitHub primary approval。
2026-05-17 S4.9 Gitea owner attestation response 收件包追加,2026-05-18 補 owner response request packet、template status ledger、audit event templates、redaction examples、display sections 與 collection checks:已新增 docs/schemas/gitea_inventory_owner_attestation_response_v1.schema.json、docs/security/gitea-inventory-owner-attestation-response.snapshot.json 與 docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md。AwoooP 可顯示 1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、8 個 display sections、6 個 collection checks、5 個 response templates、6 個 intake preflight checks、5 個 outcome lanes、8 個 acceptance checks 與 10 個 rejection rules;目前收到 response 0 筆、接受 0 筆、audit events emitted 0 筆,仍不得保存 token value、不得寫 Gitea、不得 sync refs、不得切 GitHub primary,也不得把 audit template、redaction example 或 display section 當成 production ingestion。
2026-05-13 Kali 112 live 整合狀態追加:已在授權下登入 192.168.0.112 做 read-only 盤點與低風險更新,並新增 docs/schemas/kali_integration_status_v1.schema.json、docs/security/kali-integration-status.snapshot.json 與 docs/security/KALI-INTEGRATION-STATUS.md。Kali Scanner API /health healthy、kali-scanner.service active/enabled、node-exporter 與 wg-easy container up;已 targeted update nmap、nikto、nuclei、curl、openssl、CA 套件,安裝 jq,時區改為 Asia/Taipei,更新後無 reboot required。AwoooP 可 mirror health / update / gap evidence,但不得直接啟動 scan、credentialed scan 或 /execute。
本波仍不做:
- runtime DB migration。
- API endpoint。
- K8s / NetworkPolicy / RBAC / firewall。
- production deploy。
- GitHub 主控切換。
- Gitea 刪除或停用。
- Codex API 自動長任務。
8. 參考文件
- Kali 資訊安全網藍圖
- Kali 資訊安全網開工準備
- Kali 112 整合狀態與更新紀錄
- kali_integration_status_v1 snapshot
- Code Review 接 Codex 與 Gitea 推版優化藍圖
- Gitea 到 GitHub 全量版本轉移 Inventory
- Gitea / GitHub migration snapshot
- source_control_migration_event_v1 snapshot
- clawbot-v5 source_control_migration_event_v1 snapshot
- wooo-aiops source_control_migration_event_v1 snapshot
- source-control inventory script
- Gitea repo inventory snapshot
- gitea_repo_inventory_v1 snapshot
- Gitea org endpoint blocked snapshot
- Gitea org endpoint blocked JSON
- Gitea server-side inventory runbook
- Gitea read-only inventory approval package
- Gitea read-only inventory approval snapshot
- Gitea 認證清冊匯出請求
- gitea_authenticated_inventory_export_request_v1 snapshot
- Gitea 認證清冊匯入驗收契約
- gitea_authenticated_inventory_import_acceptance_v1 snapshot
- Gitea 清冊覆蓋 owner attestation
- gitea_inventory_coverage_attestation_v1 snapshot
- Gitea 清冊 owner attestation response 收件包
- gitea_inventory_owner_attestation_response_v1 snapshot
- Gitea admin export redaction checklist
- Gitea public repo search snapshot
- gitea public repo search JSON
- gitea repo inventory script
- 本機 Git remote inventory snapshot
- local_git_remote_inventory_v1 snapshot
- 本機 Git remote inventory script
- GitHub target probe snapshot
- github_target_probe_v1 snapshot
- GitHub target probe script
- GitHub target 決策表
- github_target_decision_v1 snapshot
- GitHub target owner decision response 收件包
- github_target_owner_decision_response_v1 snapshot
- GitHub target repo-by-repo approval package
- github_target_repo_approval_package_v1 snapshot
- 低摩擦資安 rollout policy
- security_rollout_policy_v1 snapshot
- Security Supply Chain contract manifest
- security_supply_chain_contract_manifest_v1 snapshot
- 資安鏡像狀態彙整契約
- security_mirror_status_rollup_v1 snapshot
- 資安人工批准 Gate 契約
- security_approval_gate_v1 snapshot
- 資安人工決策紀錄契約
- security_approval_decision_record_v1 snapshot
- Source Control ref truth classification
- source_control_ref_truth_classification_v1 snapshot
- Source Control ref truth owner response
- source_control_ref_truth_owner_response_v1 snapshot
- Source Control GitHub primary rollback ADR
- source_control_primary_rollback_adr_v1 snapshot
- Source Control workflow / secret name inventory
- source_control_workflow_secret_name_inventory_v1 snapshot
- Source Control workflow / secret name local evidence
- source_control_workflow_secret_name_local_evidence_v1 snapshot
- Source Control workflow / secret name redacted export request
- source_control_workflow_secret_name_export_request_v1 snapshot
- Source Control workflow / secret name owner response
- source_control_workflow_secret_name_owner_response_v1 snapshot
- Source Control owner response validation rollup
- source_control_owner_response_validation_rollup_v1 snapshot
- source-control workflow / secret name local collector
- 本機 repo canonical lineage snapshot
- local_repo_canonical_probe_v1 snapshot
- 本機 repo canonical lineage script
- Internal 110 refs snapshot
- git_remote_refs_probe_v1 snapshot
- wooo-infra-config refs snapshot
- wooo-infra-config git_remote_refs_probe_v1 snapshot
- Git remote refs probe script
- Source Control 遷移矩陣
- Source Control Canonical Repo 判定表
- AwoooP Mirror-only 消費清單
- 112 / 111 / 168 Observe-only 資產 Mapping
- Codex Patch-only Handoff Prompt
- AwoooP x Monitoring / Alerting Convergence Map
- AwoooP Master Workplan
- security_finding_v1 schema
- kali_integration_status_v1 schema
- coding_task_v1 schema
- source_control_migration_event_v1 schema
- gitea_repo_inventory_v1 schema
- gitea_authenticated_inventory_export_request_v1 schema
- gitea_authenticated_inventory_import_acceptance_v1 schema
- gitea_inventory_coverage_attestation_v1 schema
- local_git_remote_inventory_v1 schema
- github_target_probe_v1 schema
- github_target_decision_v1 schema
- github_target_owner_decision_response_v1 schema
- github_target_repo_approval_package_v1 schema
- security_rollout_policy_v1 schema
- security_supply_chain_contract_manifest_v1 schema
- security_mirror_status_rollup_v1 schema
- security_approval_gate_v1 schema
- security_approval_decision_record_v1 schema
- source_control_ref_truth_classification_v1 schema
- source_control_ref_truth_owner_response_v1 schema
- source_control_primary_rollback_adr_v1 schema
- source_control_workflow_secret_name_inventory_v1 schema
- source_control_workflow_secret_name_local_evidence_v1 schema
- source_control_workflow_secret_name_export_request_v1 schema
- source_control_workflow_secret_name_owner_response_v1 schema
- source_control_owner_response_validation_rollup_v1 schema
- local_repo_canonical_probe_v1 schema
- git_remote_refs_probe_v1 schema
- approval_required_event_v1 schema