42 KiB
Source Control Owner Response Validation Rollup
| 項目 | 內容 |
|---|---|
| 日期 | 2026-06-13 |
| 狀態 | 草案,等待 owner responses;S4.9 是目前第一優先收件 gate |
| 資料契約 | docs/schemas/source_control_owner_response_validation_rollup_v1.schema.json |
| 快照 | docs/security/source-control-owner-response-validation-rollup.snapshot.json |
| 模式 | owner_response_validation_rollup_only |
| 執行面授權 | false |
0. 核心結論
S4.13 補的是「四個 owner response 收件包的只讀驗收彙整」。
它彙整 S4.9 Gitea owner attestation response、S4.10 GitHub target owner decision response、S4.11 refs truth owner response、S4.12 workflow / secret name owner response。目的只是讓 AwoooP 有單一入口看到哪些 owner response 尚未收到、哪些可驗收、哪些必須拒收或隔離。
S4.13 不新增第 36 個主 contract,不新增 approval item,不啟用 runtime gate,不新增 action button,也不把任何 response、reviewer audit retention check、handoff packet、parallel session sync check、parallel session conflict lane 或 parallel session recovery check 當成 repo creation、visibility change、refs sync、workflow 修改、secret 搬移、runner 啟用或 GitHub primary approval。
1. Rollup 摘要
| 指標 | 值 |
|---|---|
| response packets | 4 |
| validation lanes | 4 |
| response templates | 24 |
| 已收到 response | 0 |
| 已接受 response | 0 |
| 已拒收 response | 0 |
| acceptance checks | 32 |
| rejection rules | 40 |
| cross-packet checks | 10 |
| evidence routing rules | 6 |
| display sections | 8 |
| state transition rules | 7 |
| reviewer checklist | 9 |
| reviewer outcome lanes | 7 |
| reviewer audit event templates | 4 |
| reviewer audit display sections | 5 |
| reviewer audit collection checks | 6 |
| reviewer audit redaction examples | 5 |
| reviewer audit retention rules | 5 |
| reviewer audit retention checks | 6 |
| reviewer audit handoff packets | 6 |
| reviewer audit handoff checks | 6 |
| parallel session sync checks | 6 |
| parallel session conflict lanes | 6 |
| parallel session recovery checks | 6 |
| parallel session recovery outcome lanes | 7 |
| quarantine required | true |
| primary ready count | 0 |
| runtime execution authorized | false |
| action buttons allowed | false |
1.1 最新本機只讀驗證
| 項目 | 結果 |
|---|---|
| 日期 | 2026-06-13 |
| 範圍 | repo_snapshot_only |
| 指令 | python3 scripts/security/source-control-owner-response-guard.py --root . |
| 結果 | SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK |
| 已收到 response | 0 |
| 已接受 response | 0 |
| runtime actions authorized | false |
| repo / refs actions authorized | false |
| workflow / secret actions authorized | false |
這表示四包 owner response snapshot 與 S4.13 rollup 的只讀 guard 已通過;不表示 owner response 已收到,也不授權 repo、refs、workflow、secret、runner、GitHub primary 或任何 runtime 動作。
1.1.1 2026-06-13 S4.9 狀態刷新
| 項目 | 結果 |
|---|---|
| 基準 | gitea/main=2afb7c0a fix(governance): harden agent evidence redaction |
| 平行進展 | P0-PUBLICENV public host alias redaction 已正式收斂;P2-105 critic / reviewer result capture gate 已完成正式驗證 |
| S4.9 影響 | 無直接解鎖;上述進展只改善公開面脫敏與 AI Agent 評估/結果捕捉可見性 |
| 下一步 | 仍以 S4.9 Gitea owner attestation response 作為第一個收件候選 |
| 必須維持 | request_sent=false、received / accepted / rejected=0 / 0 / 0、runtime_execution_authorized=false、action_buttons_allowed=false |
本刷新只更新基準與只讀狀態,不送 request、不代填 owner response、不新增 accepted record,也不把任何 UI 或 production smoke 結果視為 owner response。
2. 四條驗收 Lane
| Lane | 來源 | Templates | 目前狀態 |
|---|---|---|---|
| S4.9 Gitea owner attestation response | GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md |
5 | 等待 response |
| S4.10 GitHub target owner decision response | GITHUB-TARGET-OWNER-DECISION-RESPONSE.md |
9 | 等待 response |
| S4.11 refs truth owner response | SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md |
5 | 等待 response |
| S4.12 workflow / secret name owner response | SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md |
5 | request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks 已定義,等待 response |
2.1 AwoooP 可顯示的缺口摘要
| Lane | 缺口 | 下一步 | 仍禁止 |
|---|---|---|---|
| S4.9 Gitea owner attestation | 5 個 response templates 尚未收到 | Owner 回覆 5 個 Gitea coverage attestation items,只引用脫敏 evidence refs | 不收 token value、不寫 Gitea、不 sync refs、不切 primary |
| S4.10 GitHub target decision | 9 個 response templates 尚未收到 | Owner 依 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 9 個 GitHub target 的 owner / visibility / canonical disposition | 不建 repo、不改 visibility、不 sync refs、不切 primary |
| S4.11 refs truth | 5 個 response templates 尚未收到 | Owner 依 S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 refs truth、deprecated drift、release tags 與 GitHub-only refs disposition | 不 fetch / push / delete refs、不 force push、不切 primary |
| S4.12 workflow / secret name | 1 個 request packet 已定義、5 個 template statuses 仍 waiting、3 個 audit event templates 仍 0 emitted、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks 已定義、5 個 response templates 尚未收到 | Owner 依 request packet、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 webhook、runner、deploy key、branch protection / CODEOWNERS、secret name parity 的脫敏狀態 | 不收 secret value、不改 workflow、不啟用 runner、不切 primary |
2.2 建議收件順序
| 順序 | Lane | 為什麼先後這樣排 |
|---|---|---|
| 1 | S4.9 Gitea owner attestation | 先確認 Gitea 覆蓋範圍與 canonical owner,避免後續 GitHub target / refs 判定建立在不完整 inventory 上 |
| 2 | S4.10 GitHub target decision | 再確認 GitHub target owner / visibility / canonical,避免 not_found_or_private 被誤解成可直接建立 repo |
| 3 | S4.11 refs truth | GitHub target owner / visibility 明確後,再判定 branch / tag 真相來源,避免 refs sync 或 delete 被提前誤用 |
| 4 | S4.12 workflow / secret name | 最後補 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱 parity,避免 secret 或 runner 變更早於 source truth |
這個順序只讓 AwoooP 顯示下一個建議收件項目,不是 approval queue、不是 execution queue,也不授權任何 repo、refs、workflow、secret、runner 或 primary 動作。
2.3 下一個建議收件項目
| 欄位 | 內容 |
|---|---|
| 下一步 | S4.9 Gitea owner attestation response |
| 需要回覆 | 5 個 Gitea coverage attestation items |
| 顯示模式 | display_next_collection_item_only |
| 目前 received / accepted | 0 / 0 |
| 仍禁止 | 不收 token value、不寫 Gitea、不 sync refs、不切 GitHub primary |
next_collection_candidate 只讓 AwoooP 操作控制台顯示「現在先收 S4.9」。它不是批准、不是執行排程,也不是後續 S4.10 / S4.11 / S4.12 已可接受的訊號。
AwoooP 顯示 S4.9 時,應同步讀取 gitea-inventory-owner-attestation-response.snapshot.json 的 1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、8 個 display sections、6 個 collection checks、6 個 intake preflight checks 與 5 個 outcome lanes;request packet 只提示 owner 要填什麼與不得貼什麼,template statuses 只逐項顯示 waiting / request ready,audit event templates 只定義 request shown / response received metadata / outcome classified 的脫敏 metadata 欄位且目前 0 emitted,redaction examples 只提供安全回覆形狀,display sections 只固定只讀 UI 順序,collection checks 只維持 request / received / accepted 狀態分離,preflight / outcome 只分類可審、補證、隔離、拒收或等待,不代表 owner response accepted 或 AwoooP production ingestion 已啟用。
2.3.1 2026-06-13 S4.9 Current Intake Readiness
S4.9 目前已具備可直接照表收件與預檢的準備度,但尚未收到任何 owner response。這個狀態應顯示在 AwoooP 操作控制台作為下一個收件焦點,不得變成 approval queue 或 execution queue。
| 項目 | 目前值 | 不得誤讀成 |
|---|---|---|
| 收件準備度 | 100% |
owner response 已收到 |
| owner response gate | 0% |
S4.9 已接受 |
| request sent | false |
已正式送件 |
| received / accepted / rejected | 0 / 0 / 0 |
任一項已完成 |
| 五題缺口 | public-only/local gap、org/user endpoint、110 adjacent scope、repo owner/canonical、legacy/inaccessible disposition | inventory complete、GitHub primary ready |
| 合格回覆封套 | owner role / team、decision、decision reason、affected scope、redacted evidence refs、followup owner | 執行授權或資安批准 |
| 通過後可做 | 只更新 read-only coverage / matrix / readiness wording | 寫 Gitea、建立 repo、sync refs、切 primary、開 runtime gate |
2.4 S4.9 最小回覆封套
S4.9 owner response 收件前,必須具備以下六個欄位。缺任一欄位只能補件,不得增加 received / accepted count。
| 欄位 | 用途 | 安全邊界 |
|---|---|---|
| owner role / team | 確認回覆責任來源 | 不要求個人敏感資料 |
| decision | confirm、defer、reject、request_more_evidence |
其他 decision 直接拒收 |
| decision reason | 簡述判斷原因 | 不得貼 raw secret、token、cookie、未脫敏截圖或 private URL credential |
| affected scope | 影響的 repo、Gitea coverage、canonical owner 或 legacy disposition | 不得夾帶 repo write、refs sync、visibility change |
| redacted evidence refs | 文件路徑、ticket id、hash、摘要或脫敏 evidence ref | 疑似敏感 payload 進 quarantine |
| followup owner | 補件或後續人工決策負責角色 | 不等於批准者、不等於 runtime gate owner |
S4.9 回覆即使通過,也只允許更新 read-only Gitea coverage matrix、owner / canonical disposition 與 readiness wording;不得寫 Gitea、不得同步 refs、不得建立 GitHub repo、不得切 GitHub primary,也不得啟用任何 AwoooP action button。
3. Cross-Packet 驗收規則
- 四個 source response packets 都必須可解析,且 summary 欄位存在。
- response template count 必須對齊來源:
5 + 9 + 5 + 5 = 24。 - received / accepted / rejected count 必須明確列出;目前皆為
0 / 0 / 0。 - 即使未來 response 通過,也只能更新 read-only wording、matrix 或 readiness 欄位。
- 四個 packets 都必須保留 rejection rules;總數 40。
- 不得收 token、secret、private key、cookie、session、partial credential 或未脫敏 payload。
- 不得夾帶 write token、admin API、repo write、workflow 修改、runner 啟用或 secret rotate。
- 不得把 response 當成 refs sync、delete refs、force push 或 GitHub primary approval。
- 任何不確定是否含敏感值的 response 都先 quarantine。
- 接受 response 後必須同步更新 source packet、validation rollup、security mirror rollup、primary readiness gate 與 LOGBOOK。
3.1 Evidence Routing Rules
| 順序 | Rule | 只讀路由 | 禁止誤用 |
|---|---|---|---|
| 1 | 已知 owner response lane | 已知 S4.9 / S4.10 / S4.11 / S4.12 lane 與 template 才能進入對應 source packet preflight | 不認識的 lane 不得自動新增 template 或標成 received |
| 2 | 必填欄位完整 | 缺 owner、decision、reason、repo/provider metadata 或 evidence refs 時只要求補證 | 不增加 received / accepted count |
| 3 | 敏感 payload 隔離 | 疑似 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖時送 mirror quarantine | 不保存 raw payload、不渲染敏感材料 |
| 4 | 執行要求拒收 | 夾帶 repo、visibility、refs、workflow、webhook、runner、secret、Kali scan 或 GitHub primary 執行要求時 hard reject | 不建立 runtime gate、不新增 action button |
| 5 | 跨包矛盾進 owner review | owner、repo、visibility、truth source 或 secret 名稱在四包之間矛盾時只進人工 review | 不自動覆蓋 source packet |
| 6 | 通過後只更新只讀 wording | 所有 source preflight、acceptance、cross-packet checks 與 quarantine rules 通過後,只能更新 read-only readiness / matrix wording | 不解鎖 repo、refs、workflow、secret、runner 或 primary 動作 |
這 6 條規則只讓 AwoooP 決定 evidence pointer 應顯示、補證、隔離、拒收或進人工 review;它們不代表 owner response 已收到、已接受、可執行或可切換 GitHub primary。
3.2 Display Sections
| 順序 | Section | 顯示來源 | 邊界 |
|---|---|---|---|
| 1 | Owner response validation 總覽 | summary |
只顯示四包、24 templates、received / accepted / rejected 皆為 0 與 false flags |
| 2 | Missing owner response lanes | missing_response_lanes |
只顯示四條缺口與下一步 owner action,不新增 response |
| 3 | Owner response collection order | owner_response_collection_order |
只顯示建議收件順序,不是 execution queue |
| 4 | Next collection candidate | next_collection_candidate |
只顯示目前先收 S4.9,不代表 S4.10-S4.12 可提前接受 |
| 5 | Cross-packet acceptance checks | cross_packet_acceptance_checks |
只讀驗收檢查,不解鎖 runtime |
| 6 | Evidence routing rules | owner_response_evidence_routing_rules |
只路由補證、隔離、拒收、跨包 review 或只讀更新 |
| 7 | Quarantine 與禁止事項 | quarantine_rules / forbidden_actions |
只顯示敏感 payload、write/admin/action button 與 primary 禁令 |
| 8 | 最新本機只讀驗證 | latest_local_validation |
只顯示 snapshot guard 結果,不代表 production ingestion |
這 8 個 sections 只固定 AwoooP 操作控制台的呈現順序;不新增 approval item、不建立 runtime gate、不新增 action button,也不增加 received / accepted count。
3.3 State Transition Rules
| 順序 | Rule | 狀態轉移 | 邊界 |
|---|---|---|---|
| 1 | Waiting → received pending validation | 已知 lane / template、必填欄位完整、evidence refs 已脫敏時,才可顯示候選收件 | 不增加 accepted count、不建立 runtime gate |
| 2 | Missing fields → request more evidence | 缺 owner、decision、reason、metadata 或 evidence refs 時只補證 | 不增加 received / accepted count、不解鎖 primary readiness |
| 3 | Sensitive payload → mirror quarantine | 疑似 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖時隔離 | 不保存 raw payload、不渲染敏感材料 |
| 4 | Execution request → hard rejected | 夾帶 repo、visibility、refs、workflow、webhook、runner、secret、Kali scan、GitHub hosted runner 或 GitHub primary 執行要求時拒收 | 不建立 action button、不排入 execution queue |
| 5 | Cross-packet conflict → owner review | S4.9-S4.12 owner、repo、visibility、truth source 或 secret 名稱互相矛盾時進人工 review | 不自動覆蓋 source packet、不自動 merge |
| 6 | Validation pass → read-only update | source packet preflight、acceptance、cross-packet checks 與 quarantine rules 都通過時只更新 wording | 不建 repo、不 sync refs、不改 workflow/secret、不啟用 runner/primary |
| 7 | Read-only update → waiting runtime gate | read-only wording 完成後仍等待獨立人工批准與 runtime gate | 不把文件更新當 runtime approval、不消耗 GitHub hosted runner minutes |
這 7 條 state transition rules 只讓 AwoooP 顯示 owner response validation 的狀態語義;它們不代表 response 已接受、approval 已成立、runtime gate 已啟用或任何 repo / refs / workflow / secret / runner / primary 動作可執行。
3.4 Reviewer Checklist
| 順序 | Checklist | Reviewer 只讀確認 | 失敗路由 |
|---|---|---|---|
| 1 | Lane 與 template 已知 | evidence pointer 屬於 S4.9-S4.12 既有 lane / template | request more evidence |
| 2 | 必填 owner 欄位完整 | owner、decision、reason、repo/provider metadata、evidence refs 都存在 | request more evidence |
| 3 | Evidence refs 已脫敏 | 只接受文件路徑、ticket id、hash 或摘要,不接受 raw payload | mirror quarantine |
| 4 | Source packet preflight 通過 | 對應 S4.9-S4.12 intake preflight checks 已有結果 | source packet preflight failure route |
| 5 | Cross-packet 一致 | owner、repo、visibility、truth source、workflow / secret name parity 無矛盾 | cross-packet owner review |
| 6 | 無敏感 payload | 無 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header 或 partial credential | mirror quarantine |
| 7 | 無執行意圖 | 無 repo、refs、workflow、webhook、runner、secret、Kali scan、GitHub hosted runner 或 primary switch 要求 | hard reject |
| 8 | 只更新 read-only wording | 通過後只更新 evidence、matrix、decision table、reconcile wording 或 readiness wording | block candidate |
| 9 | 後續 runtime gate 仍需獨立批准 | active runtime gate、primary ready、action buttons 都仍為 0 / false | block candidate |
這 9 個 checklist items 只提供 reviewer 檢查順序;不會增加 received / accepted count,不會形成 approval,也不會建立 runtime gate、execution queue 或 action button。
3.5 Reviewer Outcome Lanes
| 順序 | Outcome lane | Reviewer 判定 | 安全結果 |
|---|---|---|---|
| 1 | 繼續等待 owner response | 只看到 request packet、template status、audit template、redaction example 或 display section | keep waiting |
| 2 | 要求補證 | 缺 owner、decision、reason、metadata、evidence refs 或 source packet preflight 結果 | request more evidence |
| 3 | 敏感 payload 隔離 | 疑似 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential、partial credential 或未脫敏截圖 | mirror quarantine |
| 4 | 拒收執行要求 | 夾帶 repo、refs、workflow、webhook、runner、secret、Kali scan、GitHub hosted runner 或 primary switch 要求 | hard reject |
| 5 | 跨包 owner review | S4.9-S4.12 owner、repo、visibility、truth source 或 workflow / secret name parity 互相矛盾 | cross-packet owner review |
| 6 | 只讀更新候選 | preflight、acceptance、cross-packet checks、reviewer checklist 與 quarantine rules 全部通過 | read-only update candidate |
| 7 | 仍等待後續 runtime gate | 只讀 wording 可更新,但 active runtime gate、primary ready 與 action buttons 仍為 0 / false | waiting follow-up runtime gate |
這 7 條 outcome lanes 只讓 reviewer 將檢查結果放到可顯示的只讀分類;不會自動增加 received / accepted count,不會觸發 approval,也不會建立 repo、refs、workflow、secret、runner、Kali 或 primary 的執行入口。
3.6 Reviewer Audit Event Templates
| 順序 | Audit template | 觸發語意 | 邊界 |
|---|---|---|---|
| 1 | reviewer outcome review opened | reviewer 開始依 checklist / outcome lanes 檢查 evidence pointer | 只允許 reviewer、lane、template、source packet 與脫敏 evidence ref metadata |
| 2 | reviewer outcome classified | reviewer 將結果分類到 7 條 outcome lanes 之一 | 只允許 outcome、理由摘要、checklist pass/fail count 與脫敏 refs |
| 3 | quarantine or reject recorded | reviewer 判定 mirror quarantine 或 hard reject | 只允許 blocked reason、quarantine pointer 與 blocked action summary |
| 4 | read-only update noted | reviewer 判定只讀更新候選或等待 runtime gate | 只允許 read-only targets、runtime gate required 與 0 / false 狀態 |
這 4 個 audit event templates 目前全部是 template_only_not_emitted、emitted_event_count=0,只定義未來 AwoooP 可以怎麼留脫敏 audit metadata;不代表 production ingestion 已啟用,也不得保存 raw owner response、token、secret、private key、cookie、session、authorization header、private URL credential、partial credential 或未脫敏截圖。
3.7 Reviewer Audit Display Sections
| 順序 | Display section | 顯示內容 | 邊界 |
|---|---|---|---|
| 1 | reviewer audit template summary | 4 個 reviewer audit templates、template_only_not_emitted、emitted_event_count=0 |
只顯示模板狀態,不代表 production ingestion |
| 2 | reviewer audit metadata fields | reviewer role、lane、template、source packet、classification reason、checklist count 與脫敏 evidence refs 等欄位名稱 | 只顯示欄位名稱,不顯示 raw owner response |
| 3 | reviewer audit forbidden payloads | token、secret、private key、deploy key、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw body、未脫敏截圖與 execution payload 禁止清單 | 只能提示禁止項目,不保存 payload |
| 4 | reviewer audit emission status | 全部 reviewer audit templates 仍為 0 emitted、stored_raw_payload_allowed=false |
不能解讀為 production audit 已落地 |
| 5 | reviewer audit non-authorization boundary | 顯示這些 section 只固定 UI 呈現 | 不代表 owner response received / accepted、approval、runtime gate、execution queue、action button 或 primary switch |
這 5 個 display sections 只讓 AwoooP 操作控制台安全顯示 reviewer audit templates 的狀態、允許 metadata、禁止 payload 與非授權邊界;不新增 audit ingestion pipeline,也不讓任何 section 觸發 repo、refs、workflow、secret、runner、Kali 或 GitHub primary 動作。
3.8 Reviewer Audit Collection Checks
| 順序 | Collection check | 要求 | 安全結果 |
|---|---|---|---|
| 1 | audit templates 先可見 | 先顯示 4 個 audit templates 與 5 個 audit display sections | waiting,不代表 emitted |
| 2 | metadata-only | 只允許欄位名稱、脫敏 evidence refs 與 count 類數值 | metadata-only pass / waiting |
| 3 | forbidden payload 阻擋 | token、secret、private key、cookie、session、raw body、未脫敏截圖與 execution payload 必須隔離或拒收 | blocked / quarantined |
| 4 | emitted 仍為 0 | 未另行批准 production ingestion 前,emitted_event_count=0、stored_raw_payload_allowed=false |
template only |
| 5 | 無 runtime side effect | 不建立 runtime gate、execution queue、action button、scan request、repo action 或 workflow / secret change | read-only check |
| 6 | counters 不變 | 不增加 received / accepted response、reviewer audit emitted、primary ready 或 active runtime gate count | waiting owner response |
這 6 個 collection checks 只讓 AwoooP 在畫面上檢查 reviewer audit 是否仍符合 metadata-only、0 emitted、無副作用與 counters 不變;通過檢查也不代表 owner response 已收到或接受,不代表 production ingestion,也不授權 runtime gate、Kali scan、repo / refs / workflow / secret / runner 變更或 GitHub primary switch。
3.9 Reviewer Audit Redaction Examples
| 順序 | Redaction example | 安全顯示形狀 | 禁止內容 |
|---|---|---|---|
| 1 | reviewer role / lane / template metadata | reviewer role、lane、template、source packet、開始時間與脫敏 evidence ref count | raw owner response、未脫敏截圖、private URL credential |
| 2 | classification reason summary | outcome lane、理由摘要、checklist pass/fail count、脫敏 evidence refs | token、secret、partial credential、runner token、webhook secret |
| 3 | quarantine pointer | blocked reason、quarantine pointer、blocked action summary | raw request / response body、credential value、private key、execution payload |
| 4 | read-only update targets | read-only target ids、follow-up runtime gate required、0 / false counters | execution command、repo write token、refs update payload、workflow secret value |
| 5 | runtime gate counter summary | received=0、accepted=0、reviewer audit emitted=0、primary ready=0、active runtime gate=0、not authorization | runtime approval、execution queue、action button、scan request、primary switch payload |
這 5 個 redaction examples 只示範 reviewer audit metadata 的安全顯示形狀;它們不是 owner response,不是 production ingestion,不會讓 counters 增加,也不允許 AwoooP 保存任何 token、secret、private key、cookie、session、raw body、未脫敏截圖或 execution payload。
3.10 Reviewer Audit Retention Rules
| 順序 | Retention rule | 可保留 metadata | 必須阻擋 |
|---|---|---|---|
| 1 | reviewer start metadata | reviewer role、lane、template、source packet、開始時間與脫敏 evidence ref count | raw owner response、未脫敏截圖、private URL credential、authorization header、cookie / session |
| 2 | classification summary | outcome lane、理由摘要、checklist pass/fail count、脫敏 evidence refs 與審查時間 | token、secret、secret hash、partial credential、runner token、webhook secret |
| 3 | quarantine pointer | outcome lane、blocked reason code、redaction required、quarantine pointer、blocked action summary | raw request / response body、credential value、private key、execution payload |
| 4 | read-only update target | outcome lane、read-only target ids、follow-up runtime gate required、0 / false counters | execution command、repo write token、refs update payload、workflow secret value、primary switch payload |
| 5 | counter snapshot | received=0、accepted=0、reviewer audit emitted=0、primary ready=0、active runtime gate=0、not authorization | runtime approval、execution queue、action button、scan request、primary switch payload |
這 5 條 retention rules 只定義 reviewer audit metadata 可以保留的安全形狀;未來就算有 owner response 進入人工檢查,也只能保留已脫敏 metadata、reason code、pointer 與 counters,不得保存 raw payload、credential、secret、private key、截圖內容、execution command 或任何可執行 payload。
3.11 Reviewer Audit Retention Checks
| 順序 | Retention check | 要求 | 安全結果 |
|---|---|---|---|
| 1 | retention rules 先可見 | 先顯示 5 條 retention rules | waiting,不代表 ingestion ready |
| 2 | retained metadata-only | 只確認 retained metadata shape、reason code、pointer、counter 與 redacted evidence refs | metadata-only retention check |
| 3 | raw payload blocked | raw request / response body、未脫敏截圖、execution payload、private key 與 credential value 必須拒收或隔離 | raw payload retention blocked |
| 4 | secret retention blocked | token、secret、secret hash、partial credential、runner token、webhook secret、authorization header 與 cookie / session 不得保留 | secret retention blocked |
| 5 | counter snapshot only | retention checks 通過也不得增加 received、accepted、reviewer audit emitted、primary ready 或 active runtime gate count | counter snapshot only |
| 6 | no runtime side effect | 不建立 runtime gate、execution queue、action button、scan request、repo action 或 workflow / secret change | read-only retention check |
這 6 個 retention checks 只讓 AwoooP 確認 retention rules 有被安全套用;通過也不代表 owner response 已收到或接受,不代表 audit production ingestion,也不允許任何 runtime gate、Kali scan、repo / refs / workflow / secret / runner 變更或 GitHub primary switch。
3.12 Reviewer Audit Handoff Packets
| 順序 | Handoff packet | 交接內容 | 安全結果 |
|---|---|---|---|
| 1 | current counters and boundary | 顯示 received=0、accepted=0、reviewer audit emitted=0、primary ready=0、active runtime gate=0 與 headline 58% | 只讀 resume pointer |
| 2 | required source packets | 接手者必讀 S4.9 / S4.10 / S4.11 / S4.12 四包 owner response snapshot、S4.13 validation rollup 與 security mirror status rollup | 不跳過 source packet preflight |
| 3 | safe display fields | 只顯示 lane id、template id、count、狀態、脫敏 evidence refs、reason code、pointer 與 metadata shape | 不顯示 raw response 或未脫敏截圖 |
| 4 | forbidden runtime interpretations | 明確禁止把 handoff 變成 repo、refs、workflow、secret、runner、Kali scan、GitHub hosted runner 或 primary switch 動作 | 不新增 action button 或 execution queue |
| 5 | next owner response focus | 下一個建議收件仍是 S4.9 Gitea owner attestation response | 不自動催收、代填、標記 received 或 accepted |
| 6 | post-review follow-up gates | 未來 response 通過後仍需 redacted payload 驗收、rollback ADR owner approval、逐 repo 人工批准與獨立 runtime gate | 不把 handoff complete 當成 primary ready、payload ingested 或 runtime approved |
這 6 個 handoff packets 只讓 AwoooP / 另一個 Security Supply Chain Session 用相同上下文接手 reviewer audit 狀態;它們不是 owner response、不是 production ingestion、不是 approval,也不得觸發任何 repo、refs、workflow、secret、runner、Kali 或 GitHub primary 動作。
3.13 Reviewer Audit Handoff Checks
| 順序 | Handoff check | 要求 | 安全結果 |
|---|---|---|---|
| 1 | handoff packets visible | 6 個 handoff packets 全部可見後才顯示 handoff check 狀態 | waiting,不代表 consumed |
| 2 | counters remain zero | handoff checks 通過也不得增加 received、accepted、reviewer audit emitted、primary ready 或 active runtime gate count | counter snapshot only |
| 3 | source packets required | 接手者必須先讀 S4.9 / S4.10 / S4.11 / S4.12 四包 source packets 與 S4.13 rollup | 不跳過 source packet preflight |
| 4 | safe display only | 只顯示 lane id、template id、count、狀態、脫敏 evidence refs、reason code、pointer 與 metadata shape | 不渲染 raw response 或敏感欄位 |
| 5 | runtime interpretations blocked | 不新增 runtime gate、execution queue、action button、scan request、repo / refs action、workflow / secret change、runner enablement 或 primary switch | runtime 誤讀阻擋 |
| 6 | next focus not received | 只顯示 next_collection_candidate=S4.9,不自動催收、代填、標記 received / accepted 或建立 follow-up runtime gate | next focus display only |
這 6 個 handoff checks 只確認 handoff packets 被安全消費;通過也不代表 owner response 已收到或接受,不代表 audit production ingestion,也不允許任何 runtime gate、Kali scan、repo / refs / workflow / secret / runner 變更或 GitHub primary switch。
3.14 Parallel Session Sync Checks
| 順序 | Sync check | 要求 | 安全結果 |
|---|---|---|---|
| 1 | same PR branch | AwoooP 主線與另一個 Security Supply Chain Session 先確認同一 PR #117 分支、且本地與遠端無分歧 | same branch read-only sync |
| 2 | latest delta visible | 接手前必須顯示最新 progress delta,避免讀到舊 handoff 或舊 ledger | latest delta display only |
| 3 | owner response counters zero | sync check 通過也不得增加 received、accepted、reviewer audit emitted、primary ready 或 active runtime gate count | counter snapshot only |
| 4 | runtime flags false | runtime execution、repo creation、refs sync、workflow modification、GitHub primary switch 與 action buttons 都必須維持 false | runtime flags false |
| 5 | source-control mutations blocked | 只允許 docs/schema/snapshot/guard 類只讀更新,不得建立 repo、改 visibility、sync/delete refs、force push、改 workflow/secret/runner、切 primary 或停用 Gitea | source-control mutation blocked |
| 6 | next focus stays S4.9 | next_collection_candidate 仍只顯示 S4.9 Gitea owner attestation response | S4.9 display only |
這 6 個 parallel session sync checks 是為了避免 AwoooP 主線與另一個 Security Supply Chain Session 在同一個 PR 分支上讀到不同階段或互相誤判授權。它們只確認分支、ledger、counter、false flags、source-control mutation 禁令與下一步 focus;不代表 owner response received / accepted、production ingestion、approval、runtime gate、repo / refs / workflow / secret / runner 變更、Kali scan 或 GitHub primary switch。
3.15 Parallel Session Conflict Lanes
| 順序 | Conflict lane | 衝突條件 | 安全結果 |
|---|---|---|---|
| 1 | stale or diverged branch | 本地 HEAD 與 PR #117 遠端分支不是 0/0 同步,或不是同一分支 | 停下重讀分支,不 auto merge、不 force push |
| 2 | stale progress delta | latest delta、ledger length 或 LOGBOOK latest entry 不一致 | 重讀 rollup / LOGBOOK / handoff / guard output |
| 3 | owner response counter drift | counters 不是 0 且沒有 source packet 與人工驗收紀錄 | 暫停為 counter drift,人工比對 evidence |
| 4 | runtime flag drift | 任一 runtime/source-control false flag 變成 true | 標成 flag drift,人工 review,不建 action button |
| 5 | source-control mutation request | 有人要求把同步結果轉成 repo、refs、workflow、runner、Gitea 或 primary 動作 | mirror phase 拒收 mutation request |
| 6 | next focus drift | next_collection_candidate 不是 S4.9,或後續 lane 被提前當成 accepted | 回到 S4.9 display-only 收件順序 |
這 6 條 conflict lanes 只是在兩個 Session 對分支、ledger、counter、false flags、source-control mutation 或下一步 focus 看法不一致時,固定「停下、重讀、人工 review」的顯示語義;不授權 merge、rebase、force push、repo / refs / workflow / secret / runner 變更、Kali scan、GitHub primary switch 或任何 runtime action。
3.16 Parallel Session Recovery Checks
| 順序 | Recovery check | 檢查要求 | 安全結果 |
|---|---|---|---|
| 1 | fetch and compare branch | 命中 conflict lane 後先確認本地 HEAD 與遠端 PR 分支為 0/0 | branch compare read-only |
| 2 | read latest ledger and LOGBOOK | 重新讀 latest delta、ledger length、LOGBOOK latest entry 與 handoff summary | latest ledger read-only |
| 3 | rerun read-only guards | 重跑 owner response guard 與 mirror progress guard | guard pass display-only |
| 4 | review staged diff only | staged / unstaged diff 只能是 docs/schema/snapshot/guard 類更新 | diff review read-only |
| 5 | keep runtime flags false | runtime、repo、refs、workflow、primary 與 action button flags 仍為 false | runtime flags false |
| 6 | record next focus remains S4.9 | 復原後 next_collection_candidate 仍只顯示 S4.9 | S4.9 display only |
這 6 個 recovery checks 只是在 conflict lane 命中後,固定「重抓遠端、重讀 ledger、重跑 guard、看 diff、確認 false flags、回到 S4.9」的只讀復原順序;不授權 rebase、merge、force push、覆蓋另一個 Session 變更、repo / refs / workflow / secret / runner 變更、Kali scan、GitHub primary switch 或任何 runtime action。
3.17 Parallel Session Recovery Outcome Lanes
| 順序 | Outcome lane | 條件 | 安全結果 |
|---|---|---|---|
| 1 | recovery ready for read-only continuation | branch 0/0、ledger 已重讀、guards 通過、diff 在範圍內、false flags 維持 false、next focus 是 S4.9 | 只可從最新 HEAD 繼續 mirror-only 文件階段 |
| 2 | branch still diverged | fetch 後本地與遠端仍分歧或不是同一 PR 分支 | 停下給人工 branch review |
| 3 | ledger or handoff still stale | latest delta、ledger length、LOGBOOK 或 handoff 不一致 | 只重讀來源,不從舊上下文繼續 |
| 4 | read-only guard failed | owner response guard、progress guard、JSON 或 targeted jq 失敗 | 只修 snapshot / schema / guard 一致性 |
| 5 | diff out of mirror-only scope | diff 含 runtime、workflow、secret、runner、refs、deploy、Kali、primary 或 Gitea disable 類變更 | 標示給人工 review,不 stage/commit/drop |
| 6 | runtime flag drift | 任一 runtime / source-control false flag 變成 true | 阻擋 runtime 解讀並回查 flag |
| 7 | next focus drift | next_collection_candidate 不是 S4.9,或後續包被提前當成 received / accepted | 回到 S4.9 display-only focus |
這 7 條 recovery outcome lanes 只是在 recovery checks 後固定結果分類,讓 AwoooP 能看懂「可只讀續做、仍需人工分支 review、ledger 仍 stale、guard 失敗、diff 越界、flag 漂移、focus 漂移」;不授權 rebase、merge、force push、runtime queue、action button、repo / refs / workflow / secret / runner 變更、Kali scan、GitHub primary switch 或 Gitea disable。
4. AwoooP 可做
- 顯示四個 response packets 的總覽與缺口。
- 顯示 24 個 response templates、32 個 acceptance checks、40 個 rejection rules。
- 顯示目前 received / accepted / rejected response 皆為 0。
- 將不完整或可疑 response 導入 mirror quarantine。
- 顯示 6 條 evidence routing rules,讓 reviewer 知道 evidence pointer 應補證、隔離、拒收、送跨包 review 或只讀更新。
- 顯示 8 個 validation display sections,固定總覽、缺口、收件順序、下一個收件、cross-packet checks、routing、quarantine 與本機驗證的只讀區塊。
- 顯示 7 條 state transition rules,固定 waiting、pending validation、補證、隔離、拒收、owner review、read-only update 與 waiting runtime gate 的只讀語義。
- 顯示 9 個 reviewer checklist items,讓人工審查先確認 lane、必填欄位、脫敏、preflight、cross-packet consistency、無敏感 payload、無執行意圖與後續 runtime gate 邊界。
- 顯示 7 條 reviewer outcome lanes,讓 reviewer 把結果歸到等待、補證、隔離、拒收、跨包 review、只讀更新候選或等待後續 runtime gate。
- 顯示 4 個 reviewer audit event templates,讓未來只記錄脫敏 metadata,且目前
emitted_event_count=0。 - 顯示 5 個 reviewer audit display sections,固定 audit templates、允許 metadata、禁止 payload、0 emitted 狀態與非授權邊界的 UI 呈現。
- 顯示 6 個 reviewer audit collection checks,確認 audit templates 可見、metadata-only、forbidden payload blocked、emitted=0、無 runtime side effect 與 counters 不變。
- 顯示 5 個 reviewer audit redaction examples,示範 reviewer / classification / quarantine / read-only update / runtime gate counter metadata 的安全形狀。
- 顯示 5 條 reviewer audit retention rules,固定可保留 metadata 與 raw payload 拒收邊界。
- 顯示 6 個 reviewer audit retention checks,確認 retention rules 可見、metadata-only、raw payload / secret retention blocked、counter snapshot-only 與無 runtime side effect。
- 顯示 6 個 reviewer audit handoff packets,讓另一個 AwoooP / Security Supply Chain Session 只讀接手目前 counters、必讀 source packets、安全顯示欄位、禁止 runtime 誤讀、下一個 owner response focus 與後續 gates。
- 顯示 6 個 reviewer audit handoff checks,確認 handoff packets 可見、counters 不變、source packets 必讀、安全顯示欄位、runtime 誤讀阻擋與 next focus 未被標記 received。
- 顯示 6 個 parallel session sync checks,確認另一個 Session 接手前已同步同一 PR 分支、latest delta、0 counters、false flags、source-control mutation 禁令與 S4.9 next focus。
- 顯示 6 條 parallel session conflict lanes,讓分支、delta、counter、runtime flag、source-control mutation request 或 next focus 衝突時只進停下重讀與人工 review。
- 顯示 6 個 parallel session recovery checks,讓 conflict lane 命中後只做 fetch/compare、重讀 ledger、重跑只讀 guard、review diff、確認 false flags 與 S4.9 next focus。
- 顯示 7 條 parallel session recovery outcome lanes,讓復原後只分類 ready、branch diverged、ledger stale、guard failed、diff out-of-scope、runtime flag drift 或 next focus drift。
- 在未來 response 通過後,只更新 read-only evidence、matrix、decision table、reconcile wording 或 readiness wording。
5. AwoooP 不可做
- 不要求使用者貼 token、secret、private key、cookie、session、deploy key、runner token 或 webhook secret。
- 不使用 write token。
- 不建立 GitHub repo、不修改 visibility、不寫 Gitea repo。
- 不 sync refs、不 delete refs、不 force push。
- 不修改 workflow、webhook、runner、deploy key、branch protection、CODEOWNERS 或 repository secret。
- 不啟用 GitHub hosted runner,不讓此階段消耗 GitHub Actions hosted minutes。
- 不切 GitHub primary。
- 不新增 execution action button。
6. 階段定位
S4.13 是 S4.9 到 S4.12 的彙整驗收入口。
它讓另一個 AwoooP session 可以用一份 rollup 看懂「現在缺哪些 owner response」,但不改變任何 runtime 狀態。真正進入 GitHub primary、refs migration、workflow/secret parity completion 或 Kali runtime ingestion 之前,仍必須等 owner responses、redacted payload、rollback ADR、人工批准與 follow-up runtime gate 全部補齊。