wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity
Files
2a2cb16c135fd7e5b159d94de9b5ff04f6cf31f5
awoooi/docs/schemas/security_approval_state_transition_v1.schema.json
Your Name 9e15fd08b3
All checks were successful
CD Pipeline / tests (push) Successful in 1m39s
Details
Code Review / ai-code-review (push) Successful in 15s
Details
CD Pipeline / build-and-deploy (push) Successful in 5m19s
Details
CD Pipeline / post-deploy-checks (push) Successful in 2m11s
Details
feat(web): land iwooos security posture surfaces
2026-05-25 20:35:52 +08:00

180 lines
4.6 KiB
JSON
Raw Blame History

{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "urn:awoooi:security-approval-state-transition-v1",
"title": "資安供應鏈人工決策狀態轉移契約 v1",
"description": "定義 AwoooP 在 Security Supply Chain 人工審查後,如何把 approve/reject/defer/request_more_evidence/keep_blocked 轉成只讀狀態。此契約不授權 runtime execution。",
"type": "object",
"required": [
"schema_version",
"status",
"date",
"mode",
"runtime_execution_authorized",
"source_indexes",
"summary",
"transition_rules",
"transition_rules_global",
"forbidden_actions"
],
"properties": {
"schema_version": {
"const": "security_approval_state_transition_v1"
},
"status": {
"type": "string",
"enum": ["draft"]
},
"date": {
"type": "string"
},
"mode": {
"type": "string",
"enum": ["approval_state_transition_only"]
},
"runtime_execution_authorized": {
"type": "boolean",
"const": false
},
"source_indexes": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"summary": {
"type": "object",
"required": [
"total_transition_rules",
"decision_options_covered",
"runtime_actions_authorized",
"immediate_execution_allowed",
"action_buttons_allowed",
"raw_secret_storage_authorized"
],
"properties": {
"total_transition_rules": {
"type": "integer",
"minimum": 0
},
"decision_options_covered": {
"type": "array",
"items": {
"type": "string",
"enum": ["approve_scope", "reject", "defer", "request_more_evidence", "keep_blocked"]
},
"minItems": 1,
"uniqueItems": true
},
"runtime_actions_authorized": {
"type": "boolean",
"const": false
},
"immediate_execution_allowed": {
"type": "boolean",
"const": false
},
"action_buttons_allowed": {
"type": "boolean",
"const": false
},
"raw_secret_storage_authorized": {
"type": "boolean",
"const": false
}
},
"additionalProperties": false
},
"transition_rules": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": [
"rule_id",
"decision",
"from_review_states",
"next_state",
"allowed_state_updates",
"allowed_next_artifacts",
"still_forbidden",
"followup_runtime_gate_required",
"execution_authorized"
],
"properties": {
"rule_id": {
"type": "string"
},
"decision": {
"type": "string",
"enum": ["approve_scope", "reject", "defer", "request_more_evidence", "keep_blocked"]
},
"from_review_states": {
"type": "array",
"items": {
"type": "string",
"enum": ["ready_for_human_review", "block_candidate"]
},
"minItems": 1,
"uniqueItems": true
},
"next_state": {
"type": "string",
"enum": [
"scope_approved_waiting_runtime_gate",
"closed_rejected_no_action",
"deferred_pending_owner_timing",
"evidence_requested_waiting_snapshot_update",
"blocked_by_default"
]
},
"allowed_state_updates": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"allowed_next_artifacts": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"still_forbidden": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"followup_runtime_gate_required": {
"type": "boolean"
},
"execution_authorized": {
"type": "boolean",
"const": false
}
},
"additionalProperties": false
}
},
"transition_rules_global": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
},
"forbidden_actions": {
"type": "array",
"items": {
"type": "string"
},
"minItems": 1
}
},
"additionalProperties": false
}
Reference in New Issue View Git Blame Copy Permalink