1506 lines
57 KiB
JSON
1506 lines
57 KiB
JSON
{
|
||
"schema_version": "gitea_inventory_owner_attestation_response_v1",
|
||
"status": "draft_waiting_owner_response",
|
||
"date": "2026-06-04",
|
||
"mode": "owner_response_intake_only",
|
||
"runtime_execution_authorized": false,
|
||
"source_contract": "gitea_inventory_coverage_attestation_v1",
|
||
"target_contract": "gitea_repo_inventory_v1",
|
||
"source_indexes": [
|
||
"docs/security/gitea-inventory-coverage-attestation.snapshot.json",
|
||
"docs/security/GITEA-INVENTORY-COVERAGE-ATTESTATION.md",
|
||
"docs/security/gitea-authenticated-inventory-export-request.snapshot.json",
|
||
"docs/security/gitea-authenticated-inventory-import-acceptance.snapshot.json",
|
||
"docs/security/source-control-primary-readiness-gate.snapshot.json",
|
||
"docs/security/security-approval-review-packet.snapshot.json",
|
||
"docs/security/security-followup-runtime-gate.snapshot.json"
|
||
],
|
||
"summary": {
|
||
"owner_response_status": "waiting_owner_response",
|
||
"required_response_item_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"response_template_count": 5,
|
||
"owner_response_template_status_count": 5,
|
||
"owner_response_audit_event_template_count": 3,
|
||
"owner_response_redaction_example_count": 5,
|
||
"owner_response_display_section_count": 8,
|
||
"owner_response_request_packet_count": 1,
|
||
"owner_response_collection_check_count": 6,
|
||
"owner_response_intake_handoff_queue_count": 5,
|
||
"owner_response_intake_handoff_queue_ready_count": 0,
|
||
"owner_response_intake_handoff_queue_received_count": 0,
|
||
"owner_response_intake_handoff_queue_accepted_count": 0,
|
||
"owner_response_intake_handoff_queue_runtime_gate_count": 0,
|
||
"owner_response_intake_handoff_queue_raw_payload_allowed": false,
|
||
"owner_response_intake_handoff_queue_action_buttons_allowed": false,
|
||
"owner_response_metadata_intake_field_count": 6,
|
||
"owner_response_metadata_intake_required_count": 6,
|
||
"owner_response_metadata_intake_filled_count": 0,
|
||
"owner_response_metadata_intake_received_count": 0,
|
||
"owner_response_metadata_intake_accepted_count": 0,
|
||
"owner_response_metadata_intake_runtime_gate_count": 0,
|
||
"owner_response_metadata_intake_redacted_ref_required": true,
|
||
"owner_response_metadata_intake_raw_payload_allowed": false,
|
||
"owner_response_metadata_intake_secret_plaintext_allowed": false,
|
||
"owner_response_metadata_intake_action_buttons_allowed": false,
|
||
"intake_preflight_check_count": 6,
|
||
"intake_outcome_lane_count": 5,
|
||
"acceptance_check_count": 8,
|
||
"rejection_rule_count": 10,
|
||
"token_value_collection_allowed": false,
|
||
"raw_secret_allowed": false,
|
||
"repo_write_allowed": false,
|
||
"refs_sync_allowed": false,
|
||
"github_primary_switch_authorized": false,
|
||
"action_buttons_allowed": false
|
||
},
|
||
"response_templates": [
|
||
{
|
||
"template_id": "response-public-only-vs-local-gitea-gap",
|
||
"attestation_item_id": "public_only_vs_local_gitea_gap",
|
||
"title": "public-only 與本機 Gitea remote 覆蓋缺口回覆",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_repos",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"acceptable_decisions": [
|
||
"in_scope",
|
||
"out_of_scope",
|
||
"legacy_archived",
|
||
"external_system",
|
||
"inaccessible_requires_followup",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/gitea-repo-inventory.snapshot.json",
|
||
"docs/security/local-git-remote-inventory.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須逐項說明 `wooo/clawbot-v5` 與 `wooo/wooo-aiops` 是否屬本輪 inventory / migration scope",
|
||
"若標示 out_of_scope、legacy_archived 或 external_system,必須附 owner 理由",
|
||
"若標示 in_scope,必須指定後續 repo owner 與 GitHub target review owner"
|
||
],
|
||
"rejection_conditions": [
|
||
"只回覆整體同意但沒有逐 repo decision",
|
||
"要求直接建立 GitHub repo、sync refs 或切 GitHub primary",
|
||
"貼出 token、credential、私有 clone URL 或未脫敏截圖"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 attestation snapshot 的 read-only decision 欄位",
|
||
"更新 migration matrix 與 decision table 的 scope 欄位",
|
||
"維持 gitea_repo_inventory_v1.status=partial"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-org-user-endpoint-identity",
|
||
"attestation_item_id": "org_user_endpoint_identity",
|
||
"title": "Gitea `wooo` org/user endpoint 身分回覆",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"canonical_namespace",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"acceptable_decisions": [
|
||
"in_scope",
|
||
"out_of_scope",
|
||
"inaccessible_requires_followup",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/gitea-org-repo-inventory-blocked.snapshot.json",
|
||
"docs/security/gitea-authenticated-inventory-export-request.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須說明 `wooo` 在 Gitea 中應以 user、org 或兩者盤點",
|
||
"必須標示 canonical endpoint 或要求管理者補脫敏 evidence",
|
||
"不得把 org endpoint 404 自動解釋為不存在 private/internal repos"
|
||
],
|
||
"rejection_conditions": [
|
||
"只說 public API 查不到就當完成",
|
||
"要求使用 write/admin token",
|
||
"提供未脫敏 API response 或 token value"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 Gitea inventory query mode 的待判定說明",
|
||
"更新 AwoooP review lane 的 endpoint scope 顯示",
|
||
"維持 read-only / approval-only 狀態"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-internal-110-adjacent-scope",
|
||
"attestation_item_id": "internal_110_adjacent_scope",
|
||
"title": "110 內部相鄰來源 scope 回覆",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_sources",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"acceptable_decisions": [
|
||
"in_scope",
|
||
"out_of_scope",
|
||
"legacy_archived",
|
||
"external_system",
|
||
"inaccessible_requires_followup",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/git-remote-refs-bitan-tsenyang.snapshot.json",
|
||
"docs/security/git-remote-refs-wooo-infra-config.snapshot.json",
|
||
"docs/security/local-git-remote-inventory.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須逐項說明 `bitan-pharmacy`、`root/momo-pro-system`、`tsenyang-website`、`wooo/wooo-infra-config` 是否納入本輪 scope",
|
||
"若屬外部或 legacy,必須指定後續 owner 或排除理由",
|
||
"若屬 in_scope,必須標示是否需要後續 refs truth / workflow-secret parity"
|
||
],
|
||
"rejection_conditions": [
|
||
"用單一句話排除所有 110 adjacent sources",
|
||
"把內部相鄰來源直接推到 GitHub primary readiness",
|
||
"要求 fetch/push/delete refs"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 source-control migration matrix 的 scope 欄位",
|
||
"更新 primary readiness blocker 說明",
|
||
"建立 request_more_evidence lane"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-repo-owner-canonical-scope",
|
||
"attestation_item_id": "repo_owner_canonical_scope",
|
||
"title": "repo owner / canonical / GitHub target scope 回覆",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo_owner",
|
||
"canonical_source",
|
||
"github_target_candidate",
|
||
"visibility_review_owner",
|
||
"evidence_refs"
|
||
],
|
||
"acceptable_decisions": [
|
||
"in_scope",
|
||
"out_of_scope",
|
||
"external_system",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/github-target-decision.snapshot.json",
|
||
"docs/security/source-control-approval-board.snapshot.json",
|
||
"docs/security/local-repo-canonical-ewoooc-momo.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"每個 in-scope repo 必須有 owner、canonical source、GitHub target candidate 與 visibility review owner",
|
||
"若 GitHub target 目前 not_found_or_private,必須維持 pending approval,不得自動建立",
|
||
"若 canonical 關係未定,必須標示 unknown_requires_more_evidence"
|
||
],
|
||
"rejection_conditions": [
|
||
"把 not_found_or_private 當成可建立 repo 的批准",
|
||
"沒有 visibility / owner 責任人",
|
||
"要求修改 repo visibility 或建立 GitHub repo"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 canonical decision table",
|
||
"更新 GitHub target review package",
|
||
"更新 primary readiness gate 的 owner/canonical blocker"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-legacy-or-inaccessible-disposition",
|
||
"attestation_item_id": "legacy_or_inaccessible_repo_disposition",
|
||
"title": "legacy / inaccessible repo disposition 回覆",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_repos_or_sources",
|
||
"disposition",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"acceptable_decisions": [
|
||
"out_of_scope",
|
||
"legacy_archived",
|
||
"external_system",
|
||
"inaccessible_requires_followup",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/gitea-authenticated-inventory-import-acceptance.snapshot.json",
|
||
"docs/security/source-control-primary-readiness-gate.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"每個 legacy / inaccessible / external repo 必須有 disposition 與 owner 理由",
|
||
"inaccessible_requires_followup 必須指定下一個 evidence owner",
|
||
"unknown_requires_more_evidence 必須維持 blocker,不得進 primary readiness"
|
||
],
|
||
"rejection_conditions": [
|
||
"沒有列出受影響 repo 或 source",
|
||
"把未出現在 payload 的 repo 自動視為已完成 inventory",
|
||
"要求 archive/delete/disable Gitea repo"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 legacy / inaccessible review lane",
|
||
"更新 status rollup 的 blocked reason",
|
||
"維持 source-control primary readiness blocker"
|
||
],
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"owner_response_template_statuses": [
|
||
{
|
||
"template_id": "response-public-only-vs-local-gitea-gap",
|
||
"attestation_item_id": "public_only_vs_local_gitea_gap",
|
||
"display_order": 1,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需逐項判定 `wooo/clawbot-v5` 與 `wooo/wooo-aiops` 是否屬本輪 inventory / migration scope,並只引用脫敏 evidence refs。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_without_owner_response",
|
||
"mark_accepted_without_acceptance_checks",
|
||
"execute_inventory",
|
||
"create_github_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-org-user-endpoint-identity",
|
||
"attestation_item_id": "org_user_endpoint_identity",
|
||
"display_order": 2,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需說明 `wooo` 在 Gitea 中應以 user、org 或兩者盤點,且不得把 404 當成 private/internal repo 不存在。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_without_owner_response",
|
||
"mark_accepted_without_acceptance_checks",
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-internal-110-adjacent-scope",
|
||
"attestation_item_id": "internal_110_adjacent_scope",
|
||
"display_order": 3,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需逐項判定 `bitan-pharmacy`、`root/momo-pro-system`、`tsenyang-website`、`wooo/wooo-infra-config` 是否納入本輪 scope。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_without_owner_response",
|
||
"mark_accepted_without_acceptance_checks",
|
||
"create_github_repo",
|
||
"sync_refs",
|
||
"delete_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-repo-owner-canonical-scope",
|
||
"attestation_item_id": "repo_owner_canonical_scope",
|
||
"display_order": 4,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需為 in-scope repo 指定 owner、canonical source、GitHub target candidate 與 visibility review owner。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_without_owner_response",
|
||
"mark_accepted_without_acceptance_checks",
|
||
"create_github_repo",
|
||
"change_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-legacy-or-inaccessible-disposition",
|
||
"attestation_item_id": "legacy_or_inaccessible_repo_disposition",
|
||
"display_order": 5,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需對 legacy、inaccessible 或 external repo 留下 disposition、理由與後續 owner。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_without_owner_response",
|
||
"mark_accepted_without_acceptance_checks",
|
||
"archive_repo",
|
||
"delete_repo",
|
||
"disable_gitea_repo",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"owner_response_intake_handoff_queue": [
|
||
{
|
||
"handoff_lane_id": "publicGap",
|
||
"display_order": 1,
|
||
"source_template_id": "response-public-only-vs-local-gitea-gap",
|
||
"template_label": "D1",
|
||
"handoff_status": "waiting_owner_response_metadata",
|
||
"required_owner_field_count": 6,
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_repos",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"current_blocker": "缺少 public-only / local gap 的逐 repo owner 判定。",
|
||
"next_safe_step": "只等待負責人提供脫敏 metadata pointer;不得收 raw response 或啟動 repo / refs 動作。",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_handoff_queue",
|
||
"mark_accepted_from_handoff_queue",
|
||
"store_owner_response_raw_body",
|
||
"create_github_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"handoff_lane_id": "namespaceIdentity",
|
||
"display_order": 2,
|
||
"source_template_id": "response-org-user-endpoint-identity",
|
||
"template_label": "D2",
|
||
"handoff_status": "waiting_owner_response_metadata",
|
||
"required_owner_field_count": 6,
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"canonical_namespace",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"current_blocker": "缺少 Gitea `wooo` user / org canonical namespace 判定。",
|
||
"next_safe_step": "只等待負責人提供 canonical namespace 與脫敏 evidence ref;不得使用 write/admin token。",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_handoff_queue",
|
||
"mark_accepted_from_handoff_queue",
|
||
"store_owner_response_raw_body",
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"handoff_lane_id": "adjacentScope",
|
||
"display_order": 3,
|
||
"source_template_id": "response-internal-110-adjacent-scope",
|
||
"template_label": "D3",
|
||
"handoff_status": "waiting_owner_response_metadata",
|
||
"required_owner_field_count": 6,
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_sources",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"current_blocker": "缺少 110 相鄰來源逐項 scope 判定。",
|
||
"next_safe_step": "只等待 owner 標示來源是否 in-scope、legacy、external 或需補證;不得 fetch、push 或刪 refs。",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_handoff_queue",
|
||
"mark_accepted_from_handoff_queue",
|
||
"store_owner_response_raw_body",
|
||
"fetch_refs",
|
||
"delete_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"handoff_lane_id": "canonicalOwner",
|
||
"display_order": 4,
|
||
"source_template_id": "response-repo-owner-canonical-scope",
|
||
"template_label": "D4",
|
||
"handoff_status": "waiting_owner_response_metadata",
|
||
"required_owner_field_count": 8,
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo_owner",
|
||
"canonical_source",
|
||
"github_target_candidate",
|
||
"visibility_review_owner",
|
||
"evidence_refs"
|
||
],
|
||
"current_blocker": "缺少 repo owner、canonical source、GitHub target candidate 與 visibility review owner。",
|
||
"next_safe_step": "只等待負責人補齊 owner / canonical / visibility metadata;不得建立 GitHub repo 或改 visibility。",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_handoff_queue",
|
||
"mark_accepted_from_handoff_queue",
|
||
"store_owner_response_raw_body",
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"handoff_lane_id": "legacyDisposition",
|
||
"display_order": 5,
|
||
"source_template_id": "response-legacy-or-inaccessible-disposition",
|
||
"template_label": "D5",
|
||
"handoff_status": "waiting_owner_response_metadata",
|
||
"required_owner_field_count": 7,
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_repos_or_sources",
|
||
"disposition",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"current_blocker": "缺少 legacy、inaccessible 或 external repo disposition 與後續 owner。",
|
||
"next_safe_step": "只等待負責人補 disposition metadata;不得 archive、delete 或停用 Gitea repo。",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_handoff_queue",
|
||
"mark_accepted_from_handoff_queue",
|
||
"store_owner_response_raw_body",
|
||
"archive_repo",
|
||
"delete_repo",
|
||
"disable_gitea_repo"
|
||
]
|
||
}
|
||
],
|
||
"owner_response_metadata_intake_envelope": [
|
||
{
|
||
"field_id": "ownerRoleTeam",
|
||
"display_order": 1,
|
||
"source_required_field": "owner_role_or_team",
|
||
"field_label": "負責人角色 / 團隊",
|
||
"field_status": "waiting_owner_response_metadata",
|
||
"intake_mode": "redacted_metadata_only",
|
||
"required": true,
|
||
"filled_count": 0,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"redacted_reference_required": true,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_metadata_envelope",
|
||
"mark_accepted_from_metadata_envelope",
|
||
"store_owner_response_raw_body",
|
||
"store_secret_value"
|
||
]
|
||
},
|
||
{
|
||
"field_id": "decision",
|
||
"display_order": 2,
|
||
"source_required_field": "decision",
|
||
"field_label": "判定",
|
||
"field_status": "waiting_owner_response_metadata",
|
||
"intake_mode": "controlled_value_only",
|
||
"required": true,
|
||
"filled_count": 0,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"redacted_reference_required": true,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_metadata_envelope",
|
||
"mark_accepted_from_metadata_envelope",
|
||
"override_allowed_decisions",
|
||
"open_runtime_gate"
|
||
]
|
||
},
|
||
{
|
||
"field_id": "decisionReason",
|
||
"display_order": 3,
|
||
"source_required_field": "decision_reason",
|
||
"field_label": "判定理由",
|
||
"field_status": "waiting_owner_response_metadata",
|
||
"intake_mode": "redacted_metadata_only",
|
||
"required": true,
|
||
"filled_count": 0,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"redacted_reference_required": true,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_metadata_envelope",
|
||
"mark_accepted_from_metadata_envelope",
|
||
"store_owner_response_raw_body",
|
||
"treat_reason_as_approval"
|
||
]
|
||
},
|
||
{
|
||
"field_id": "affectedScope",
|
||
"display_order": 4,
|
||
"source_required_field": "affected_scope",
|
||
"field_label": "受影響範圍",
|
||
"field_status": "waiting_owner_response_metadata",
|
||
"intake_mode": "scope_pointer_only",
|
||
"required": true,
|
||
"filled_count": 0,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"redacted_reference_required": true,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_metadata_envelope",
|
||
"mark_accepted_from_metadata_envelope",
|
||
"create_or_delete_repo",
|
||
"sync_refs"
|
||
]
|
||
},
|
||
{
|
||
"field_id": "redactedEvidenceRefs",
|
||
"display_order": 5,
|
||
"source_required_field": "evidence_refs",
|
||
"field_label": "脫敏證據參照",
|
||
"field_status": "waiting_owner_response_metadata",
|
||
"intake_mode": "redacted_reference_only",
|
||
"required": true,
|
||
"filled_count": 0,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"redacted_reference_required": true,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_metadata_envelope",
|
||
"mark_accepted_from_metadata_envelope",
|
||
"store_unredacted_evidence",
|
||
"store_secret_value"
|
||
]
|
||
},
|
||
{
|
||
"field_id": "followupOwner",
|
||
"display_order": 6,
|
||
"source_required_field": "followup_owner",
|
||
"field_label": "後續負責人",
|
||
"field_status": "waiting_owner_response_metadata",
|
||
"intake_mode": "owner_pointer_only",
|
||
"required": true,
|
||
"filled_count": 0,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_gate_count": 0,
|
||
"redacted_reference_required": true,
|
||
"raw_payload_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"action_buttons_allowed": false,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"mark_received_from_metadata_envelope",
|
||
"mark_accepted_from_metadata_envelope",
|
||
"assign_runtime_owner_without_review",
|
||
"open_runtime_gate"
|
||
]
|
||
}
|
||
],
|
||
"owner_response_audit_event_templates": [
|
||
{
|
||
"event_template_id": "audit-owner-response-request-shown",
|
||
"display_order": 1,
|
||
"event_status": "template_only_not_emitted",
|
||
"trigger": "AwoooP 顯示 S4.9 owner response request packet 時。",
|
||
"purpose": "只記錄 request packet 已可顯示或已顯示的 metadata,不代表 owner response 已收到。",
|
||
"allowed_metadata_fields": [
|
||
"event_template_id",
|
||
"request_id",
|
||
"requested_template_ids",
|
||
"target_contract",
|
||
"displayed_by_role",
|
||
"displayed_at_taipei",
|
||
"source_document_ref"
|
||
],
|
||
"forbidden_payloads": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"db_dump",
|
||
"git_object_pack",
|
||
"repo_archive",
|
||
"execution_request_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-owner-response-received-metadata",
|
||
"display_order": 2,
|
||
"event_status": "template_only_not_emitted",
|
||
"trigger": "Owner 提供 S4.9 response metadata pointer 時。",
|
||
"purpose": "只記錄 response 已收到的脫敏 metadata pointer;不得保存 response 原文或敏感 payload。",
|
||
"allowed_metadata_fields": [
|
||
"event_template_id",
|
||
"template_id",
|
||
"attestation_item_id",
|
||
"owner_role_or_team",
|
||
"received_at_taipei",
|
||
"redacted_evidence_refs",
|
||
"source_document_ref"
|
||
],
|
||
"forbidden_payloads": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"private_clone_url_credential",
|
||
"db_dump",
|
||
"git_object_pack",
|
||
"repo_archive",
|
||
"execution_request_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-owner-response-outcome-classified",
|
||
"display_order": 3,
|
||
"event_status": "template_only_not_emitted",
|
||
"trigger": "AwoooP 依 collection checks、preflight checks 與 outcome lanes 分類 S4.9 response 時。",
|
||
"purpose": "只記錄分類結果與下一步提示;不得把 outcome lane 當成 approval 或 execution authorization。",
|
||
"allowed_metadata_fields": [
|
||
"event_template_id",
|
||
"template_id",
|
||
"collection_status",
|
||
"latest_outcome_lane",
|
||
"next_owner_action",
|
||
"classified_at_taipei",
|
||
"classified_by_role"
|
||
],
|
||
"forbidden_payloads": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"db_dump",
|
||
"git_object_pack",
|
||
"repo_archive",
|
||
"repo_or_refs_execution_request",
|
||
"workflow_secret_runner_execution_request"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_redaction_examples": [
|
||
{
|
||
"example_id": "redaction-existing-doc-ref",
|
||
"display_order": 1,
|
||
"example_status": "template_example_only",
|
||
"category": "repo_existing_document_reference",
|
||
"safe_response_shape": [
|
||
"template_id=response-public-only-vs-local-gitea-gap",
|
||
"decision=in_scope",
|
||
"evidence_refs=[docs/security/gitea-repo-inventory.snapshot.json, docs/security/local-git-remote-inventory.snapshot.json]",
|
||
"decision_reason=引用既有 snapshot 的 repo slug 與 coverage gap,不貼 API raw body"
|
||
],
|
||
"required_redactions": [
|
||
"外部 evidence 只保留 repo 內文件路徑或 snapshot 路徑",
|
||
"若引用外部清冊,先轉為 redacted metadata pointer",
|
||
"不得貼完整 API response body"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"token_value",
|
||
"secret_value",
|
||
"private_clone_url_credential",
|
||
"api_response_raw_body"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-owner-decision-metadata",
|
||
"display_order": 2,
|
||
"example_status": "template_example_only",
|
||
"category": "owner_decision_metadata",
|
||
"safe_response_shape": [
|
||
"owner_role_or_team=migration-owner",
|
||
"decision=unknown_requires_more_evidence",
|
||
"followup_owner=security-commander",
|
||
"evidence_refs=[docs/security/GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md]"
|
||
],
|
||
"required_redactions": [
|
||
"只寫角色或團隊,不寫個人密碼、session 或 API token",
|
||
"decision_reason 不得包含可重播操作步驟或憑證",
|
||
"followup_owner 只代表責任人,不代表 approval"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"password",
|
||
"cookie",
|
||
"session",
|
||
"one_time_code",
|
||
"approval_phrase_as_execution_authorization"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-private-url-metadata",
|
||
"display_order": 3,
|
||
"example_status": "template_example_only",
|
||
"category": "private_url_or_remote_metadata",
|
||
"safe_response_shape": [
|
||
"affected_repos_or_sources=[wooo/clawbot-v5]",
|
||
"source_host=gitea-local",
|
||
"credential_present=true",
|
||
"credential_value_stored=false"
|
||
],
|
||
"required_redactions": [
|
||
"完整 clone URL 只能保留 host、namespace、repo slug 與 credential_present=true/false",
|
||
"若 URL 含 userinfo、query token 或 header,必須移除值",
|
||
"不得把 private URL 當成可 fetch 或可 push 指令"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"https_userinfo_credential",
|
||
"query_token",
|
||
"authorization_header",
|
||
"ssh_private_key",
|
||
"git_remote_with_secret"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-api-export-summary",
|
||
"display_order": 4,
|
||
"example_status": "template_example_only",
|
||
"category": "api_or_admin_export_summary",
|
||
"safe_response_shape": [
|
||
"export_source=read_only_token_api_or_redacted_admin_export",
|
||
"repo_count_observed=number_only",
|
||
"token_present=true",
|
||
"token_value_stored=false"
|
||
],
|
||
"required_redactions": [
|
||
"只保留 count、source type、redaction status 與 evidence ref",
|
||
"API request/response header、body 與 token value 不得保存",
|
||
"DB dump、git object pack 與 repo archive 必須拒收或隔離"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"api_request_header",
|
||
"api_response_raw_body",
|
||
"db_dump",
|
||
"git_object_pack",
|
||
"repo_archive"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-quarantine-pointer",
|
||
"display_order": 5,
|
||
"example_status": "template_example_only",
|
||
"category": "uncertain_sensitive_payload",
|
||
"safe_response_shape": [
|
||
"collection_status=quarantine_sensitive_payload",
|
||
"quarantine_reason=疑似含敏感值,尚未人工脫敏",
|
||
"raw_payload_stored_in_repo=false",
|
||
"next_owner_action=request_redacted_metadata_pointer"
|
||
],
|
||
"required_redactions": [
|
||
"不確定是否含敏感值時先產生 quarantine pointer",
|
||
"只留下原因、來源類型、責任 owner 與下一步,不留下原文",
|
||
"解除 quarantine 前不得更新 received / accepted count"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"owner_response_raw_body",
|
||
"secret_screenshot",
|
||
"credential_file",
|
||
"execution_request_payload",
|
||
"unredacted_export"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_display_sections": [
|
||
{
|
||
"section_id": "display-owner-response-summary",
|
||
"display_order": 1,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "summary",
|
||
"purpose": "顯示 owner response 仍為 waiting、received/accepted/rejected 皆為 0,以及所有 write / primary / action button flags 皆為 false。",
|
||
"allowed_ui_actions": [
|
||
"display_counts",
|
||
"display_false_flags",
|
||
"display_waiting_state"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"mark_received",
|
||
"mark_accepted",
|
||
"enable_action_button"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-owner-response-request-packet",
|
||
"display_order": 2,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "owner_response_request_packet",
|
||
"purpose": "顯示 owner 需要回覆的五個 templates、允許欄位、evidence ref rules 與 forbidden payloads。",
|
||
"allowed_ui_actions": [
|
||
"display_requested_templates",
|
||
"display_allowed_fields",
|
||
"display_forbidden_payloads"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"send_request_as_approval",
|
||
"start_inventory",
|
||
"sync_refs"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-template-status-ledger",
|
||
"display_order": 3,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "owner_response_template_statuses",
|
||
"purpose": "逐 template 顯示 waiting_owner_response、request_ready_not_sent 與 0/0/0 計數。",
|
||
"allowed_ui_actions": [
|
||
"display_per_template_status",
|
||
"display_next_owner_action",
|
||
"display_zero_counts"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"treat_request_ready_as_sent",
|
||
"accept_partial_template_response",
|
||
"advance_s4_13_candidate"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-audit-event-templates",
|
||
"display_order": 4,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "owner_response_audit_event_templates",
|
||
"purpose": "顯示 request shown、response metadata received 與 outcome classified 的脫敏 audit template,且 emitted count 仍為 0。",
|
||
"allowed_ui_actions": [
|
||
"display_audit_template_ids",
|
||
"display_allowed_metadata_fields",
|
||
"display_emitted_count_zero"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"store_raw_payload",
|
||
"emit_production_audit_event",
|
||
"treat_audit_template_as_response"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-redaction-examples",
|
||
"display_order": 5,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "owner_response_redaction_examples",
|
||
"purpose": "顯示 owner 回覆時可用的脫敏 evidence 形狀與 forbidden raw values。",
|
||
"allowed_ui_actions": [
|
||
"display_safe_response_shape",
|
||
"display_required_redactions",
|
||
"display_forbidden_raw_values"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"store_example_as_response",
|
||
"store_raw_payload",
|
||
"treat_example_as_ingestion"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-collection-checks",
|
||
"display_order": 6,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "owner_response_collection_checks",
|
||
"purpose": "顯示 request / received / accepted 必須分離,以及只收 read-only markdown、redacted metadata pointer 或補證請求。",
|
||
"allowed_ui_actions": [
|
||
"display_collection_checklist",
|
||
"display_failure_lane",
|
||
"display_not_approval"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"treat_request_sent_as_received",
|
||
"treat_owner_wording_as_approval",
|
||
"enable_runtime_gate"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-preflight-and-outcome-lanes",
|
||
"display_order": 7,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "intake_preflight_checks,intake_outcome_lanes",
|
||
"purpose": "顯示可審、補證、隔離、拒收或等待的只讀分類結果,不變更 response count。",
|
||
"allowed_ui_actions": [
|
||
"display_preflight_checks",
|
||
"display_outcome_lanes",
|
||
"display_waiting_state"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"mark_preflight_pass_as_accepted",
|
||
"execute_inventory",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-acceptance-and-rejection-rules",
|
||
"display_order": 8,
|
||
"section_status": "display_contract_only",
|
||
"source_field": "acceptance_checks,rejection_rules,forbidden_actions",
|
||
"purpose": "顯示接受前需要通過的規則、拒收條件與仍禁止事項。",
|
||
"allowed_ui_actions": [
|
||
"display_acceptance_checks",
|
||
"display_rejection_rules",
|
||
"display_forbidden_actions"
|
||
],
|
||
"forbidden_ui_actions": [
|
||
"auto_accept_response",
|
||
"write_gitea_repo",
|
||
"create_github_repo"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_request_packet": {
|
||
"request_id": "s4_9_gitea_owner_attestation_response_request",
|
||
"display_status": "ready_to_request_owner_response",
|
||
"requested_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"required_response_item_count": 5,
|
||
"requested_template_ids": [
|
||
"response-public-only-vs-local-gitea-gap",
|
||
"response-org-user-endpoint-identity",
|
||
"response-internal-110-adjacent-scope",
|
||
"response-repo-owner-canonical-scope",
|
||
"response-legacy-or-inaccessible-disposition"
|
||
],
|
||
"owner_instruction_summary": "請 owner 只依 S4.9 五個 templates 回覆 scope / canonical / disposition 判定,並只引用脫敏 evidence refs;不要貼 token、secret、DB dump、git object 或任何可執行 payload。",
|
||
"allowed_response_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"affected_repos_or_sources_or_namespace",
|
||
"canonical_source_or_namespace",
|
||
"github_target_candidate",
|
||
"visibility_review_owner",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"evidence_ref_rules": [
|
||
"只允許 repo 內既有文件或 snapshot 路徑",
|
||
"owner 外部 evidence 必須先脫敏並只提供 metadata pointer",
|
||
"不得提供 token value、secret value、private clone URL credential、cookie、session 或截圖中的敏感值",
|
||
"不確定是否含敏感值時先走 quarantine,不得直接貼入 response"
|
||
],
|
||
"forbidden_payloads": [
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"db_dump",
|
||
"git_object_pack",
|
||
"repo_archive",
|
||
"write_or_admin_api_request",
|
||
"repo_or_refs_execution_request",
|
||
"workflow_secret_runner_execution_request"
|
||
],
|
||
"allowed_submission_modes": [
|
||
"read_only_markdown_response",
|
||
"redacted_metadata_pointer",
|
||
"request_more_evidence"
|
||
],
|
||
"awooop_display_mode": "display_owner_response_request_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"create_github_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
"owner_response_collection_checks": [
|
||
{
|
||
"check_id": "collection-request-packet-displayed",
|
||
"display_order": 1,
|
||
"title": "已顯示 owner response request packet",
|
||
"required": true,
|
||
"pass_condition": "AwoooP 必須只顯示 `owner_response_request_packet` 的 5 個 template、允許欄位、脫敏 evidence 規則與禁止 payload,不得附加執行要求。",
|
||
"failure_lane": "keep_waiting_owner_response",
|
||
"awooop_display": "display_request_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-read-only-submission-mode",
|
||
"display_order": 2,
|
||
"title": "收件模式維持 read-only",
|
||
"required": true,
|
||
"pass_condition": "owner 只能用 read-only markdown response、redacted metadata pointer 或 request_more_evidence;不得提交 token、repo archive、git object pack、DB dump 或 API execution request。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "display_read_only_submission_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-five-template-tracking",
|
||
"display_order": 3,
|
||
"title": "五個 templates 分開追蹤",
|
||
"required": true,
|
||
"pass_condition": "S4.9 五個 requested_template_ids 必須逐項追蹤 received / accepted 狀態;不可用單一整體同意取代逐項 response。",
|
||
"failure_lane": "request_more_evidence",
|
||
"awooop_display": "display_per_template_tracking",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-redacted-evidence-only",
|
||
"display_order": 4,
|
||
"title": "只收脫敏 evidence refs",
|
||
"required": true,
|
||
"pass_condition": "收件內容只能包含 repo 內路徑或脫敏 metadata pointer;任何不確定是否含敏感值的資料都先進 quarantine。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "display_redacted_evidence_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-no-approval-language",
|
||
"display_order": 5,
|
||
"title": "不得把回覆語意升級成批准",
|
||
"required": true,
|
||
"pass_condition": "即使 owner response 文字包含同意、OK 或可進行,也只能視為 scope / canonical / disposition response,不得視為 inventory、migration、refs sync 或 GitHub primary approval。",
|
||
"failure_lane": "reject_execution_request",
|
||
"awooop_display": "display_scope_response_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-audit-metadata-only",
|
||
"display_order": 6,
|
||
"title": "只記錄 audit metadata",
|
||
"required": true,
|
||
"pass_condition": "AwoooP 只能記錄 request shown、response received、template id、owner role/team、redacted evidence refs 與 outcome lane;不得保存 token value、secret value 或可還原 credential 的內容。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "display_audit_metadata_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"intake_preflight_checks": [
|
||
{
|
||
"check_id": "preflight-known-attestation-item",
|
||
"display_order": 1,
|
||
"title": "回覆必須對應 S4.7 已知 item",
|
||
"required": true,
|
||
"pass_condition": "`attestation_item_id` 必須是 S4.7 五個 coverage attestation items 之一。",
|
||
"failure_lane": "request_owner_correction",
|
||
"awooop_display": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-required-owner-fields",
|
||
"display_order": 2,
|
||
"title": "必填欄位完整",
|
||
"required": true,
|
||
"pass_condition": "每筆 response 必須有 owner role/team、decision、decision_reason、受影響 scope、evidence_refs 與 followup_owner。",
|
||
"failure_lane": "request_more_evidence",
|
||
"awooop_display": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-allowed-decision",
|
||
"display_order": 3,
|
||
"title": "decision 在模板允許值內",
|
||
"required": true,
|
||
"pass_condition": "`decision` 必須落在對應 response template 的 acceptable_decisions。",
|
||
"failure_lane": "request_owner_correction",
|
||
"awooop_display": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-redacted-evidence-only",
|
||
"display_order": 4,
|
||
"title": "只接受脫敏 evidence refs",
|
||
"required": true,
|
||
"pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot 或 owner 提供的脫敏 metadata,不得含 token、secret、cookie、session、private key 或私有 URL 憑證。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "quarantine_sensitive_payload",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-no-execution-request",
|
||
"display_order": 5,
|
||
"title": "不得夾帶執行要求",
|
||
"required": true,
|
||
"pass_condition": "response 不得要求 Gitea/GitHub repo 寫入、repo 建立、visibility 修改、refs sync/delete/force-push、workflow/secret/runner 變更、scan 或 runtime action。",
|
||
"failure_lane": "reject_execution_request",
|
||
"awooop_display": "reject_execution_request",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-all-five-items-before-accepted",
|
||
"display_order": 6,
|
||
"title": "接受前需覆蓋五個 items",
|
||
"required": true,
|
||
"pass_condition": "S4.9 要被標示 accepted 前,五個 response templates 都必須收到可驗收 owner response;部分回覆只能維持 waiting 或 request_more_evidence。",
|
||
"failure_lane": "keep_waiting_owner_response",
|
||
"awooop_display": "ready_for_owner_review",
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"intake_outcome_lanes": [
|
||
{
|
||
"lane_id": "ready_for_owner_review",
|
||
"display_order": 1,
|
||
"title": "可進 owner review",
|
||
"when": "response 對應已知 S4.7 item、必填欄位完整、decision 在允許值內、evidence refs 已脫敏,且沒有執行要求。",
|
||
"awooop_action": "display_ready_for_owner_review",
|
||
"allowed_outputs": [
|
||
"顯示 ready for owner review",
|
||
"把 response 保持在 review packet",
|
||
"等待 reviewer 判斷是否進入 acceptance checks"
|
||
],
|
||
"still_forbidden": [
|
||
"mark_response_accepted_without_acceptance_checks",
|
||
"execute_inventory",
|
||
"create_github_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "request_more_evidence",
|
||
"display_order": 2,
|
||
"title": "要求補證",
|
||
"when": "response 缺必填欄位、decision 不在允許值內、scope 不明確,或只提供口頭同意 / 不完整 metadata。",
|
||
"awooop_action": "display_request_more_evidence",
|
||
"allowed_outputs": [
|
||
"顯示 request more evidence",
|
||
"列出缺少欄位或需修正 decision",
|
||
"維持 received / accepted response count 不變"
|
||
],
|
||
"still_forbidden": [
|
||
"accept_partial_response",
|
||
"execute_inventory",
|
||
"create_github_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "quarantine_sensitive_payload",
|
||
"display_order": 3,
|
||
"title": "隔離敏感 payload",
|
||
"when": "response 或 evidence refs 含 token、secret、cookie、session、private key、DB dump、git object pack、私有 URL 憑證或未脫敏截圖。",
|
||
"awooop_action": "route_to_mirror_quarantine",
|
||
"allowed_outputs": [
|
||
"顯示 quarantine required",
|
||
"只保存隔離 metadata 與 redacted reason",
|
||
"要求 owner 重新提供脫敏 evidence"
|
||
],
|
||
"still_forbidden": [
|
||
"store_sensitive_value",
|
||
"sanitize_and_accept_in_place",
|
||
"execute_inventory",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "reject_execution_request",
|
||
"display_order": 4,
|
||
"title": "拒收執行要求",
|
||
"when": "response 要求 Gitea/GitHub 寫入、repo 建立、visibility 修改、refs sync/delete/force-push、workflow/secret/runner 變更、scan 或 runtime action。",
|
||
"awooop_action": "reject_execution_request",
|
||
"allowed_outputs": [
|
||
"顯示 rejected execution request",
|
||
"保留拒收原因",
|
||
"要求 owner 改交只讀 scope / evidence response"
|
||
],
|
||
"still_forbidden": [
|
||
"run_requested_action",
|
||
"create_github_repo",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "keep_waiting_owner_response",
|
||
"display_order": 5,
|
||
"title": "維持等待 owner response",
|
||
"when": "五個 response templates 尚未全部收到可驗收 response,或部分 response 仍在補證 / 隔離 / 拒收狀態。",
|
||
"awooop_action": "keep_waiting_owner_response",
|
||
"allowed_outputs": [
|
||
"顯示 waiting owner response",
|
||
"顯示尚未覆蓋的 S4.7 items",
|
||
"維持 S4.13 next_collection_candidate 指向 S4.9"
|
||
],
|
||
"still_forbidden": [
|
||
"mark_s4_9_complete",
|
||
"advance_s4_10_acceptance",
|
||
"execute_inventory",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"acceptance_checks": [
|
||
{
|
||
"check_id": "maps_to_known_s4_7_item",
|
||
"title": "回覆對應既有 S4.7 item",
|
||
"required": true,
|
||
"pass_condition": "`attestation_item_id` 必須對應 S4.7 的 5 個 item 之一",
|
||
"failure_lane": "reject_unknown_attestation_item",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "decision_value_allowed",
|
||
"title": "決策值在允許範圍內",
|
||
"required": true,
|
||
"pass_condition": "`decision` 必須是該 item 的 acceptable_decisions 之一",
|
||
"failure_lane": "request_owner_correction",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "owner_reason_present",
|
||
"title": "owner 理由存在",
|
||
"required": true,
|
||
"pass_condition": "每筆回覆都必須有 `decision_reason`,且能說明 scope 或 disposition",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "evidence_refs_redacted",
|
||
"title": "evidence refs 已脫敏",
|
||
"required": true,
|
||
"pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot 或 owner 提供的脫敏 metadata,不得含 secret value",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "affected_scope_explicit",
|
||
"title": "受影響 repo / namespace / source 明確",
|
||
"required": true,
|
||
"pass_condition": "回覆必須列出受影響 repo、namespace 或 110 adjacent source,不接受只寫整體同意",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_runtime_or_source_control_action",
|
||
"title": "不含 runtime 或 source-control 執行要求",
|
||
"required": true,
|
||
"pass_condition": "回覆只允許更新文件、snapshot、matrix、decision table 與 readiness gate",
|
||
"failure_lane": "reject_runtime_or_source_control_action",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "all_required_items_before_acceptance",
|
||
"title": "接受前需覆蓋 5 個 items",
|
||
"required": true,
|
||
"pass_condition": "要把 S4.7 標示為 accepted 前,5 個 required response items 都必須有可驗收 owner response",
|
||
"failure_lane": "keep_waiting_owner_response",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "primary_readiness_still_blocked",
|
||
"title": "GitHub primary readiness 仍維持 blocked",
|
||
"required": true,
|
||
"pass_condition": "即使 owner response 通過,也只能更新 readiness blocker 說明,不得將 primary_ready_count 改為大於 0",
|
||
"failure_lane": "reject_primary_cutover_approval",
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"rejection_rules": [
|
||
"回覆含 token value、PAT、cookie、session、CSRF token 或 partial token 時必須拒收。",
|
||
"回覆含 webhook secret、repository secret value、runner registration token 或 deploy key private key 時必須拒收。",
|
||
"回覆含 private key、DB dump、git object pack、裸 repo tarball 或可還原 credential 的 artifact 時必須拒收。",
|
||
"回覆要求使用 write-capable token、admin token 或 secret scope token 時必須拒收。",
|
||
"回覆要求建立、刪除、封存或修改 Gitea repo 時必須拒收。",
|
||
"回覆要求建立 GitHub repo、修改 visibility、sync refs、delete refs 或 force push 時必須拒收。",
|
||
"回覆未逐項對應 S4.7 attestation item 時不得標記 attestation accepted。",
|
||
"回覆只提供口頭同意、截圖或不完整 repo metadata 時必須要求補 evidence。",
|
||
"回覆把 owner attestation 當成 repo migration approval 或 GitHub primary approval 時必須拒收。",
|
||
"任何不確定是否含敏感值的回覆必須先進 mirror quarantine,不得人工手改後直接入庫。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 `gitea-inventory-coverage-attestation.snapshot.json` 的 read-only owner response 欄位",
|
||
"更新 `GITEA-INVENTORY-COVERAGE-ATTESTATION.md` 的已收 / 未收 decision table",
|
||
"更新 source-control migration matrix、canonical decision table、primary readiness gate 與 status rollup 的 read-only 欄位",
|
||
"把缺口顯示到 AwoooP approval / review lane",
|
||
"維持 `gitea_repo_inventory_v1.status=partial`,直到 S4.6 payload 通過且 S4.7 owner response 全部接受"
|
||
],
|
||
"forbidden_actions": [
|
||
"store_token_value",
|
||
"store_raw_secret",
|
||
"store_cookie_or_session",
|
||
"import_gitea_db_dump",
|
||
"import_git_object_pack",
|
||
"use_write_capable_token",
|
||
"write_to_gitea",
|
||
"create_gitea_repo",
|
||
"delete_or_archive_gitea_repo",
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_git_refs",
|
||
"delete_git_refs",
|
||
"force_push",
|
||
"switch_github_primary",
|
||
"disable_gitea",
|
||
"add_action_button",
|
||
"execute_scan_or_runtime_change"
|
||
]
|
||
}
|