wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 6 Packages Projects Releases Wiki Activity
Files
4744670e4e3d79dc3d9405ff2face6c7980da2fa
awoooi/apps/web/messages/en.json
Your Name 57b21a4399
All checks were successful
CD Pipeline / tests (push) Successful in 1m23s
Details
Code Review / ai-code-review (push) Successful in 13s
Details
CD Pipeline / build-and-deploy (push) Successful in 4m51s
Details
CD Pipeline / post-deploy-checks (push) Successful in 2m4s
Details
feat(web): compact iwooos security compliance entry
2026-05-31 13:28:06 +08:00

10882 lines
558 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"metadata": {
"title": "AWOOOI - Zero-Touch Ops. Human-Centric Decisions.",
"description": "AI-Powered Intelligent Operations Platform"
},
"common": {
"loading": "Loading...",
"error": "An error occurred",
"success": "Success",
"cancel": "Cancel",
"confirm": "Confirm",
"close": "Close",
"closeEsc": "Close (ESC)",
"previous": "Previous (←)",
"next": "Next (→)",
"save": "Save",
"delete": "Delete",
"edit": "Edit",
"back": "Back",
"clear": "Clear",
"refresh": "Refresh",
"viewDetails": "View Details",
"later": "Later",
"keyboardShortcuts": "Keyboard Shortcuts",
"showShortcuts": "Show Shortcuts"
},
"brand": {
"name": "AWOOOI",
"slogan": "Zero-Touch Ops. Human-Centric Decisions.",
"sloganAlt": "零干預維運,以人為本的決策。",
"tagline": "AI-Powered Intelligent Operations Platform",
"aiTagline": "AI Sees. AI Acts. You Approve.",
"version": "v1.0.0",
"environment": "Production"
},
"nav": {
"home": "Home",
"dashboard": "Dashboard",
"approvals": "Approvals",
"errors": "Error Tracking",
"actions": "Action Log",
"knowledge": "Knowledge Base",
"settings": "Settings",
"alerts": "Alerts",
"monitoring": "Monitoring",
"apm": "APM",
"topology": "Topology",
"security": "Security",
"compliance": "Compliance",
"autoRepair": "Auto Repair",
"deployments": "Deployments",
"tickets": "Tickets",
"cost": "Cost",
"reports": "Reports",
"terminal": "Terminal",
"apps": "Apps",
"services": "Services",
"users": "Users",
"notifications": "Notifications",
"billing": "Billing",
"help": "Help",
"drift": "Drift Detection",
"neuralCommand": "Neural Command",
"commandCenter": "Command Center",
"observability": "Observability",
"automation": "Automation",
"operations": "Operations",
"securityCompliance": "Security & Compliance",
"classicAICenter": "Classic AI Center",
"governance": "AI Governance",
"awooop": "AwoooP",
"iwooos": "IwoooS"
},
"locale": {
"switch": "Switch Language",
"zhTW": "繁體中文",
"en": "EN"
},
"demo": {
"title": "AWOOOI Demo",
"subtitle": "Visual Acceptance Test",
"mockMode": "MOCK MODE",
"spikeControls": "CPU Spike Demo Controls",
"spikeActive": "SPIKE ACTIVE",
"triggerSpike": "Spike {host}",
"clearSpike": "Clear Spike",
"liveDashboard": "Live Dashboard (SSE)",
"approvalCards": "HITL Approval Cards (CPO-107)",
"statusShowcase": "StatusOrb Showcase",
"lowRiskDemo": "LOW RISK - 1 second hold",
"highRiskDemo": "HIGH RISK - 1 second hold",
"criticalDemo": "CRITICAL + DESTRUCTIVE - 2 second hold + red glow",
"hitlRealApi": "HITL Multi-Sig (Real API)",
"addCritical": "+ Critical",
"addMedium": "+ Medium",
"creating": "Creating..."
},
"host": {
"devops": {
"name": "DevOps Vault",
"shortName": "DevOps"
},
"security": {
"name": "Kali Security Center",
"shortName": "Kali"
},
"k3s": {
"name": "K3s Master Node",
"shortName": "K3s"
},
"aiWeb": {
"name": "AI+Web Center",
"shortName": "AI+Web"
}
},
"dashboard": {
"title": "AI Center",
"subtitle": "AI-Powered Unified Operations View",
"liveStats": "Live Stats",
"activeNodes": "Active Nodes",
"pendingAlerts": "Pending Alerts",
"pendingApprovals": "Pending Approvals",
"overallStatus": "Overall Status",
"waitingData": "Waiting for data...",
"cpu": "CPU",
"memory": "MEM",
"baseline": "Baseline",
"baselineFormat": "(Baseline: {value}%)",
"criticality": "Criticality",
"systemStatus": "System Status",
"eventStream": "Event Stream",
"aiAgent": "AI Agent",
"globalPulse": "Global Pulse",
"liveUpdates": "Live Updates",
"loadingMetrics": "Loading metrics...",
"metricsError": "Failed to load metrics",
"flow": {
"alert": "Alert",
"detection": "AI Detection",
"analysis": "AI Analysis",
"proposal": "Proposal",
"approval": "Awaiting Auth",
"execution": "Execution",
"resolved": "Resolved"
},
"unresolvedIncidents": "Unresolved Incidents",
"activeIncidents": "Active Incidents",
"serviceHealth": "Service Health",
"todayIncidents": "Today Incidents",
"operations24h": "24h Operations",
"operationsTotal": "{total} total",
"autoRemediationRate": "Auto Remediation",
"autoRepairVerified24h": "24h Verified Repair",
"autoRepairVerifiedCount": "verified {verified}/{evaluated}",
"autoRepairAllTime": "history {pct}% / {total}",
"latestIncidentWindow": "latest {shown} shown",
"truthChainCoverage": "真相鏈 {loaded}/{shown}",
"truthChainLoading": "真相鏈 loading",
"severityBreakdown": "P1:{p1} P2:{p2}",
"stableUnresolved": "{stable} · 0 {label}",
"mttrAvg": "MTTR Avg",
"stable": "Stable",
"normal": "Normal",
"openclawEngine": "OPENCLAW COGNITIVE ENGINE",
"infrastructure": "INFRASTRUCTURE",
"podHealth": "POD Health",
"allRunning": "All Running",
"servicesUp": "Services Up",
"monitoringTools": "Monitoring 工具",
"monitoringStatus": {
"up": "OK",
"down": "Down",
"unknown": "Unknown",
"firing": "firing",
"alert": "alerts"
},
"connectionError": "Connection failed",
"metaVersion": "Version",
"metaStats": "Stats",
"metaUpdatedAt": "Updated",
"tabs": {
"overview": "Overview",
"alerts": "Alerts & Approvals",
"stream": "Activity Stream",
"disposition": "Disposition Stats"
},
"alertEvents": "Alert Events",
"noActiveAlerts": "No active alerts",
"pendingApprovalsTitle": "Pending Approvals",
"noPendingApprovals": "No pending approvals",
"approve": "Approve",
"reject": "Reject",
"activityStream": "System Activity Stream",
"sseConnected": "SSE Connected",
"sseDisconnected": "Disconnected",
"waitingEvents": "Waiting for events...",
"statusLabel": "Status",
"hostsLabel": "Hosts",
"eventsCount": "{count} events",
"noDispositionData": "No disposition data available",
"totalDispositions": "Total Dispositions",
"autoRate": "Automation Rate",
"humanRate": "Human Intervention Rate",
"autoRepairLabel": "Auto Repair",
"humanApprovedLabel": "Human Approved",
"manualResolvedLabel": "Manual Resolved",
"coldStartLabel": "Cold Start",
"dispositionBreakdown": "Disposition Breakdown",
"hostView": "Hosts",
"topoView": "Topology",
"waitingHostData": "Waiting for host data...",
"dashboardConnecting": "Dashboard API connecting...",
"alertBadge": "{count} alerts",
"alertBadgeZero": "0 alerts",
"awaitingConfirm": "Awaiting Confirmation",
"viewAllAlerts": "View All Alerts",
"showingLatestIncidents": "Showing latest {shown} of {total}; open Alerts for the full list",
"relatedIncidents": "Related Incidents",
"noRelatedIncidents": "No related incidents",
"viewAllAuth": "View All Authorizations",
"viewAllReport": "View Full Report",
"aiModelStatus": "AI Model Status",
"aiModelRoles": {
"primary": "Primary",
"backup": "Backup",
"local": "Local",
"agent": "Agent",
"provider": "Provider"
},
"loading": "Loading...",
"trendUp": "↑{pct}%",
"searchPlaceholderShort": "Search...",
"cotTitle": "Reasoning 時間線",
"cotNoEvents": "Waiting for reasoning data...",
"cotReasoning": "Reasoning",
"cotConfidence": "Confidence",
"cotProvider": "Model",
"cotLatency": "Latency",
"cotTools": "工具 Calls",
"cotClickHint": "Click an event to view reasoning details",
"byAnomalyTitle": "Anomaly Type Distribution Top 5",
"byAnomalyAutoRate": "Auto {pct}%",
"mttrTitle": "MTTR Overview",
"mttrUnit": "min",
"mttrNoData": "No MTTR data yet",
"automationEvidence": {
"title": "AI Automation Evidence",
"claimReady": "Loop claim ready",
"claimBlocked": "Gaps remain",
"claimChecking": "Quality pending",
"loading": "Loading AI automation evidence...",
"empty": "No AI automation evidence is available yet.",
"missingApiBase": "NEXT_PUBLIC_API_URL is not set",
"loadFailed": "Load failed",
"error": "Evidence chain failed to load: {error}",
"sourcePersisted": "Source persisted",
"sourceDetail": "{missing} missing refs, latest {latest}",
"recurrence": "Recurrence",
"recurrenceDetail": "{duplicates} duplicate events, {workItems} work items",
"mcpInvestigation": "MCP investigation",
"mcpDetail": "{success} success / {failed} failed, latest {server}",
"autoRepair": "Auto repair",
"qualityDetail": "Average {score}, red {red}",
"qualityPending": "Quality summary is still calculating; other evidence is already shown",
"executionBackendDetail": "Execution evidence: operations {operations} (effective {effective} / audit {auditOnly}), auto-repair {autoRepair}; Ansible audit {ansibleRecords}, candidates {ansibleCandidates}, check-mode {checkMode}, apply {apply}, pending wiring {pending}; runtime {runtime}",
"ansibleRuntimeReady": "check-mode ready",
"ansibleRuntimeBlocked": "not ready: {blockers}",
"humanGap": "Human gap",
"humanGapDetail": "{gate} missing {count}",
"humanGapClear": "Quality summary has no top gap",
"modelRoute": "Model route",
"routeDetail": "{model}; current {selected}; {primary}={primaryStatus}; fallback {fallback}",
"routeLaneDetail": "{mode}; skipped {skipped}",
"routeRepairDetail": "Repair evidence: {target}, blockers {blockers}, {sourceRefs} source refs",
"routeReasonSeparator": "; ",
"routeReason": "Reason: {reason}",
"routeErrorDetail": "Route check failed: {error}",
"routeNoFallback": "none",
"routeHealth": {
"healthy": "healthy",
"slow": "slow",
"degraded": "degraded",
"offline": "offline",
"not_checked": "standby",
"unknown": "unknown"
},
"routeLaneMode": {
"primary": "Primary normal",
"degraded_failover": "Degraded handoff",
"cloud_fallback": "Cloud fallback",
"unavailable": "Route unavailable",
"unknown": "Unknown state"
},
"topGap": "Largest current gap: {gate}, {count} items."
},
"automationDelivery": {
"eyebrow": "AI Automation Product Surface",
"title": "Delivered Work And Remaining Work",
"subtitle": "The homepage now summarizes production truth-chain, Telegram callbacks, AI providers, KM, Ansible, and auto-repair quality instead of vague KPIs.",
"claimLabel": "Full Auto-Repair Claim",
"claimReady": "Full loop can be claimed",
"claimBlocked": "Full loop cannot be claimed yet",
"claimLoading": "Reading production truth",
"claimUnavailable": "Production truth is not responding",
"claimDetail": "Verified {verified}/{evaluated}, average score {score}",
"unavailableValue": "no response",
"deliveredTitle": "Delivered Capabilities",
"remainingTitle": "Remaining Gaps",
"openWorkItems": "Open Work Items",
"openRuns": "Open Runs",
"status": {
"live": "Live",
"progress": "In Progress",
"blocked": "Blocked",
"watching": "Watching",
"loading": "Loading",
"unavailable": "No response"
},
"delivered": {
"cicdTimeline": {
"title": "CI/CD notifications enter AwoooP Timeline",
"detail": "Gitea main deploys, deploy markers, and post-deploy notifications flow through the AWOOI API and AwoooP Run Timeline."
},
"sourceDossier": {
"title": "Sentry / SigNoz source dossier evidence",
"detail": "Latest sources {sources}; Sentry refs {sentry}, SigNoz refs {signoz}. Provider filters verify this, so the overall sample no longer hides source evidence."
},
"callbackEvidence": {
"title": "Telegram detail / history DB truth chain",
"detail": "{total} callback evidence rows are available for Run detail, history, and snapshot lookup."
},
"callbackTrace": {
"title": "Callback trace recovery and backlog action lens",
"detail": "Recovery {status}, traced after gap {recovered}, 24h backlog {recent24h}."
},
"aiRoute": {
"title": "AI Provider lane visibility",
"detail": "Current lane={lane}, selected provider={provider}; governance order is GCP-A / GCP-B / 111 / Gemini."
}
},
"remaining": {
"fullAutoRepairClaim": {
"title": "Full auto-repair loop",
"detail": "Production quality is verified {verified}/{evaluated}; the system cannot claim full automation before this reaches the gate."
},
"qualityGateBacklog": {
"title": "Auto-repair quality gate backlog",
"detail": "Top gap {gate}, {count} rows; execution, auto-repair, approval, or learning evidence must be completed."
},
"ansibleRuntime": {
"title": "Ansible check-mode / apply wiring",
"detail": "check-mode {checkMode}, pending check-mode {pending}; blocker={blocker}."
},
"kmGovernance": {
"title": "Stale KM governance",
"detail": "{stale}/{total} KM rows are older than {days} days ({ratio}); pending owner reviews {pending}, entries still needed for threshold {remaining}."
},
"callbackBacklogDecay": {
"title": "Callback legacy backlog 24h decay",
"detail": "Missing trace total {missing}, 1h {recent1h}, 24h {recent24h}; closes only when 24h reaches zero."
}
}
},
"automationDiagrams": {
"eyebrow": "Professional Visual Views",
"title": "Technical Diagrams For The Product",
"openTopology": "Open Topology",
"cards": {
"c4Runtime": {
"standard": "C4 / Deployment",
"title": "Product Architecture And Runtime Topology",
"detail": "Use C4 layers to explain users, Web, API, K8s, databases, external tools, and model providers.",
"nodes": {
"user": "Operator / Tenant",
"web": "AwoooP Web",
"api": "AWOOI API",
"k8s": "K8s / Providers"
}
},
"incidentFlow": {
"standard": "BPMN / Swimlane",
"title": "Alert-To-Repair Flow",
"detail": "Use swimlanes to separate Telegram, OpenClaw, Hermes, MCP, Ansible, human approval, and verification ownership.",
"nodes": {
"alert": "Alert / Sentry / SigNoz",
"ai": "AI Analysis",
"playbook": "PlayBook / MCP",
"verify": "Verify / KM"
}
},
"decisionRules": {
"standard": "DMN / Decision Table",
"title": "AI Decision And Approval Rules",
"detail": "Represent risk, confidence, policy, model routing, and auto-repair eligibility as auditable decision tables.",
"nodes": {
"risk": "Risk",
"confidence": "Confidence",
"policy": "Policy",
"approval": "Approval"
}
},
"evidenceLineage": {
"standard": "Trace / Lineage",
"title": "Evidence Chain And Callback Trace",
"detail": "Show whether Telegram messages, DB events, Run Timeline, and KM / PlayBook writeback agree.",
"nodes": {
"telegram": "Telegram",
"db": "DB Truth",
"trace": "Run Trace",
"km": "KM / PlayBook"
}
}
},
"workspace": {
"eyebrow": "Live Blueprint",
"title": "AI Automation Operating Map",
"subtitle": "This view puts process, runtime, decision table, and evidence lineage in one operating surface so the homepage can show where work is, what is blocked, and who continues it.",
"flow": {
"title": "BPMN / Swimlane Flow",
"subtitle": "The main path from alert intake through analysis, investigation, approval, execution, verification, and learning.",
"stages": {
"signal": "Alert / Sentry / SigNoz",
"intake": "AwoooP Intake",
"ai": "OpenClaw / Hermes",
"mcp": "MCP Evidence",
"playbook": "PlayBook Gate",
"ansible": "Ansible Check",
"approval": "Approval / Apply",
"verify": "Verify / KM"
}
},
"topology": {
"title": "C4 / Runtime Topology",
"subtitle": "Runtime relationships across product, data, executors, MCP, and model providers.",
"layers": {
"channels": "Channels",
"product": "Product",
"data": "Data",
"execution": "Execution",
"providers": "AI Providers"
}
},
"decision": {
"title": "DMN Decision Table",
"subtitle": "Auditable conditions for whether AI can safely auto-repair.",
"headers": {
"signal": "Signal",
"value": "Current value",
"outcome": "Decision"
},
"rows": {
"claim": "Production claim",
"qualityGate": "Quality gate",
"ansible": "Ansible runtime",
"aiRoute": "AI route",
"km": "KM freshness",
"callback": "Callback trace"
},
"outcomes": {
"claimReady": "Full loop can be claimed",
"claimBlocked": "Full loop cannot be claimed",
"fillEvidence": "Fill execution / repair / approval / learning evidence",
"ansibleReady": "Ready for check-mode",
"ansibleBlocked": "Fix Ansible runtime first",
"monitor": "Primary lane is monitored",
"ownerReview": "Hermes drafts, owner reviews",
"watchDecay": "Wait for 24h backlog decay"
}
},
"lineage": {
"title": "Trace / Lineage Evidence",
"subtitle": "Every Telegram alert, button, Run, KM, and PlayBook should link back to one evidence chain.",
"nodes": {
"telegram": "Telegram Message",
"callback": "Callback Evidence",
"db": "DB Truth",
"run": "Run Timeline",
"km": "KM / PlayBook"
}
},
"inspector": {
"title": "Stage Inspector",
"openTarget": "Open Work Surface",
"fields": {
"owner": "Owner",
"evidence": "Evidence Source",
"nextAction": "Next Step"
},
"stages": {
"signal": {
"owner": "OpenClaw + AlertChain",
"evidence": "Alertmanager / Sentry / SigNoz / Telegram callback trace",
"nextAction": "Attach the signal to an AwoooP run dossier and produce a traceable fingerprint"
},
"intake": {
"owner": "AwoooP Run Monitor",
"evidence": "Runs list / timeline / alert_operation_log / callback evidence",
"nextAction": "Link incident_id, trace_ref, and run_id so the alert does not stop at Telegram"
},
"ai": {
"owner": "OpenClaw leads decisions; Hermes drafts KM",
"evidence": "AI route status / selected provider / skipped lanes",
"nextAction": "Keep GCP-A -> GCP-B -> 111 -> Gemini fallback order and record the lane"
},
"mcp": {
"owner": "MCP Gateway",
"evidence": "K8s / Prometheus / Sentry / SigNoz / Gitea / self-hosted MCP results",
"nextAction": "Write MCP evidence back to the dossier so the LLM does not decide by guessing"
},
"playbook": {
"owner": "OpenClaw + PlayBook trust gate",
"evidence": "Quality gate / work items / playbook match / execution history",
"nextAction": "Fill execution, repair, approval, and learning evidence before promotion"
},
"ansible": {
"owner": "AwoooP Executor + Ansible lane",
"evidence": "ansible_runtime / check-mode count / pending check-mode / blockers",
"nextAction": "Clear ansible_playbook_binary_missing first, then run check-mode without direct apply"
},
"approval": {
"owner": "Approval Coordinator + SRE owner",
"evidence": "Approvals / risk gate / run timeline / manual_required reason",
"nextAction": "Allow low-risk automation, keep high-risk work under human approval and audit trail"
},
"verify": {
"owner": "Hermes + KM owner",
"evidence": "KM stale candidates / post-execution verification / playbook learning",
"nextAction": "Hermes drafts updates, owners review before KM write, then stale ratio is monitored"
}
}
},
"liveEvidence": {
"title": "Live Evidence",
"realtime": "Live read",
"fields": {
"metric": "Metric",
"detail": "Detail",
"source": "Read Source"
},
"sources": {
"dossierCoverage": "/api/v1/platform/events/dossier/coverage",
"dossierCoverageWithProviders": "/api/v1/platform/events/dossier/coverage + provider=sentry/signoz",
"runsAndCicd": "/api/v1/platform/runs/list + /api/v1/platform/cicd/events",
"aiRouteStatus": "/api/v1/platform/ai-route-status",
"runsAndStatusChain": "/api/v1/platform/runs/list + /api/v1/platform/status-chain",
"qualityAndRecurrence": "/api/v1/platform/truth-chain/quality/summary + /api/v1/platform/events/dossier/recurrence",
"truthChainQuality": "/api/v1/platform/truth-chain/quality/summary",
"approvalsAndQuality": "approval store + /api/v1/platform/truth-chain/quality/summary",
"kmBurndown": "/api/v1/ai/governance/km-stale-owner-review-burndown"
},
"signal": {
"metric": "sources {sources} / refs {refs}",
"detail": "missing refs {missing}, duplicates {duplicates}; Alert {alert} / Sentry(provider) {sentry} / SigNoz(provider) {signoz}"
},
"intake": {
"metric": "Runs {runs} / linked {linked}",
"detail": "latest CI/CD {stage}:{status}, commit {commit}, needs attention {attention}"
},
"ai": {
"metric": "{lane} / {provider}",
"detail": "skipped lanes {skipped}, operator action={action}, reason={reason}"
},
"mcp": {
"metric": "MCP observations {observations} / gateway {gateway}",
"detail": "success {success}, failed {failed}, server={server}, route={route}"
},
"playbook": {
"metric": "gate {gate} / automation gaps {gaps}",
"detail": "open work items {workItems}, verified groups {verifiedGroups}, auto-repair linked {linkedAutoRepair}"
},
"ansible": {
"metric": "check-mode {checkMode} / pending {pending}",
"detail": "blocker={blocker}, candidates={candidates}, operations={operations}"
},
"approval": {
"metric": "pending {pending} / verified {verified}/{evaluated}",
"detail": "human gates {humanGates}, auto-repair records {autoRepairRecords}, operation records {operations}"
},
"verify": {
"metric": "stale {stale} / ratio {ratio}",
"detail": "owner review pending {pending}, completed {completed}, remaining to threshold {remaining}"
}
},
"values": {
"verified": "verified {verified}/{evaluated}",
"topGate": "{gate} missing {count}",
"ansible": "check-mode {checkMode}, pending {pending}, blocker {blocker}",
"aiRoute": "{lane} / {provider}",
"km": "{stale} stale over {days} days",
"callback": "missing {missing}, 1h {recent1h}, 24h {recent24h}"
}
}
}
},
"openclaw": {
"name": "OpenClaw",
"monitoring": "Monitoring",
"statusOk": "OK",
"statusWarning": "WARNING",
"messageOk": "All systems operational. No action required.",
"messageWarning": "{host} status abnormal. Recommend checking related services."
},
"ai": {
"title": "AI Decision Engine",
"intercepting": "[SYS] Intercepting anomaly signals...",
"analyzing": "OpenClaw analyzing blast radius...",
"calculating": "Calculating risk matrix & approval threshold...",
"generating": "Generating remediation script...",
"complete": "Analysis complete. Approval card created.",
"processingAlert": "Processing alert...",
"analysisComplete": "Analysis complete",
"patrolling": "Patrolling...",
"standby": "STANDBY",
"processFlow": "AI Decision Flow",
"processing": "Processing"
},
"agent": {
"title": "AI Agent",
"state": "State",
"idle": "Idle",
"standby": "Standby",
"patrolling": "Patrolling",
"intercepting": "Intercepting",
"analyzing": "Analyzing",
"generating": "Generating",
"complete": "Complete",
"executing": "Executing",
"waitingApproval": "Awaiting Approval",
"error": "Error",
"lastCheck": "Last check"
},
"metrics": {
"title": "Global Pulse",
"realtime": "Real-time",
"rps": "Requests/sec",
"errorRate": "Error Rate",
"p99Latency": "P99 Latency",
"aiSuccess": "AI Success"
},
"connection": {
"disconnected": "Disconnected",
"connecting": "Connecting...",
"subscribing": "Subscribing...",
"connected": "Live",
"streaming": "Streaming",
"reconnecting": "Reconnecting...",
"error": "Connection Error",
"mockMode": "MOCK"
},
"terminal": {
"title": "AWOOOI Terminal",
"version": "Version",
"waiting": "> Waiting for command...",
"initiate": "INITIATE SYNC",
"executing": ">_ EXECUTING...",
"events": "{count} events",
"stream": "STREAM: /agent/thinking",
"waitingForData": "Waiting for decision chain data...",
"steps": "Steps",
"streaming": "Streaming",
"paused": "Paused",
"blastRadius": "[ BLAST RADIUS ]",
"rootCauseChain": "[ ROOT CAUSE CHAIN ]",
"upstreamImpact": "[ UPSTREAM IMPACT ]",
"downstreamDependencies": "[ DOWNSTREAM DEPENDENCIES ]",
"dependsOn": "depends on",
"calls": "calls",
"finopsAnalysis": "[ FINOPS ANALYSIS ]",
"wastedPerMonth": "Wasted/mo",
"realizable": "Realizable",
"freed": "Freed",
"connecting": "Connecting...",
"connected": "Connected",
"streamComplete": "Stream complete",
"streamAborted": "Stream aborted",
"stop": "STOP",
"clear": "CLEAR"
},
"omniTerminal": {
"title": "OMNI-TERMINAL",
"fullTitle": "AWOOOI // OMNI-TERMINAL",
"shortcut": "⌘J",
"open": "Open Terminal",
"close": "Close Terminal",
"inputPlaceholder": "Enter command...",
"inputPlaceholderFull": "Enter command or ask AI... (e.g., /approval list)",
"sseLive": "SSE Live",
"offline": "Offline",
"system": "[SYS]",
"agent": "[AI]",
"user": "$",
"unknownComponent": "Unknown Component",
"executing": "Executing",
"completed": "Completed",
"failed": "Failed"
},
"nuclearKey": {
"authorize": "Authorize Execution",
"authorized": "Authorized",
"authorizing": "Authorizing...",
"holdToAuthorize": "Hold to authorize...",
"holdHintMobile": "Press and hold to authorize",
"holdHintDesktop": "Hold Y key or click and hold to authorize",
"keepHolding": "Keep holding to authorize...",
"highBlastRadius": "This action has a HIGH blast radius",
"executionAuthorized": "Execution Authorized & Completed",
"executionFailed": "Execution Failed",
"riskLevel": {
"low": "LOW",
"medium": "MEDIUM",
"high": "HIGH",
"critical": "CRITICAL"
}
},
"incident": {
"title": "Incident Management",
"activeIncidents": "Active Incidents",
"noActiveIncidents": "No active incidents",
"systemStable": "System Stable",
"activeAlerts": "active alerts",
"signals": "signals",
"proposals": "proposals",
"affectedServices": "Affected Services",
"emptyState": "No active incidents",
"emptyStateDescription": "All systems operational",
"status": {
"investigating": "Investigating",
"mitigating": "Mitigating",
"resolved": "Resolved",
"closed": "Closed"
},
"severity": {
"P0": "P0 (Critical)",
"P1": "P1 (High)",
"P2": "P2 (Warning)",
"P3": "P3 (Info)"
},
"generateProposal": "Generate Proposal",
"viewDetails": "View Details",
"card": {
"executing": "Executing...",
"approved": "[ APPROVED ]",
"rejected": "[ REJECTED ]",
"error": "Error",
"timeout": "Timeout",
"retry": "Retry",
"timeoutMessage": "Execution timeout, please check API logs",
"checkApiLogs": "Please check API logs",
"analyzing": "Brain analyzing...",
"waitingDecision": "Waiting for decision",
"authorizeExecution": "Authorize execution",
"rejectProposal": "Reject proposal",
"aiExecuting": ">_ AI Executing (Tier 1)",
"brainAnalyzing": ">_ Brain analyzing...",
"decisionReady": ">_ Decision ready (Tier {tier})",
"waitingCommander": ">_ Awaiting commander approval (Tier {tier})",
"suggestedAction": "> Suggested action:",
"authorize": "Authorize",
"reject": "Reject",
"anomaly": "anomaly",
"affectedServices": "Affected Services",
"signalCount": "Signals",
"statusLabel": "Status",
"aiProposal": "AI Proposal",
"aiProposalPreview": "AI Proposal: {action}",
"flowCurrentLabel": "Current stage",
"flowNextLabel": "Next step",
"flowSourceLabel": "Source",
"flowSourceTruthChain": "真相鏈 / ADR-100",
"flowSourceHeuristic": "incident status heuristic",
"flowVerdictLabel": "Verdict",
"flowEvidenceMcp": "MCP {count}",
"flowEvidenceOps": "Ops {count}",
"flowEvidenceKm": "KM {count}",
"flowEvidenceRepair": "Repair {count}",
"flowMcpDetail": "MCP detail: Gateway success {success} / failed {failed} / blocked {blocked}; first-class {firstClass}; legacy {legacy}; tools {tools}",
"flowExecutionDetail": "Execution detail: Executor {executor}; Operation {operation} / {status}; Ansible {ansible}; PlayBook {playbook}",
"flowExecutionAnsibleConsidered": "considered ({records} records / {candidates} candidates)",
"flowExecutionAnsibleNotUsed": "not used: {reason}",
"flowExecutionAnsibleEmpty": "--",
"flowSourceRefsDetail": "Source detail: Inbound {inbound} / Outbound {outbound}; Alert {alert}; Sentry {sentry}; SigNoz {signoz}; linked {linked} / candidate {candidate} ({correlation}); latest {latest}",
"flowSourceCorrelationStatus": {
"linked": "Directly linked",
"candidateFound": "Candidate found",
"providerFreshNoMatch": "Provider fresh, no match",
"missing": "No match yet",
"noIncidentContext": "Missing incident context",
"fetchFailed": "Read failed"
},
"flowTruthChainCurrent": "{stage} / {status}",
"flowComplete": "Complete",
"flowStages": {
"alert": "Alert received",
"detection": "AI detection",
"analysis": "AI analysis",
"proposal": "Proposal generated",
"approval": "Waiting approval",
"execution": "Repair execution",
"resolved": "Complete"
},
"processingTimeline": "Processing 時間線",
"timelineLoading": "Loading processing timeline...",
"timelineEvents": "Event Details",
"timelineSource": "Source",
"timelineRoute": "MCP",
"timelineWrites": "Writes"
}
},
"status": {
"idle": "Idle",
"thinking": "Thinking",
"syncing": "Syncing",
"executing": "Executing",
"waitingApproval": "Waiting Approval",
"error": "Error",
"healthy": "Healthy",
"warning": "Warning",
"critical": "Critical",
"degraded": "Degraded",
"unhealthy": "Unhealthy"
},
"approval": {
"title": "Approval Request",
"card": "Approval Card",
"approve": "APPROVE",
"reject": "REJECT",
"holdToApprove": "HOLD TO APPROVE",
"holdToConfirm": "HOLD TO CONFIRM",
"holdToSign": "HOLD TO SIGN",
"confirming": "CONFIRMING...",
"signing": "SIGNING...",
"needMore": "NEED {count} MORE",
"confirmDestructive": "CONFIRM DESTRUCTIVE",
"approveDestructive": "APPROVE (DESTRUCTIVE)",
"pendingApprovals": "Pending Approvals",
"riskLevel": "Risk Level",
"signatures": "SIGNATURES",
"requiredSignatures": "Required Signatures",
"currentSignatures": "Current Signatures",
"requestedBy": "Requested by",
"expiresAt": "Expires At",
"holdHint": "Hold button for {seconds}s to {action}",
"actionApprove": "approve",
"actionConfirm": "confirm destructive action",
"actionSign": "sign",
"waitingSecondSig": "Waiting for second approver",
"signedBy": "Signed by {name}",
"signedAt": "at {time}",
"signSuccess": "Signed successfully",
"executionTriggered": "Execution triggered",
"rejectSuccess": "Rejected",
"rejectReason": "Rejection reason",
"enterReason": "Enter rejection reason...",
"signComment": "Sign comment (optional)",
"enterComment": "Enter comment...",
"noApprovals": "No pending approvals",
"fetchError": "Failed to fetch approvals",
"noPendingApprovals": "No pending approvals",
"selectApproval": "Select an approval to view details",
"backToList": "Back to list",
"previousApproval": "Previous",
"nextApproval": "Next",
"holdToApproveHint": "Hold button to approve or reject",
"swipeHint": "Swipe left for details, swipe right to go back",
"holdYToApprove": "Hold Y to approve (2s)",
"pressNToReject": "Press N to reject",
"justNow": "just now",
"minutesAgo": "{count}m ago",
"hoursAgo": "{count}h ago",
"daysAgo": "{count}d ago",
"batch": {
"title": "Batch Mode",
"bulkApprove": "Accept All",
"sequential": "Review One by One",
"criticalOnly": "CRITICAL Only",
"eligible": "eligible",
"items": "items",
"securityNote": "CRITICAL risk and DESTRUCTIVE data impact items require individual review."
}
},
"risk": {
"low": "LOW RISK",
"medium": "MEDIUM RISK",
"high": "HIGH RISK",
"critical": "CRITICAL"
},
"dryRun": {
"title": "Dry-Run",
"validation": "DRY-RUN VALIDATION",
"passed": "Passed",
"failed": "Failed",
"checks": "Checks",
"rbac": "RBAC Check",
"syntax": "Syntax Check",
"resource": "Resource Check",
"replicaCount": "Replica Count",
"backupAvailable": "Backup Available",
"clusterAdmin": "cluster-admin",
"dbAdmin": "db-admin",
"deploymentAdmin": "deployment-admin",
"noRecentBackup": "No recent backup!",
"ok": "OK"
},
"blastRadius": {
"title": "BLAST RADIUS",
"affectedPods": "AFFECTED PODS",
"estimatedDowntime": "EST. DOWNTIME",
"relatedServices": "RELATED SERVICES",
"dataImpact": "DATA IMPACT",
"none": "NONE",
"readOnly": "READ ONLY",
"write": "WRITE",
"destructive": "DESTRUCTIVE"
},
"graphRag": {
"title": "Topology Analysis",
"blastRadius": "Blast Radius",
"rootCause": "Root Cause",
"upstreamImpact": "Upstream Impact",
"downstreamChain": "Downstream Chain",
"dependsOn": "depends on",
"calls": "calls",
"affectedCount": "Affected Count",
"probableRootCauses": "Probable Root Causes"
},
"finops": {
"title": "Cost Analysis",
"totalWasted": "Monthly Waste",
"realizableSavings": "Realizable Savings",
"freedResources": "Freed Resources",
"annualProjection": "Annual Projection",
"topActions": "Top Actions",
"orphanedPvc": "Orphaned PVC",
"zombiePod": "Zombie Pod",
"overProvisioned": "Over-provisioned"
},
"trustEngine": {
"title": "Trust Engine",
"trustScore": "Trust Score",
"progressive": "Progressive Autonomy",
"approved": "Approved",
"rejected": "Rejected",
"neverDowngrade": "Never Downgrade"
},
"multiSig": {
"title": "Multi-Sig",
"signature": "Signature",
"signedBy": "Signed By",
"signedAt": "Signed At",
"voided": "Voided",
"toctouWarning": "State Changed Warning"
},
"privacy": {
"title": "Privacy Shield",
"redacted": "Redacted",
"piiDetected": "PII Detected"
},
"mockData": {
"deletePod": "Delete Pod: nginx-frontend-7d4b8c9f5-xk2m3",
"deletePodDesc": "Clean up unresponsive frontend Pod, ReplicaSet will auto-rebuild",
"dropTable": "DROP TABLE: user_sessions",
"dropTableDesc": "Clear all user sessions, will force logout all users",
"scaleDeployment": "Scale Deployment: api-backend",
"scaleDeploymentDesc": "Scale from 3 to 5 replicas for increased traffic",
"testActions": {
"lowAction": "Scale deployment api-backend to 5 replicas",
"lowDesc": "Increase backend replicas to handle traffic growth",
"mediumAction": "kubectl delete pod nginx-ingress-7d6f8c9b5-abc12",
"mediumDesc": "Clean up unresponsive frontend Pod, ReplicaSet will auto-rebuild",
"criticalAction": "DROP TABLE user_sessions",
"criticalDesc": "Clear all user sessions to force re-login. This will affect all online users."
}
},
"actionLog": {
"title": "Action Log",
"subtitle": "K8s Operation Execution Audit Trail",
"noLogs": "No execution records",
"loading": "Loading...",
"fetchError": "Failed to fetch audit logs",
"columns": {
"time": "Execution Time",
"operation": "Operation Type",
"target": "Target Resource",
"namespace": "Namespace",
"status": "Status",
"duration": "Duration",
"executor": "Executor"
},
"operations": {
"DELETE_POD": "Delete Pod",
"RESTART_DEPLOYMENT": "Restart Deployment",
"SCALE_DEPLOYMENT": "Scale Deployment"
},
"status": {
"success": "Success",
"failure": "Failure"
},
"stats": {
"title": "Statistics",
"total": "Total Executions",
"successRate": "Success Rate",
"avgDuration": "Avg Duration",
"last24h": "Last 24 Hours"
},
"dryRun": {
"passed": "Dry-Run Passed",
"failed": "Dry-Run Failed"
},
"pagination": {
"page": "Page {current} of {total}",
"prev": "Previous",
"next": "Next"
}
},
"placeholder": {
"underConstruction": "Under Construction",
"authorizations": "[ AUTHORIZATIONS MODULE UNDER CONSTRUCTION ]",
"knowledgeBase": "[ KNOWLEDGE BASE MODULE UNDER CONSTRUCTION ]",
"settings": "[ SETTINGS MODULE UNDER CONSTRUCTION ]"
},
"footer": {
"copyright": "© 2026 岑洋國際行銷有限公司",
"poweredBy": "Powered by leWOOOgo Engine"
},
"errorBoundary": {
"systemFailure": "[SYSTEM FAILURE]",
"criticalError": "Critical UI rendering error detected. Auto-healing attempts exhausted.",
"escalating": "Escalating to OpenClaw AIOps Agent...",
"forceRestart": "FORCE MANUAL RESTART",
"detectingAnomaly": "[ DETECTING ANOMALY ]",
"autoHealingAttempt": "Initiating Auto-Healing Protocol (Attempt {attempt}/3)"
},
"errors": {
"title": "Error Tracking",
"subtitle": "Sentry Error Tracking + OpenClaw AI Analysis",
"overview": "Error Overview",
"recentIssues": "Recent Issues",
"errorTrend": "Error Trend",
"noData": "No error data",
"noIssues": "No issues at the moment",
"noTrendData": "No trend data",
"unresolvedIssues": "Unresolved Issues",
"errors24h": "Errors (24h)",
"criticalErrors": "Critical Errors",
"totalIssues": "Total Issues",
"totalErrors": "Total Errors ({period})",
"projects": "Projects",
"aiAnalyze": "AI Analyze",
"aiAnalysis": "AI Analysis Result",
"analyzing": "Analyzing...",
"rootCause": "Root Cause",
"fixSummary": "Fix Recommendation",
"category": "Category",
"confidence": "Confidence",
"loading": "Loading...",
"refresh": "Refresh",
"sentryDashboard": "Sentry Dashboard",
"footerInfo": "Data from Sentry Self-Hosted | AI Analysis: OpenClaw | Auto-refresh: 60s",
"timeAgo": {
"minutes": "{count}m ago",
"hours": "{count}h ago",
"days": "{count}d ago"
},
"uxAudit": {
"title": "UX Audit",
"noData": "No Session Replay data",
"replaysWithErrors": "Replays with Errors",
"uiErrors": "UI Errors",
"rageClicks": "Rage Clicks",
"deadClicks": "Dead Clicks",
"recentReplays": "Recent Replays",
"recentUIErrors": "Recent UI Errors",
"replayWithErrors": "Replay with {count} errors",
"occurrences": "{count} occurrences",
"viewDashboard": "View Replay Dashboard",
"health": {
"good": "Good",
"moderate": "Moderate",
"poor": "Poor"
}
}
},
"alerts": {
"autoRefresh": "Auto-refresh every {seconds}s",
"incidentCount": "{count, plural, one {# incident} other {# incidents}}",
"pageSummary": "Showing {from}-{to} of {total}",
"statusChainWindow": "AI flow evidence: {loaded}/{shown} on this page connected to 真相鏈",
"previousPage": "Previous",
"nextPage": "Next",
"pageIndicator": "Page {page} of {totalPages}",
"sourceCoverageTitle": "Source Dossier Coverage",
"sourceCoverageSubtitle": "DB persistence and Sentry / SigNoz references across the latest {limit} inbound source events",
"sourceCoverageError": "Source dossier coverage failed to load: {error}",
"sourceCoverageWithRefs": "With refs",
"sourceCoverageMissing": "Missing refs",
"sourceCoverageAlert": "Alert refs",
"sourceCoverageSentry": "Sentry refs",
"sourceCoverageSigNoz": "SigNoz refs",
"sourceCoverageRatio": "source refs coverage {ratio} / total {total}",
"sourceCoverageProvider": "{provider}: total {total}, missing {missing}, Sentry {sentry}, SigNoz {signoz}, latest {latest} ({age})",
"sourceCoverageProviderWindow": "{provider} window: total {total}, with refs {withRefs}, missing {missing}, latest {latest} ({age})",
"sourceCoverageFreshness": "{provider} latest {latest} ({age})",
"sourceCoverageFresh": "fresh",
"sourceCoverageStaleHours": "stale {hours}h",
"sourceCoverageStaleDays": "stale {days}d",
"sourceCoverageNoEvents": "no events"
},
"navSection": {
"aiCore": "AI Core",
"monitoring": "Monitoring & Security",
"ops": "Operations",
"knowledge": "Knowledge & 工具"
},
"sidebar": {
"expand": "Expand sidebar",
"collapse": "Collapse sidebar"
},
"settings": {
"title": "Settings",
"appearance": "Appearance",
"appearanceDesc": "Theme, fonts, density",
"appearanceSettings": "Appearance Settings",
"language": "Language",
"languageDesc": "Interface language",
"languageSettings": "Language Settings",
"notify": "Notifications",
"notifyDesc": "Telegram / browser notification preferences",
"notifySettings": "Notification Settings",
"system": "System Info",
"systemDesc": "Version & API endpoints",
"systemSettings": "System Info",
"compactMode": "Compact Mode",
"compactModeDesc": "Reduce spacing, show more content",
"designSystem": "Design System",
"designSystemValue": "Nothing.tech Pure White Industrial (fixed)",
"themeColor": "Theme Color",
"themeColorValue": "OpenClaw Blue + Orange Accent (fixed)",
"browserNotify": "Browser Push Notifications",
"browserNotifyDesc": "Show system notification on new Incident",
"p0Only": "P0 CRITICAL Only",
"p0OnlyDesc": "Filter low-severity alerts to reduce noise",
"telegramNotify": "Telegram Notifications",
"telegramNotifyDesc": "Pushed by OpenClaw Bot (requires backend config)",
"backendConfig": "Backend Config",
"frontendVersion": "Frontend Version",
"apiEndpoint": "API Endpoint",
"notConfigured": "(not configured)",
"phase": "Phase",
"save": "Save Settings",
"saved": "Saved",
"zhTW": "繁體中文",
"zhTWSub": "Traditional Chinese",
"en": "EN",
"enSub": "English (US)"
},
"autoRepair": {
"subtitle": "High-quality Playbook auto-execution · Risk ≤ MEDIUM · Success ≥ 95%",
"approvedPlaybooks": "Approved Playbooks",
"highQualityPlaybooks": "High-Quality Playbooks",
"highQualitySub": "Success ≥ 95% · Runs ≥ 10",
"totalExecutions": "Total Executions",
"overallSuccessRate": "Overall Success Rate",
"eligible": "✓ Auto-repair available",
"notEligible": "No high-quality Playbook yet",
"ready": "Auto-repair Ready",
"notReady": "Auto-repair Not Ready",
"readyDesc": "{count} high-quality Playbooks available",
"notReadyDesc": "Need at least 1 high-quality Playbook (success ≥ 95%, runs ≥ 10)",
"incidentEval": "Active Incident Evaluation (P1/P2)",
"canAutoRepair": "Can auto-repair",
"notEligibleShort": "Not eligible",
"riskLevel": "Risk Level",
"successRate": "Success Rate",
"execCount": "Executions",
"decisionReason": "Decision Reason",
"execSuccess": "Success ({ms}ms)",
"execFailed": "Failed: {error}",
"executing": "Executing...",
"execute": "Execute Repair",
"noEligible": "No incidents eligible for auto-repair",
"dispositionAuto": "Auto Repair",
"dispositionHuman": "Human Approved",
"dispositionManual": "Manual Resolved",
"dispositionCold": "Cold Start Trust"
},
"openclawPanel": {
"patrolling": "[AGENT] patrolling...",
"intercepting": "[SYS] Intercepting anomaly...",
"analyzing": "[SYS] Analyzing blast radius...",
"generating": "[SYS] Generating proposed action...",
"complete": "[SYS] Analysis complete"
},
"knowledgeBase": {
"title": "Knowledge Base",
"searchPlaceholder": "Search knowledge entries...",
"allCategories": "All",
"noResults": "No knowledge entries found",
"createEntry": "New Entry",
"viewCount": "views",
"relatedPlaybook": "Related Playbook",
"relatedIncident": "Related Incident",
"approve": "Approve",
"approving": "Approving...",
"archive": "Archive",
"archiving": "Archiving...",
"status": {
"draft": "Draft",
"review": "In Review",
"approved": "Approved",
"archived": "Archived",
"published": "Published"
},
"type": {
"incident_case": "Incident Case",
"runbook": "Runbook",
"best_practice": "Best Practice",
"postmortem": "Postmortem",
"auto_runbook": "Auto Runbook",
"anti_pattern": "Anti-Pattern"
},
"source": {
"ai_extracted": "AI Extracted",
"human": "Manual"
},
"category": {
"infrastructure": "Infrastructure",
"application": "Application",
"ai_system": "AI System",
"security": "Security / Compliance"
},
"filterByType": "Filter by type",
"filterByStatus": "Filter by status",
"entries": "entries",
"empty": "No knowledge entries yet",
"emptyDescription": "Entries will be auto-extracted from incidents, or you can create them manually",
"semanticSearchPlaceholder": "Enter semantic search query...",
"semanticOn": "Semantic",
"semanticOff": "Semantic",
"switchToSemantic": "Switch to semantic search (pgvector)",
"switchToKeyword": "Switch to keyword search",
"semanticSearchHint": "Enter a query to search with AI vector similarity"
},
"monitoring": {
"healthy": "Healthy",
"warning": "Warning",
"critical": "Critical",
"goldMetrics": "GOLD METRICS",
"hostStatus": "HOST STATUS (FOUR-HOST ARCHITECTURE)",
"serviceList": "SERVICE LIST",
"serviceName": "Service",
"status": "Status",
"latency": "Latency",
"uptime": "Uptime",
"lastCheck": "Last Check"
},
"services": {
"title": "Services",
"subtitle": "All services across hosts",
"name": "Service Name",
"host": "Host",
"status": "Status",
"cpu": "CPU%",
"ram": "RAM%",
"noServices": "No service data available",
"fetchError": "Failed to load services"
},
"topology": {
"title": "Topology",
"subtitle": "Service dependencies & health status",
"noHosts": "No host data available",
"fetchError": "Failed to load host data",
"services": "Services",
"cpu": "CPU",
"ram": "RAM",
"groupInfra": "Infrastructure",
"groupSecurity": "Security",
"groupK3s": "K3s Cluster",
"groupAiData": "AI/Data Center",
"allHealthy": "All Healthy",
"allReachable": "All Reachable",
"warning": "Warning",
"healthy": "Healthy",
"investigating": "Investigating",
"groupExternal": "External Services",
"hostDevops": "DevOps Vault",
"hostAiData": "AI+Web Hub",
"hostK3sMaster": "K3s Master",
"hostK3sWorker": "K3s Worker"
},
"notifications": {
"title": "Notifications",
"subtitle": "Notification channel settings",
"channel": "Channel",
"type": "Type",
"status": "Status",
"noChannels": "No notification channels",
"fetchError": "Failed to load notification channels"
},
"reports": {
"title": "Reports",
"subtitle": "Incident statistics summary",
"incidentSummary": "Incident Summary",
"resolutionStats": "Resolution Statistics",
"total": "Total",
"resolved": "Resolved",
"unresolved": "Unresolved",
"avgResolutionTime": "Avg Resolution Time",
"resolutionRate": "Resolution Rate",
"fetchError": "Failed to load report data",
"noData": "No statistics available",
"totalDispositions": "Total Dispositions",
"autoRate": "Automation Rate",
"humanRate": "Human Intervention Rate",
"autoRepair": "Auto Repair",
"humanApproved": "Human Approved",
"manualResolved": "Manual Resolved",
"coldStartTrust": "Cold Start Trust",
"dispositionBreakdown": "Disposition Breakdown",
"byAnomalyType": "By Anomaly Type",
"anomalyKey": "Anomaly Type"
},
"apm": {
"title": "APM",
"subtitle": "Application Performance Monitoring — Golden Signals",
"loading": "Loading...",
"metric": "Metric",
"value": "Value",
"status": "Status",
"openSignoz": "Open SigNoz",
"noData": "No APM data",
"noDataDescription": "APM integration pending, will display automatically after SignOz connects"
},
"apps": {
"title": "Applications",
"subtitle": "All host services status",
"loading": "Loading...",
"host": "Host",
"service": "Service",
"port": "Port",
"latency": "Latency",
"status": "Status",
"error": "Load failed",
"noApps": "No service data"
},
"billing": {
"title": "Usage",
"subtitle": "System operation usage statistics",
"loading": "Loading...",
"totalExecutions": "Total Executions",
"last24h": "Last 24h",
"successRate": "Success Rate",
"avgDuration": "Avg Duration",
"currentMonth": "This Month",
"totalUsage": "Total Usage",
"error": "Load failed",
"noData": "No usage data"
},
"compliance": {
"title": "Compliance",
"subtitle": "System governance & compliance status",
"loading": "Loading...",
"totalIncidents": "Total Incidents",
"resolvedRate": "Resolution Rate",
"approvedPlaybooks": "Playbooks",
"highQualityPlaybooks": "High-Quality Playbooks",
"executionSuccessRate": "Execution Success Rate",
"autoRepairEligible": "Auto-Repair Eligible",
"yes": "Yes",
"no": "No",
"error": "Load failed",
"noData": "No compliance data"
},
"cost": {
"title": "Cost Analysis",
"subtitle": "AI execution efficiency stats",
"loading": "Loading...",
"totalProposals": "Total Proposals",
"executionRate": "Execution Rate",
"successRate": "Success Rate",
"avgEffectiveness": "Avg Effectiveness",
"error": "Load failed",
"noData": "No cost data"
},
"deployments": {
"title": "Deployments",
"subtitle": "K3s service deployment status",
"loading": "Loading...",
"service": "Service",
"port": "Port",
"latency": "Latency",
"status": "Status",
"host": "Host",
"error": "Load failed",
"noDeployments": "No deployment data",
"name": "Service Name",
"version": "Version",
"time": "Time",
"cicd": {
"title": "CI/CD Deployment Evidence",
"subtitle": "Deployment, test, and rollout-risk status from AwoooP audit data",
"visibleCount": "{count} items",
"loading": "Loading CI/CD evidence...",
"error": "Failed to load CI/CD evidence",
"empty": "No CI/CD evidence yet",
"emptyValue": "--",
"durationSeconds": "{seconds}s",
"durationNotRecorded": "Duration not recorded",
"openWorkflow": "Open workflow",
"status": {
"failed": "Failed",
"pending": "Needs attention",
"running": "Running",
"success": "Success"
},
"stage": {
"buildDeploy": "Build and deploy",
"codeReview": "Code review",
"postDeploy": "Post deploy",
"postDeployChecks": "Post deploy checks",
"rolloutRisk": "Rollout risk recovered",
"tests": "Tests"
}
}
},
"help": {
"title": "Help",
"subtitle": "System information",
"version": "Version Info",
"appVersion": "Application Version",
"platform": "Platform",
"docs": "Documentation",
"docsDescription": "Visit AWOOOI Docs for full documentation"
},
"security": {
"title": "安全",
"subtitle": "錯誤與安全事件監控",
"loading": "載入中...",
"totalIssues": "問題總數",
"criticalIssues": "嚴重問題",
"errorRate": "錯誤率",
"recentIssues": "最近問題",
"issue": "問題",
"level": "等級",
"lastSeen": "最後出現",
"count": "次數",
"unresolvedIssues": "未解決問題",
"error": "載入失敗",
"noData": "無安全事件",
"iwooosBridge": {
"title": "已納入 IwoooS 只讀資安鏡像",
"subtitle": "這個既有安全 / 合規頁面現在會反向標示 IwoooS 納管狀態;只顯示整體進度、框架成熟度與 runtime 邊界,不新增掃描、修復、批准或部署按鈕。",
"compactTitle": "IwoooS",
"compactDetail": "61% / gate 0",
"openIwooos": "開啟 IwoooS",
"sourceLabel": "整合來源",
"sourceDetail": "SecurityPanel、CompliancePanel、standalone /security 與 /compliance 仍保留原本資料來源IwoooS 只做資安網索引與 mirror-only 姿態彙整。",
"boundaryLabel": "執行邊界",
"metrics": {
"overall": {
"label": "整體資安網",
"detail": "headline progress"
},
"framework": {
"label": "框架成熟度",
"detail": "docs / schema / read-only evidence"
},
"runtimeGates": {
"label": "Runtime 閘門",
"detail": "未開啟"
},
"actions": {
"label": "執行按鈕",
"detail": "未提供"
}
}
}
},
"tickets": {
"title": "Tickets",
"subtitle": "Incident ticket tracking",
"loading": "Loading...",
"id": "Ticket ID",
"title_col": "Title",
"status": "Status",
"priority": "Priority",
"createdAt": "Created At",
"error": "Load failed",
"noTickets": "No tickets"
},
"users": {
"title": "Audit Log",
"subtitle": "K8s operation execution records",
"loading": "Loading...",
"totalExecutions": "Total Executions",
"successCount": "Success",
"failureCount": "Failures",
"successRate": "Success Rate",
"avgDuration": "Avg Duration",
"recentOps": "Recent Operations",
"operation": "Operation Type",
"namespace": "Namespace",
"result": "Result",
"time": "Time",
"error": "Load failed",
"noUsers": "No audit records",
"name": "Name",
"role": "Role",
"status": "Status"
},
"emptyState": {
"noData": "--",
"comingSoon": "Integration pending"
},
"drift": {
"title": "Config Drift Detection",
"subtitle": "GitOps Guardian — Detects drift between K8s actual state and Git YAML",
"scan": "Scan Now",
"scanning": "Scanning...",
"loading": "Loading...",
"noReports": "No drift reports yet",
"noReportsHint": "CronJob scans hourly automatically, or click \"Scan Now\" to trigger manually",
"noDrift": "No Drift",
"reportId": "Report ID",
"scannedAt": "Scanned At",
"namespace": "Namespace",
"triggeredBy": "觸發來源ed By",
"highCount": "High",
"mediumCount": "Medium",
"infoCount": "Info",
"status": "Status",
"driftLevel": {
"high": "High",
"medium": "Medium",
"info": "Info"
},
"interpretation": "Nemotron Intent Analysis",
"noInterpretation": "No analysis needed (no drift)",
"rollback": "Rollback to Git",
"adopt": "Adopt Change",
"rollbackConfirm": "Rollback this resource to Git state?",
"adoptConfirm": "Adopt this change and update Git?",
"pending": "Pending",
"resolved": "Resolved",
"acknowledged": "Acknowledged",
"rolled_back": "Rolled back",
"adopted": "Adopted",
"ignored": "Ignored",
"fingerprintState": {
"title": "Same-fingerprint state chain",
"occurrences": "12h {count}x",
"report": "Report: {report}",
"state": "State: {state}",
"next": "Next: {step}",
"writes": "Writes: drift={drift}; incident={incident}; repair={repair}; ticket={ticket}",
"pr": "PR: {pr}; zeroDiff={zeroDiff}",
"p0Dedup": "P0 dedupe {hours}h",
"remediation": "Remediation: {status}; verification report: {report}",
"remediationKind": "Remediation kind: {kind}",
"remediationVerification": "Verification: {summary}",
"remediationNote": "Note: {note}"
}
},
"neuralCommand": {
"title": "Neural Command Center",
"subtitle": "SSH_COMMAND Chain of Command · OpenClaw 🦞 × NemoTron ⚡",
"lastRefresh": "Updated {time}",
"refresh": "Refresh",
"preFlightAudit": "Pre-Flight Audit",
"liveCommand": "Live Command",
"statsHistory": "Stats & History",
"nuclearApproval": "Nuclear Approval",
"preFlightTitle": "SSH_COMMAND Architecture Security Audit",
"preFlightSubtitle": "WHITELIST updated to production standard",
"progress": "Progress",
"riskLevel": "Risk Level",
"riskLow": "Low",
"auditStatus": "Audit Status",
"passed": "Passed",
"pending": "Pending",
"passBannerTitle": "Pre-Flight Passed — Architecture meets security standards",
"passBannerDesc": "8/8 checks passed · Shell Injection protection enabled · known_hosts mounted",
"statusFixed": "Fixed",
"statusPending": "Pending",
"featureToggles": "Feature Toggle Status",
"approvedPlaybooks": "Approved Playbooks",
"highQuality": "High Quality",
"totalExecutions": "Total Executions",
"successRate": "Success Rate",
"checkA1Label": "Key Check (known_hosts)",
"checkA1Desc": "K8s Secret mounted at /etc/repair-ssh/known_hosts",
"checkA2Label": "Whitelist (ConfigMap)",
"checkA2Desc": "Hardcoded Whitelist → K8s ConfigMap",
"checkA3Label": "Command Injection Filter",
"checkA3Desc": "Block ; | && $() · Max 512 chars",
"checkB1Label": "Audit Log",
"checkB1Desc": "Missing AuditLog → PostgreSQL write",
"checkB2Label": "Langfuse Trace",
"checkB2Desc": "SSH Trace Missing → Decision tracing added",
"checkC1Label": "Idempotency Lock (Redis)",
"checkC1Desc": "repair_lock prevents duplicate execution",
"checkC2Label": "Feedback Loop",
"checkC2Desc": "Success Rate Update → RAG confidence self-updates",
"checkC3Label": "Execution Path (.188)",
"checkC3Desc": "ansible:// forced to .188 control node",
"agentRoleOC": "Diagnosis & RAG Matching",
"agentRoleNemo": "Decision & Execution",
"todayMatches": "Today's Matches",
"ragConf": "RAG Conf",
"execSuccess": "Exec Success",
"avgDuration": "Avg Duration",
"pendingApproval": "Pending",
"alertRadar": "Alert Radar",
"chainTitle": "Neural Transmission Path",
"nodeDone": "Done",
"nodeActive": "Running",
"nodeWaiting": "Waiting",
"execStream": "Execution Stream",
"waitingApproval": "Awaiting commander approval",
"kpiSuccessRate": "Overall Success Rate",
"kpiTotalExec": "Total Executions",
"kpiPlaybooks": "Playbooks",
"kpiAvgDuration": "Avg Repair Time",
"kpiPendingAppr": "Pending Approvals",
"trendUp": "↑ {n}% this week",
"trendDown": "↓ {n}s this week",
"schemeBreakdown": "Execution Path Breakdown",
"playbookRanking": "Playbook Performance Ranking",
"thName": "Name",
"thType": "Type",
"thRate": "Success Rate",
"thCount": "Count",
"historyTimeline": "Repair History 時間線",
"ago": "ago",
"approvalTitle": "Host Layer Command — Commander Authorization Required",
"diagnosis": "Diagnosis",
"recommendation": "Recommendation",
"execPathDetails": "Execution Path Details",
"uriScheme": "URI Scheme",
"controlNode": "Control Node",
"targetHost": "Target Host",
"playbookPath": "Playbook",
"repairLock": "Idempotency Lock",
"riskMediumDesc": "Operation cannot be immediately reverted, but backup protection exists",
"confirmExec": "Hold 5s to Confirm Execution",
"rejectApproval": "Reject — Transfer to Manual",
"approvalGranted": "Authorization Granted",
"approvalGrantedDesc": "NemoTron is executing ansible-playbook...",
"approvalRejected": "Authorization Rejected",
"approvalRejectedDesc": "Transferred to manual handling",
"noHistory": "No repair history yet",
"noActiveAlerts": "No active alerts",
"noPlaybooks": "No playbook records yet",
"noApprovals": "No pending approvals",
"noApprovalsDesc": "All authorization requests have been processed",
"chainAlert": "Alert 觸發來源ed",
"chainRAG": "🦞 OpenClaw RAG Diagnosis",
"chainDecide": "⚡ NemoTron Decision",
"chainExec": "Executor Routing",
"chainIdleSub": "Waiting for new alerts...",
"backToList": "Back to List",
"approvalError": "Operation failed",
"processing": "Processing...",
"blastRadius": "Blast Radius",
"affectedPods": "Affected Pods",
"estimatedDowntime": "Est. Downtime",
"relatedServices": "Related Services",
"dataImpact": "Data Impact",
"dryRunChecks": "Dry-Run Checks",
"approvalQueueCount": "{count} pending approvals",
"dispositionBreakdown": "Disposition Breakdown",
"dispositionAuto": "Auto Repair",
"dispositionHuman": "Human Approved",
"dispositionManual": "Manual Resolved",
"dispositionCold": "Cold Start Trust",
"autoRateLabel": "Automation Rate"
},
"alertOpLogs": {
"title": "Alert Operation Logs",
"subtitle": "alert_operation_log · Full event stream",
"refresh": "Refresh",
"totalEvents24h": "24h Total Events",
"allEventTypes": "All Event Types",
"incidentIdFilter": "Filter by 事件 ID...",
"totalCount": "{count} total",
"colTime": "Time",
"colEventType": "Event Type",
"colIncident": "Incident",
"colActor": "Actor",
"colDetail": "Detail",
"colResult": "Result",
"loading": "Loading...",
"noRecords": "No records",
"loadError": "Failed to load, please retry",
"pageInfo": "Page {page} / {total}",
"prevPage": "Previous",
"nextPage": "Next",
"eventAlertReceived": "Alert Received",
"eventTelegramSent": "TG Notified",
"eventUserAction": "User Action",
"eventAutoRepairTriggered": "Auto Repair",
"eventExecutionStarted": "Execution Started",
"eventExecutionCompleted": "Execution Completed",
"eventTelegramResultSent": "TG Result",
"eventResolved": "Resolved",
"eventSilenced": "Silenced",
"eventEscalated": "Escalated",
"eventGuardrailBlocked": "Guardrail Blocked",
"eventPreFlightPassed": "Pre-flight Passed",
"eventPreFlightFailed": "Pre-flight Failed",
"eventBackupTriggered": "Backup 觸發來源ed",
"eventBackupCompleted": "Backup Completed",
"eventBackupFailed": "Backup Failed",
"eventApprovalEscalated": "Approval Escalated",
"eventChangeApplied": "Change Applied"
},
"commandPalette": {
"placeholder": "Search commands, pages or events...",
"noResults": "No results found",
"hint": "↑↓ Navigate Enter Select Esc Close",
"groupNav": "Navigation",
"groupActions": "Quick Actions",
"groupRecent": "Recent Events",
"actionOpenTerminal": "Open Omni-Terminal",
"actionGoHome": "Go to Command Center",
"actionGoObservability": "Go to Observability",
"actionGoAutomation": "Go to Automation",
"actionGoOperations": "Go to Operations",
"actionGoSecurity": "Go to Security & Compliance",
"actionGoKnowledge": "Go to Knowledge Hall",
"actionGoSettings": "Go to Settings",
"actionGoTerminal": "Go to Terminal",
"actionGoApprovals": "Go to Authorizations",
"actionGoIwooos": "Go to IwoooS"
},
"aiopsTimeline": {
"title": "AIOps Full 時間線",
"subtitle": "Alert → Investigation → Decision → Execution → Verification → Learning",
"mockBadge": "MOCK MODE",
"stages": {
"alert": "Alert 觸發來源ed",
"diagnose": "Investigation",
"decide": "AI Decision",
"execute": "Auto Execute",
"verify": "Verification",
"learn": "Learning Update"
},
"status": {
"success": "Success",
"running": "Running",
"failed": "Failed",
"skipped": "Skipped",
"pending": "Pending"
},
"filters": {
"incident_id": "事件 ID",
"incident_id_placeholder": "Search incident ID...",
"time_range": "Time Range",
"status_filter": "Status Filter",
"incident_count": "{count} incidents",
"timeRange": {
"1h": "1H",
"6h": "6H",
"24h": "24H",
"7d": "7D"
},
"statusFilter": {
"all": "All",
"success": "Success",
"failed": "Failed",
"running": "Running"
}
},
"incident": {
"started_at": "Started At",
"resolved_at": "Resolved At",
"duration": "Duration",
"in_progress": "In Progress",
"severity": "Severity",
"stages_summary": "{success} success / {total} stages",
"expand_all": "Expand All",
"collapse_all": "Collapse All"
},
"stage": {
"toggle_details": "Toggle {stage} details"
},
"evidence": {
"dimensions": "8D Dimensions",
"anomalyCount": "{count}/{total} anomaly dimensions",
"noData": "N/A"
},
"stageDetails": {
"alert": {
"name": "Alert Name",
"rule": "Rule",
"value": "Current Value",
"labels": "Labels"
},
"diagnose": {
"investigator": "Investigator",
"tools_used": "MCP 工具",
"hypothesis": "Root Cause Hypothesis",
"evidence": "8D Evidence"
},
"decide": {
"engine": "Decision Engine",
"fusion": "Fusion Method",
"confidence": "Confidence",
"confidenceThreshold": "Threshold {value}%",
"auto_execute": "Auto Execute",
"auto_yes": "Yes",
"auto_no": "No (requires approval)",
"playbook": "Playbook",
"decision": "Decision Command",
"reasoning": "Reasoning",
"alternates": "Alternate Decisions"
},
"execute": {
"command": "Command",
"target": "Target",
"executor": "Executor",
"duration": "Duration",
"stdout": "Output",
"exit_code": "Exit Code"
},
"verify": {
"verifier": "Verifier",
"outcome": "Outcome",
"checks": "Checks",
"trust_delta": "Trust Delta",
"notes": "Notes"
},
"learn": {
"playbook": "Playbook",
"trust_update": "Trust Update",
"km_entry": "Knowledge Base Entry",
"summary": "Learning Summary"
}
},
"loading": "Loading timeline data...",
"empty": {
"title": "No incidents found",
"subtitle": "No AIOps incidents match the current filters"
},
"error": {
"title": "Failed to load data",
"retry": "Retry"
}
},
"governance": {
"title": "AI Governance",
"complianceBadge": {
"label": "AI Governance",
"loading": "Loading...",
"score": "Overall Compliance",
"target": "Target ≥ 95%"
},
"tabs": {
"slo": "SLO Dashboard",
"events": "Governance Events",
"queue": "AI Queue"
},
"comingSoon": "This tab is coming soon",
"slo": {
"kpi": {
"autonomy_rate": "Autonomy Rate",
"decision_accuracy": "Decision Accuracy",
"confidence_calibration": "Confidence Calibration",
"km_growth_rate": "KM Growth Rate",
"mcp_call_diversity": "MCP Call Diversity",
"auto_execute_success_rate": "Auto Execute Success",
"human_override_rate": "Human Override Rate",
"verifier_false_neg_rate": "Verifier False Negative",
"current": "Current",
"target": "Target",
"sparkline": "7-day trend",
"loading": "Loading...",
"error": "Failed to load",
"noData": "No data",
"sampleCount": "Samples {count}",
"window": "Window {window}",
"state": {
"ok": "OK",
"warning": "Below target",
"violated": "Hard red line",
"skipped_low_volume": "Low sample wait",
"no_data": "No data",
"error": "Query failed",
"partial": "Partially evaluable"
},
"reason": {
"none": "None",
"denominator_below_minimum_events": "Denominator events too low",
"prometheus_nan_or_inf": "Prometheus has no valid denominator yet",
"prometheus_empty_result_metric_not_emitted": "Prometheus has not returned the metric yet",
"unknown": "Reason pending"
}
},
"chart": {
"title": "30-day Violation 時間線",
"xAxisLabel": "Date",
"yAxisLabel": "Count",
"loading": "Loading chart...",
"error": "Chart failed to load",
"empty": "No violations in the last 30 days",
"tooltip": "Violations"
},
"compliance": {
"title": "Overall Compliance",
"target": "Target ≥ 95%"
},
"coverage": {
"title": "Verification Coverage",
"subtitle": "Auto-repair executions and verifier writeback in the last {window}",
"totalAuto": "Auto repairs",
"verifiedAuto": "Verified",
"unverifiedAuto": "Unverified",
"coverageRate": "Coverage",
"successRate": "Success verification",
"lastVerified": "Last verified execution",
"reasonLabel": "Reason",
"failureBreakdown": "Non-success Verification Classes",
"recentFindings": "Recent Non-success Verification",
"remediationQueue": "Remediation Work Queue",
"queueSummary": "Total {total}; AI-ready {ready}; human {human}",
"dryRunButton": "Dry run",
"dryRunLoading": "Running",
"dryRunResult": "{mode}; preview {result}; tools {tools}",
"dryRunHistoryRecorded": "History recorded",
"dryRunHistorySummary": "History {count}x; last {time}; {route}",
"dryRunBlocked": "Dry run blocked",
"dryRunError": "Dry run failed",
"state": {
"ok": "OK",
"warning": "Needs tracking",
"violated": "Hard red line",
"skipped_low_volume": "Waiting for samples",
"no_data": "No data",
"error": "Query failed"
},
"reason": {
"none": "None",
"no_auto_repair_executions_24h": "No auto-repair executions in the last 24h",
"verification_backlog_present": "Some auto repairs are missing verification results",
"non_success_verification_present": "degraded / failed / timeout verification exists",
"postgresql_query_error": "PostgreSQL query failed"
},
"failureClass": {
"unsupported_action_scheme": "PlayBook action misses supported executor",
"verifier_missing_promql": "Verifier missing PromQL query",
"verifier_target_missing_pod": "Verifier missing pod target",
"auto_repair_execution_failed": "Auto repair execution failed",
"verification_failed": "Verification failed",
"verification_timeout": "Verification timed out",
"verification_degraded": "Verification degraded",
"unknown": "Pending classification"
},
"nextStep": {
"normalize_playbook_executor": "Fix PlayBook executor",
"add_verifier_query_template": "Add verifier query template",
"map_verifier_target": "Map verifier target",
"review_auto_repair_execution": "Inspect auto repair record",
"escalate_verification_failure": "Escalate verification failure",
"review_degraded_verification": "Review degraded evidence"
},
"remediationStatus": {
"ready_for_replay": "Ready for replay",
"ready_for_reverify": "Ready to reverify",
"needs_target_mapping": "Needs target mapping",
"needs_playbook_ticket": "Needs ticket",
"manual_review": "Manual review",
"unknown": "Pending classification"
},
"remediationAction": {
"replay_with_supported_executor": "Replay with supported executor",
"reverify_with_promql_template": "Reverify with PromQL template",
"map_target_and_reverify": "Map target and reverify",
"create_playbook_ticket": "Create PlayBook ticket",
"escalate_verification_failure": "Escalate verification failure",
"inspect_degraded_evidence": "Inspect degraded evidence"
}
},
"legacyHitl": {
"title": "Legacy HITL Pending",
"subtitle": "These items come from approval_records, not AwoooP run approvals. They still need to be visible in the operator console.",
"openAuthorizations": "Open Authorizations",
"loadFailed": "Failed to load Legacy HITL backlog: {error}",
"tableLabel": "Legacy HITL pending approvals",
"moreRows": "Showing the latest 8 items. Open Authorizations for the remaining {count}.",
"noTelegram": "no TG",
"telegramRef": "TG #{id}",
"summary": {
"pending": "Pending",
"noTelegram": "No Telegram message",
"observe": "Observe/no action",
"critical": "Critical"
},
"columns": {
"risk": "Risk",
"action": "Action",
"incident": "Incident",
"source": "Source",
"created": "Created"
}
}
},
"events": {
"filter": {
"eventType": "Event Type",
"dateRange": "Date Range",
"status": "Status",
"severity": "Severity",
"eventId": "Event ID",
"eventIdPlaceholder": "Paste governance_event_id",
"clearAll": "Clear All",
"allStatuses": "All Statuses",
"resolved": "Resolved",
"unresolved": "Unresolved",
"allSeverities": "All Severities",
"critical": "Critical",
"warning": "Warning",
"info": "Info",
"placeholder": "Select event types...",
"from": "From",
"to": "To"
},
"column": {
"eventType": "Event Type",
"triggeredAt": "觸發來源ed At",
"status": "Status",
"impact": "Impact Summary",
"actions": "Actions"
},
"detail": {
"rawData": "Raw Data",
"remediation": "Remediation",
"dispatch": "Dispatch Log",
"noRemediation": "No remediation available",
"noDispatch": "No dispatch records"
},
"eventType": {
"slo_violation": "SLO Violation",
"governance_slo_data_gap": "SLO Data Gap",
"knowledge_degradation": "KM Needs Update",
"kb_stale": "Stale KM",
"execution_blast_radius": "Execution Blast Radius",
"conservative_mode": "Conservative Mode",
"replay_degraded": "Replay Degraded",
"self_demotion": "AI Self-demotion",
"slo_breach": "SLO Breach",
"accuracy_drop": "Accuracy Drop",
"km_stall": "KM Stall",
"mcp_failure": "MCP Failure",
"trust_degradation": "Trust Degradation",
"unknown": "Unknown"
},
"status": {
"resolved": "Resolved",
"unresolved": "Unresolved"
},
"severity": {
"critical": "Critical",
"warning": "Warning",
"info": "Info"
},
"emptyState": "No governance events",
"emptyStateHint": "System is operating normally",
"errorState": "Failed to load events",
"retry": "Retry",
"page": "Page",
"of": "of",
"prevPage": "Previous",
"nextPage": "Next",
"perPage": "20 per page ·",
"expand": "Expand details",
"collapse": "Collapse details"
},
"queue": {
"status": {
"connected": "Live updates",
"disconnected": "Offline mode",
"connecting": "Connecting..."
},
"column": {
"eventType": "Event Type",
"createdAt": "Created At",
"proposedAction": "Proposed Action",
"playbookTrust": "Playbook Trust",
"dispatchStatus": "Status"
},
"action": {
"approve": "Approve",
"reject": "Reject",
"approveTitle": "Approve this action",
"rejectTitle": "Reject this action"
},
"history": {
"title": "History",
"succeeded": "Succeeded",
"failed": "Failed",
"empty": "No history records"
},
"emptyState": {
"noTable": "Dispatch table not yet built",
"noTableHint": "Track D dispatch table is initializing",
"noPending": "No pending items",
"noPendingHint": "AI system is operating normally"
},
"sse": {
"label": "Live Updates",
"connected": "Connected",
"disconnected": "Disconnected"
},
"pendingSection": "Pending",
"loading": "Loading queue...",
"error": "Failed to load queue",
"retry": "Retry"
}
},
"awooop": {
"home": {
"eyebrow": "AI Automation 控制面",
"title": "AwoooP Governance Overview",
"subtitle": "Unifies tenants, contracts, runs, approvals, and channel state into one operator surface so the AI flywheel and governance plane do not drift apart.",
"refresh": "Refresh",
"snapshotStatus": "Snapshot Status",
"lastUpdated": "Last Updated",
"migrationMode": "Migration Mode",
"migrationValue": "mirror / shadow",
"ready": "In Sync",
"loading": "Loading",
"degraded": "Degraded",
"sourceFlow": {
"title": "Source Flow and Work Progress",
"subtitle": "Reads recent Channel Event recurrence data so the overview shows source persistence, run linkage, work items, and source correlation state.",
"sourceEvents": "{count} source events",
"unavailable": "Unavailable",
"loadFailed": "Unable to load the source flow overview. Check the Work Chain or 執行監控 recurrence API.",
"empty": "No source event data is available yet.",
"metrics": {
"linkedRuns": "Run 連結age",
"linkedRunsDetail": "Unlinked events: {unlinked}",
"openWork": "Open Work",
"openWorkDetail": "No repair {gap} / manual gates {manual} / failed repairs {failed}",
"sourceDecision": "Source Decision",
"sourceDecisionNone": "No Review",
"sourceDecisionDetail": "Recorded reviews: {recorded}",
"latest": "Latest Event",
"latestDetail": "{groups} recurrence groups"
},
"progress": {
"linked": "Source to Run Coverage",
"linkedDetail": "Whether source events can be traced back to Run / Incident",
"work": "Work Item Cleanup",
"workDetail": "Whether recurrence groups still have open work",
"decision": "Source Match Decision",
"decisionDetail": "Whether source review / apply has a decision record"
},
"actions": {
"workItems": "Handle Work Items",
"workItemsDetail": "{count} open groups need handling or confirmation",
"runs": "Inspect Run 連結age",
"runsDetail": "Unlinked events: {unlinked}",
"approvals": "Check Human Gates",
"approvalsDetail": "{count} manual gates need human judgment",
"sourceReviews": "Review Source Matches",
"sourceReviewsDetail": "{count} source reviews need a decision"
}
},
"quality": {
"title": "Automation Quality",
"subtitle": "Whether recent alerts actually reached AI auto-repair, verification, and learning writeback in the last 24 hours.",
"claimReady": "Full Loop Claim Ready",
"claimBlocked": "Full Loop Claim Blocked",
"unavailable": "Unavailable",
"loadFailed": "Unable to load the automation quality summary. Check Operator permissions and the 真相鏈 API.",
"empty": "No alert quality data is available yet.",
"yes": "Yes",
"no": "No",
"metrics": {
"evaluated": "Evaluated Alerts",
"evaluatedDetail": "Same quality gate applied",
"verified": "Verified Auto-Repairs",
"verifiedDetail": "Requires auto-repair plus verification",
"averageScore": "Average Score",
"averageScoreDetail": "0 to 100 process completeness",
"claim": "Production Claim",
"claimReadyDetail": "Every alert completed the verified loop",
"claimBlockedDetail": "Some alerts still lack execution, verification, or learning records"
},
"scoreBuckets": "Score Buckets",
"scoreBucketsDetail": "{total} evaluated alerts",
"green": "Green",
"yellow": "Yellow",
"red": "Red",
"verdictTitle": "Verdict Distribution",
"gateFailureTitle": "Top Gaps",
"scoreRange": "min {min} / max {max} / avg {avg}",
"verdicts": {
"autoRepairedVerified": "Auto-Repaired and Verified",
"executionUnverified": "Executed but Unverified",
"executionFailed": "Execution Failed",
"manualRequiredNoAction": "Manual Required: NO_ACTION",
"approvalRequired": "Waiting for Approval",
"observedNotExecuted": "Observed but Not Executed",
"receivedOnly": "Received Only"
},
"gates": {
"sourcePersisted": "Source Persisted",
"outboundRecorded": "Outbound Recorded",
"evidenceCollected": "Evidence Collected",
"mcpGatewayObserved": "MCP 閘道",
"approvalState": "Approval State",
"executionRecorded": "Execution Recorded",
"autoRepairRecorded": "Auto-Repair Recorded",
"verificationRecorded": "Verification Recorded",
"learningRecorded": "Learning Writeback",
"timelineRecorded": "時間線 Recorded",
"unknown": "Unknown Gate"
},
"gateStatuses": {
"failed": "Failed",
"missing": "Missing"
},
"claimReadyDetail": "Every alert completed the verified loop",
"claimBlockedDetail": "Some alerts still lack execution, verification, or learning records"
},
"metrics": {
"tenants": "Tenants",
"tenantsDetail": "{active} active, {shadow} in shadow",
"runs": "操作執行紀錄",
"runsDetail": "執行狀態 is the single view into async work",
"approvals": "Pending Approvals",
"approvalsDetail": "Every high-risk action must stop at the human gate",
"contracts": "Contracts",
"contractsDetail": "專案 / 代理 / Policy contract publish state"
},
"disposition": {
"title": "Disposition Semantics",
"diagnosis": {
"title": "Read-only Diagnosis",
"signal": "AI collected evidence",
"owner": "Owner: AI summarizes, SRE judges",
"route": "Route: Run monitor / incident detail"
},
"approval": {
"title": "Human Gate",
"signal": "High-risk approval pending",
"owner": "Owner: SRE approve / reject",
"route": "Route: Approval queue"
},
"execute": {
"title": "Auto Execution",
"signal": "Low-risk closure path",
"owner": "Owner: MCP 閘道 executes and audits",
"route": "Route: 執行狀態 / Audit"
},
"manual": {
"title": "Manual Escalation",
"signal": "AI cannot safely repair",
"owner": "Owner: war room takes over",
"route": "Route: AwoooI SRE war room"
}
},
"lanes": {
"title": "Flywheel Lanes",
"live": "Live",
"mirror": "Mirror",
"providerName": "Provider Order",
"providerDetail": "GCP-A Ollama -> GCP-B Ollama -> 111 Ollama -> OpenClaw/Nemo -> Gemini",
"mcpName": "MCP 閘道",
"mcpDetail": "MCP 閘道 stays in mirror / wrap mode before audit and redaction are proven as the only execution gate",
"channelName": "Channel Hub",
"channelDetail": "Telegram / LINE / Slack enter Channel Event first, then message ownership moves gradually",
"approvalName": "Approval Plane",
"approvalDetail": "執行狀態 and Approval plane share one approval meaning"
},
"next": {
"title": "Next Actions",
"item1": "Review run monitor and provider fallback",
"item2": "Handle pending high-risk approvals",
"item3": "Review contract lifecycle",
"item4": "Open the AwoooP work map"
},
"securityMirror": {
"title": "IwoooS 資安鏡像",
"subtitle": "AwoooP 首頁已以正式只讀方式顯示 IwoooS / 資安鏡像狀態,讓使用者理解資安網進度與邊界;這不是執行入口,也不接執行路由器。",
"badge": "正式只讀",
"openIwooos": "開啟 IwoooS",
"checkpointsTitle": "接入檢查",
"boundaryLabel": "安全邊界",
"boundaryTitle": "仍維持低摩擦框架期",
"boundaryDetail": "這個面板只顯示已提交快照與防護檢查口徑,不呼叫 Kali、GitHub、Gitea 或執行期 API也不提供掃描、執行、修復、部署、主要來源切換或分支 / 標籤參照動作。",
"metrics": {
"headline": {
"label": "整體資安網",
"detail": "已因 AwoooP 正式只讀 landing 證據保守重估;其餘 owner response、runtime gate 與 GitHub primary 仍等待。"
},
"framework": {
"label": "框架成熟度",
"detail": "治理、文件、結構定義、只讀證據與 IwoooS 投影已接近完整。"
},
"runtime": {
"label": "落地執行",
"detail": "AwoooP 只讀 landing 已有證據執行期匯入、GitHub 主要來源與 runtime gate 仍未開。"
},
"activeGates": {
"label": "主動執行閘門",
"detail": "目前維持 0任何主機或阻擋型控制都仍需獨立批准。"
}
},
"checkpoints": {
"iwooosProjection": {
"title": "IwoooS 投影可讀",
"detail": "AwoooP 只顯示 IwoooS 態勢、進度、證據參照與禁止動作。"
},
"rollupGuard": {
"title": "防護檢查口徑一致",
"detail": "接手前維持 security-mirror-progress-guard.py 與 source-control-owner-response-guard.py 綠燈。"
},
"ownerResponse": {
"title": "負責人回覆仍等待",
"detail": "S4.9 到 S4.12 收到 / 接受都仍為 0不把顯示狀態當驗收完成。"
},
"productionLanding": {
"title": "正式只讀入口已完成",
"detail": "已以正式站部署與只讀消費證據納入 61% 重估;仍不代表 execution router 或 runtime 授權。"
}
}
},
"githubPrimaryReadiness": {
"title": "GitHub 主要來源就緒度",
"subtitle": "AwoooP home mirrors the source-control readiness gap for moving from Gitea to GitHub. It is framework-phase visibility only: no repo creation, refs mutation, 機密明文值 collection, or primary switch.",
"badge": "Read-only summary",
"openIwooos": "Open IwoooS",
"readinessRefsTitle": "Readiness Evidence Refs",
"boundaryLabel": "GitHub Primary Boundary",
"boundaryTitle": "Primary switch is still blocked",
"boundaryDetail": "This summary only displays committed snapshots and 負責人回覆 gaps. It is not GitHub primary approval, repo creation authorization, refs mutation, secret collection, Gitea disablement, or runtime execution.",
"metrics": {
"candidateRepos": {
"label": "候選專案庫",
"detail": "S2.63 has identified 8 candidate repos. This does not authorize GitHub repo creation."
},
"inScopeRepos": {
"label": "範圍內專案庫",
"detail": "7 repos are in the primary readiness scope and still wait for 負責人回覆."
},
"primaryReady": {
"label": "Primary Ready",
"detail": "The ready count remains 0; do not switch GitHub primary or disable Gitea."
},
"ownerResponses": {
"label": "Owner Responses",
"detail": "22 response templates remain 0 received / 0 accepted."
},
"workflowInventory": {
"label": "工作流程清冊",
"detail": "工作流程 / 機密 name inventory is still incomplete for 7 repos."
}
},
"readinessRefs": {
"primaryReadiness": "The GitHub primary readiness gate remains a candidate and must not trigger repo creation or visibility changes.",
"ownerValidation": "The 負責人回覆 validation rollup shows all four response packets still waiting for human reply and acceptance.",
"rollbackAdr": "The rollback ADR has no owner-approved dry-run yet, so GitHub cannot become primary.",
"workflowInventory": "工作流程 / 機密 name inventory collects names and routing only; it does not collect 機密明文值s or change GitHub 機密設定."
}
},
"ownerResponseValidation": {
"title": "Owner Response Validation Rollup",
"subtitle": "AwoooP home shows the S4.9-S4.12 負責人回覆 packets, intake, validation, and audit checks in one read-only board. 已收到 / 已接受 / rejected all remain 0, so this is not approval or execution authorization.",
"badge": "Read-only validation",
"openIwooos": "Open IwoooS",
"packetsTitle": "Four Waiting Response Packets",
"validationTitle": "Validation And Audit Checks",
"boundaryLabel": "Validation Boundary",
"boundaryTitle": "Still waiting for owner evidence",
"boundaryDetail": "This rollup only displays source_control_owner_response_validation_rollup_v1. It must not be treated as 負責人回覆 received, 負責人回覆 accepted, GitHub primary approval, repo / refs / 工作流程 / 機密 authorization, or runtime execution.",
"fields": {
"templates": "Templates",
"received": "Received",
"accepted": "Accepted",
"rejected": "Rejected"
},
"metrics": {
"packets": {
"label": "Response Packets",
"detail": "S4.9-S4.12 are all still waiting for 負責人回覆s."
},
"templates": {
"label": "Response Templates",
"detail": "22 templates are questions for owners, not sent requests."
},
"received": {
"label": "Received",
"detail": "Still 0; visibility is not receipt completion."
},
"accepted": {
"label": "Accepted",
"detail": "Still 0; GitHub primary and 執行期閘門s remain blocked."
},
"rejected": {
"label": "Rejected",
"detail": "Still 0; raw payload or 機密明文值s must be quarantined."
}
},
"packets": {
"giteaInventory": {
"title": "Gitea Inventory Owner Attestation",
"detail": "Collect public-only / local gap, org / user endpoint, 110 adjacent scope, canonical owner, and legacy disposition."
},
"githubTarget": {
"title": "GitHub Target Owner Decision",
"detail": "Confirm target, visibility, and canonical owner per repo; do not create repos or change visibility."
},
"refTruth": {
"title": "Refs Truth Owner Response",
"detail": "Confirm main / dev truth, deprecated drift, release tags, and GitHub-only refs; do not sync, delete, or force push refs."
},
"workflowSecret": {
"title": "Workflow / Secret Name Owner Response",
"detail": "Collect workflow, runner, deploy key, branch protection, secret names, and owner metadata only; never collect 機密明文值s."
}
},
"checks": {
"crossPacket": {
"label": "Cross-Packet Checks",
"detail": "10 cross-packet checks only validate consistency."
},
"evidenceRouting": {
"label": "Evidence Routing",
"detail": "6 routing rules only route to more evidence, quarantine, or read-only updates."
},
"displaySections": {
"label": "Display Sections",
"detail": "8 sections define AwoooP read-only display order."
},
"stateTransitions": {
"label": "State Transitions",
"detail": "7 rules define review semantics only; no execution."
},
"reviewerChecklist": {
"label": "Reviewer Checklist",
"detail": "9 checklist items guide human review."
},
"reviewerOutcomes": {
"label": "Reviewer Outcomes",
"detail": "7 lanes only route to more evidence, quarantine, rejection, or later gates."
}
}
}
},
"workItems": {
"title": "Work Chain",
"subtitle": "{count} control points synced from production 真相鏈 and governance data",
"refresh": "Refresh",
"lastUpdated": "Last updated {time}",
"tableLabel": "AwoooP work chain",
"open": "Open",
"summary": {
"live": "Completed",
"inProgress": "In Progress",
"watching": "Watching",
"blocked": "Blocked"
},
"status": {
"live": "Completed",
"in_progress": "In Progress",
"blocked": "Blocked",
"watching": "Watching"
},
"columns": {
"phase": "Phase",
"work": "Work Item",
"status": "Status",
"surface": "Frontend Surface",
"source": "Data Source",
"evidence": "Production Evidence",
"gate": "Completion Gate",
"link": "連結"
},
"surfaces": {
"runs": "執行監控 / 執行詳情",
"governance": "Governance Events / SLO",
"workItems": "Work Chain",
"iwooos": "IwoooS / Security Mirror"
},
"items": {
"sourceDossier": {
"title": "Source event dossier and 真相鏈 mirror"
},
"autoRepair": {
"title": "Low-risk Alertmanager auto-repair loop"
},
"recurrenceWorkItems": {
"title": "Recurring alert work item / ticket entry"
},
"aiRouteRepairWorkItem": {
"title": "AI Provider primary-lane repair work item"
},
"configDriftFsm": {
"title": "Config Drift fingerprint state machine"
},
"remediationQueue": {
"title": "Non-success verification remediation queue"
},
"telegramCallbacks": {
"title": "Telegram detail / history as DB 真相優先"
},
"callbackOwnerReview": {
"title": "Callback missing KM owner-review work item"
},
"callbackTraceRecoveryBacklog": {
"title": "Callback trace recovery backlog"
},
"ciSecretHygiene": {
"title": "CI/CD secret log exposure hardening"
},
"governanceDispatch": {
"title": "Governance alert dispatch and dedupe"
},
"knowledgeHealthcheck": {
"title": "KM healthcheck dispatch state"
},
"frontendConsole": {
"title": "AwoooP 操作控制台 productization"
},
"mcpGateway": {
"title": "MCP 閘道 usage evidence overview"
},
"timelineContract": {
"title": "時間線 / KM / PlayBook writeback consistency"
},
"iwooosSecurityMirror": {
"title": "IwoooS security mirror read-only work item"
},
"githubPrimaryReadiness": {
"title": "GitHub 主要來源就緒度 read-only work item"
},
"ownerResponseValidation": {
"title": "負責人回覆 validation read-only work item"
}
},
"gates": {
"sourceDossier": "Inbound alerts must show received / incident_linked / source refs",
"autoRepair": "Requires auto_repair, verification_result=success, and KM writeback",
"recurrenceWorkItems": "Completed-without-repair, failed repair, and manual gate groups must become trackable work items",
"aiRouteRepairWorkItem": "Provider lane degradation must expose evidence, owner, PlayBook candidate, and auto-repair safety",
"configDriftFsm": "The same drift fingerprint must expose recurrence, PR, zero diff, handoff, and next step",
"remediationQueue": "Every degraded / failed / timeout row must map to replay, reverify, ticket, or manual review",
"telegramCallbacks": "Detail and history buttons cannot depend only on Redis TTL or stale snapshots",
"callbackOwnerReview": "Telegram detail/history callbacks without a KM owner-review link must become trackable work items",
"callbackTraceRecoveryBacklog": "Callback trace gaps must show recovery signal, 24h decay, and the backlog next step",
"ciSecretHygiene": "Workflows must not mount 機密設定 in step env / action inputs; historical logs still need rotation and retention governance",
"governanceDispatch": "Governance alerts must enter dispatch and expose skipped / pending / repaired",
"knowledgeHealthcheck": "knowledge_degradation must show Hermes / OpenClaw / ElephantAlpha ownership, current stage, and owner review point",
"frontendConsole": "Completed and in-progress work must be trackable from the frontend",
"mcpGateway": "MCP usage must show agent, tool, scope, and blocked reason",
"timelineContract": "Incident, Approval, Evidence, KM, and 時間線 must not contradict each other",
"iwooosSecurityMirror": "Track security mesh progress and boundaries as read-only only; do not create scan, execute, repair, deploy, primary switch, or 執行期閘門 actions",
"githubPrimaryReadiness": "Track the Gitea-to-GitHub readiness gap as read-only only; do not create repos, change visibility, sync refs, collect 機密明文值s, switch primary, or disable Gitea",
"ownerResponseValidation": "Track the four 負責人回覆 validation packets as read-only only; do not treat the work item as received, accepted, an approval record, a primary switch, or a 執行期閘門"
},
"evidence": {
"channelEvents": "Recent Alertmanager 通道事件: {count}",
"autoRepair": "Verified auto-repairs: {verified}/{evaluated}",
"recurrenceWorkItems": "Recurring alert work: {open}; no repair: {gap}; failed repair: {failed}; manual gates: {manual}; source review: {source}",
"recurrenceLatest": "Latest: {alert} / {incident}",
"recurrenceReason": "Reason: {reason}",
"recurrenceSourceReviewRecorded": "Source reviews recorded: {count}",
"recurrenceSourceApplied": "Source matches applied: {count}",
"recurrenceEmpty": "No open recurring-alert work item in the recent window",
"aiRouteRepairWorkItem": "AI route: {lane}; current {selected}; target {target}; {blockers} blockers",
"aiRouteRepairWorkItemId": "Work item: {id}",
"aiRouteRepairSkipped": "Skipped: {skipped}",
"aiRouteRepairOwner": "Owner: {owner}; lead agent: {lead}",
"aiRouteRepairPlaybook": "PlayBook: {playbook}; {steps} steps",
"aiRouteRepairSafety": "Safe auto-repair: {safe}",
"aiRouteRepairUnavailable": "AI route repair evidence has not returned yet",
"driftFingerprint": "Config Drift: {state}; {count}x in 12h",
"driftFingerprintUnavailable": "Config Drift fingerprint state API has not responded",
"driftFingerprintId": "Fingerprint: {fingerprint}; Report: {report}",
"driftFingerprintPr": "PR: {pr}; zeroDiff={zeroDiff}",
"driftFingerprintNext": "Next: {step}",
"driftFingerprintRemediation": "Remediation: {kind} / {status}; verification report: {report}",
"driftFingerprintEmpty": "No Config Drift fingerprint state yet",
"remediationQueue": "Remediation work: {total}; AI-ready: {ready}; human: {human}",
"telegramCallbacks": "Telegram callback lookup and history summary are being repaired",
"telegramCallbacksLive": "Read-only callback toast 400 is nonfatal; detail / history replies now use DB 真相鏈",
"callbackOwnerReview": "Callback owner-review gaps: {open} open; callback evidence: {total}",
"callbackOwnerReviewLatest": "Latest: {incident} / {action}",
"callbackOwnerReviewQueue": "Completion queue: ready {ready}; blocked {blocked}; completed {completed}; failed {failed}",
"callbackOwnerReviewNext": "Next: {next}",
"callbackOwnerReviewFlow": "Flow: {stage}; match: {strategy}",
"callbackOwnerReviewAgents": "Lead: {lead}; support: {support}",
"callbackOwnerReviewAutomation": "Automation: {state}; safe auto-repair={safe}",
"callbackOwnerReviewBlocker": "Blocker: {reason}",
"callbackOwnerReviewEmpty": "Recent callback evidence is matched or no data is available yet",
"callbackTraceRecoveryBacklog": "Callback trace backlog: missing trace {missing}; 1h {recent1h}; 24h {recent24h}; traced after gap {recovered}; recovery {status}",
"callbackTraceRecoveryAction": "Next handling: {action}; human required={human}",
"callbackTraceRecoveryOwner": "Owner: AwoooP Callback Evidence; support: TelegramGateway / Run Timeline",
"callbackTraceRecoveryEvidenceSurface": "Evidence entry: Runs / TG Callback Evidence",
"callbackTraceRecoveryClosure": "Close when 1h=0 and 24h=0; current 1h {recent1h} / 24h {recent24h}",
"callbackTraceRecoveryDecision": "Decision: {gap}; next: {next}",
"callbackTraceRecoveryLatest": "Last gap: {missing}; recovery first: {first}; recovery latest: {latest}",
"callbackTraceRecoveryUnavailable": "Callback trace recovery summary has not returned yet",
"ciSecretHygiene": "Repo-controlled step env / action input exposure is guarded; key rotation and log retention remain",
"governance": "Unresolved governance alerts: {unresolved}; 待派送: {queued}",
"governanceUnavailable": "Governance events API is not responding; 待派送: {queued}",
"governanceQueueMissing": "Governance dispatch table is not ready; unresolved governance alerts: {unresolved}",
"knowledgeHealthcheck": "KM healthcheck dispatches: {total}; current stage: {stage}",
"knowledgeOwner": "Lead: {lead}; human review: {human}",
"knowledgeNext": "Next action: {action}",
"knowledgeDrafts": "KM review drafts: {drafts}; duplicate drafts: {duplicates}",
"knowledgeStaleCandidates": "Stale KM priority queue: {total}; top {top} / {tier}",
"knowledgeCompletionQueue": "Completion queue: ready {ready}; blocked {blocked}; completed {completed}; failed {failed}",
"knowledgeCompletionLatest": "Latest completion: {entry} / {readiness}; next {next}",
"knowledgeEmpty": "No recent knowledge_degradation dispatch trail",
"frontendConsole": "This page now reads production APIs instead of a static list",
"mcpReady": "MCP 閘道 gate is not currently a top gap",
"mcpMissing": "Quality summary still reports an MCP 閘道 observation gap",
"remediationHistory": "試跑 history: {count}x; latest {preview}",
"remediationHistoryEmpty": "No remediation dry-run history yet",
"remediationRoute": "MCP: {route}",
"remediationWrites": "Writes: incident={incident}; autoRepair={autoRepair}",
"timelineReady": "時間線 gate is not currently a top gap",
"timelineMissing": "Quality summary still reports a 時間線 / audit gap",
"iwooosSecurityMirror": "整體 {headline};框架 {framework};落地 {runtime};主動執行閘門={gates}",
"iwooosSecurityMirrorOwner": "AwoooP 正式只讀 landing 已驗證;負責人回覆仍等待",
"iwooosSecurityMirrorBoundary": "execution_router_linked=false; runtime_execution_authorized=false; action_buttons_allowed=false",
"githubPrimaryReadiness": "候選專案庫={candidates};範圍內={inScope};主要來源就緒={ready}",
"githubPrimaryOwnerResponses": "負責人回覆 remains 0/22; request-ready is not accepted",
"githubPrimaryWorkflowNames": "工作流程 / 機密-name inventory complete=0/7; collect names only, never 機密明文值s",
"githubPrimaryBoundary": "repo_creation=false; refs_mutation=false; github_primary_switch=false; disable_gitea=false",
"ownerResponseValidation": "Packets={packets}; templates={templates}; received={received}; accepted={accepted}; rejected={rejected}",
"ownerResponseValidationChecks": "Cross-packet checks={crossPacket}; evidence routing={routing}; display sections={sections}",
"ownerResponseValidationBoundary": "No approval record, no primary switch, and no 執行期閘門"
},
"humanRequired": {
"yes": "yes",
"no": "no"
},
"callbackTraceRecoveryActions": {
"unavailable": "summary did not return; check the callback-replies API first",
"closed": "close criteria are met; retain the historical evidence",
"investigateActiveGap": "new gaps still exist; check new Telegram reply_markup trace writes",
"verifyInstrumentation": "no recovery signal; check TelegramGateway / Timeline instrumentation",
"waitDecay": "wait for the legacy backlog to decay over 24h; no human action needed",
"observeRecovery": "observe the recovery signal before opening a human task"
},
"claim": {
"ready": "Full auto-repair claim: ready",
"notReady": "Full auto-repair claim: not ready",
"loading": "Full auto-repair claim: loading",
"unavailable": "Full auto-repair claim: data unavailable",
"reasonSomeUnverified": "Production 真相鏈 still has events below auto_repaired_verified; execution, verification, and KM / learning writeback remain.",
"reasonUnknown": "production_claim did not return a readable reason.",
"loadingDetail": "Reading the production quality summary before making a claim.",
"unavailableDetail": "The quality summary API did not respond in time; the UI will not pretend 0/0 is complete.",
"verified": "Verified {count}",
"evaluated": "Evaluated {count}",
"gateFailures": "Gaps {count}",
"verifiedUnknown": "Verified --",
"evaluatedUnknown": "Evaluated --",
"gateFailuresUnknown": "Gaps --"
},
"knowledgeGovernance": {
"title": "KM Healthcheck Dispatch",
"subtitle": "Tracks knowledge_degradation from detection, Hermes lookup, draft updates, owner review, and stale-ratio recheck",
"total": "Total {count}",
"active": "Active {count}",
"review": "Review {count}",
"drafts": "Drafts {count}",
"duplicates": "Duplicates {count}",
"unavailable": "The governance queue API has not responded, so KM healthcheck dispatch state cannot be claimed.",
"tablePending": "governance_remediation_dispatch is not ready, so no KM healthcheck dispatch rows are trackable yet.",
"empty": "No knowledge_degradation dispatch record is currently present; the next Telegram alert should produce a dispatch trail.",
"stage": "Stage: {stage}",
"next": "Next: {action}",
"lead": "Lead: {agent}",
"human": "Human review: {owner}",
"support": "Support: {agents}",
"worker": "Worker status: {status}",
"draft": "KM draft: {id}",
"duplicateWarning": "{count} duplicate drafts exist for the same event; the new worker dedupes by governance_event, and old rows need owner merge or archive.",
"draftsUnavailable": "The knowledge API has not responded, so KM drafts and duplicate counts cannot be confirmed yet.",
"draftsEmpty": "No Hermes KM healthcheck review draft is currently present.",
"draftSectionTitle": "KM draft dedupe view",
"draftGroup": "Drafts for this event: {count}; duplicates: {duplicates}",
"archiveProposal": "Archive candidates: {count} duplicate drafts",
"ownerAction": "Owner action: {action}",
"readOnlyPlan": "Writes on read: {writes}; archive blocked before review: {blocked}",
"staleCandidates": {
"title": "Stale KM Priority Queue",
"total": "Stale {count}",
"returned": "Shown {count}",
"threshold": "Threshold {days}d",
"unavailable": "The stale candidates API has not responded; only the aggregate count is visible.",
"empty": "No KM entries are currently past the stale threshold.",
"meta": "Stale {days}d; score {score}; views {views}",
"action": "Recommended: {action}",
"sources": "Sources: {sources}",
"refs": "Incident: {incident}; PlayBook: {playbook}; Approval: {approval}",
"noSources": "No Incident / Sentry / SigNoz / PlayBook link yet",
"openKnowledge": "Open KM",
"queueReview": "Queue review",
"queueingReview": "Queueing",
"queueFailed": "Could not queue owner review; refresh and confirm this KM is still stale.",
"queueResult": "Review status: {status}; Dispatch: {dispatch}; Event: {event}",
"ownerReviewState": "Owner review: {status}; stage: {stage}; Dispatch: {dispatch}",
"guardrail": "Guardrail: writes on read={writes}; manual review={review}",
"queueStatuses": {
"dry_run": "試跑",
"queued": "Queued for owner review",
"already_queued": "Already in owner review"
},
"ownerReviewInbox": {
"title": "Owner Review Inbox",
"subtitle": "Shows P0/P1 KM already waiting for owner review, with per-item dry-run and completion.",
"total": "Pending {count}",
"returned": "Shown {count}",
"unavailable": "The owner-review inbox API has not responded; use the candidate list for single-item actions.",
"empty": "No pending owner-review KM.",
"meta": "Stale {days}d; score {score}; views {views}",
"state": "Status: {status}; stage: {stage}",
"batch": "Batch: {batch}"
},
"burnDown": {
"title": "Stale ratio burn-down",
"subtitle": "Aligns owner review, completion audit, and recheck snapshots so the stale ratio movement is visible.",
"statuses": "Status: {status}",
"status": {
"above_threshold": "Above threshold",
"at_or_below_threshold": "At threshold",
"no_data": "No data"
},
"remaining": "{count} entries to threshold",
"unavailable": "The burn-down API has not responded; only per-item completion results are visible.",
"empty": "No owner-approved completion audit yet.",
"currentRatio": "Current stale ratio",
"currentCount": "Stale / total",
"ownerReviews": "Owner review",
"ownerReviewCounts": "pending {pending} / completed {completed}",
"latestDelta": "Latest delta",
"delta": "stale {stale} / ratio {ratio}",
"auditTotal": "Completion audit {count}",
"recheckTotal": "Recheck {count}",
"guardrail": "writes on read={writes}; manual review={review}",
"itemState": "stage: {stage}; outcome: {outcome}",
"itemRefs": "Source: {source}; Recheck: {recheck}"
},
"completionQueue": {
"title": "Completion queue",
"subtitle": "Splits owner review into ready, blocked, completed, and failed work so the next step is visible.",
"ready": "Ready {count}",
"blocked": "Blocked {count}",
"completed": "Completed {count}",
"failed": "Failed {count}",
"pending": "Pending dispatch {count}",
"guardrail": "writes on read={writes}; manual review={review}; batch writes={batch}",
"unavailable": "The completion queue API has not responded; use the owner-review inbox for single-item confirmation.",
"empty": "No owner-review completion work items.",
"state": "Split: {readiness}; stage: {stage}",
"next": "Next: {action}; outcome: {outcome}",
"required": "Required fields: {fields}",
"blockers": "Blockers: {blockers}",
"filters": {
"ready": "Ready",
"blocked": "Blocked",
"completed": "Completed",
"failed": "Failed",
"pending": "Pending",
"all": "All",
"priorityAll": "All priorities"
},
"batchPreview": {
"preview": "Batch preview",
"previewing": "Previewing",
"previewFailed": "Completion batch preview failed",
"summary": "Candidates {candidates}; single-item dry-run ready {previewable}; blocked {blocked}; writes KM={writesKm}; writes audit={writesAudit}; batch writes={batchWrites}",
"planFingerprint": "Preview fingerprint: {fingerprint}",
"next": "Next: {action}"
},
"readiness": {
"ready": "Ready to dry-run",
"blocked": "Needs manual unblock",
"completed": "Completed",
"failed": "Failed"
}
},
"batchActions": {
"title": "Batch P0 / P1 stale KM",
"subtitle": "試跑 the latest P0 / P1 candidates first, then create owner-review dispatches in batch; KM is not written directly.",
"preview": "試跑 batch",
"previewing": "試跑ning",
"confirm": "Queue batch",
"confirming": "Queueing",
"previewFailed": "Batch dry-run failed; refresh and verify that the stale candidates API is available.",
"confirmFailed": "Batch queue failed; the backend may have detected changed candidates or dispatch state.",
"missingPreviewFingerprint": "Missing batch dry-run plan fingerprint; run the dry-run again first.",
"summary": "Candidates {candidates}; will queue {queued}; already in review {already}; skipped {skipped}; writes KM: {writesKm}; writes audit: {writesAudit}",
"planFingerprint": "Batch plan fingerprint: {fingerprint}",
"result": "Batch dispatch: {batch}; Event: {event}; queued {queued}; already in review {already}; skipped {skipped}",
"statuses": {
"dry_run": "Batch dry-run complete",
"queued": "Batch queued for owner review",
"noop_already_queued": "All candidates already queued or handled",
"unknown": "Batch status pending"
},
"itemStatuses": {
"would_queue": "Will queue",
"queued": "Queued",
"already_queued": "Already in review",
"skipped": "Skipped",
"unknown": "Pending"
}
},
"completeActions": {
"preview": "試跑 complete",
"previewing": "Previewing",
"confirm": "Confirm complete",
"confirming": "Writing",
"previewFailed": "試跑 preview failed; refresh and verify that the owner-review dispatch is still active.",
"confirmFailed": "Completion failed; the backend may have detected changed KM or dispatch state.",
"missingDispatch": "Missing owner-review dispatch; queue review first.",
"missingPreviewFingerprint": "Missing dry-run plan fingerprint; run the preview again first.",
"previewResult": "Dry run: {outcome}; writes KM: {writesKm}; writes audit: {writesAudit}",
"planFingerprint": "Plan fingerprint: {fingerprint}",
"result": "Completed; audit dispatch: {audit}; recheck dispatch: {recheck}",
"snapshot": "Current stale {stale} / total {total}; ratio {ratio}; threshold {threshold}",
"statuses": {
"dry_run": "Dry run complete",
"completed": "Review completed",
"already_completed": "Already completed",
"unknown": "Status pending"
},
"outcomes": {
"refresh_with_evidence": "Refresh KM with evidence",
"archive": "Archive stale KM",
"supersede": "Supersede with new KM"
}
},
"actions": {
"refresh_with_evidence": "Refresh with Incident / Sentry / SigNoz / PlayBook evidence",
"owner_review": "Route to owner review",
"archive_or_supersede": "Archive or supersede"
},
"correlationSources": {
"incident": "Incident",
"approval": "Approval",
"playbook": "PlayBook",
"sentry": "Sentry",
"signoz": "SigNoz",
"unknown": "Unknown source"
},
"reasons": {
"linked_incident": "連結ed Incident",
"linked_approval": "連結ed Approval",
"linked_playbook": "連結ed PlayBook",
"sentry_context": "Sentry context",
"signoz_context": "SigNoz context",
"anti_pattern_priority": "Anti-Pattern priority",
"auto_runbook_review_needed": "Auto-runbook review",
"ai_extracted_needs_owner_check": "AI extraction needs review",
"already_waiting_review": "Already waiting review",
"viewed_by_operator": "Viewed by operator",
"older_than_30_days": "Older than 30 days",
"stale_by_age": "Past stale threshold",
"unknown": "Unknown reason"
}
},
"openEventHistory": "Open Event History",
"ownerActions": {
"owner_review_canonical_then_archive_duplicates": "Review the canonical draft, then archive duplicates",
"review_canonical_and_archive_duplicate_drafts": "Review canonical and archive duplicate drafts",
"unknown": "Owner action pending"
},
"archiveHistory": {
"title": "Archive / recheck history",
"empty": "No owner archive or stale-ratio recheck dispatch yet; it will appear here after confirmation.",
"executors": {
"hermes_km_review_dedupe_owner_archive": "Hermes: owner-confirmed archive",
"hermes_km_stale_ratio_recheck": "Hermes: stale-ratio recheck",
"unknown": "Unknown executor"
},
"item": "{executor}: {status}; stage {stage}; archived {archived}",
"fingerprint": "Plan fingerprint: {fingerprint}",
"snapshot": "Recheck snapshot: stale {stale} / total {total}; ratio {ratio}; threshold {threshold}"
},
"archiveActions": {
"archive": "Archive duplicate drafts",
"preview": "試跑 preview",
"previewing": "Previewing",
"confirm": "Confirm archive",
"confirming": "Archiving",
"archiving": "Archiving",
"failed": "Archive action failed; refresh and verify the latest dedupe plan.",
"previewFailed": "試跑 preview failed; refresh and verify the latest dedupe plan.",
"confirmFailed": "Archive confirmation failed; the backend may have detected a changed dedupe plan.",
"missingPreviewFingerprint": "Missing dry-run plan fingerprint; run the preview again first.",
"requiresOwner": "Run the dry-run preview first, then owner-confirm the archive; the backend rechecks the latest plan.",
"previewResult": "Dry run would archive {count}; writes KM: {writesKm}; writes audit: {writesAudit}",
"previewNext": "Next: only after owner confirmation will duplicate KM be soft-archived and audit / stale-ratio recheck rows be written.",
"planFingerprint": "Plan fingerprint: {fingerprint}",
"result": "Archived {archived}; audit dispatch: {audit}",
"recheck": "Stale-ratio recheck: {status}; dispatch: {dispatch}",
"snapshot": "Current stale {stale} / total {total}; ratio {ratio}; threshold {threshold}",
"statuses": {
"dry_run": "Dry run complete",
"archived": "Archived",
"noop_already_archived": "Already archived",
"unknown": "Status pending"
},
"recheckStatuses": {
"dry_run": "Dry run only",
"completed": "Completed",
"already_active": "Already active",
"not_requested": "Not requested",
"unknown": "Status pending"
}
},
"statuses": {
"pending": "Pending",
"dispatched": "Dispatched",
"executing": "Executing",
"succeeded": "Completed",
"failed": "Failed",
"skipped": "Skipped",
"cancelled": "Cancelled",
"unknown": "Unknown"
},
"stages": {
"detected": "Detected",
"ai_analyzed": "AI analyzed",
"queued_kb_healthcheck": "Queued for KM healthcheck",
"draft_km_updates": "Drafting KM updates",
"batch_owner_review_previewed": "Batch owner review previewed",
"batch_owner_review_queued": "Batch queued for owner review",
"batch_noop_already_queued": "Batch does not need requeue",
"waiting_owner_review": "Waiting owner review",
"owner_updates_or_archives_km": "Owner updates or archives KM",
"km_writeback_after_approval": "KM writeback after approval",
"km_archive_after_approval": "KM archive after approval",
"km_supersede_after_approval": "KM supersede after approval",
"stale_ratio_recheck": "Stale-ratio recheck",
"owner_approved_duplicate_archive": "Owner approved duplicate archive",
"km_duplicate_archive_after_owner_approval": "Duplicate archive after owner review",
"km_governance_rechecked": "KM governance rechecked",
"km_governance_close_or_continue": "Close or continue governance",
"needs_manual_km_triage": "Manual KM triage needed",
"cancelled": "Cancelled",
"queued_for_review": "Queued for governance review",
"dispatched": "Dispatched",
"executing": "Executing",
"completed": "Completed",
"failed": "Failed",
"skipped": "Skipped",
"unknown": "Unknown stage"
}
},
"driftFingerprint": {
"title": "Config Drift Fingerprint State",
"subtitle": "Collapses hourly drift reports into one state chain with PR, zero diff, P0 dedupe, and human handoff evidence",
"unavailable": "The drift fingerprint state API has not responded, so recurrence, PR, and handoff state cannot be claimed.",
"occurrences": "12h {count}x",
"risk": "HIGH {high} / MEDIUM {medium} / INFO {info}",
"report": "Report: {report}; Namespace: {namespace}",
"summary": "Summary: {summary}",
"next": "Next: {step}",
"p0Dedup": "P0 dedupe: {enabled}; window {hours}h",
"writes": "Writes: drift={drift}; incident={incident}; repair={repair}; ticket={ticket}",
"fsmStates": {
"pending_human": "Waiting for human",
"pending_human_repeated": "Repeated human wait",
"pr_open_zero_diff": "PR open but zero diff",
"pr_open_waiting_review": "PR waiting review",
"pr_merged_unverified": "PR merged, unverified",
"handoff_recorded": "Handoff recorded",
"no_drift_verified": "No drift, verified",
"remediated_verified": "Remediated, verified",
"remediation_executed_unverified": "Remediated, unverified",
"remediation_verification_failed": "Remediation verification failed",
"adopted_unverified": "Adopted, unverified",
"rolled_back": "Rolled back",
"acknowledged": "Acknowledged",
"ignored": "Ignored",
"unknown": "Unknown"
},
"nextSteps": {
"close_zero_diff_pr_and_prepare_real_yaml_patch": "Close zero-diff PR and prepare a real YAML patch",
"review_pr_then_merge_or_reject": "Review PR, then merge or reject",
"verify_git_baseline_then_mark_adopted": "Verify Git baseline, then mark adopted",
"operator_review_handoff_and_execute_manual_plan": "Operator reviews handoff and executes manual plan",
"run_verification_scan_then_record_result": "Run verification scan, then record the result",
"open_manual_investigation_with_failed_verification": "Open manual investigation with the failed verification",
"verify_k8s_matches_git_baseline": "Verify K8s matches Git baseline",
"confirm_no_repeat_after_rollback": "Confirm no repeat after rollback",
"monitor_for_recurrence": "Monitor for recurrence",
"retry_pr_lookup_then_review_drift": "Retry PR lookup, then review drift",
"manual_investigation_or_ansible_check_mode": "Manual investigation or Ansible check-mode",
"unknown": "Unknown"
},
"pr": {
"title": "PR / Baseline",
"number": "PR: {number}",
"zeroDiff": "zeroDiff={zeroDiff}; files={files}; commits={commits}",
"status": "Status: {status}"
},
"handoff": {
"latest": "Latest handoff: {status}"
},
"remediation": {
"title": "Remediation / Verification",
"latest": "Latest remediation: {kind} / {status}",
"verification": "Verification report: {report}; {summary}",
"note": "Note: {note}"
},
"remediationKinds": {
"live_env_rollback": "Live env rollback",
"git_adopted": "Git adopted",
"git_rollback": "Git rollback",
"zero_diff_pr_cleanup": "Zero-diff PR cleanup",
"manual_noop": "Manual no-op",
"unknown": "Unknown"
},
"remediationStatuses": {
"executed_unverified": "Executed, unverified",
"verified_no_drift": "Verified no drift",
"verification_failed": "Verification failed",
"record_failed": "Record failed",
"lookup_failed": "Lookup failed",
"unknown": "No record yet"
},
"actions": {
"record": "Record handoff",
"recording": "Recording",
"openDrift": "Open Drift",
"failed": "The handoff API did not respond, so human handoff cannot be claimed.",
"recorded": "Handoff stored: {recorded}",
"handoffStatus": "Handoff status: {status}"
}
},
"recurrence": {
"title": "Recurring Alert Work Items",
"subtitle": "Turns run_completed_no_repair, failed repair, and manual gates into trackable work items",
"open": "Open {count}",
"automationGap": "No repair {count}",
"failed": "Failed {count}",
"sourceReview": "Source review {count}",
"sourceApplied": "Applied {count}",
"unavailable": "The recurrence API has not responded, so work item state cannot be claimed.",
"empty": "No open recurring-alert work items in the recent window.",
"occurrences": "{count}x",
"incident": "Incident: {incident}",
"matchedIncident": "Matched target: {incident}",
"stage": "Stage: {stage}",
"sourceEvent": "Source event: {event}",
"sourceRefs": "Source refs: {refs} (Sentry {sentry} / SignOz {signoz})",
"sourceFlow": {
"label": "Source flow: {status}",
"detail": "refs={refs}; Sentry={sentry}; SignOz={signoz}; event={event}",
"statuses": {
"applied": "Applied",
"reviewed": "Review recorded",
"review": "Awaiting match review",
"evidence": "Source evidence found",
"provider": "Provider received",
"waiting": "Waiting for source"
}
},
"workItem": "Work item: {id}",
"repair": "Repair status: {status}",
"reason": "Reason: {reason}",
"nextStep": "Next: {step}",
"sourceReviewDecision": "Source review: {decision} / {status}",
"sourceApplyStatus": "Source apply: {status} / {event}",
"openRun": "Open Run",
"openRuns": "Back to Runs",
"actions": {
"preview": "Preview",
"previewing": "Previewing",
"dryRun": "試跑",
"dryRunning": "試跑ning",
"handoff": "Handoff",
"handoffing": "Handing off",
"sourceAccept": "Record match",
"sourceAccepting": "Recording",
"sourceReject": "Reject source",
"sourceRejecting": "Rejecting",
"sourceApply": "Apply match",
"sourceApplying": "Applying",
"failed": "The safe preview / dry-run / handoff API did not respond, so the next step cannot be claimed.",
"allowed": "Safety gate passed",
"blocked": "Safety gate blocked",
"mode": "Mode: {mode}",
"previewResult": "Result: {result}",
"writes": "Writes: incident={incident}; autoRepair={autoRepair}; ticket={ticket}",
"sourceWrites": "Source event writeback: {source}",
"history": "試跑 stored: {recorded}",
"sourceReviewResult": "Source review: {decision} / {status} / Incident {incident}",
"sourceApplyResult": "Source match apply: {status} / {event}",
"handoffStatus": "Handoff: {kind} / {status}",
"externalTicket": "External ticket created: {created}",
"ticket": "Ticket preview: {title}",
"modes": {
"auto": "Auto select",
"ticket": "Ticket preview",
"reverify": "Reverify",
"approval_review": "Approval review",
"observe": "Observe",
"unknown": "Unknown"
},
"handoffKinds": {
"ticket_proposal": "Ticket proposal",
"manual_review": "Manual review",
"unknown": "Unknown"
},
"handoffStatuses": {
"ready_to_record": "Ready to record",
"recorded": "Recorded",
"record_failed": "Record failed",
"blocked": "Blocked",
"unknown": "Unknown"
},
"previews": {
"ticket_preview_ready": "Ticket preview ready",
"reverify_preview_ready": "Reverify preview ready",
"approval_review_required": "Approval review required",
"observe_only": "Observe only",
"blocked": "Blocked",
"unknown": "Unknown"
},
"sourceDecisions": {
"accepted": "Match accepted",
"rejected": "Rejected",
"needs_more_evidence": "Needs more evidence",
"unknown": "Unknown"
},
"sourceRecordStatuses": {
"recorded": "Recorded",
"record_failed": "Record failed",
"blocked": "Blocked",
"accepted": "Match accepted",
"rejected": "Rejected",
"needs_more_evidence": "Needs more evidence",
"unknown": "Unknown"
},
"sourceApplyStatuses": {
"ready_to_apply": "Ready to apply",
"applied": "Applied",
"partial": "Partially recorded",
"record_failed": "Record failed",
"blocked": "Blocked",
"unknown": "Unknown"
}
},
"statuses": {
"auto_repair_verified": "Verified repair",
"auto_repair_succeeded_unverified": "Repair needs verification",
"auto_repair_failed": "Repair failed",
"auto_repair_recorded": "Repair recorded",
"manual_gate": "Manual gate needed",
"investigating": "Investigating",
"run_completed_no_repair": "Run completed without repair",
"source_correlation_review": "Source evidence needs matching",
"source_correlation_accepted": "Source match recorded",
"source_correlation_rejected": "Source match rejected",
"source_correlation_applied": "Source match applied",
"no_repair_record": "No repair record",
"unknown": "Unknown"
},
"reasons": {
"auto_repair_missing_verification": "Auto-repair lacks verification",
"auto_repair_failed": "Auto-repair failed",
"auto_repair_record_needs_review": "Repair record needs review",
"approval_required": "Approval required",
"run_still_investigating": "Run is still investigating",
"completed_run_without_auto_repair": "Run completed without an auto-repair record",
"provider_native_evidence_unlinked": "Provider-native source evidence is stored but not matched to an Incident",
"provider_native_evidence_accepted": "Provider source was matched by an operator",
"provider_native_evidence_rejected": "Provider source was rejected and not adopted as Incident evidence",
"provider_native_evidence_needs_more_evidence": "Provider source needs more evidence before matching",
"provider_native_evidence_link_applied": "Provider source link event was appended",
"incident_without_repair_record": "Incident has no repair record",
"none": "None",
"unknown": "Unknown"
},
"nextSteps": {
"run_post_verification": "Run post-execution verification",
"triage_failed_repair": "Triage failed repair",
"review_repair_record": "Review repair record",
"review_approval": "Review approval",
"wait_for_run_completion": "Wait for Run completion",
"create_repair_ticket": "Create repair ticket",
"review_provider_source_match": "Review source-to-Incident match",
"verify_source_match_in_status_chain": "Verify source match in the status chain",
"verify_source_link_in_status_chain": "Verify source link event in the status chain",
"monitor_for_new_provider_evidence": "Wait for new provider evidence",
"collect_more_source_evidence": "Collect more source evidence",
"triage_missing_repair_record": "Fill missing repair record",
"none": "None"
}
}
},
"listEvidence": {
"column": "AI Evidence",
"callbackColumn": "TG Callback",
"sourceFlow": {
"column": "Source Flow",
"notLinked": "incident not linked",
"detail": "providers={providers}; d/c/a={direct}/{candidate}/{applied}",
"statuses": {
"verified": "Verified",
"applied": "Applied",
"evidence": "Evidence found",
"provider": "Provider received",
"waiting": "Waiting",
"loading": "Loading"
}
},
"count": "{count} dry-runs",
"mcpCount": "{count} MCP investigations",
"route": "MCP: {route}",
"emptyShort": "No AI evidence linked",
"manualGate": "Next: human approval",
"filters": {
"label": "AI evidence filter",
"all": "All AI evidence",
"incidentLabel": "事件 ID filter",
"incidentPlaceholder": "Enter 事件 ID"
},
"incident": {
"column": "Incident",
"empty": "Not linked",
"filterTitle": "Show only {incidentId}",
"more": "+{count} more"
},
"statuses": {
"noEvidence": "No dry-run yet",
"mcpObserved": "MCP investigated",
"readOnlyDryRun": "AI dry-run: read-only",
"writeObserved": "Write flag observed",
"blocked": "試跑 blocked",
"observed": "Evidence linked"
},
"details": {
"noEvidence": "This row is not linked to ADR-100 remediation dry-run or MCP investigation evidence yet.",
"mcpObserved": "AI has gathered evidence through MCP / self-built MCP, but no remediation dry-run or execution has started.",
"readOnlyDryRun": "AI has run the remediation dry-run and the latest record did not write incident or auto-repair state.",
"writeObserved": "The latest remediation record contains write flags; verify the state-change source before approval.",
"blocked": "The remediation dry-run failed or was blocked by a gate; human review is required.",
"observed": "This row is linked to remediation history; open 執行時間線 for the full evidence."
},
"summary": {
"mcpObserved": "MCP investigated",
"mcpObservedDetail": "List rows are linked to MCP / self-built MCP investigation evidence",
"readOnly": "Read-only dry-run",
"readOnlyDetail": "Latest evidence shows AI trialed the action without writing state",
"manualGate": "Human gate",
"manualGateDetail": "AI is stopped at the approval gate and needs approve / reject",
"writeObserved": "Write flags",
"writeObservedDetail": "Verify whether this is the expected auto-repair result",
"callbackObserved": "TG Callback",
"callbackObservedDetail": "Detail / history replies are tracked; failed {failed}",
"noEvidence": "Missing AI evidence",
"noEvidenceDetail": "The list row is not linked to ADR-100 dry-run or MCP evidence yet",
"approvalReadOnlyDetail": "Read-only remediation evidence is visible before approval",
"approvalNoEvidenceDetail": "Approval still lacks AI evidence; inspect 執行時間線"
}
},
"sourceDossierCoverage": {
"title": "Source Dossier Coverage",
"subtitle": "Inbound alert dossiers, dedupe, and Sentry / SignOz references",
"total": "{count} items",
"empty": "No recent source event dossiers.",
"error": "Source dossier coverage failed to load: {error}",
"metrics": {
"sources": "Source events",
"refs": "Reference index",
"missingRefs": "Missing refs",
"duplicates": "Duplicate events",
"sentry": "Sentry refs",
"signoz": "SignOz refs"
},
"details": {
"latest": "Latest {time}",
"withRefs": "{count} items with source refs",
"missingEnvelope": "{count} items missing source envelope",
"redacted": "{count} items redacted",
"alertRefs": "{count} alert refs",
"limit": "Latest {count} item window"
},
"provider": {
"latest": "Latest {time}",
"refs": "Refs {count}",
"missing": "Missing {count}",
"redacted": "Redacted {count}",
"duplicates": "Duplicates {count}"
}
},
"eventRecurrence": {
"title": "Recurring Alert 連結s",
"subtitle": "Grouped by fingerprint / target resource with the latest Run stage",
"total": "{count} groups",
"empty": "No recent recurring alert links.",
"error": "Recurring alert links failed to load: {error}",
"metrics": {
"groups": "連結 groups",
"recurrent": "Recurring groups",
"duplicates": "Duplicate events",
"linkedRuns": "連結ed Runs",
"autoRepair": "Auto repair",
"sourceReview": "Source review",
"openWorkItems": "Open work items"
},
"details": {
"sourceEvents": "{count} source events",
"latest": "Latest {time}",
"unlinked": "{count} items not linked to a Run",
"limit": "Latest {count} item window",
"verifiedRepair": "{count} verified repair groups",
"sourceReview": "{count} Sentry / SignOz source groups need matching review",
"manualGates": "{count} manual gates"
},
"states": {
"pending": "Pending",
"running": "Running",
"waiting_tool": "Waiting for tool",
"waiting_approval": "Waiting approval",
"completed": "Completed",
"failed": "Failed",
"cancelled": "Cancelled",
"timeout": "Timed out",
"unlinked": "Not linked"
},
"repairStatuses": {
"no_incident_link": "No Incident link",
"auto_repair_verified": "Verified repair",
"auto_repair_succeeded_unverified": "Repair needs verification",
"auto_repair_failed": "Repair failed",
"auto_repair_recorded": "Repair recorded",
"manual_gate": "Manual gate needed",
"investigating": "Investigating",
"run_completed_no_repair": "Run completed without repair",
"source_correlation_review": "Source evidence needs matching",
"no_repair_record": "No repair record"
},
"item": {
"latest": "Latest {time}",
"duplicates": "Duplicates {count}",
"refs": "Refs {count}",
"linkedRuns": "Runs {count}",
"stage": "Stage {stage}",
"incident": "Incident {incidentId}",
"repair": "Repair {status}",
"openRun": "Open Run",
"noRun": "No Run yet",
"openWorkItem": "Open work item",
"noWorkItem": "No open work item"
}
},
"callbackReply": {
"count": "{total} items; fallback {fallback}; failed {failed}",
"emptyShort": "No detail / history callback yet",
"latest": "{action} · {incidentId}",
"needsHuman": "Callback failure needs human review",
"captureLine": "Snapshot: {status}; captured {captured} / partial {partial} / not captured {notCaptured}",
"captureMissing": "Missing: {items}",
"captureStatuses": {
"captured": "Captured",
"partial": "Partially captured",
"not_captured": "Not captured",
"observed": "Recorded"
},
"captureItems": {
"awooopStatusChain": "AwoooP status chain",
"kmCompletionSummary": "KM owner-review snapshot"
},
"filters": {
"label": "TG Callback filter",
"all": "All TG callbacks"
},
"statuses": {
"noCallback": "No callback",
"sent": "Delivered",
"fallbackSent": "Fallback delivered",
"rescueSent": "Rescue delivered",
"failed": "Delivery failed",
"observed": "Recorded"
},
"details": {
"noCallback": "This run has no detail / history callback reply evidence yet.",
"sent": "The Telegram callback reply was delivered with the original format.",
"fallbackSent": "The Telegram HTML reply failed, then plain-text fallback was delivered.",
"rescueSent": "The Telegram fallback also failed, then rescue plain text was delivered.",
"failed": "The Telegram callback reply ultimately failed to deliver and needs human review.",
"observed": "The Telegram callback reply was recorded with a non-standard status."
},
"events": {
"title": "TG Callback Evidence",
"subtitle": "Detail / history reply evidence from the AwoooP outbound mirror",
"total": "{count} items",
"empty": "No callback reply evidence yet.",
"error": "Callback evidence failed to load: {error}",
"summary": {
"outbound": "Outbound mirror",
"outboundDetail": "source_refs {sourceRefs}; trace refs {traceRefs}; incident refs {incidentRefs}; coverage {coverage}",
"outboundReplyMarkupDetail": "reply_markup {replyMarkup}; missing trace refs {missingTraceRefs}; missing incident refs {missingIncidentRefs}",
"outboundReplyMarkupTraceFreshness": "Missing trace activity: 1h {recent1h} / 24h {recent24h} / latest {latest}",
"outboundReplyMarkupTraceDecision": "Trace gap decision: {status}; next: {action}",
"outboundReplyMarkupTraceRecovery": "Trace gap recovery: {status}; traced after gap {count}; first {first}; latest {latest}",
"outboundReplyMarkupIncidentFreshness": "Missing incident activity: 1h {recent1h} / 24h {recent24h} / latest {latest}",
"outboundReplyMarkupTopPrefixes": "Missing incident top prefixes: {prefixes}",
"outboundReplyMarkupTraceTopPrefixes": "Missing trace top prefixes: {prefixes}",
"outboundReplyMarkupTopPrefixItem": "{prefix} {total} (24h {recent}, last {last})",
"callbacks": "Callback replies",
"callbackDetail": "detail {detail} / history {history}; incidents {incidents}",
"snapshots": "Evidence snapshots",
"snapshotDetail": "captured {captured} / partial {partial} / missing {missing}; coverage {coverage}",
"delivery": "Delivery failures",
"deliveryDetail": "sent {sent}; fallback {fallback}; outbound failed {outboundFailed}",
"next": "Next",
"latest": "Latest callback: {time}",
"statuses": {
"captured": "Captured",
"partial": "Partially captured",
"not_captured": "Not captured",
"no_callback": "No callback yet",
"observed": "Recorded"
},
"traceGapStatuses": {
"clean": "Clean",
"active_gap": "Active gap",
"recent_backlog": "Recent backlog",
"legacy_backlog": "Legacy backlog",
"observed": "Recorded"
},
"traceGapNextActions": {
"none": "No follow-up needed",
"inspect_recent_outbound_source_refs": "Inspect outbound source_refs from the last hour",
"watch_24h_decay": "Watch the 24h window decay to zero",
"backfill_or_archive_legacy_callbacks": "Backfill or archive legacy callback gaps",
"observed": "Wait for the next outbound evidence"
},
"traceGapRecoveryStatuses": {
"not_needed": "Not needed",
"recovered_after_gap": "Recovered",
"no_recovery_signal": "No recovery signal yet",
"observed": "Recorded"
},
"nextActions": {
"none": "No follow-up needed",
"press_telegram_detail_or_history": "Press Telegram Detail / History once to create callback evidence",
"press_telegram_detail_or_history_after_rollout": "Press Telegram Detail / History again to capture the new snapshot",
"review_legacy_callback_snapshot_gap": "New callbacks are captured; legacy missing snapshots do not need another press",
"review_outbound_source_refs": "Review outbound source_refs gaps",
"observed": "Wait for the next callback evidence"
}
},
"action": "Action: {action}",
"incident": "Incident: {incidentId}",
"sendStatus": "Send status: {status}",
"providerMessage": "Message: {messageId}",
"previewEmpty": "No preview",
"openRun": "Open Run",
"awooopSnapshotTitle": "Callback-time AwoooP Status Chain",
"awooopSnapshotMcp": "MCPtotal {total} / success {success} / failed {failed} / blocked {blocked}top {topTool}",
"awooopSnapshotExecution": "Execution: executor {executor}; playbook {playbook}; Ansible considered={ansible} / candidates={candidates}",
"awooopSnapshotSource": "Source: {status}; direct {direct} / candidate {candidate} / applied {applied}; {providers}",
"capture": {
"title": "Evidence Capture Status",
"captured": "Captured: {items}",
"missing": "Missing: {items}",
"nextAction": "Next action: {action}",
"reason": "reason={reason}; rollout={rollout}",
"none": "None",
"statuses": {
"captured": "Captured",
"partial": "Partially captured",
"not_captured": "Not captured",
"observed": "Recorded"
},
"items": {
"awooopStatusChain": "AwoooP status chain",
"kmCompletionSummary": "KM owner-review snapshot"
},
"nextActions": {
"none": "No follow-up needed",
"press_telegram_detail_or_history_after_rollout": "Press Telegram Detail / History again to create a new callback snapshot",
"observed": "Wait for the next callback evidence"
}
},
"kmCompletion": {
"title": "KM Owner Review",
"status": "Status: {status}",
"counts": "ready {ready} / blocked {blocked} / completed {completed} / failed {failed}",
"guardrail": "Guardrail: writes_on_read={writesOnRead}; batch_writes_allowed={batchWrite}; manual_review_required={manualReview}",
"related": "{entryId} · {readiness} · {nextAction}",
"noRelated": "This incident has no matching owner-review completion item yet.",
"fetchFailed": "KM owner-review summary failed to load: {reason}",
"openWorkItem": "Open work item",
"snapshotTitle": "Callback-time Evidence Snapshot",
"snapshotStatus": "Snapshot status: {status}; ready {ready} / blocked {blocked} / completed {completed} / failed {failed}",
"snapshotFlow": "Snapshot flow: {stage}; match: {strategy}",
"snapshotAutomation": "Snapshot automation: lead {lead}; state {state}; safe auto-repair={safe}; blocker {blocker}",
"triageFlow": "Flow: {stage}; match: {strategy}",
"triageAgents": "Lead: {lead}; support: {support}",
"triageAutomation": "Automation: {state}; safe auto-repair={safe}",
"triageBlocker": "Blocker: {reason}",
"statuses": {
"matched_owner_review": "Matched owner review",
"no_related_owner_review": "No matched owner review",
"fetch_failed": "Fetch failed",
"no_incident": "Missing incident",
"observed": "Recorded"
}
}
}
},
"aiRouteStatus": {
"title": "AI Provider Routing",
"subtitle": "Current policy and health checks across GCP-A, GCP-B, 111, and Gemini handoff order",
"selected": "Active: {provider}",
"selectedEmpty": "Active: --",
"empty": "AI provider route status is not available yet.",
"error": "AI provider route failed to load: {error}",
"badges": {
"active": "Active",
"skipped": "Skipped",
"standby": "Standby"
},
"fields": {
"workload": "Workload",
"laneMode": "Lane state",
"primary": "Current handoff",
"reason": "Route Reason",
"checkedAt": "Checked at {time}",
"model": "Model: {model}",
"modelEmpty": "Model: --",
"routeError": "Route check failed: {error}",
"health": "Health: {status}",
"latency": "Latency: {latency}",
"noUrl": "No HTTP URL"
},
"health": {
"healthy": "Healthy",
"slow": "Slow",
"degraded": "Degraded",
"offline": "Offline",
"not_checked": "Standby not checked",
"unknown": "Unknown"
},
"roles": {
"primary": "First priority",
"secondary": "Second priority",
"local_fallback": "111 local fallback",
"final_fallback": "Gemini final fallback",
"ollama": "Ollama node"
},
"laneModes": {
"primary": "Primary normal",
"degraded_failover": "Degraded handoff",
"cloud_fallback": "Cloud final fallback",
"unavailable": "Route unavailable",
"unknown": "Unknown state"
},
"operatorActions": {
"monitor": "Monitor only",
"repair_skipped_primary_lane": "Repair the skipped primary lane",
"restore_ollama_lanes": "Restore Ollama lanes before relying on cloud only",
"inspect_ai_router": "Inspect AI Router / provider status",
"unknown": "Confirm next action"
},
"degradedSummary": "Current handoff is {active}; skipped {skipped}; next action: {action}",
"repairEvidence": {
"title": "Latest repair diagnosis evidence",
"meta": "Event info",
"target": "Target: {target}",
"run": "Run: {run}",
"receivedAt": "Stored: {time}",
"sourceRefs": "{count} source refs",
"blockerTitle": "Current blockers",
"sideEffectTitle": "Side-effect check",
"sideEffectSeparator": ": ",
"emptyValue": "--",
"values": {
"yes": "yes",
"no": "no",
"unknown": "not reported"
},
"sideEffects": {
"incident_created": "Incident created",
"telegram_sent": "Telegram sent",
"approval_created": "Approval created",
"runtime_route_changed": "Runtime route changed"
},
"blockers": {
"gcloud_compute_instances_get_missing": "Missing GCP instance get permission",
"gcloud_compute_instances_list_missing": "Missing GCP instance list permission",
"gcloud_projects_get_iam_policy_missing": "Missing GCP IAM read permission",
"gcp_a_ssh_refused": "GCP-A SSH refused",
"gcp_a_ollama_11434_refused": "GCP-A Ollama 11434 refused",
"proxy_110_11435_http_502": "110 proxy 11435 returned 502",
"unknown": "{blocker}"
},
"probes": {
"gcp_a_ping": "GCP-A ping",
"gcp_a_ssh_22": "GCP-A SSH 22",
"gcp_a_direct_22": "GCP-A SSH 22",
"gcp_a_direct_11434": "GCP-A 11434",
"gcp_b_direct_11434": "GCP-B 11434",
"proxy_110_11435": "110 proxy 11435",
"proxy_110_11436": "110 proxy 11436",
"proxy_110_11437": "110 proxy 11437",
"unknown": "{probe}"
}
}
},
"incidentEvidence": {
"title": "事件證據",
"subtitle": "Telegram, Run, Approval, and Work Item share the same remediation evidence",
"empty": "--",
"incidentLabel": "Incident",
"notLinked": "No Incident linked",
"filterTitle": "Show only {incidentId}",
"more": "+{count} more",
"dryRuns": "試跑",
"route": "MCP Route",
"writes": "Write flags",
"writeFlags": "incident={incident} / autoRepair={autoRepair}",
"runLink": "執行時間線"
},
"statusChain": {
"title": "AwoooP Status Chain",
"subtitle": "Source {source}; Source ID {sourceId}",
"empty": "This item is not linked to readable 真相鏈 / ADR-100 history yet.",
"emptyValue": "--",
"blockers": "Blockers",
"writeFlags": "incident={incident} / autoRepair={autoRepair}",
"human": {
"yes": "Needs human",
"no": "No human gate"
},
"fields": {
"stage": "Stage",
"repair": "AI Repair",
"verification": "Verification",
"nextStep": "Next Step",
"writes": "Write Flags",
"verdict": "Verdict"
},
"evidence": {
"autoRepair": "Auto-repair",
"ops": "Ops",
"mcp": "MCP",
"km": "KM",
"adr100": "ADR-100 Route"
},
"toolchain": {
"title": "AI Agent Evidence Chain",
"mcp": "MCP / Custom MCP",
"mcpValue": "Gateway {success}/{total}, failed {failed}, blocked {blocked}",
"mcpDetail": "top={topTool}; first-class={firstClass}; legacy={legacy}; policy={policy}",
"source": "Sentry / SigNoz",
"sourceValue": "{status}; direct {direct}, candidate {candidate}, applied {applied}",
"sourceDetail": "{providers}",
"execution": "Executor",
"executionValue": "{executor} / {status}",
"executionDetail": "operation={operation}; action={action}; ops={ops}",
"playbook": "PlayBook / Ansible",
"playbookValue": "{playbook}",
"playbookDetail": "ansible={ansible}; candidates={candidates}; check-mode={checkMode}; status={status}",
"learning": "KM / Learning",
"learningValue": "KM {km}; AutoRepair {autoRepair}; Ops {ops}",
"learningDetail": "verification={verification}; next={nextStep}"
},
"source": {
"status": "Source 連結",
"verification": "Status-chain Verification",
"directCandidate": "Direct / Candidate / Applied",
"directCandidateValue": "{direct} / {candidate} / {applied}",
"latestApplied": "Latest Applied Event",
"providers": "Provider",
"flow": {
"providerIngress": "Provider Ingress",
"sourceEvidence": "Source Evidence",
"appliedVerification": "Applied-link Verification",
"providerDetail": "provider events={providerEvents}; ready providers={readyProviders}",
"verificationDetail": "latest={latest}",
"status": {
"ready": "ready",
"waiting": "waiting",
"needsReview": "needs review",
"applied": "applied"
}
},
"statuses": {
"linked": "Directly linked",
"candidateFound": "Candidate found",
"providerFreshNoMatch": "Provider fresh, no match",
"missing": "No match yet",
"noIncidentContext": "Missing incident context",
"fetchFailed": "Read failed"
},
"verificationStatuses": {
"appliedLinkVerified": "Applied and verified",
"directRefVerified": "Direct ref verified",
"candidateOnly": "Candidate only",
"providerFreshNoMatch": "Provider fresh, no match",
"missing": "No match yet",
"noIncidentContext": "Missing incident context",
"fetchFailed": "Read failed"
}
}
},
"tenants": {
"securityTenantScopeCandidate": {
"title": "IwoooS Tenant Security 範圍 Read-only Candidate",
"subtitle": "Tenant management only displays the protection scope for the AWOOOI first tenant and the IwoooS security mirror. This is not a migration mode change and does not modify tenant policy.",
"badge": "Tenant scope",
"scopeRefsTitle": "Read-only scope refs",
"boundaryLabel": "Tenant Boundary",
"boundaryTitle": "No tenant settings are changeable here",
"boundaryDetail": "This panel does not change migration mode, modify tenant policy, write to the platform tenants API, call GitHub / Gitea / Kali, or add scan, execute, deploy, primary switch, or refs actions.",
"openIwooos": "Open IwoooS",
"metrics": {
"primaryTenant": "Primary Tenant",
"primaryTenantDetail": "AWOOOI is the first runtime tenant in AwoooP. This only displays scope and does not change settings.",
"securityEntry": "Security Entry",
"securityEntryDetail": "IwoooS remains the read-only Information Security entrypoint and posture mirror.",
"hostCoverage": "Host coverage",
"hostCoverageDetail": "Kali 112, Dev 168, and Dev 111 are in observe-only view.",
"policyMutations": "Tenant policy changes",
"policyMutationsDetail": "Currently 0. Do not change policy before 負責人回覆 and a 執行期閘門."
},
"scopeRefs": {
"awoooiTenant": "Under the AwoooP platform identity, AWOOOI remains the first tenant / runtime host, not a synonym for the whole platform.",
"iwooosMirror": "IwoooS displays security mirror posture, progress, evidence refs, and forbidden actions.",
"hostCoverage": "The three named hosts are included only for security visibility and evidence readiness; no SSH, updates, credentialed scans, or blocking controls are performed.",
"ownerResponse": "S4.9-S4.12 負責人回覆 已收到 / 已接受 remain 0. Tenant scope display is not approval."
}
},
"githubTenantReadinessScope": {
"title": "GitHub 主要來源就緒度 Tenant 範圍",
"subtitle": "Tenant management mirrors the source-control owner scope gap between the AWOOOI first tenant and the Gitea-to-GitHub path. This is not tenant policy, repo creation, or primary switch authorization.",
"badge": "Read-only scope",
"openIwooos": "Open IwoooS",
"scopeRefsTitle": "Owner 範圍 Refs",
"boundaryLabel": "Tenant / GitHub Boundary",
"boundaryTitle": "Tenant scope still waits for 負責人回覆",
"boundaryDetail": "This panel only displays the relation between tenant scope and source-control readiness. It does not change tenant migration mode, modify tenant policy, create GitHub repos, mutate refs, collect 機密明文值s, switch primary, or disable Gitea.",
"metrics": {
"candidateRepos": {
"label": "候選專案庫",
"detail": "8 candidate repos are scope visibility only and do not authorize GitHub repo creation."
},
"inScopeRepos": {
"label": "範圍內專案庫",
"detail": "7 repos still require owner scope decision and source-control response."
},
"ownerResponses": {
"label": "Owner Responses",
"detail": "22 response templates remain 0 received / 0 accepted."
},
"tenantScopeChanges": {
"label": "Tenant 範圍 Changes",
"detail": "Currently 0. Readiness display must not change tenant policy or migration mode."
}
},
"scopeRefs": {
"tenantSourceScope": "The AWOOOI first tenant only maps to source-control readiness scope; it does not mean the whole platform or GitHub primary is accepted.",
"giteaInventoryOwner": "S4.9 still waits for Gitea inventory owner attestation. Repo scope must not be filled as accepted before coverage is accepted.",
"githubTargetOwner": "S4.10 still waits for GitHub target owner decision. Do not create repos or change visibility before the target owner accepts.",
"workflowSecretOwner": "S4.12 only waits for 工作流程 / 機密 name 負責人回覆. Secret values must not be collected and GitHub 機密設定 must not be changed."
}
},
"ownerResponseValidationScope": {
"title": "Owner Response Validation Tenant 範圍",
"subtitle": "Tenant management mirrors that the AWOOOI first tenant is still waiting for the S4.13 validation rollup and S4.9-S4.12 source response packets. This is not tenant policy, repo, refs, 工作流程 / 機密, or runtime authorization.",
"badge": "Read-only validation scope",
"openIwooos": "Open IwoooS",
"scopeRefsTitle": "Tenant Validation Refs",
"boundaryLabel": "Tenant Validation Boundary",
"boundaryTitle": "No tenant policy changes can be applied here",
"boundaryDetail": "This panel only displays four packets, 22 response templates, 已收到 / 已接受 / rejected still at 0, and the validation scope understandable by the AWOOOI first tenant. It does not modify tenant policy, create repos, mutate refs, modify workflows / 機密設定, collect 機密明文值s, switch primary, or open 執行期閘門s.",
"metrics": {
"packets": "Response Packets",
"packetsDetail": "S4.9-S4.12 four packets still wait for 負責人回覆.",
"templates": "Response Templates",
"templatesDetail": "22 templates only describe future intake format. They do not mean sent, received, or accepted.",
"received": "Received",
"receivedDetail": "Still 0. Tenant scope visibility must not rewrite intake state.",
"accepted": "Accepted",
"acceptedDetail": "Still 0. It can change only after redacted evidence passes validation.",
"tenantPolicyChanges": "Tenant Policy Changes",
"tenantPolicyChangesDetail": "Still 0. Tenant policy and migration mode must not change before validation.",
"displaySections": "Display Sections",
"displaySectionsDetail": "8 display sections explain how tenants should understand validation flow and boundaries."
},
"scopeRefs": {
"validationRollup": {
"title": "S4.13 Validation Rollup",
"detail": "Fixes four packets, cross-packet validation, evidence routing, reviewer checklist, and result lanes without creating tenant policy changes."
},
"giteaAttestation": {
"title": "S4.9 Gitea Inventory Owner Attestation",
"detail": "5 templates still wait for 負責人回覆. The tenant can only see the next intake focus."
},
"githubTarget": {
"title": "S4.10 GitHub Target Owner Decision",
"detail": "7 target owner / visibility / standard responses remain unaccepted. Repos must not be created automatically."
},
"refsTruth": {
"title": "S4.11 Ref Truth Owner Response",
"detail": "5 truth decision groups still wait for redacted responses. Refs must not be synced, deleted, or force-pushed."
},
"workflowSecret": {
"title": "S4.12 Workflow / Secret Name Owner Response",
"detail": "5 name and redacted evidence groups still wait for response. Only name inventory is allowed, not 機密明文值s."
}
}
}
},
"runs": {
"securityRunStateCandidate": {
"title": "IwoooS 執行狀態 Read-only Candidate",
"subtitle": "執行監控 only shows how the security mirror can be understood from the AwoooP Run view. This is not run_created and does not connect an execution router.",
"badge": "執行狀態 candidate",
"runRefsTitle": "Read-only run refs",
"boundaryLabel": "執行邊界",
"boundaryTitle": "No security Run is executable here",
"boundaryDetail": "This panel does not create a platform run, connect an execution router, call GitHub / Gitea / Kali, or add scan, execute, repair, deploy, primary switch, or refs actions.",
"openIwooos": "Open IwoooS",
"metrics": {
"visibility": "執行可視狀態",
"visibilityValue": "read-only",
"visibilityDetail": "Projects the security mirror into 執行監控 language only. It does not create a real runtime run.",
"runtimeRuns": "資安執行紀錄",
"runtimeRunsDetail": "Currently 0. S2.58 is display-candidate only and does not create a run record.",
"activeGates": "主動執行期閘門",
"activeGatesDetail": "Still 0. Runtime gates need separate approval, rollback, and 後檢證據.",
"ownerResponse": "負責人已接受",
"ownerResponseDetail": "S4.9-S4.12 負責人回覆 accepted remains 0. Run display is not completed intake."
},
"runRefs": {
"mirrorRunState": "AwoooP 執行監控 can understand the security mirror, but only as a read-only candidate.",
"readOnlyDryRun": "If future 試跑證據 appears, it must still preserve read-only and human-gate semantics.",
"ownerResponse": "負責人回覆 已收到 / 已接受 remain 0, so any further Run movement waits for human intake.",
"activeGates": "主動執行期閘門 remain 0. Do not open gates or create 操作按鈕s from 執行監控."
}
},
"githubRunReadinessBoundary": {
"title": "GitHub 主要來源就緒度 執行邊界",
"subtitle": "執行監控 mirrors that GitHub primary readiness still cannot create a security run. This is not platform run, execution router, repo creation, or primary switch authorization.",
"badge": "Run boundary",
"openIwooos": "Open IwoooS",
"runRefsTitle": "GitHub Readiness Run Refs",
"boundaryLabel": "GitHub / 執行邊界",
"boundaryTitle": "No GitHub primary run is executable",
"boundaryDetail": "This panel only projects source-control readiness into 執行監控 language. It does not create platform runs, connect an execution router, create GitHub repos, mutate refs, change workflows / 機密設定, collect 機密明文值s, switch primary, or disable Gitea.",
"metrics": {
"candidateRepos": {
"label": "候選專案庫",
"detail": "8 candidate repos are readiness visibility only and do not create GitHub repo creation runs."
},
"inScopeRepos": {
"label": "範圍內專案庫",
"detail": "7 repos still wait for 負責人回覆. 執行監控 must not open tasks for them."
},
"securityRuns": {
"label": "GitHub Security Runs",
"detail": "Currently 0. Readiness visibility is not platform run creation."
},
"ownerResponses": {
"label": "Owner Responses",
"detail": "22 response templates remain 0 received / 0 accepted."
},
"workflowInventory": {
"label": "工作流程清冊",
"detail": "工作流程 / 機密 name inventory is still incomplete for 7 repos."
}
},
"runRefs": {
"primaryReadiness": "The primary readiness gate still reports ready=0 and cannot become a GitHub primary run.",
"ownerValidation": "The 負責人回覆 validation rollup is still 0/22 and must not be autofilled as accepted by 執行監控.",
"workflowInventory": "工作流程 / 機密 name inventory only collects names and routing. It does not collect 機密明文值s or modify GitHub 機密設定.",
"rollbackAdr": "The rollback ADR has no owner-approved dry-run, so no primary switch run can start."
}
},
"ownerResponseValidationRunBoundary": {
"title": "Owner Response Validation 執行邊界",
"subtitle": "執行監控 mirrors that the S4.13 validation rollup and S4.9-S4.12 four source response packets are read-only. This is not platform run, execution router, approval record, repo, refs, 工作流程 / 機密, or runtime authorization.",
"badge": "Read-only run boundary",
"openIwooos": "Open IwoooS",
"runRefsTitle": "Run Validation Refs",
"boundaryLabel": "Validation / 執行邊界",
"boundaryTitle": "No 負責人回覆 validation run is executable",
"boundaryDetail": "This panel only displays four packets, 22 response templates, 已收到 / 已接受 / rejected still at 0, and the validation boundary understandable by 執行監控. It does not create platform runs, connect an execution router, create approval records, create repos, mutate refs, modify workflows / 機密設定, collect 機密明文值s, switch primary, or open 執行期閘門s.",
"metrics": {
"packets": "Response Packets",
"packetsDetail": "S4.9-S4.12 four packets still wait for 負責人回覆.",
"templates": "Response Templates",
"templatesDetail": "22 templates only describe future intake format. They do not mean sent, received, or accepted.",
"received": "Received",
"receivedDetail": "Still 0. 執行監控 visibility must not rewrite intake state.",
"accepted": "Accepted",
"acceptedDetail": "Still 0. It can change only after redacted evidence passes validation.",
"securityRuns": "Security Runs",
"securityRunsDetail": "Still 0. Validation boundary visibility is not platform run creation.",
"displaySections": "Display Sections",
"displaySectionsDetail": "8 display sections explain how 執行監控 should understand validation flow and boundaries."
},
"runRefs": {
"validationRollup": {
"title": "S4.13 Validation Rollup",
"detail": "Fixes four packets, cross-packet validation, evidence routing, reviewer checklist, and result lanes without creating platform runs."
},
"giteaAttestation": {
"title": "S4.9 Gitea Inventory Owner Attestation",
"detail": "5 templates still wait for 負責人回覆. 執行監控 can only see the next intake focus."
},
"githubTarget": {
"title": "S4.10 GitHub Target Owner Decision",
"detail": "7 target owner / visibility / standard responses remain unaccepted. Repos or run records must not be created automatically."
},
"refsTruth": {
"title": "S4.11 Ref Truth Owner Response",
"detail": "5 truth decision groups still wait for redacted responses. Refs must not be synced, deleted, or force-pushed."
},
"workflowSecret": {
"title": "S4.12 Workflow / Secret Name Owner Response",
"detail": "5 name and redacted evidence groups still wait for response. Only name inventory is allowed, not 機密明文值s."
}
}
}
},
"contracts": {
"securityContractCandidate": {
"title": "IwoooS Security Contract Read-only Candidate",
"subtitle": "The contract dashboard only shows the schema, snapshot, and guard semantics that IwoooS / security mirror currently depends on. This is not contract publishing and does not trigger a 執行期閘門.",
"badge": "Contract candidate",
"contractRefsTitle": "Read-only contract refs",
"boundaryLabel": "Contract Boundary",
"boundaryTitle": "No security contract is publishable here",
"boundaryDetail": "This panel does not publish contract revisions, change contract lifecycle, write to the platform contracts API, call GitHub / Gitea / Kali, or add scan, execute, deploy, primary switch, or refs actions.",
"openIwooos": "Open IwoooS",
"metrics": {
"totalContracts": "Total contracts",
"totalContractsDetail": "Security mirror currently rolls up 36 primary contracts.",
"readyForMirror": "可進鏡像",
"readyForMirrorDetail": "33 ready, 2 partial, 1 contract-only, and 0 blocked.",
"partialReady": "Partial",
"partialReadyDetail": "Remaining gaps are 負責人回覆, payload ingestion, and source-control owner evidence.",
"activeRuntimeGates": "主動執行期閘門",
"activeRuntimeGatesDetail": "Still 0; contract visibility is not runtime enforcement."
},
"contractRefs": {
"statusRollup": "The shared state entrypoint for AwoooP and the Security Session; it only rolls up progress and safe gates.",
"postureProjection": "The projection contract for IwoooS posture, host coverage, 負責人回覆 focus, and forbidden actions.",
"ownerValidation": "The S4.9-S4.12 負責人回覆 已收到 / 已接受 separation and reviewer check semantics.",
"rolloutPolicy": "The low-friction, observe-first rollout policy with owner review before blocking."
}
},
"githubPrimaryReadinessCandidate": {
"title": "GitHub 主要來源就緒度 Contract Read-only Candidate",
"subtitle": "The contract dashboard mirrors the Gitea-to-GitHub readiness contract refs, owner-response gaps, and non-execution boundaries. This is not repo creation, refs mutation, secret collection, or primary-switch authorization.",
"badge": "GitHub readiness",
"contractRefsTitle": "Primary readiness contract refs",
"boundaryLabel": "Source-control Boundary",
"boundaryTitle": "No GitHub primary is switchable here",
"boundaryDetail": "This panel only displays candidate repos, in-scope repos, primary-ready state, 負責人回覆s, and 工作流程 / 機密-name inventory gaps. It does not create GitHub repos, change visibility, sync / delete / force-push refs, collect 機密明文值s, switch primary, disable Gitea, or trigger 執行期閘門s.",
"openIwooos": "Open IwoooS",
"metrics": {
"candidateRepos": "候選專案庫",
"candidateReposDetail": "S4.0 currently tracks 8 GitHub primary readiness candidates.",
"inScopeRepos": "In-scope",
"inScopeReposDetail": "7 still need owner / visibility / canonical / rollback evidence.",
"primaryReady": "主要來源已就緒",
"primaryReadyDetail": "Still 0; visible readiness is not primary cutover approval.",
"ownerResponses": "負責人回覆",
"ownerResponsesDetail": "The 22 S4.9-S4.12 response templates remain 0 已收到 / 已接受.",
"workflowInventory": "工作流程清冊",
"workflowInventoryDetail": "工作流程 / 機密-name inventory remains incomplete for the 7 in-scope repos."
},
"contractRefs": {
"primaryReadiness": "The main readiness gate for GitHub primary parity, owner, refs, workflow, and rollback prerequisites.",
"ownerValidation": "Received / accepted / rejected separation plus reviewer checks for the four owner-response packets.",
"rollbackAdr": "Rollback ADR drafts, owner review, and validation windows for the 7 in-scope repos.",
"workflowInventory": "Workflow, runner, deploy-key, branch-protection, CODEOWNERS, and secret-name inventory; names only, never values.",
"postureProjection": "The IwoooS frontend projection for the GitHub readiness board and forbidden actions."
}
},
"ownerResponseValidationCandidate": {
"title": "Owner Response Validation Contract Read-only Candidate",
"subtitle": "The contract dashboard mirrors the S4.13 負責人回覆 validation rollup and four source intake packets. This is not received 負責人回覆, an approval record, repo / refs / workflow action, or runtime authorization.",
"badge": "Validation candidate",
"contractRefsTitle": "負責人回覆 validation contract refs",
"boundaryLabel": "Validation Boundary",
"boundaryTitle": "No validation result is publishable or executable here",
"boundaryDetail": "This panel only displays the four packets, 22 response templates, 已收到 / 已接受 / rejected counters at 0, and AwoooP display sections. It does not create approval records, create repos, mutate refs, modify workflows / 機密設定, collect 機密明文值s, switch primary, or open 執行期閘門s.",
"openIwooos": "Open IwoooS",
"metrics": {
"packets": "Packets",
"packetsDetail": "The S4.9-S4.12 packets are still waiting for 負責人回覆.",
"templates": "Templates",
"templatesDetail": "22 templates only define intake shape; they are not sent or accepted responses.",
"received": "Received",
"receivedDetail": "Still 0; visible work items or contracts must not rewrite intake state.",
"accepted": "Accepted",
"acceptedDetail": "Still 0; only redacted evidence that passes validation can change this.",
"displaySections": "Display sections",
"displaySectionsDetail": "8 AwoooP display sections explain validation flow and boundaries only."
},
"contractRefs": {
"validationRollup": "The S4.13 four-packet validation rollup that keeps 已收到 / 已接受 / rejected and reviewer checks separate.",
"giteaAttestation": "The S4.9 Gitea inventory owner attestation packet; five templates are still not received.",
"githubTarget": "The S4.10 GitHub target owner decision packet; seven templates are still not accepted.",
"refsTruth": "The S4.11 refs truth 負責人回覆 packet; classification must not become refs action authorization.",
"workflowSecret": "The S4.12 工作流程 / 機密-name 負責人回覆 packet; names and redacted evidence only, never 機密明文值s."
}
}
},
"approvals": {
"legacyHitl": {
"title": "既有 HITL 待人工處理",
"subtitle": "這批來自 approval_records不屬於 AwoooP run approval仍需在前台可見。",
"openAuthorizations": "開啟授權中心",
"loadFailed": "既有 HITL backlog 載入失敗:{error}",
"tableLabel": "既有 HITL 待人工處理",
"moreRows": "只顯示最新 8 筆,其餘 {count} 筆請到授權中心處理。",
"noTelegram": "無 Telegram",
"telegramRef": "Telegram #{id}",
"summary": {
"pending": "待處理",
"noTelegram": "無 Telegram 訊息",
"observe": "觀察 / 無動作",
"critical": "嚴重"
},
"columns": {
"risk": "風險",
"action": "動作",
"incident": "事件",
"source": "來源",
"created": "建立"
}
},
"securityOwnerResponseGate": {
"title": "IwoooS Owner Response Read-only Review Focus",
"subtitle": "The AwoooP approval queue only shows the next human intake focus for S4.9-S4.12 負責人回覆. This is not an approval record and does not open a 執行期閘門.",
"badge": "Read-only focus",
"ownerChecksTitle": "負責人回覆 intake order",
"boundaryLabel": "Approval Boundary",
"boundaryTitle": "There is still nothing to approve here",
"boundaryDetail": "This panel does not send requests, mark 已收到 / 已接受, create approval records, call GitHub / Gitea / Kali, or add approve, execute, deploy, primary switch, or refs actions.",
"openIwooos": "Open IwoooS",
"metrics": {
"received": "Received",
"receivedDetail": "S4.9-S4.12 負責人回覆 received remains 0.",
"accepted": "Accepted",
"acceptedDetail": "No acceptable redacted owner evidence has been received.",
"activeRuntimeGates": "主動執行期閘門",
"activeRuntimeGatesDetail": "Any 執行期閘門 still needs separate approval plus rollback and 後檢證據.",
"headline": "Overall Security Mesh",
"headlineDetail": "已因 AwoooP 正式只讀落地證據重估到 61%;下一次仍要靠負責人回覆、執行期閘門或 GitHub 主要來源證據。"
},
"checks": {
"s49OwnerAttestation": {
"title": "S4.9 Gitea owner attestation",
"detail": "Recommended first intake; needs public-only / local gap, org / user endpoint, 110 adjacent source, canonical owner, and legacy disposition answers."
},
"s410GithubTarget": {
"title": "S4.10 GitHub target owner",
"detail": "After S4.9, collect owner / visibility / canonical decisions for the seven GitHub targets."
},
"s411RefsTruth": {
"title": "S4.11 refs truth 負責人回覆",
"detail": "Wait for redacted owner decisions on main / dev truth, deprecated drift, release tags, and GitHub-only refs."
},
"s412WorkflowSecret": {
"title": "S4.12 工作流程 / 機密 names",
"detail": "Wait for redacted owner decisions on webhooks, runners, deploy keys, branch protection / CODEOWNERS, and secret name parity."
}
}
},
"githubPrimaryReadinessGate": {
"title": "GitHub 主要來源就緒度 Approval Boundary",
"subtitle": "The approval queue only displays the owner-response gaps that block GitHub primary readiness. This is not GitHub primary approval and does not create repos, mutate refs, collect 機密明文值s, or disable Gitea.",
"badge": "Read-only approval boundary",
"responseLanesTitle": "負責人回覆 lanes",
"boundaryLabel": "GitHub Primary Boundary",
"boundaryTitle": "No primary switch is approvable here",
"boundaryDetail": "This panel only brings the S4.9-S4.12 intake order into the approvals surface. All responses remain received=0 / accepted=0, with no approval record, no GitHub primary switch, no Gitea primary change, and no 執行期閘門.",
"openIwooos": "Open IwoooS",
"metrics": {
"giteaOwner": "Gitea owner",
"giteaOwnerDetail": "The five S4.9 owner attestation items are still not 已收到 / 已接受.",
"githubTargetOwner": "GitHub target owner",
"githubTargetOwnerDetail": "The seven S4.10 target owner / visibility / canonical responses are still not accepted.",
"refsTruth": "Refs truth",
"refsTruthDetail": "The five S4.11 refs truth 負責人回覆s are still not accepted.",
"workflowSecretNames": "工作流程 / 機密 names",
"workflowSecretNamesDetail": "The five S4.12 工作流程 / 機密-name 負責人回覆s are still not accepted.",
"primaryReady": "主要來源已就緒",
"primaryReadyDetail": "Still 0; approvals visibility is not primary cutover approval."
},
"responseLanes": {
"giteaOwnerAttestation": {
"title": "Gitea inventory owner attestation",
"detail": "First confirm public-only / local gap, org / user endpoint, 110 adjacent source, canonical owner, and legacy disposition."
},
"githubTargetOwner": {
"title": "GitHub target owner decision",
"detail": "Then confirm owner, visibility, and canonical target for the seven in-scope targets without creating repos automatically."
},
"refsTruthOwner": {
"title": "Refs truth 負責人回覆",
"detail": "Next confirm main / dev truth, deprecated drift, release tags, and GitHub-only refs without syncing, deleting, or force-pushing refs."
},
"workflowSecretOwner": {
"title": "工作流程 / 機密-name 負責人回覆",
"detail": "Finally confirm workflow, runner, deploy key, branch protection, CODEOWNERS, and secret names. Collect names only, never values."
}
}
},
"ownerResponseValidationBoundary": {
"title": "Owner Response Validation Read-only Review Boundary",
"subtitle": "The approval queue mirrors the S4.13 validation rollup and the S4.9-S4.12 source intake packets. This is not received response, accepted response, an approval record, repo action, refs action, 工作流程 / 機密 action, or runtime authorization.",
"badge": "Read-only validation boundary",
"reviewRefsTitle": "Validation and source intake refs",
"boundaryLabel": "Non-approvable boundary",
"boundaryTitle": "No approval record can be created here",
"boundaryDetail": "This panel only displays four packets, 22 response templates, 已收到 / 已接受 / rejected all still 0, and 8 display sections. It does not create approval records, create repos, mutate refs, change workflows / 機密設定, collect 機密明文值s, switch primary, or open 執行期閘門s.",
"openIwooos": "Open IwoooS",
"metrics": {
"packets": "Response packets",
"packetsDetail": "S4.9-S4.12 all still wait for 負責人回覆.",
"templates": "Response templates",
"templatesDetail": "The 22 templates are future intake formats only, not sent, received, or accepted responses.",
"received": "Received",
"receivedDetail": "Still 0. Approval queue visibility must not rewrite intake state.",
"accepted": "Accepted",
"acceptedDetail": "Still 0. Only validated redacted evidence can change this.",
"rejected": "Rejected",
"rejectedDetail": "Still 0. Rejection outcomes cannot exist before human validation.",
"displaySections": "Display sections",
"displaySectionsDetail": "The 8 display sections explain validation flow, evidence routing, and boundaries only."
},
"reviewRefs": {
"validationRollup": {
"title": "S4.13 validation rollup",
"detail": "Locks packet separation, cross-packet validation, evidence routing, reviewer checklist, and outcome lanes without creating approval records.",
"contract": "source_control_owner_response_validation_rollup_v1"
},
"giteaAttestation": {
"title": "S4.9 Gitea inventory owner attestation",
"detail": "Five templates still wait for 負責人回覆; this can only display the next intake focus.",
"contract": "gitea_inventory_owner_attestation_response_v1"
},
"githubTarget": {
"title": "S4.10 GitHub target owner decision",
"detail": "Seven target owner / visibility / canonical responses are not accepted and must not create repos automatically.",
"contract": "github_target_owner_decision_response_v1"
},
"refsTruth": {
"title": "S4.11 refs truth 負責人回覆",
"detail": "Five truth lanes still wait for redacted response and must not sync, delete, or force-push refs.",
"contract": "source_control_ref_truth_owner_response_v1"
},
"workflowSecret": {
"title": "S4.12 工作流程 / 機密-name 負責人回覆",
"detail": "Five name and redacted-evidence lanes still wait for response. Names only, never 機密明文值s.",
"contract": "source_control_workflow_secret_name_owner_response_v1"
}
}
}
},
"runDetail": {
"back": "Back to 執行監控",
"title": "Run Disposition 時間線",
"refresh": "Refresh",
"empty": "--",
"durationSeconds": "{seconds}s",
"errors": {
"title": "Failed to load run details",
"loadFailed": "Load failed"
},
"stats": {
"state": "Current State",
"timeline": "時間線",
"mcpSteps": "MCP / Steps",
"duration": "Duration"
},
"summary": {
"title": "Run Summary",
"project": "Project",
"agent": "Agent",
"traceId": "追蹤 ID",
"trigger": "觸發來源",
"triggerRef": "觸發參照",
"cost": "Cost",
"attempts": "Attempts",
"created": "Created",
"completed": "Completed",
"error": "Error"
},
"timeline": {
"title": "Disposition 時間線",
"lastUpdated": "Last updated {time}",
"count": "{count} items",
"empty": "No timeline records yet."
},
"gateway": {
"title": "MCP 閘道",
"emptyState": "No records",
"agent": "Agent",
"tool": "工具",
"scope": "範圍",
"blockers": "Blockers",
"metrics": {
"firstClass": "第一級",
"policy": "政策已套用",
"approvalExecutor": "審批執行器",
"legacyBridge": "舊橋接"
}
},
"remediation": {
"title": "Remediation 試跑 Evidence",
"empty": "This run is not linked to ADR-100 remediation dry-run history yet.",
"latest": "Latest dry-run",
"route": "MCP Route",
"preview": "Mode {mode}; preview {preview}",
"writes": "Writes: incident={incident}; autoRepair={autoRepair}",
"status": {
"linked": "連結ed to remediation history",
"empty": "No remediation history"
},
"metrics": {
"incidents": "Incident",
"dryRuns": "試跑",
"tools": "工具",
"writes": "Write flags"
}
},
"dossier": {
"title": "Source Event Dossier",
"empty": "This run is not linked to replayable inbound source events yet.",
"content": "Redacted Content",
"sourceRefs": "Source References",
"duplicate": "Duplicate",
"firstSeen": "First seen",
"status": {
"visible": "Recorded in 真相鏈",
"empty": "No source"
},
"metrics": {
"sources": "Sources",
"refs": "References",
"redacted": "Redacted",
"duplicates": "Duplicates"
},
"fields": {
"stage": "Stage",
"severity": "Risk",
"namespace": "Namespace",
"target": "Target",
"hash": "Hash"
},
"refs": {
"alertIds": "Alert",
"approvalIds": "Approval",
"eventIds": "Event",
"fingerprints": "Fingerprint",
"incidentIds": "Incident",
"sentryIssueIds": "Sentry",
"signozAlerts": "SignOz"
}
},
"action": {
"eyebrow": "Next Decision",
"approval": {
"title": "Waiting for human approval",
"detail": "AI is stopped at the human gate and has not 恢復執行d. Approve or reject from the approval page; every decision is written back to 執行狀態 and audit.",
"primary": "Open approval decision"
},
"manual": {
"title": "Manual handoff required",
"detail": "AI cannot safely close the loop, or execution has failed / timed out. Return to 執行監控 to compare same-project work and hand off to the SRE war room when needed.",
"primary": "Back to 執行監控"
},
"completed": {
"title": "Completed, ready for audit review",
"detail": "The run has converged. Use the timeline to verify MCP calls, outbound messages, and cost records before writing back to KM / Playbook.",
"primary": "Back to 執行監控"
},
"running": {
"title": "AI is processing",
"detail": "The run is still active and this page refreshes periodically. If it stays running for too long, check heartbeat, MCP latency, and worker state.",
"primary": "Back to 執行監控"
},
"observe": {
"title": "Observing",
"detail": "The run has not reached a human gate or terminal state. Follow the timeline to verify inbound events, tool calls, and outbound messages.",
"primary": "Back to 執行監控"
},
"evidence": {
"inbound": "Inbound",
"outbound": "Outbound",
"mcp": "MCP Calls",
"steps": "Steps"
}
},
"ownerResponseValidationDetailBoundary": {
"title": "Owner Response Validation Detail Boundary",
"subtitle": "The single-run detail view mirrors the S4.13 validation rollup and S4.9-S4.12 response packets as read-only state; this is not approval, remediation, MCP execution, repo, refs, 工作流程 / 機密, or runtime authorization for this Run.",
"badge": "Read-only detail boundary",
"openIwooos": "Open IwoooS",
"detailRefsTitle": "Detail validation references",
"boundaryLabel": "Validation / detail boundary",
"boundaryTitle": "No owner-response validation detail action can run yet",
"boundaryDetail": "This section only explains how this Run detail understands the four packets, 22 response templates, 已收到 / 已接受 / rejected still at 0, and the gap between validation context and the execution timeline. It does not create approval records, start MCP or remediation, create platform runs, link the execution router, create repos, change refs, modify workflow / 機密設定, collect 機密明文值s, switch the primary source, or open a 執行期閘門.",
"metrics": {
"packets": {
"label": "Response packets",
"detail": "S4.9-S4.12 remain waiting for 負責人回覆s."
},
"templates": {
"label": "Response templates",
"detail": "22 templates are future intake formats, not responses received by this Run."
},
"received": {
"label": "Received",
"detail": "Still 0; the detail page must not turn visibility into intake state."
},
"accepted": {
"label": "Accepted",
"detail": "Still 0; this can only change after redacted evidence passes validation."
},
"validationRuns": {
"label": "Validation runs",
"detail": "Still 0; this detail card does not create a platform run."
},
"displaySections": {
"label": "Display sections",
"detail": "8 sections only explain validation flow and the detail boundary."
}
},
"detailRefs": {
"validationRollup": {
"title": "S4.13 Validation Rollup",
"detail": "Pins the four packets, cross-packet validation, evidence routing, review checklist, and result lanes, but does not create approval or remediation execution for this Run."
},
"giteaAttestation": {
"title": "S4.9 Gitea Inventory Owner Attestation",
"detail": "5 templates still wait for 負責人回覆; the detail page can only mark the next intake focus."
},
"githubTarget": {
"title": "S4.10 GitHub Target Owner Decision",
"detail": "7 target owner / visibility / standard responses remain unaccepted; repos or execution records must not be created automatically."
},
"refsTruth": {
"title": "S4.11 Refs Truth Owner Response",
"detail": "5 truth categories still wait for redacted responses; refs must not be synced, deleted, or force-pushed."
},
"workflowSecret": {
"title": "S4.12 Workflow / Secret Name Owner Response",
"detail": "5 name and redacted-evidence categories still wait for responses; only name inventories are allowed, never raw 機密明文值s."
}
}
},
"statuses": {
"blocked": "Blocked",
"cancelled": "Cancelled",
"completed": "Completed",
"error": "Error",
"failed": "Failed",
"pending": "Pending",
"received": "Received",
"running": "Running",
"sent": "Sent",
"shadow": "Shadow",
"success": "Success",
"timeout": "Timed out",
"warning": "Warning",
"waitingApproval": "Waiting approval"
}
},
"approvalDecision": {
"back": "Back to Approval Queue",
"viewTimeline": "View 執行時間線",
"eyebrow": "Human Approval Gate",
"title": "Approval Decision",
"timeout": "Approval Deadline",
"empty": "--",
"errors": {
"title": "Failed to load run data",
"loadFailed": "Load failed",
"missingProject": "Missing project_id; cannot submit approval decision",
"actionFailed": "Action failed"
},
"success": {
"approve": "Run approved. Returning to 時間線",
"reject": "Run rejected. Returning to 時間線"
},
"notWaiting": {
"title": "This run is not waiting for human approval",
"detail": "Current state is {state}. This page will not show approve / reject; return to 執行時間線 for the latest state."
},
"remediation": {
"title": "Remediation 試跑 Evidence",
"empty": "This run is not linked to remediation dry-run history yet; check the 執行時間線 source dossier and MCP 閘道 before approval.",
"latest": "Latest dry-run",
"preview": "Mode {mode}; preview {preview}",
"writes": "Writes: incident={incident}; autoRepair={autoRepair}",
"status": {
"linked": "連結ed to remediation history",
"empty": "No remediation history"
},
"metrics": {
"incidents": "Incident",
"dryRuns": "試跑",
"tools": "工具"
}
},
"ownerResponseValidationDecisionBoundary": {
"title": "Owner Response Validation Approval Decision Boundary",
"subtitle": "The approval decision page mirrors the S4.13 validation rollup and S4.9-S4.12 response packets as read-only state; this is not 負責人回覆 acceptance, GitHub primary approval, repo, refs, 工作流程 / 機密, or runtime authorization.",
"badge": "Read-only approval boundary",
"openIwooos": "Open IwoooS",
"decisionRefsTitle": "Approval validation references",
"boundaryLabel": "Validation / approval decision boundary",
"boundaryTitle": "No owner-response validation approval action can run yet",
"boundaryDetail": "This section only explains how the approval decision page understands the four packets, 22 response templates, 已收到 / 已接受 / rejected still at 0, and the separation between approval buttons and owner-response validation. It does not mark 負責人回覆s received or accepted, create security approval records, create platform runs, link the execution router, create repos, change refs, modify workflow / 機密設定, collect 機密明文值s, switch the primary source, or open a 執行期閘門.",
"metrics": {
"packets": {
"label": "Response packets",
"detail": "S4.9-S4.12 remain waiting for 負責人回覆s."
},
"templates": {
"label": "Response templates",
"detail": "22 templates are future intake formats, not responses accepted by the approval decision."
},
"received": {
"label": "Received",
"detail": "Still 0; the approval detail must not turn visibility into intake state."
},
"accepted": {
"label": "Accepted",
"detail": "Still 0; this can only change after redacted evidence passes validation."
},
"decisionAcceptance": {
"label": "Decision acceptance",
"detail": "Still 0; approving execution is not accepting 負責人回覆s."
},
"displaySections": {
"label": "Display sections",
"detail": "8 sections only explain validation flow and the approval boundary."
}
},
"decisionRefs": {
"validationRollup": {
"title": "S4.13 Validation Rollup",
"detail": "Pins the four packets, cross-packet validation, evidence routing, review checklist, and result lanes, but does not create approval acceptance or remediation execution."
},
"giteaAttestation": {
"title": "S4.9 Gitea Inventory Owner Attestation",
"detail": "5 templates still wait for 負責人回覆; the approval page can only mark the next intake focus."
},
"githubTarget": {
"title": "S4.10 GitHub Target Owner Decision",
"detail": "7 target owner / visibility / standard responses remain unaccepted; repos or primary switches must not be created automatically."
},
"refsTruth": {
"title": "S4.11 Refs Truth Owner Response",
"detail": "5 truth categories still wait for redacted responses; refs must not be synced, deleted, or force-pushed."
},
"workflowSecret": {
"title": "S4.12 Workflow / Secret Name Owner Response",
"detail": "5 name and redacted-evidence categories still wait for responses; only name inventories are allowed, never raw 機密明文值s."
}
}
},
"details": {
"title": "執行詳情s",
"runId": "Run ID",
"project": "Project",
"agent": "Agent",
"state": "State",
"traceId": "追蹤 ID",
"trigger": "觸發來源",
"triggerRef": "觸發參照",
"cost": "Cost",
"attempts": "Attempts",
"created": "Created",
"timeout": "Timeout",
"error": "Error",
"empty": "Run data was not found."
},
"actions": {
"approve": "Approve",
"reject": "Reject"
},
"dialog": {
"close": "Close",
"cancel": "Cancel",
"runId": "Run ID:",
"approve": {
"title": "Confirm Approval",
"body": "After approval, the run 恢復執行s from the human gate and continues through Runtime / MCP 閘道.",
"warning": "This decision is written to 執行狀態, approval token, and 稽核軌跡.",
"confirm": "Confirm Approval"
},
"reject": {
"title": "Confirm Rejection",
"body": "After rejection, the run is cancelled and will not continue automatic execution.",
"reason": "Rejection reason",
"placeholder": "Enter rejection reason...",
"warning": "The reason is written to the 稽核軌跡 for later review in 執行時間線.",
"confirm": "Confirm Rejection"
}
}
}
},
"runDetail": {
"back": "Back to 執行監控",
"title": "Run Disposition 時間線",
"refresh": "Refresh",
"empty": "--",
"durationSeconds": "{seconds}s",
"errors": {
"title": "Failed to load run details",
"loadFailed": "Load failed"
},
"stats": {
"state": "Current State",
"timeline": "時間線",
"mcpSteps": "MCP / Steps",
"duration": "Duration"
},
"summary": {
"title": "Run Summary",
"project": "Project",
"agent": "Agent",
"traceId": "追蹤 ID",
"trigger": "觸發來源",
"triggerRef": "觸發參照",
"cost": "Cost",
"attempts": "Attempts",
"created": "Created",
"completed": "Completed",
"error": "Error"
},
"timeline": {
"title": "Disposition 時間線",
"lastUpdated": "Last updated {time}",
"count": "{count} items",
"empty": "No timeline records yet."
},
"gateway": {
"title": "MCP 閘道",
"emptyState": "No records",
"agent": "Agent",
"tool": "工具",
"scope": "範圍",
"blockers": "Blockers",
"legacy": {
"only": "Legacy MCP only",
"total": "Legacy MCP",
"success": "Legacy success",
"failed": "Legacy failed",
"topTool": "Legacy tool"
},
"metrics": {
"firstClass": "第一級",
"policy": "政策已套用",
"approvalExecutor": "審批執行器",
"legacyBridge": "舊橋接"
}
},
"remediation": {
"title": "Remediation 試跑 Evidence",
"empty": "This run is not linked to ADR-100 remediation dry-run history yet.",
"latest": "Latest dry-run",
"route": "MCP Route",
"preview": "Mode {mode}; preview {preview}",
"writes": "Writes: incident={incident}; autoRepair={autoRepair}",
"status": {
"linked": "連結ed to remediation history",
"empty": "No remediation history"
},
"metrics": {
"incidents": "Incident",
"dryRuns": "試跑",
"tools": "工具",
"writes": "Write flags"
}
},
"dossier": {
"title": "Source Event Dossier",
"empty": "This run is not linked to replayable inbound source events yet.",
"content": "Redacted Content",
"sourceRefs": "Source References",
"duplicate": "Duplicate",
"firstSeen": "First seen",
"status": {
"visible": "Recorded in 真相鏈",
"empty": "No source"
},
"metrics": {
"sources": "Sources",
"refs": "References",
"redacted": "Redacted",
"duplicates": "Duplicates"
},
"fields": {
"stage": "Stage",
"severity": "Risk",
"namespace": "Namespace",
"target": "Target",
"hash": "Hash"
},
"refs": {
"alertIds": "Alert",
"approvalIds": "Approval",
"eventIds": "Event",
"fingerprints": "Fingerprint",
"incidentIds": "Incident",
"sentryIssueIds": "Sentry",
"signozAlerts": "SignOz"
}
},
"action": {
"eyebrow": "Next Decision",
"approval": {
"title": "Waiting for human approval",
"detail": "AI is stopped at the human gate and has not 恢復執行d. Approve or reject from the approval page; every decision is written back to 執行狀態 and audit.",
"primary": "Open approval decision"
},
"manual": {
"title": "Manual handoff required",
"detail": "AI cannot safely close the loop, or execution has failed / timed out. Return to 執行監控 to compare same-project work and hand off to the SRE war room when needed.",
"primary": "Back to 執行監控"
},
"completed": {
"title": "Completed, ready for audit review",
"detail": "The run has converged. Use the timeline to verify MCP calls, outbound messages, and cost records before writing back to KM / Playbook.",
"primary": "Back to 執行監控"
},
"running": {
"title": "AI is processing",
"detail": "The run is still active and this page refreshes periodically. If it stays running for too long, check heartbeat, MCP latency, and worker state.",
"primary": "Back to 執行監控"
},
"observe": {
"title": "Observing",
"detail": "The run has not reached a human gate or terminal state. Follow the timeline to verify inbound events, tool calls, and outbound messages.",
"primary": "Back to 執行監控"
},
"evidence": {
"inbound": "Inbound",
"outbound": "Outbound",
"mcp": "MCP Calls",
"steps": "Steps"
}
},
"statuses": {
"blocked": "Blocked",
"cancelled": "Cancelled",
"completed": "Completed",
"error": "Error",
"failed": "Failed",
"pending": "Pending",
"received": "Received",
"running": "Running",
"sent": "Sent",
"callbackReplySent": "Callback sent",
"callbackReplyFallbackSent": "Callback fallback",
"callbackReplyRescueSent": "Callback rescue",
"callbackReplyFailed": "Callback failed",
"shadow": "Shadow",
"success": "Success",
"timeout": "Timed out",
"warning": "Warning",
"waitingApproval": "Waiting approval"
}
},
"approvalDecision": {
"back": "Back to Approval Queue",
"viewTimeline": "View 執行時間線",
"eyebrow": "Human Approval Gate",
"title": "Approval Decision",
"timeout": "Approval Deadline",
"empty": "--",
"errors": {
"title": "Failed to load run data",
"loadFailed": "Load failed",
"missingProject": "Missing project_id; cannot submit approval decision",
"actionFailed": "Action failed"
},
"success": {
"approve": "Run approved. Returning to 時間線",
"reject": "Run rejected. Returning to 時間線"
},
"notWaiting": {
"title": "This run is not waiting for human approval",
"detail": "Current state is {state}. This page will not show approve / reject; return to 執行時間線 for the latest state."
},
"remediation": {
"title": "Remediation 試跑 Evidence",
"empty": "This run is not linked to remediation dry-run history yet; check the 執行時間線 source dossier and MCP 閘道 before approval.",
"latest": "Latest dry-run",
"preview": "Mode {mode}; preview {preview}",
"writes": "Writes: incident={incident}; autoRepair={autoRepair}",
"status": {
"linked": "連結ed to remediation history",
"empty": "No remediation history"
},
"metrics": {
"incidents": "Incident",
"dryRuns": "試跑",
"tools": "工具"
}
},
"details": {
"title": "執行詳情s",
"runId": "Run ID",
"project": "Project",
"agent": "Agent",
"state": "State",
"traceId": "追蹤 ID",
"trigger": "觸發來源",
"triggerRef": "觸發參照",
"cost": "Cost",
"attempts": "Attempts",
"created": "Created",
"timeout": "Timeout",
"error": "Error",
"empty": "Run data was not found."
},
"actions": {
"approve": "Approve",
"reject": "Reject"
},
"dialog": {
"close": "Close",
"cancel": "Cancel",
"runId": "Run ID:",
"approve": {
"title": "Confirm Approval",
"body": "After approval, the run 恢復執行s from the human gate and continues through Runtime / MCP 閘道.",
"warning": "This decision is written to 執行狀態, approval token, and 稽核軌跡.",
"confirm": "Confirm Approval"
},
"reject": {
"title": "Confirm Rejection",
"body": "After rejection, the run is cancelled and will not continue automatic execution.",
"reason": "Rejection reason",
"placeholder": "Enter rejection reason...",
"warning": "The reason is written to the 稽核軌跡 for later review in 執行時間線.",
"confirm": "Confirm Rejection"
}
}
},
"securityCompliance": {
"frontStage": {
"eyebrow": "前台資安入口",
"title": "安全合規保留,並整合到 IwoooS",
"subtitle": "專業建議是不移除。這個頁面保留既有安全監控與合規統計作為前台使用者熟悉的入口IwoooS 則成為資安網的總覽與唯一姿態來源,避免安全合規與 IwoooS 變成兩套敘事。",
"openIwooos": "查看 IwoooS 總覽",
"boundaryTitle": "低摩擦整合邊界",
"boundaryIntro": "這裡只做前台整合與導流,不新增掃描、修復、批准、部署或硬性阻擋控制。",
"routeRoleTitle": "前台入口角色對照",
"routeRoleSubtitle": "從安全合規進來時,也能直接看懂每個資安入口該負責什麼;這些入口只導覽與說明,不提供執行按鈕。",
"routeLabel": "入口",
"rolloutTitle": "低摩擦分階段收斂",
"rolloutSubtitle": "初期先建立框架、可視化與證據鏈;等負責人回覆、人工審查與執行期閘門都完成後,再逐步收嚴,不讓資安一開始拖慢產品流程。",
"phaseLabel": "階段",
"boundaryCodesSummary": "查看固定邊界鍵值",
"authority": {
"eyebrow": "短版結論",
"title": "IwoooS 是資安主控台;安全合規是熟悉入口",
"body": "這裡先讓使用者看懂入口關係,再把完整總覽交給 IwoooS。現階段仍是只讀、Gate 0不啟動掃描、修復、批准或部署。",
"open": "前往 IwoooS 主控台",
"signals": {
"source": {
"label": "主控來源"
},
"progress": {
"label": "整體進度"
},
"gate": {
"label": "執行閘門"
},
"mode": {
"label": "目前模式"
}
}
},
"items": {
"routePreserved": {
"label": "路由策略",
"detail": "既有書籤、導覽與頁籤維持可用。"
},
"iwooosBridge": {
"label": "資安總覽",
"detail": "IwoooS 承接總覽與跨頁姿態。"
},
"dedupeNarrative": {
"label": "敘事收斂",
"detail": "安全合規不再另開一套資安來源。"
},
"noRuntimeControl": {
"label": "執行控制",
"detail": "不新增掃描、修復、批准或部署按鈕。"
}
},
"routeRoles": {
"iwooosOverview": {
"title": "IwoooS 看總覽",
"body": "閱讀資安網進度、主機範圍、版本來源、負責人回覆與執行期邊界。"
},
"securityComplianceHub": {
"title": "安全合規看熟悉入口",
"body": "保留既有安全監控與合規統計,讓前台使用者不用改變原本路徑。"
},
"securityMonitor": {
"title": "安全看事件訊號",
"body": "查看錯誤、議題與安全事件類訊號;仍只做資料呈現。"
},
"complianceStats": {
"title": "合規看統計",
"body": "查看事件摘要、處置劇本與自動修復統計,不把統計視為批准。"
},
"awooopApprovals": {
"title": "AwoooP 看人控等待",
"body": "查看審批與負責人回覆等待狀態;仍不代表資安執行期閘門已開。"
}
},
"rolloutPhases": {
"observe": {
"title": "觀測與盤點",
"body": "目前只整理入口、主機、專案、網站、監控與工具姿態,不阻擋使用者流程。"
},
"evidence": {
"title": "補齊證據",
"body": "收斂脫敏證據、版本來源、負責人回覆與 AwoooP 只讀消費證明。"
},
"humanReview": {
"title": "人工審查",
"body": "由負責人確認例外、風險接受、修復順序與是否進入執行期閘門。"
},
"runtimeGate": {
"title": "批准後開閘",
"body": "只有明確批准後才允許掃描、修復、部署或主機變更的執行期流程。"
},
"tightening": {
"title": "逐步收嚴",
"body": "依證據與影響範圍分批提高管控,不一次把整個產品流程鎖死。"
}
}
}
},
"iwooos": {
"eyebrow": "資訊安全網",
"title": "IwoooS",
"subtitle": "The security mesh posture entry. It gathers Kali, source control, 負責人回覆, approval gates, and AwoooP mirror-only evidence into one readable posture without starting scans, repairs, or product blockers.",
"boundary": {
"label": "Current boundary",
"state": "只讀鏡像 / 先觀測",
"detail": "All numbers come from verified snapshots and guards. This page only displays posture, gaps, next gates, and non-blocking lanes."
},
"informationArchitecture": {
"overview": {
"title": "一眼看懂",
"summary": "預設只展開 headline、下一個 gate、進度移動條件與目前仍鎖住的邊界。"
},
"frontStage": {
"title": "前台入口與既有資安頁",
"summary": "整合安全合規、告警、授權、治理、稽核與 Code Review 的只讀入口。"
},
"progressPath": {
"title": "下一步與阻塞解除",
"summary": "集中顯示低摩擦 rollout、非阻擋分流、第一個可讓 61% 往前的證據路徑。"
},
"ownerEvidence": {
"title": "版本來源與負責人回覆",
"summary": "保留 Gitea / GitHub owner response、S4.9 收件、預檢與人工決策證據。"
},
"awooopVersion": {
"title": "AwoooP 只讀落地與版本證據",
"summary": "收納產品 rollout、AwoooP production landing、evidence wiring 與跨 Session 交接。"
},
"hostKali": {
"title": "主機與 Kali 邊界",
"summary": "將 192.168.0.112 / 111 / 168 的 observe-only、收件與人工決策證據收在進階區。"
}
},
"metrics": {
"overall": {
"label": "Overall mesh",
"detail": "headline progress, not authorization"
},
"framework": {
"label": "Framework maturity",
"detail": "docs, schema, read-only evidence"
},
"runtime": {
"label": "Runtime landing",
"detail": "執行期閘門s are not active"
},
"contracts": {
"label": "Core contracts",
"detail": "33 ready / 2 partial / 1 contract-only"
},
"activeGates": {
"label": "主動執行期閘門",
"detail": "kept at 0 before approval"
}
},
"stageCompletionReport": {
"title": "階段完成回報",
"subtitle": "每一輪完成後都把正式證據、進度邊界與下一步固定在首頁,讓使用者不用翻對話也能理解目前資安工作推到哪裡。",
"boundary": "本階段只更新可見回報與證據索引headline_percent=61framework=86-88%runtime_landing=40-45%active_runtime_gate_count=0runtime_execution_authorized=falserepo_creation_authorized=false。",
"items": {
"stageClosed": {
"title": "本階段已收斂",
"body": "IwoooS 已完成摘要收斂與下一步任務板,使用者可在預設展開區直接看到目前資安工作狀態。"
},
"productionEvidence": {
"title": "正式部署證據",
"body": "正式證據改以最新 Gitea main deploy marker 與 post-deploy success 為準,不再綁死單一舊 CD run。"
},
"progressBoundary": {
"title": "整體進度邊界",
"body": "目前整體 61%,框架 86-88%,落地 40-45%。下一次進度要靠 owner response、脫敏證據或批准 gate。"
},
"runtimeBoundary": {
"title": "執行期仍關閉",
"body": "Kali、主機、repo、workflow 與 GitHub primary 仍停在 observe / readiness不因前端顯示而取得執行權。"
}
}
},
"operatorNextTasks": {
"title": "下一步任務板",
"subtitle": "把 61% 往下一階段推進需要的工作拆成四件事;這裡只顯示任務與完成條件,不送出請求、不啟動掃描、不建立執行。",
"stepLabel": "任務",
"doneLabel": "完成條件",
"boundary": "固定邊界owner_response_received_count=0owner_response_accepted_count=0active_runtime_gate_count=0runtime_execution_authorized=falseaction_buttons_allowed=falserepo_creation_authorized=falsegithub_primary_switch_authorized=false。",
"items": {
"s49OwnerResponse": {
"title": "先收 S4.9 負責人回覆",
"body": "第一個可推動 headline 的工作,是收到 Gitea 清冊負責人的可追溯、已脫敏回覆。",
"done": "收到後仍要通過收件預檢與 reviewer 接受,才可能成為 headline review 候選。"
},
"redactedEvidencePacket": {
"title": "補齊脫敏證據包",
"body": "把來源、範圍、負責人判定、脫敏聲明與 evidence refs 放進可審查封包。",
"done": "只接受脫敏 payload機密明文、完整掃描輸出、host dump 與 raw log 不進 mirror。"
},
"runtimeGatePreflight": {
"title": "準備執行期 gate 前置條件",
"body": "先整理 scope、rollback、維護窗口、post-check metrics 與人工決策格式。",
"done": "目前仍不開 gate人工批准前 active runtime gate 必須維持 0。"
},
"githubPrimaryReadiness": {
"title": "累積 GitHub primary readiness",
"body": "整理 GitHub 目標、分支 / 標籤真相、workflow / secret 名稱與 rollback 依據。",
"done": "只做就緒度證據;不得建立專案庫、同步 refs、改 workflow、切 primary 或停用 Gitea。"
}
}
},
"pillars": {
"exposure": {
"title": "暴露面態勢",
"state": "Waiting evidence",
"body": "Mainstream security management puts assets, exposure, vulnerabilities, and owner gates in one view. IwoooS shows coverage gaps without turning them into blockers."
},
"sourceControl": {
"title": "版本控制供應鏈",
"state": "Draft gated",
"body": "GitHub is the long-term direction, but refs, workflows, secret names, and rollback ADRs still need 負責人回覆s."
},
"kali": {
"title": "Kali 112 Mesh",
"state": "Observe-only",
"body": "Kali 112 is in scope, and 111 / 168 are also observe-only. Active scan and /execute remain block candidates."
},
"governance": {
"title": "Approval Boundary",
"state": "Locked",
"body": "7 pending approvals, 1 block candidate, and 0 active 執行期閘門s. Execution requires a human decision record and a follow-up 執行期閘門."
}
},
"lanes": {
"title": "Non-blocking Lanes",
"subtitle": "The initial phase stays observe / warn so security does not slow product and deployment flow.",
"lowMedium": {
"title": "LOW / MEDIUM observation",
"body": "Label risk, create follow-up, add evidence_ref, do not block deploy."
},
"ownerMissing": {
"title": "負責人回覆缺漏",
"body": "Show gaps and the next collection candidate; do not treat silence as rejection."
},
"mirrorIncomplete": {
"title": "Mirror data incomplete",
"body": "Show partial / quarantine reason and wait for a new redacted snapshot."
},
"sourceDrift": {
"title": "Source-control drift draft",
"body": "Keep the draft reconcile plan; do not sync refs or force push."
},
"kaliObserve": {
"title": "Kali observe finding",
"body": "Show only redacted finding summary; do not start active scan."
},
"workflowGap": {
"title": "工作流程 / 機密 name gap",
"body": "Request redacted export; do not collect 機密明文值s or enable runners."
},
"progressHolding": {
"title": "Progress display holding",
"body": "61% means high-level gates are pending; it is neither stuck nor runtime approval."
}
},
"existingSurfaces": {
"title": "Existing Security Surfaces",
"subtitle": "Collects the frontend routes that already carry security, compliance, alert, authorization, governance, audit, and code review signals into one read-only index.",
"sourceLabel": "Original source",
"mode": "read-only link / no execution button",
"items": {
"securityCompliance": {
"title": "Security Compliance Hub",
"body": "The existing integrated page for SecurityPanel and CompliancePanel, covering errors, incidents, repair, and compliance stats.",
"source": "SecurityPanel / CompliancePanel; errors, incident summary, auto-repair stats"
},
"legacySecurity": {
"title": "Legacy Security Monitor",
"body": "Keeps the earlier standalone security route visible so existing error stats and Sentry issue entrypoints do not disappear behind IwoooS.",
"source": "apps/web/src/app/[locale]/security/page.tsx; errors stats / issues"
},
"legacyCompliance": {
"title": "Legacy Compliance Page",
"body": "Keeps the earlier standalone compliance route visible for incident, playbook, and auto-repair effectiveness data.",
"source": "apps/web/src/app/[locale]/compliance/page.tsx; incident summary / auto-repair stats"
},
"alerts": {
"title": "Alert Management",
"body": "The active incident surface sorted from P0 to P3, feeding near-real-time security posture signals.",
"source": "useIncidents; incidents / pending approvals"
},
"errors": {
"title": "Errors and UX Audit",
"body": "The existing error tracking and UX audit entrypoint for issues, trends, session replay, and user friction.",
"source": "ErrorsPanel; error stats / trends / ux-audit"
},
"authorizations": {
"title": "Authorization Center",
"body": "The existing HITL and multi-sig entrypoint, preserving the human control boundary before future security 執行期閘門s.",
"source": "LiveApprovalPanel; pending approvals / SSE"
},
"governance": {
"title": "AI Governance Hub",
"body": "The existing governance events, SLO, remediation queue, and dry-run history surface for automation evidence.",
"source": "governance tabs; AI SLO / governance events / queue"
},
"alertOperationLogs": {
"title": "Alert Operation Logs",
"body": "The full alert operation log surface for guardrails, preflight, approval escalation, and handling results.",
"source": "alert-operation-logs; events / stats"
},
"awooopApprovals": {
"title": "AwoooP Approval Queue",
"body": "The existing AwoooP approvals page showing read-only dry-run, write observed, blocked, and human gate status.",
"source": "AwoooP approvals; platform approvals"
},
"codeReview": {
"title": "AI Code Review 控制面",
"body": "The existing Code Review page showing Hermes, OpenClaw, Elephant Alpha, NemoTron, and the non-blocking review pipeline.",
"source": "code-review page; review pipeline / agent assignment"
}
}
},
"surfaceConnections": {
"title": "Security Page Connection Status",
"subtitle": "Shows how the 10 existing entrypoints connect back to IwoooS: direct bridge, embedded panel bridge, or AwoooP read-only candidate. This is visible coverage only, not authorization or blocking.",
"states": {
"embeddedBridge": "Embedded bridge visible",
"directBridge": "Direct bridge visible",
"awooopCandidate": "AwoooP read-only candidate"
},
"items": {
"securityCompliance": {
"title": "Security Compliance Hub",
"body": "Shows IwoooS inclusion through the embedded SecurityPanel and CompliancePanel bridges.",
"boundary": "Displays integration status only; no repair, approval, deploy, or blocking control is added."
},
"legacySecurity": {
"title": "Legacy Security Monitor",
"body": "The standalone security page now shows the IwoooS read-only bridge and 61% / gate 0 boundary.",
"boundary": "Keeps error and security signals visible without turning the page into a scan entrypoint."
},
"legacyCompliance": {
"title": "Legacy Compliance Page",
"body": "The standalone compliance page now shows the IwoooS read-only bridge and runtime false boundary.",
"boundary": "Displays compliance state only; no 負責人回覆, approval, or 執行期閘門 is created."
},
"alerts": {
"title": "Alert Management",
"body": "The active incident page now shows the IwoooS read-only bridge so alert signals return to the mesh.",
"boundary": "Displays alert inclusion only; no alert blocker, scan, or repair is added."
},
"errors": {
"title": "Errors and UX Audit",
"body": "ErrorsPanel now shows the IwoooS read-only bridge so errors and UX audit stay observable.",
"boundary": "Keeps issue tracking and user friction visible without adding execution controls."
},
"authorizations": {
"title": "Authorization Center",
"body": "The authorization page now shows the IwoooS read-only bridge while preserving HITL / multi-sig control.",
"boundary": "The bridge is not an approval record and cannot mark 負責人回覆 accepted."
},
"governance": {
"title": "AI Governance Hub",
"body": "The governance page now shows the IwoooS read-only bridge so SLOs, events, and queues remain evidence surfaces.",
"boundary": "Displays governance evidence only; visibility is not runtime authorization."
},
"alertOperationLogs": {
"title": "Alert Operation Logs",
"body": "The operation log page now shows the dark IwoooS read-only bridge and keeps the audit chain visible.",
"boundary": "Displays event flow only; no preflight bypass, repair, or deploy is added."
},
"awooopApprovals": {
"title": "AwoooP Approval Queue",
"body": "AwoooP approvals connect back to IwoooS through the owner-response read-only candidate.",
"boundary": "AwoooP human gate state is not security approval and cannot open 執行期閘門s."
},
"codeReview": {
"title": "AI Code Review 控制面",
"body": "The Code Review page now shows the dark IwoooS read-only bridge and preserves its non-blocking review posture.",
"boundary": "Code Review is not deploy approval and does not add Gitea/GitHub actions."
}
}
},
"coverage": {
"title": "Coverage and Boundary Matrix",
"subtitle": "Groups the 10 existing security surfaces into four responsibility planes so IwoooS can show where to read signals, human control, governance audit, and engineering review.",
"groups": {
"signals": {
"title": "Signals and Exposure",
"body": "Collects security, compliance, alert, error, and UX audit signals; observations stay visible without becoming blockers."
},
"humanControl": {
"title": "Human Control Boundary",
"body": "Keeps HITL, multi-sig, and AwoooP approvals visible; 執行期閘門s still require human decisions."
},
"governanceAudit": {
"title": "Governance and Audit",
"body": "Governance events, SLOs, remediation queues, and operation logs are evidence surfaces, not execution authorization."
},
"engineeringReview": {
"title": "Engineering Review",
"body": "Code Review remains a non-blocking review pipeline for risk grading and coding follow-up, not deploy approval."
}
},
"conflicts": {
"title": "Overlap and Conflict Controls",
"subtitle": "The same security signal can appear on multiple pages. IwoooS only organizes entrypoints and does not change ownership or authority.",
"preserveOwnership": {
"title": "Preserve Route Ownership",
"body": "Each route remains owned by its original page and API contract; IwoooS does not move write authority."
},
"noRuntimeLift": {
"title": "No Runtime Lift",
"body": "The coverage matrix can show coverage and gaps, but cannot create scan, execute, repair, or blocking gates."
},
"codeReviewNotDeployGate": {
"title": "Code Review Is Not Deploy Approval",
"body": "AI Code Review can grade risk and propose coding follow-up, but cannot become deploy approval by itself."
},
"awooopNotSecurityApproval": {
"title": "AwoooP Approval Is Not Security Approval",
"body": "The AwoooP approval queue can show human gate state, but security gates still require decision records and follow-up 執行期閘門s."
},
"kaliNotCalled": {
"title": "Frontend Index Does Not Call Kali",
"body": "Kali 112 remains observe-only; active scan or /execute must go through human approval and follow-up gates."
}
}
},
"journey": {
"title": "Security Handling Journey",
"subtitle": "Pins the visible security mesh flow into a read-only status map: read posture, inspect existing surfaces, then move through owner evidence, human decisions, and follow-up gates.",
"outputLabel": "Output",
"steps": {
"readPosture": {
"title": "Read Current Posture",
"body": "Start from the 61% headline, framework / runtime landing, active gates, and next high-level gate.",
"output": "read-only posture, not authorization"
},
"openSurface": {
"title": "Open Existing Surfaces",
"body": "Enter the original page by security, alert, authorization, governance, audit, or code review responsibility.",
"output": "preserve original owner and data boundary"
},
"triageLane": {
"title": "Triage Non-blocking Lanes",
"body": "LOW / MEDIUM, missing 負責人回覆, partial mirror, and Kali observe findings stay observe / warn first.",
"output": "follow-up, not blocking"
},
"collectEvidence": {
"title": "Collect Owner Evidence",
"body": "The next recommended collection item remains S4.9 Gitea owner attestation response, accepting redacted evidence only.",
"output": "update 已收到 / 已接受 state, no execution"
},
"humanDecision": {
"title": "Wait for Human Decision",
"body": "Security gates need decision records; AwoooP approval, Code Review, or progress numbers cannot replace that.",
"output": "human decision, not runtime"
},
"runtimeGate": {
"title": "Follow-up Runtime Gate",
"body": "Only after human approval can work move into follow-up 執行期閘門 templates; active 執行期閘門s remain 0.",
"output": "separate gate after approval"
}
}
},
"evidenceReadiness": {
"title": "Owner Evidence Readiness",
"subtitle": "Shows the evidence that can actually move headline progress. Every item is waiting for collection or human decision and does not trigger execution from the frontend.",
"unlockLabel": "Unlock condition",
"items": {
"giteaOwnerAttestation": {
"title": "Gitea owner attestation",
"body": "The recommended first collection item is S4.9, covering Gitea inventory coverage and owner disposition.",
"unlock": "redacted 負責人回覆 received and accepted"
},
"githubTargetOwner": {
"title": "GitHub target owner",
"body": "Confirms GitHub targets, visibility, canonical owner, and whether repos can enter primary readiness.",
"unlock": "S4.10 負責人回覆 accepted"
},
"refsTruthOwner": {
"title": "Refs truth owner",
"body": "Confirms truth for main/dev, deprecated drift, release tags, and GitHub-only refs.",
"unlock": "S4.11 refs truth response accepted"
},
"workflowSecretOwner": {
"title": "工作流程 / 機密 name owner",
"body": "Confirms workflow, webhook, runner, deploy key, branch protection, and secret name parity.",
"unlock": "S4.12 工作流程 / 機密 response accepted"
},
"redactedFindingIngestion": {
"title": "Redacted finding ingestion",
"body": "Kali findings and security findings must enter mirror as redacted payloads before any runtime path.",
"unlock": "human-approved redacted finding ingestion"
},
"kaliScanScope": {
"title": "Kali scan scope",
"body": "Kali 112, 111, and 168 remain observe-only; active scan and /execute require separate approval.",
"unlock": "scan scope approval plus follow-up gate"
},
"followupRuntimeGate": {
"title": "Follow-up 執行期閘門",
"body": "Real execution waits for a human decision record and a separate follow-up 執行期閘門.",
"unlock": "decision record accepted; active gates remain 0"
}
}
},
"hostCoverage": {
"title": "Host Coverage View",
"subtitle": "Places Kali and the two development hosts inside the visible IwoooS security scope. This only shows coverage and gate state; it does not create SSH, scan, update, or blocking controls.",
"stateLabel": "Current state",
"items": {
"kali112": {
"title": "Kali security host",
"body": "192.168.0.112 is the Kali node for the security mesh and is visible in posture and evidence refs as observe-only integration.",
"state": "in scope; active scan, /execute, and host updates still require separate approval"
},
"dev168": {
"title": "Development host 168",
"body": "192.168.0.168 is included in IwoooS observe-only development host coverage for future scope approval and finding correlation.",
"state": "scope declared; credentialed scan and runtime control are not approved"
},
"dev111": {
"title": "Development host 111",
"body": "192.168.0.111 is included in IwoooS observe-only development host coverage and stays paired with 168 for phased tightening.",
"state": "scope declared; credentialed scan and runtime control are not approved"
}
}
},
"hostActionGates": {
"title": "Host Action Gate Matrix",
"subtitle": "Breaks host-related high-risk actions into read-only gates. This only explains what is locked and what human decision is required; it does not provide execution entry points.",
"gateLabel": "Required gate",
"items": {
"activeScan": {
"title": "Active scan",
"body": "Active scans for Kali 112 and development hosts 168 / 111 are not approved and cannot be triggered from IwoooS.",
"gate": "requires S1.6 scan scope approval plus a follow-up 執行期閘門"
},
"credentialedScan": {
"title": "Credentialed scan",
"body": "Any credentialed scan requires scope, credential handling, and redacted evidence rules before it can proceed.",
"gate": "requires S1.6 scope approval; credentialed scan remains false"
},
"kaliExecute": {
"title": "Kali /execute",
"body": "The Kali execution endpoint remains a block candidate and is not opened just because hosts are visible.",
"gate": "requires a human decision record and S3.4 follow-up 執行期閘門"
},
"sshChange": {
"title": "SSH / host change",
"body": "Logging into hosts, changing settings, tuning services, restarting services, or changing SSH settings is outside the frontend authority.",
"gate": "requires explicit human approval, a change plan, and rollback evidence"
},
"kaliUpdate": {
"title": "Kali host update",
"body": "Kali updates and host tuning affect scan results and toolchain stability, so they must be approved separately from posture display.",
"gate": "requires maintenance window, update list, validation metrics, and rollback plan"
},
"runtimeBlocking": {
"title": "Runtime blocking control",
"body": "Turning findings into product blocking or runtime enforcement still waits for owner evidence and a human decision.",
"gate": "requires an accepted decision record; active 執行期閘門s remain 0"
}
}
},
"hostEvidenceReadiness": {
"title": "Host Evidence Readiness",
"subtitle": "Lists the evidence required before host scans, updates, SSH changes, or runtime blocking can proceed. These items are waiting for collection and do not mean approval.",
"evidenceLabel": "Required evidence",
"items": {
"scopeBoundary": {
"title": "範圍 boundary",
"body": "Confirms allowed targets, exclusions, scan depth, and rate limits for 112, 168, and 111.",
"evidence": "requires redacted scan scope approval; received=0, accepted=0"
},
"ownerDecision": {
"title": "Owner decision record",
"body": "Every host action needs human control; IwoooS visibility or AwoooP queue status cannot replace a decision.",
"evidence": "requires accepted decision record; active 執行期閘門s=0"
},
"credentialHandling": {
"title": "Credential handling",
"body": "Credentialed scans require defined credential source, storage boundary, redaction, and rejection rules.",
"evidence": "credential material collection is forbidden; credentialed scan=false"
},
"maintenanceWindow": {
"title": "Maintenance window",
"body": "Kali updates, host tuning, or SSH changes need a maintenance window to avoid disrupting development and product flow.",
"evidence": "requires window, impact scope, notification, and recovery criteria"
},
"rollbackPlan": {
"title": "Rollback plan",
"body": "Every host change needs a recovery path covering packages, settings, services, and toolchain versions.",
"evidence": "requires rollback owner, steps, and validation method"
},
"validationMetrics": {
"title": "Validation metrics",
"body": "Host actions need post-check metrics to confirm scanners, monitoring, services, and user flows did not regress.",
"evidence": "requires post-check metrics and failure lane"
},
"redactedIngestion": {
"title": "Redacted ingestion",
"body": "Host findings or scan results may only enter mirror as redacted summaries, not raw runtime input.",
"evidence": "requires redacted payload acceptance; payloads_ingested=false"
}
}
},
"hostEvidenceCollection": {
"title": "Host Evidence Collection Order",
"subtitle": "Orders the seven host evidence items into a recommended collection sequence. Each step only names the next reviewable item and does not change 已收到 / 已接受 from 0.",
"stepLabel": "Collection step",
"dependencyLabel": "Dependency",
"items": {
"scopeFirst": {
"title": "Define scope boundary first",
"body": "Confirm allowed targets, exclusions, depth, and rate limits first. No scope means no scan.",
"dependency": "none; this is the first host collection step"
},
"ownerSecond": {
"title": "Collect owner decision second",
"body": "Confirm who approves, the approved range, and the decision record; queue state cannot replace human control.",
"dependency": "requires readable scope boundary"
},
"credentialThird": {
"title": "Isolate credential handling",
"body": "If future scans need credentials, define credential source, storage boundary, redaction, and rejection first.",
"dependency": "requires owner decision; plaintext credential collection remains forbidden"
},
"maintenanceFourth": {
"title": "Schedule maintenance window",
"body": "Before updates, tuning, or SSH changes, confirm the window, impact scope, and notification.",
"dependency": "requires owner decision and change scope"
},
"rollbackFifth": {
"title": "Add rollback plan",
"body": "Every host action needs recovery for packages, settings, services, and toolchain versions.",
"dependency": "requires maintenance window and change list"
},
"validationSixth": {
"title": "Define validation metrics",
"body": "Define post-check metrics and failure handling lanes before execution is discussed.",
"dependency": "requires rollback plan"
},
"redactedSeventh": {
"title": "Collect redacted ingestion last",
"body": "Findings / scan results enter mirror only as redacted summaries, never as raw payload.",
"dependency": "requires validation metrics; payloads_ingested=false"
}
}
},
"hostEvidenceIntake": {
"title": "Host Evidence Intake Preflight",
"subtitle": "Before future host evidence enters human review, this read-only preflight checks whether it is safe to review. It does not accept raw payloads, plaintext credentials, or change 已收到 / 已接受.",
"checkLabel": "Preflight",
"rejectLabel": "Reject / quarantine condition",
"items": {
"metadataPointer": {
"title": "Metadata pointer only",
"body": "Host evidence only accepts redacted metadata pointers, source steps, and summaries, not full scan output.",
"reject": "reject when redacted metadata pointer is missing"
},
"dependencyOrder": {
"title": "Collection order match",
"body": "Submitted evidence must follow the S2.17 collection order and cannot skip scope or owner decision.",
"reject": "quarantine when prerequisite dependencies are skipped"
},
"scopeBeforeScan": {
"title": "範圍 before scan",
"body": "Any scan-related evidence must map to scope boundary before it can enter human review.",
"reject": "reject scan evidence without scope"
},
"ownerBeforeChange": {
"title": "Owner before host change",
"body": "SSH, updates, tuning, or blocking-control evidence requires an owner decision pointer.",
"reject": "reject host-change evidence without decision record"
},
"credentialPlaintext": {
"title": "Credential plaintext blocked",
"body": "Passwords, tokens, private keys, sessions, or plaintext credentials cannot enter IwoooS mirror.",
"reject": "reject and quarantine when plaintext credential material is detected"
},
"rawPayload": {
"title": "Raw payload blocked",
"body": "Full raw scan output, unredacted findings, host dumps, or log bundles do not enter projection.",
"reject": "raw payload is always rejected"
},
"counterFreeze": {
"title": "Frontend counters frozen",
"body": "The frontend can display preflight state only and cannot move 已收到 / 已接受 away from 0.",
"reject": "block frontend attempts to advance counters"
}
}
},
"hostEvidenceReviewOutcomes": {
"title": "Host Evidence Review Outcome Lanes",
"subtitle": "After preflight, evidence can only move into these read-only lanes. This shows possible human review outcomes and does not create approval records, 執行期閘門s, or host actions.",
"laneLabel": "Outcome lane",
"nextLabel": "Next step",
"items": {
"readyForHumanReview": {
"title": "Ready for human review",
"body": "Evidence becomes a human review candidate only when metadata pointer, dependency order, scope, and owner pointer are readable.",
"next": "display candidate only; received=0, accepted=0"
},
"needsScopeEvidence": {
"title": "Needs scope evidence",
"body": "Scan or finding evidence that cannot map to scope boundary returns to the scope lane.",
"next": "collect scope, no scan"
},
"needsOwnerDecision": {
"title": "Needs owner decision",
"body": "Host change, update, SSH, or blocking evidence without decision pointer returns to owner decision lane.",
"next": "collect decision record, no host action"
},
"quarantineDependencySkip": {
"title": "Quarantine dependency skip",
"body": "Evidence that skips the S2.17 order or has incomplete prerequisites is quarantined for human interpretation.",
"next": "show quarantine reason, do not advance counters"
},
"rejectRawPayload": {
"title": "Reject raw payload",
"body": "Full scan output, unredacted findings, host dumps, or log bundles do not enter IwoooS.",
"next": "request redacted summary instead"
},
"rejectCredentialPlaintext": {
"title": "Reject credential plaintext",
"body": "Passwords, tokens, private keys, sessions, or plaintext credentials are rejected and quarantined.",
"next": "do not store, forward, or display plaintext"
},
"waitingRuntimeGate": {
"title": "Waiting 執行期閘門",
"body": "Even after human review allows action, the work waits for a later 執行期閘門 and is not executed by this lane.",
"next": "active 執行期閘門s remain 0"
}
}
},
"nextGate": {
"title": "Next High-level Gate",
"body": "S4.9 Gitea owner attestation response is the recommended next owner evidence. Headline progress should only increase after 負責人回覆s, redacted payload ingestion, active 執行期閘門s, or GitHub primary readiness actually change."
},
"evidence": {
"title": "Current Evidence"
},
"blocked": {
"title": "Blocked Actions",
"body": "This page does not provide scan, execute, repo, refs, workflow, secret, runner, primary switch, or deploy 操作按鈕s."
},
"hostEvidenceReviewHandoff": {
"title": "Host Evidence Review Handoff Packets",
"subtitle": "Human reviewers can interpret evidence only through these redacted handoff packets. This shows required review material and does not mark 已收到 / 已接受, create approval records, or open 執行期閘門s.",
"packetLabel": "Handoff packet",
"requiredLabel": "Required material",
"items": {
"scopeSummaryPacket": {
"title": "範圍 summary packet",
"body": "Describes host, service, network, scan boundary, and exclusions with indicators and summaries only, without storing raw scan output.",
"required": "redacted scope pointer; no raw payload"
},
"ownerDecisionPacket": {
"title": "Owner decision packet",
"body": "Shows who approved review, scope, constraints, and expiry so the reviewer cannot expand authority.",
"required": "owner decision record pointer; not host-action approval"
},
"credentialHandlingPacket": {
"title": "Credential handling packet",
"body": "Shows credential handling and custody responsibility only, without exposing plaintext authentication material.",
"required": "metadata-only handling statement; 機密明文值=blocked"
},
"maintenanceRollbackPacket": {
"title": "Maintenance / rollback packet",
"body": "If later change is needed, it first shows maintenance window, blast radius, rollback owner, and recovery validation method.",
"required": "maintenance window + rollback pointer; no change execution"
},
"validationMetricsPacket": {
"title": "Validation metrics packet",
"body": "Defines which metrics, logs, baselines, or follow-up evidence the reviewer should inspect after review.",
"required": "post-check metrics pointer; 執行期閘門 not opened"
},
"redactionAttestationPacket": {
"title": "Redaction attestation packet",
"body": "Confirms evidence removed raw logs, host dumps, credentials, private URL credentials, and unredacted screenshots.",
"required": "redaction attestation only; sensitive payload not stored"
},
"runtimeGatePacket": {
"title": "Runtime gate pointer packet",
"body": "Routes any possible later action back to a separate 執行期閘門 so review outcome lanes cannot execute work.",
"required": "follow-up gate pointer; active 執行期閘門s=0"
}
}
},
"hostEvidenceReviewerChecklist": {
"title": "Host Evidence Reviewer Checklist",
"subtitle": "After reading handoff packets, reviewers can only use this read-only checklist to decide whether the case can move to the next human decision. The checklist does not mark passed, 已收到 / 已接受, approval, or 執行期閘門s.",
"checkLabel": "Review check",
"verifyLabel": "Verify",
"items": {
"scopeBoundaryMatch": {
"title": "範圍 boundary match",
"body": "Confirm the handoff scope matches host coverage, network, service, and exclusions without expanding scan boundary.",
"verify": "compare redacted pointer only; no scan starts"
},
"ownerDecisionScopeExpiry": {
"title": "Owner decision scope / expiry",
"body": "Confirm the owner decision record has reviewer, scope, constraints, expiry, and is still valid.",
"verify": "read decision pointer only; no approval record created"
},
"credentialHandlingMetadataOnly": {
"title": "Credential handling metadata only",
"body": "Confirm the reviewer sees only handling method and accountable owner, without plaintext authentication material.",
"verify": "機密明文值 collection=false"
},
"redactionAttestationPass": {
"title": "Redaction attestation pass",
"body": "Confirm raw logs, host dumps, unredacted screenshots, private URL credentials, and sensitive payloads are excluded.",
"verify": "raw payload allowed=false"
},
"maintenanceRollbackComplete": {
"title": "Maintenance / rollback complete",
"body": "If evidence implies later change, confirm maintenance window, rollback owner, and recovery validation metrics exist.",
"verify": "display future-change conditions only; no change execution"
},
"validationMetricsLinked": {
"title": "Validation metrics linked",
"body": "Confirm post-check metrics, baseline, logs, or follow-up evidence link to readable redacted pointers.",
"verify": "display validation pointer only; 執行期閘門 stays closed"
},
"runtimeGateSeparated": {
"title": "Runtime gate separated",
"body": "Confirm any reviewer checklist result cannot directly become runtime action and must return to a separate 執行期閘門.",
"verify": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostEvidenceReviewerOutcomes": {
"title": "Host Evidence Reviewer Outcome Lanes",
"subtitle": "After reviewer checklist, cases can only enter these read-only outcome lanes. This shows next interpretation and does not mark passed, accepted, approval, or 執行期閘門s.",
"laneLabel": "Reviewer outcome",
"nextLabel": "Next step",
"items": {
"readyForOwnerDecision": {
"title": "Ready for owner decision",
"body": "When scope, owner, redaction, rollback, validation, and runtime separation are readable, the case can only become an owner-decision candidate.",
"next": "display candidate; received=0, accepted=0"
},
"scopeMismatch": {
"title": "範圍 mismatch",
"body": "When handoff scope does not match host coverage, network, service, or exclusions, the case returns to the scope lane.",
"next": "collect scope pointer; no scan starts"
},
"ownerExpired": {
"title": "Owner decision expired",
"body": "When owner decision lacks scope, constraints, or is expired, the case returns to the owner decision lane.",
"next": "collect decision record; no approval created"
},
"credentialMetadataFailed": {
"title": "Credential metadata failed",
"body": "When credential handling is not metadata-only or accountability boundary is unreadable, the reviewer outcome is quarantined.",
"next": "request metadata-only statement; no sensitive material collected"
},
"redactionFailed": {
"title": "Redaction failed",
"body": "When redaction attestation cannot prove raw logs, host dumps, unredacted screenshots, or sensitive payloads are excluded, the case is rejected.",
"next": "request redaction again; raw payload not stored"
},
"rollbackMissing": {
"title": "Rollback missing",
"body": "When maintenance window, rollback owner, or recovery validation metrics are missing, the case cannot move to later decision.",
"next": "collect rollback pointer; no change execution"
},
"runtimeGateRequired": {
"title": "Runtime gate required",
"body": "Any possible later host action must route to a separate 執行期閘門 and cannot run from reviewer outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionCandidates": {
"title": "Host Owner Decision Candidate Packets",
"subtitle": "After reviewer outcome reaches the owner-decision candidate lane, IwoooS only displays the human decision packets. It does not create decision records, mark approval, or open 執行期閘門s.",
"packetLabel": "Candidate packet",
"decisionLabel": "Human decision scope",
"items": {
"scopeApprovalCandidate": {
"title": "範圍 approval candidate",
"body": "Confirm hosts, networks, services, exclusions, and observation purpose are readable for the owner.",
"decision": "display scope candidate only; owner decision received=0"
},
"scanModeCandidate": {
"title": "Scan mode candidate",
"body": "Separate observe-only, future active scan, and credentialed scan modes so the candidate packet is not mistaken for scan approval.",
"decision": "display mode options only; active scan=false"
},
"credentialHandlingCandidate": {
"title": "Credential handling candidate",
"body": "Describe metadata-only handling, accountable owner, and retention boundary without requesting or storing sensitive material.",
"decision": "display handling principle only; collection=false"
},
"maintenanceWindowCandidate": {
"title": "Maintenance window candidate",
"body": "If later host update or tuning is involved, display candidate maintenance window and constraints first.",
"decision": "display time window only; host update=false"
},
"rollbackOwnerCandidate": {
"title": "Rollback owner candidate",
"body": "Display future rollback owner, recovery route, and human contact point so accountability is clear before any change.",
"decision": "display owner pointer only; change=false"
},
"validationMetricsCandidate": {
"title": "Validation metrics candidate",
"body": "List future post-check metrics, baselines, and review evidence pointers as material for later human gate evaluation.",
"decision": "display validation items only; 執行期閘門=false"
},
"runtimeGateCandidate": {
"title": "Runtime gate candidate",
"body": "Any later host action still requires a separate 執行期閘門 and cannot execute from an owner-decision candidate.",
"decision": "display gate candidate only; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionReviewChecklist": {
"title": "Host Owner Decision Review Checklist",
"subtitle": "After owner decision candidate packets, every item still requires human review. This only displays review checks and does not create decision records, mark approval, or open 執行期閘門s.",
"checkLabel": "Owner review",
"guardLabel": "Safety boundary",
"items": {
"scopeBoundaryReadable": {
"title": "範圍 boundary readable",
"body": "Confirm the owner can read hosts, networks, services, exclusions, and observation purpose without exceeding the original scope.",
"guard": "scope review only; owner decision received=0"
},
"scanModeNotAuthorization": {
"title": "Scan mode not authorization",
"body": "Confirm observe-only, future active scan, and credentialed scan are mode descriptions only, not scan authorization.",
"guard": "scan authorized=false"
},
"credentialBoundaryMetadataOnly": {
"title": "Credential boundary metadata only",
"body": "Confirm credential handling keeps only metadata, owner, and retention boundary without requesting sensitive material.",
"guard": "secret collection=false"
},
"maintenanceWindowNotChange": {
"title": "Maintenance window not change",
"body": "Confirm the maintenance window is only a future candidate condition and does not allow Kali updates or host tuning.",
"guard": "host update=false"
},
"rollbackOwnerReadable": {
"title": "Rollback owner readable",
"body": "Confirm rollback owner, recovery route, and human contact point are readable, but no change is approved.",
"guard": "approval record=false"
},
"validationMetricsPredefined": {
"title": "Validation metrics predefined",
"body": "Confirm post-check metrics, baseline, and evidence pointers are defined first for later gate review.",
"guard": "執行期閘門 opened=false"
},
"runtimeGateStillSeparate": {
"title": "Runtime gate still separate",
"body": "Confirm owner decision checklist cannot execute any later host action and still needs a separate 執行期閘門.",
"guard": "操作按鈕s=false"
}
}
},
"hostOwnerDecisionReviewOutcomes": {
"title": "Host Owner Decision Review Outcome Lanes",
"subtitle": "After owner review checklist, cases can only enter these read-only outcome lanes. This shows next interpretation and does not create decision records, mark approval, or open 執行期閘門s.",
"laneLabel": "Review outcome",
"nextLabel": "Next step",
"items": {
"readyForDecisionRecord": {
"title": "Ready for decision record",
"body": "When scope, scan mode, credential boundary, maintenance, rollback, validation, and runtime separation are readable, the case can only become a formal decision record candidate.",
"next": "display decision record candidate; received=0, accepted=0"
},
"scopeNeedsRefresh": {
"title": "範圍 needs refresh",
"body": "When scope boundary is unreadable, expired, or outside host coverage, the case returns to the scope lane.",
"next": "collect scope pointer; no scan starts"
},
"scanModeNeedsScope": {
"title": "Scan mode needs scope",
"body": "When scan mode is not aligned with scope or is being mistaken for authorization, it must return to scope and mode explanation.",
"next": "collect scan mode statement; scan authorized=false"
},
"credentialBoundaryFailed": {
"title": "Credential boundary failed",
"body": "When credential handling cannot stay metadata-only or accountability boundary is unreadable, the decision outcome is quarantined.",
"next": "collect metadata-only boundary; secret collection=false"
},
"maintenanceWindowMissing": {
"title": "Maintenance window missing",
"body": "When later update or tuning is possible but maintenance window and constraints are missing, the case cannot move to decision record.",
"next": "collect window pointer; host update=false"
},
"rollbackOwnerMissing": {
"title": "Rollback owner missing",
"body": "When rollback owner or recovery path is unreadable, the case cannot enter later approval semantics.",
"next": "collect rollback owner; approval record=false"
},
"runtimeGateRequired": {
"title": "Runtime gate required",
"body": "Any later host action must route to a separate 執行期閘門 and cannot execute from owner review outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordDrafts": {
"title": "Host Owner Decision Record Draft Packets",
"subtitle": "When owner review outcome enters the ready lane, IwoooS can still only display decision record draft fields. It does not create records, mark acceptance, or open 執行期閘門s.",
"packetLabel": "Draft packet",
"metadataLabel": "Required metadata",
"items": {
"scopeStatementDraft": {
"title": "範圍 statement draft",
"body": "The draft only organizes hosts, networks, services, exclusions, and observation intent so the owner decision does not stay ambiguous.",
"metadata": "host / network / service / exclusion; record created=false"
},
"scanModeDraft": {
"title": "Scan mode draft",
"body": "The draft only describes observe-only, future active scan, or credentialed scan candidate modes. It is not scan approval.",
"metadata": "mode candidate; active scan=false"
},
"credentialBoundaryDraft": {
"title": "Credential boundary draft",
"body": "The draft only keeps credential handling metadata, owner, and retention boundary. It does not collect sensitive material.",
"metadata": "metadata-only boundary; secret collection=false"
},
"maintenanceConstraintsDraft": {
"title": "Maintenance constraints draft",
"body": "The draft only records future maintenance window candidates, constraints, and impact boundaries. It is not host update approval.",
"metadata": "window / constraint; host update=false"
},
"rollbackOwnerDraft": {
"title": "Rollback owner draft",
"body": "The draft only organizes rollback owner, recovery path, and human contact so later gates have accountability.",
"metadata": "owner / recovery pointer; approval record=false"
},
"validationMetricsDraft": {
"title": "Validation metrics draft",
"body": "The draft only lists post-check metrics, baseline, and evidence pointer for later human interpretation.",
"metadata": "metrics / baseline; accepted=0"
},
"runtimeGateDraft": {
"title": "Runtime gate draft",
"body": "The draft only states that later approval must still open a separate follow-up 執行期閘門 and cannot execute from the draft.",
"metadata": "執行期閘門 pointer; active gates=0"
}
}
},
"hostOwnerDecisionRecordDraftReview": {
"title": "Host Owner Decision Record Draft Review Checklist",
"subtitle": "Decision record draft packets still require read-only review. This only shows whether drafts have the metadata needed for human decision and does not create formal decision records.",
"checkLabel": "Draft review",
"guardLabel": "No upgrade",
"items": {
"scopeStatementComplete": {
"title": "範圍 statement complete",
"body": "Confirm the scope draft includes host, network, service, exclusions, and observation intent so decision record scope is not ambiguous.",
"guard": "draft review only; record created=false"
},
"scanModeStillNotApproval": {
"title": "Scan mode still not approval",
"body": "Confirm scan mode remains a candidate description and is not read as active scan or credentialed scan authorization.",
"guard": "scan authorized=false"
},
"credentialBoundaryMetadataOnly": {
"title": "Credential boundary metadata only",
"body": "Confirm credential boundary stays metadata-only and does not request or store sensitive material.",
"guard": "secret collection=false"
},
"maintenanceConstraintsReadable": {
"title": "Maintenance constraints readable",
"body": "Confirm maintenance window, constraints, and impact boundary are readable without becoming host update approval.",
"guard": "host update=false"
},
"rollbackOwnerReadable": {
"title": "Rollback owner readable",
"body": "Confirm rollback owner, recovery path, and human contact are readable while no approval record is created.",
"guard": "approval record=false"
},
"validationMetricsLinked": {
"title": "Validation metrics linked",
"body": "Confirm post-check metrics, baseline, and evidence pointer are linked to the draft for later human review.",
"guard": "accepted=0"
},
"runtimeGateStillClosed": {
"title": "Runtime gate still closed",
"body": "Confirm decision record draft review does not open 執行期閘門s. Later execution still requires a separate gate.",
"guard": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordDraftReviewOutcomes": {
"title": "Host Owner Decision Record Draft Review Outcome Lanes",
"subtitle": "After draft review checklist, cases can only enter these read-only outcome lanes. This shows next steps and does not mark review passed, create decision records, or open 執行期閘門s.",
"laneLabel": "Review outcome",
"nextLabel": "Next step",
"items": {
"readyForDecisionRecordWriteup": {
"title": "Ready for decision record write-up",
"body": "When scope, scan mode, credential boundary, maintenance, rollback, validation, and runtime separation are readable, the case can only become a formal decision record write-up candidate.",
"next": "display write-up candidate; record created=false"
},
"scopeDraftIncomplete": {
"title": "範圍 draft incomplete",
"body": "When the scope draft lacks host, network, service, exclusion, or observation intent, it returns to scope draft completion.",
"next": "collect scope statement; no record creation"
},
"scanModeAmbiguous": {
"title": "Scan mode ambiguous",
"body": "When scan mode can still be mistaken for authorization, it returns to scan mode draft and scope explanation.",
"next": "refine scan mode wording; scan authorized=false"
},
"credentialBoundaryIncomplete": {
"title": "Credential boundary incomplete",
"body": "When credential boundary is unclear about metadata-only handling, owner, or retention, it returns to credential draft completion.",
"next": "collect metadata-only boundary; secret collection=false"
},
"maintenanceConstraintsIncomplete": {
"title": "Maintenance constraints incomplete",
"body": "When maintenance window, constraints, or impact boundary are unreadable, the case cannot enter formal decision record write-up.",
"next": "collect constraints; host update=false"
},
"rollbackOwnerIncomplete": {
"title": "Rollback owner incomplete",
"body": "When rollback owner, recovery path, or human contact is unreadable, the case cannot enter later approval semantics.",
"next": "collect rollback owner; approval record=false"
},
"runtimeGateStillRequired": {
"title": "Runtime gate still required",
"body": "Any later host action must still wait for a separate 執行期閘門 and cannot execute from draft review outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordWriteups": {
"title": "Host Owner Decision Record Write-Up Packets",
"subtitle": "When a draft review outcome is ready for write-up, IwoooS can still only display formal decision record write-up fields. It does not create records, mark completed / accepted, or open 執行期閘門s.",
"packetLabel": "Write-up packet",
"fieldLabel": "Required field",
"items": {
"decisionSummaryWriteup": {
"title": "Decision summary write-up",
"body": "Only organizes the human owner decision, risk acceptance boundary, and no-execution statement.",
"field": "decision summary; write-up completed=0"
},
"approvedScopeWriteup": {
"title": "Approved scope write-up",
"body": "Only organizes hosts, networks, services, exclusions, observation intent, and expiry.",
"field": "scope / expiry; record created=false"
},
"scanModeLimitsWriteup": {
"title": "Scan mode limits write-up",
"body": "Only organizes limits for observe-only, future active scan, or credentialed scan modes. This is not scan approval.",
"field": "mode limits; scan authorized=false"
},
"credentialBoundaryWriteup": {
"title": "Credential boundary write-up",
"body": "Only organizes credential handling metadata, owner, retention boundary, and forbidden collection content.",
"field": "metadata-only boundary; secret collection=false"
},
"maintenanceRollbackWriteup": {
"title": "Maintenance and rollback write-up",
"body": "Only organizes maintenance window candidates, constraints, rollback owner, recovery path, and human contact.",
"field": "window / rollback; host update=false"
},
"validationEvidenceWriteup": {
"title": "Validation evidence write-up",
"body": "Only organizes post-check metrics, baseline, evidence pointer, and human acceptance condition.",
"field": "metrics / evidence; accepted=0"
},
"runtimeGatePointerWriteup": {
"title": "Runtime gate pointer write-up",
"body": "Only states that future approval still needs a separate follow-up 執行期閘門 and cannot execute from write-up.",
"field": "執行期閘門 pointer; active gates=0"
}
}
},
"hostOwnerDecisionRecordWriteupReview": {
"title": "Host Owner Decision Record Write-Up Review Checklist",
"subtitle": "Write-up packets still require read-only review. This only shows whether formal decision record write-up fields are readable and does not mark write-up completed, create or accept decision records, or open 執行期閘門s.",
"checkLabel": "Write-up review",
"guardLabel": "No upgrade",
"items": {
"decisionSummaryReadable": {
"title": "Decision summary readable",
"body": "Confirm the write-up only organizes the human owner decision, risk acceptance boundary, and no-execution statement without adding approval semantics.",
"guard": "write-up review only; completed=0"
},
"scopeExpiryComplete": {
"title": "範圍 and expiry complete",
"body": "Confirm scope, exclusions, observation intent, and expiry are readable so the formal record scope is not ambiguous.",
"guard": "record created=false"
},
"scanModeLimitsExplicit": {
"title": "Scan mode limits explicit",
"body": "Confirm observe-only, future active scan, and credentialed scan limits are explicit while not becoming scan authorization.",
"guard": "scan authorized=false"
},
"credentialBoundaryMetadataOnly": {
"title": "Credential boundary metadata only",
"body": "Confirm credential handling still keeps only metadata, owner, and retention boundary without requesting or storing sensitive material.",
"guard": "secret collection=false"
},
"maintenanceRollbackLinked": {
"title": "Maintenance and rollback linked",
"body": "Confirm maintenance window candidates, constraints, rollback owner, recovery path, and human contact remain traceable.",
"guard": "host update=false"
},
"validationEvidenceLinked": {
"title": "Validation evidence linked",
"body": "Confirm post-check metrics, baseline, evidence pointer, and human acceptance condition are linked to the write-up.",
"guard": "accepted=0"
},
"runtimeGateStillSeparate": {
"title": "Runtime gate still separate",
"body": "Confirm the 執行期閘門 pointer still points to a separate follow-up gate and write-up review does not open gates.",
"guard": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordWriteupReviewOutcomes": {
"title": "Host Owner Decision Record Write-Up Review Outcome Lanes",
"subtitle": "After write-up review checklist, cases can only enter these read-only outcome lanes. This shows next steps and does not mark review passed, create or accept decision records, or open 執行期閘門s.",
"laneLabel": "Review outcome",
"nextLabel": "Next step",
"items": {
"readyForFormalRecordCandidate": {
"title": "Ready for formal record candidate",
"body": "When summary, scope, scan limits, credential boundary, maintenance, rollback, validation, and runtime separation are readable, the case can only show a formal record candidate.",
"next": "display formal record candidate; record created=false"
},
"decisionSummaryNeedsClarification": {
"title": "Decision summary needs clarification",
"body": "When the decision summary, risk acceptance boundary, or no-execution statement is unreadable, the case returns to write-up completion.",
"next": "collect decision summary; completed=0"
},
"scopeExpiryNeedsRefresh": {
"title": "範圍 and expiry needs refresh",
"body": "When scope, exclusions, observation intent, or expiry are incomplete, the case cannot enter formal record candidate.",
"next": "collect scope / expiry; record created=false"
},
"scanModeLimitsAmbiguous": {
"title": "Scan mode limits ambiguous",
"body": "When scan mode limits can still be mistaken for active scan or credentialed scan authorization, the wording must return to write-up.",
"next": "refine scan wording; scan authorized=false"
},
"credentialBoundaryFailed": {
"title": "Credential boundary failed",
"body": "When credential boundary is unclear about metadata-only handling, owner, retention, or forbidden collection content, it returns to credential write-up.",
"next": "collect metadata-only boundary; secret collection=false"
},
"maintenanceRollbackIncomplete": {
"title": "Maintenance and rollback incomplete",
"body": "When maintenance window, constraints, rollback owner, recovery path, or human contact is unreadable, the case cannot create approval semantics.",
"next": "collect maintenance / rollback; host update=false"
},
"runtimeGateStillRequired": {
"title": "Runtime gate still required",
"body": "Validation evidence or 執行期閘門 pointer still requires a separate follow-up gate and cannot execute from review outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordFormalCandidates": {
"title": "Host Owner Decision Record Formal Candidate Packets",
"subtitle": "Formal record candidate only organizes the fields that may later be written into a formal record. This does not create decision records, mark finalized or accepted, create approval records, or open 執行期閘門s.",
"packetLabel": "Candidate packet",
"fieldLabel": "Candidate field",
"items": {
"recordIdentityCandidate": {
"title": "Record identity candidate",
"body": "Organizes candidate record id, version, owner, review scope, and trace source so a future formal record has a readable identity.",
"field": "identity / version; record created=false"
},
"decisionSummaryCandidate": {
"title": "Decision summary candidate",
"body": "Organizes human owner decision summary, risk acceptance boundary, and no-execution statement without writing it as an accepted decision.",
"field": "decision summary; finalized=0"
},
"approvedScopeCandidate": {
"title": "Approved scope candidate",
"body": "Organizes host, network, service, exclusion, observation intent, and expiry so scope remains readable.",
"field": "scope / expiry; accepted=0"
},
"scanModeLimitsCandidate": {
"title": "Scan mode limits candidate",
"body": "Organizes observe-only, future active scan, and credentialed scan limits so they cannot be mistaken for scan authorization.",
"field": "scan limits; scan authorized=false"
},
"credentialBoundaryCandidate": {
"title": "Credential boundary candidate",
"body": "Organizes metadata-only credential owner, retention boundary, masking requirement, and forbidden collection content.",
"field": "metadata-only boundary; secret collection=false"
},
"maintenanceRollbackCandidate": {
"title": "Maintenance and rollback candidate",
"body": "Organizes maintenance window, constraints, rollback owner, recovery path, and human contact.",
"field": "window / rollback; host update=false"
},
"validationRuntimeGateCandidate": {
"title": "Validation and 執行期閘門 candidate",
"body": "Organizes validation evidence, post-check metrics, baseline pointer, and the statement that a separate follow-up 執行期閘門 is still required.",
"field": "validation / runtime pointer; active gates=0"
}
}
},
"hostOwnerDecisionRecordFormalCandidateReview": {
"title": "Host Owner Decision Record Formal Candidate Review Checklist",
"subtitle": "Formal candidate packets can still only enter read-only review before any later human record step. This does not mark review passed, create decision records, mark accepted, create approval records, or open 執行期閘門s.",
"checkLabel": "Candidate review",
"guardLabel": "Still locked",
"items": {
"identityTraceable": {
"title": "Record identity traceable",
"body": "Confirm candidate record id, version, owner, review scope, and trace source are readable while no formal record is created.",
"guard": "record created=false"
},
"decisionSummaryReadable": {
"title": "Decision summary readable",
"body": "Confirm decision summary, risk acceptance boundary, and no-execution statement are readable while still not meaning decision accepted.",
"guard": "accepted=0"
},
"scopeExpiryConsistent": {
"title": "範圍 and expiry consistent",
"body": "Confirm host, network, service, exclusion, observation intent, and expiry are consistent while remaining candidate fields only.",
"guard": "finalized=0"
},
"scanLimitsStillNotAuthorization": {
"title": "Scan limits still not authorization",
"body": "Confirm observe-only, future active scan, and credentialed scan limits cannot be mistaken for active scan or credentialed scan authorization.",
"guard": "scan authorized=false"
},
"credentialBoundaryStillMetadataOnly": {
"title": "Credential boundary still metadata-only",
"body": "Confirm credential boundary only keeps metadata, owner, retention, masking, and forbidden collection content.",
"guard": "secret collection=false"
},
"maintenanceRollbackTraceable": {
"title": "Maintenance and rollback traceable",
"body": "Confirm maintenance window, constraints, rollback owner, recovery path, and human contact remain traceable.",
"guard": "host update=false"
},
"runtimeGateStillClosed": {
"title": "Runtime gate still closed",
"body": "Confirm validation evidence and 執行期閘門 pointer still only point to a separate follow-up gate and candidate review does not open gates.",
"guard": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordFormalCandidateReviewOutcomes": {
"title": "Host Owner Decision Record Formal Candidate Review Outcome Lanes",
"subtitle": "Formal candidate review outcome only shows next-step lanes after candidate review. This does not mark review passed, mark finalized, create decision records, mark accepted, create approval records, or open 執行期閘門s.",
"laneLabel": "Outcome lane",
"nextLabel": "Next remains read-only",
"items": {
"readyForHumanRecordQueue": {
"title": "Ready for human record queue",
"body": "When candidate fields are readable, this can only show readiness for a human formal-record queue and does not create decision records.",
"next": "queue visible only; record created=false"
},
"identityNeedsTrace": {
"title": "Record identity needs trace",
"body": "When candidate record id, version, owner, review scope, or trace source is missing, the item returns to identity trace collection.",
"next": "collect identity trace; review passed=0"
},
"decisionSummaryNeedsClarification": {
"title": "Decision summary needs clarification",
"body": "When decision summary, risk acceptance boundary, or no-execution statement is unclear, the item remains a candidate.",
"next": "clarify decision summary; accepted=0"
},
"scopeExpiryNeedsRefresh": {
"title": "範圍 and expiry need refresh",
"body": "When host, network, service, exclusion, observation intent, or expiry is inconsistent, the item cannot enter a formal record.",
"next": "refresh scope / expiry; finalized=0"
},
"scanLimitsAmbiguous": {
"title": "Scan limits remain ambiguous",
"body": "When active scan or credentialed scan limits could be misread, the lane stays locked as not authorized.",
"next": "clarify scan limits; scan authorized=false"
},
"credentialBoundaryFailed": {
"title": "Credential boundary failed",
"body": "When credential metadata, retention, masking, or forbidden collection boundary is unclear, the lane remains quarantined.",
"next": "repair metadata-only boundary; secret collection=false"
},
"maintenanceRollbackIncomplete": {
"title": "Maintenance and rollback incomplete",
"body": "When maintenance window, constraints, rollback owner, recovery path, or human contact is not traceable, approval semantics cannot be created.",
"next": "collect maintenance / rollback; host update=false"
},
"runtimeGateStillRequired": {
"title": "Runtime gate still required",
"body": "Validation evidence or 執行期閘門 pointer still requires a separate follow-up gate and cannot open from the outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordFormalRecordQueue": {
"title": "Host Owner Decision Record Formal Record Queue Packets",
"subtitle": "Formal record queue packets only organize the data packets a future human formal-record queue would need to read. This does not enqueue, create decision records, mark accepted, create approval records, or open 執行期閘門s.",
"packetLabel": "Queue packet",
"fieldLabel": "Queue field",
"items": {
"queueIdentityPacket": {
"title": "Queue identity packet",
"body": "Organizes candidate record id, version, owner, review scope, and trace source so a human queue can trace identity.",
"field": "identity trace; queue enqueued=0"
},
"queueDecisionSummaryPacket": {
"title": "Queue decision summary packet",
"body": "Organizes decision summary, risk acceptance boundary, and no-execution statement without creating a formal decision record.",
"field": "decision summary; record created=false"
},
"queueScopeExpiryPacket": {
"title": "Queue scope and expiry packet",
"body": "Organizes host, network, service, exclusion, observation intent, and expiry while remaining readable queue information only.",
"field": "scope / expiry; finalized=0"
},
"queueScanLimitsPacket": {
"title": "Queue scan limits packet",
"body": "Organizes observe-only, future active scan, and credentialed scan limits so they cannot be mistaken for scan authorization.",
"field": "scan limits; scan authorized=false"
},
"queueCredentialBoundaryPacket": {
"title": "Queue credential boundary packet",
"body": "Organizes metadata-only credential owner, retention, masking, and forbidden collection boundary.",
"field": "metadata-only boundary; secret collection=false"
},
"queueMaintenanceRollbackPacket": {
"title": "Queue maintenance and rollback packet",
"body": "Organizes maintenance window, constraints, rollback owner, recovery path, and human contact.",
"field": "window / rollback; host update=false"
},
"queueValidationRuntimeGatePacket": {
"title": "Queue validation and 執行期閘門 packet",
"body": "Organizes validation evidence, post-check metrics, baseline pointer, and the separate 執行期閘門 requirement.",
"field": "validation / runtime pointer; active gates=0"
},
"queueNoExecutionAttestationPacket": {
"title": "Queue no-execution attestation packet",
"body": "Organizes the statement that nothing is executed, approved, or gate-opened so queue packets cannot be treated as authorization.",
"field": "not authorization; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordFormalRecordQueueReview": {
"title": "Host Owner Decision Record Formal Record Queue Review Checklist",
"subtitle": "The formal record queue review checklist only confirms whether queue packets are readable for a future human formal-record review. It does not mark review passed, enqueue, create decision records, create approval records, or open 執行期閘門s.",
"checkLabel": "Queue review",
"guardLabel": "Guardrail",
"items": {
"queueIdentityTraceable": {
"title": "Queue identity traceable",
"body": "Confirms queue identity can trace candidate record, version, owner, review scope, and source without treating traceability as formal enqueue.",
"guard": "trace only; queue enqueued=0"
},
"queueDecisionSummaryReadable": {
"title": "Queue decision summary readable",
"body": "Confirms the decision summary and no-execution statement are readable without creating a formal decision record.",
"guard": "summary only; record created=false"
},
"queueScopeExpiryFresh": {
"title": "Queue scope and expiry fresh",
"body": "Confirms host, network, service, exclusion, observation intent, and expiry are not stale or outside the original scope.",
"guard": "scope check only; finalized=0"
},
"queueScanLimitsNotAuthorization": {
"title": "Queue scan limits not authorization",
"body": "Confirms observe-only, future active scan, and credentialed scan limits remain constraints, not scan approval.",
"guard": "scan authorized=false"
},
"queueCredentialBoundaryMetadataOnly": {
"title": "Queue credential boundary metadata-only",
"body": "Confirms credential boundary keeps only metadata, owner, retention, and masking boundary without requesting sensitive material.",
"guard": "secret collection=false"
},
"queueMaintenanceRollbackLinked": {
"title": "Queue maintenance and rollback linked",
"body": "Confirms maintenance window, constraints, rollback owner, recovery path, and human contact have pointers without allowing host package changes or tuning.",
"guard": "host change=false"
},
"queueValidationGateSeparate": {
"title": "Queue validation gate separate",
"body": "Confirms validation evidence, post-check metrics, and baseline pointer still route to a separate 執行期閘門.",
"guard": "active gates=0"
},
"queueNoExecutionAttestationPresent": {
"title": "Queue no-execution attestation present",
"body": "Confirms the no-execution, no-approval, and no-runtime-gate statement remains present so the checklist cannot become an action entry.",
"guard": "操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordFormalRecordQueueReviewOutcomes": {
"title": "Host Owner Decision Record Formal Record Queue Review Outcome Lanes",
"subtitle": "Formal record queue review outcome lanes only show the next-step routing after checklist review. They do not mark review passed, enqueue, create decision records, accept owner decisions, create approval records, or open 執行期閘門s.",
"laneLabel": "Queue review outcome",
"nextLabel": "Next step",
"items": {
"readyForHumanRecordOwnerHandoff": {
"title": "Ready for human record owner handoff",
"body": "When all queue review conditions are readable, this can only display a future candidate handoff state for a human record owner.",
"next": "display handoff candidate; review passed=0, queue enqueued=0"
},
"identityNeedsTraceRefresh": {
"title": "Identity needs trace refresh",
"body": "When candidate record id, version, owner, review scope, or trace source is unclear, route back to the identity packet for evidence refresh.",
"next": "refresh identity trace; record created=false"
},
"decisionSummaryNeedsClarification": {
"title": "Decision summary needs clarification",
"body": "When the decision summary or no-execution statement is not readable, route back to the summary packet for clarification.",
"next": "clarify decision summary; accepted=0"
},
"scopeExpiryNeedsRefresh": {
"title": "範圍 and expiry need refresh",
"body": "When host, network, service, exclusion, observation intent, or expiry is stale or outside original scope, route back to the scope packet.",
"next": "refresh scope / expiry; finalized=0"
},
"scanLimitsRemainAmbiguous": {
"title": "Scan limits remain ambiguous",
"body": "If observe-only, future active scan, or credentialed scan limits can still be mistaken for authorization, route back to the scan limits packet.",
"next": "clarify scan limits; scan authorized=false"
},
"credentialBoundaryFailed": {
"title": "Credential boundary failed",
"body": "If the credential boundary cannot stay metadata-only or the responsibility boundary is unreadable, quarantine and request evidence refresh.",
"next": "refresh metadata-only boundary; secret collection=false"
},
"maintenanceRollbackIncomplete": {
"title": "Maintenance and rollback incomplete",
"body": "If maintenance window, constraints, rollback owner, recovery path, or human contact is missing, it cannot enter formal record semantics.",
"next": "refresh maintenance / rollback; host change=false"
},
"runtimeGateStillRequired": {
"title": "Runtime gate still required",
"body": "Validation evidence or 執行期閘門 pointer still requires a separate follow-up gate and cannot open from queue review outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordHumanHandoffReadiness": {
"title": "Host Owner Decision Record Human Record Owner Handoff Readiness Packets",
"subtitle": "Human record owner handoff readiness packets only display metadata to prepare before a future human record owner handoff. They do not start handoff, mark handoff ready, mark review passed, create decision records, accept owner decisions, or open 執行期閘門s.",
"packetLabel": "Handoff readiness packet",
"guardLabel": "Guardrail",
"items": {
"handoffIdentityTrace": {
"title": "Handoff identity and trace",
"body": "Shows whether candidate record id, version, source outcome lane, source queue review, and trace pointer are readable enough for a future human record owner to identify.",
"guard": "handoff started=0; ready=0"
},
"handoffOwnerBoundary": {
"title": "Human record owner boundary",
"body": "Shows future record owner, backup owner, contact point, and responsibility boundary without sending notifications, collecting decisions, or creating approval records.",
"guard": "owner decision received=0"
},
"handoffDecisionSummary": {
"title": "Decision summary packet",
"body": "Shows whether decision summary, no-execution statement, and candidate conclusion are readable so the handoff cannot be mistaken for approval.",
"guard": "decision record created=false"
},
"handoffScopeExpiry": {
"title": "範圍 and expiry packet",
"body": "Shows the handoff summary for host, network, service, exclusion, observation intent, and expiry; stale or out-of-scope data can only route back to scope refresh.",
"guard": "review passed=0"
},
"handoffScanLimits": {
"title": "Scan limits packet",
"body": "Shows the wording for observe-only, future active scan, and credentialed scan limits so the human record owner can see this is not scan authorization.",
"guard": "scan authorized=false"
},
"handoffCredentialBoundary": {
"title": "Credential boundary packet",
"body": "Shows credential boundary metadata, retention, and masking responsibility without collecting plaintext, token values, or raw 機密設定.",
"guard": "secret collection=false"
},
"handoffMaintenanceRollback": {
"title": "Maintenance and rollback packet",
"body": "Shows maintenance window, constraints, rollback owner, recovery path, and human contact while still disallowing SSH, package updates, or host tuning.",
"guard": "host change=false"
},
"handoffRuntimeGate": {
"title": "Runtime gate separation packet",
"body": "Shows validation evidence and follow-up 執行期閘門 pointer as a separate gate that cannot open from handoff readiness.",
"guard": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordHumanHandoffReadinessReview": {
"title": "Host Owner Decision Record Human Handoff Readiness Review Checklist",
"subtitle": "Human handoff readiness review checklist only displays read-only checks before handoff readiness packets can be reviewed by a future human record owner. It does not mark review passed, start handoff, mark handoff ready, create decision records, accept owner decisions, or open 執行期閘門s.",
"checkLabel": "Handoff readiness check",
"guardLabel": "Guardrail",
"items": {
"identityTraceReadable": {
"title": "Identity trace readable",
"body": "Confirms candidate record id, version, source outcome lane, source queue review, and trace pointer are readable; gaps can only route back to identity trace refresh.",
"guard": "handoff started=0; ready=0"
},
"ownerBoundaryReadable": {
"title": "Owner boundary readable",
"body": "Confirms future record owner, backup owner, contact point, and responsibility boundary are readable without sending notifications or collecting owner decisions.",
"guard": "owner decision received=0"
},
"decisionSummaryReadable": {
"title": "Decision summary readable",
"body": "Confirms decision summary, candidate conclusion, and no-execution statement are readable so handoff readiness cannot be mistaken for approval.",
"guard": "decision record created=false"
},
"scopeExpiryCurrent": {
"title": "範圍 and expiry current",
"body": "Confirms host, network, service, exclusion, observation intent, and expiry are current and in scope; stale scope can only route back to scope refresh.",
"guard": "review passed=0"
},
"scanLimitsNotAuthorization": {
"title": "Scan limits not authorization",
"body": "Confirms observe-only, future active scan, and credentialed scan limits remain constraint wording, not scan approval.",
"guard": "scan authorized=false"
},
"credentialBoundaryMetadataOnly": {
"title": "Credential boundary metadata-only",
"body": "Confirms credential boundary only contains metadata, retention, and masking responsibility without plaintext, token values, or raw 機密設定.",
"guard": "secret collection=false"
},
"maintenanceRollbackTraceable": {
"title": "Maintenance and rollback traceable",
"body": "Confirms maintenance window, constraints, rollback owner, recovery path, and human contact are traceable while still disallowing SSH, package updates, or host tuning.",
"guard": "host change=false"
},
"runtimeGateSeparate": {
"title": "Runtime gate separate",
"body": "Confirms validation evidence and follow-up 執行期閘門 remain independent and cannot open from readiness review.",
"guard": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordHumanHandoffReadinessReviewOutcomes": {
"title": "Host Owner Decision Record Human Handoff Readiness Review Outcome Lanes",
"subtitle": "Human handoff readiness review outcome lanes only show next-step routing after checklist review. They do not mark review passed, start handoff, mark handoff ready, create decision records, accept owner decisions, create approval records, or open 執行期閘門s.",
"laneLabel": "Handoff review outcome",
"nextLabel": "Next step",
"items": {
"readyForHumanRecordOwnerReviewCandidate": {
"title": "Ready for human record owner review candidate",
"body": "When all readiness review conditions are readable, this can only display a future candidate state for human record owner review.",
"next": "display review candidate; review passed=0, handoff started=0"
},
"identityTraceNeedsRefresh": {
"title": "Identity trace needs refresh",
"body": "When candidate record id, version, source outcome lane, source queue review, or trace pointer is unclear, route back to the identity packet.",
"next": "refresh identity trace; handoff ready=0"
},
"ownerBoundaryNeedsClarification": {
"title": "Owner boundary needs clarification",
"body": "When record owner, backup owner, contact point, or responsibility boundary is unreadable, route back to the owner boundary packet.",
"next": "clarify owner boundary; decision received=0"
},
"decisionSummaryNeedsClarification": {
"title": "Decision summary needs clarification",
"body": "When decision summary, candidate conclusion, or no-execution statement is unreadable, route back to the decision summary packet.",
"next": "clarify decision summary; record created=false"
},
"scopeExpiryNeedsRefresh": {
"title": "範圍 and expiry need refresh",
"body": "When host, network, service, exclusion, observation intent, or expiry is stale or out of scope, route back to the scope packet.",
"next": "refresh scope / expiry; review passed=0"
},
"scanLimitsRemainAmbiguous": {
"title": "Scan limits remain ambiguous",
"body": "If observe-only, future active scan, or credentialed scan limits can still be mistaken for authorization, route back to the scan limits packet.",
"next": "clarify scan limits; scan authorized=false"
},
"credentialBoundaryFailed": {
"title": "Credential boundary failed",
"body": "If credential boundary is not metadata-only or plaintext, token value, and raw secret boundaries are unclear, quarantine and request evidence refresh.",
"next": "refresh credential boundary; secret collection=false"
},
"maintenanceRollbackIncomplete": {
"title": "Maintenance and rollback incomplete",
"body": "If maintenance window, constraints, rollback owner, recovery path, or human contact is missing, it cannot enter human record owner review semantics.",
"next": "refresh maintenance / rollback; host change=false"
},
"runtimeGateStillRequired": {
"title": "Runtime gate still required",
"body": "Validation evidence or follow-up 執行期閘門 pointer still requires a separate gate and cannot open from readiness review outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordHumanRecordOwnerReviewCandidatePackets": {
"title": "Host Owner Decision Record Human Record Owner Review Candidate Packets",
"subtitle": "Human record owner review candidate packets only organize metadata a future human record owner may need to inspect. They do not start handoff, mark review ready, collect owner decisions, create decision records, create approval records, or open 執行期閘門s.",
"packetLabel": "Review candidate packet",
"guardLabel": "Guardrail",
"items": {
"reviewCandidateIdentity": {
"title": "Review candidate identity packet",
"body": "Organizes candidate id, source readiness outcome, version, trace pointer, and source queue review link so a future human record owner can understand provenance.",
"guard": "review started=0; decision record created=false"
},
"reviewOwnerBoundary": {
"title": "Review owner boundary packet",
"body": "Organizes human record owner, backup owner, contact channel, and responsibility boundary without treating owner contact as accepted work or a decision.",
"guard": "owner decision received=0; handoff started=0"
},
"reviewDecisionSummary": {
"title": "Review decision summary packet",
"body": "Organizes candidate decision summary, risk acceptance boundary, and no-execution statement so the review candidate is not mistaken for a formal record.",
"guard": "review ready=0; record accepted=0"
},
"reviewScopeExpiry": {
"title": "Review scope and expiry packet",
"body": "Organizes host, network, service, exclusion, observation intent, and expiry so the review candidate scope remains readable.",
"guard": "scope review only; 執行期閘門 opened=false"
},
"reviewScanLimits": {
"title": "Review scan limits packet",
"body": "Organizes observe-only, future active scan, and credentialed scan limits while keeping active scan behind separate approval.",
"guard": "scan authorized=false; 操作按鈕s=false"
},
"reviewCredentialBoundary": {
"title": "Review credential boundary packet",
"body": "Organizes credential owner, retention, masking, and forbidden collection as metadata only; plaintext, token value, and raw secret are not collected.",
"guard": "secret collection=false; raw payload=false"
},
"reviewMaintenanceRollback": {
"title": "Review maintenance and rollback packet",
"body": "Organizes maintenance window, constraints, rollback owner, recovery path, and human contact without authorizing host change.",
"guard": "host change=false; Kali update=false"
},
"reviewValidationRuntimeGate": {
"title": "Review validation and 執行期閘門 packet",
"body": "Organizes validation evidence pointer, post-check metrics, and separate 執行期閘門 requirement without opening a gate from the candidate packet.",
"guard": "執行期閘門 opened=false; runtime execution=false"
},
"reviewNoExecutionAttestation": {
"title": "Review no-execution attestation packet",
"body": "Fixes not authorization, no execution, no approval, and no 執行期閘門 statements so the review candidate is not mistaken for approval.",
"guard": "not_authorization=true; approval record=false"
}
}
},
"hostOwnerDecisionRecordHumanRecordOwnerReviewCandidateChecklist": {
"title": "Host Owner Decision Record Human Record Owner Review Candidate Checklist",
"subtitle": "Human record owner review candidate checklist only checks whether candidate packets are readable. It does not mark checklist passed, start review, mark review ready, collect owner decisions, create decision records, create approval records, or open 執行期閘門s.",
"checkLabel": "Review candidate check",
"guardLabel": "Guardrail",
"items": {
"candidateIdentityTraceable": {
"title": "Candidate identity traceable",
"body": "Checks that candidate id, source outcome, version, trace pointer, and queue review link are traceable.",
"guard": "check passed=0; review started=0"
},
"candidateOwnerBoundaryReadable": {
"title": "Candidate owner boundary readable",
"body": "Checks that human record owner, backup owner, contact channel, and responsibility boundary are readable without treating the owner as engaged.",
"guard": "owner decision received=0; review ready=0"
},
"candidateDecisionSummaryReadable": {
"title": "Candidate decision summary readable",
"body": "Checks that candidate decision summary, risk acceptance boundary, and no-execution statement are readable while remaining outside a formal decision record.",
"guard": "decision record created=false; accepted=0"
},
"candidateScopeExpiryCurrent": {
"title": "Candidate scope and expiry current",
"body": "Checks that host, network, service, exclusion, observation intent, and expiry remain within the candidate scope.",
"guard": "scope check only; 執行期閘門 opened=false"
},
"candidateScanLimitsNotAuthorization": {
"title": "Candidate scan limits not authorization",
"body": "Checks that observe-only, future active scan, and credentialed scan limits are not written as scan authorization.",
"guard": "scan authorized=false; 操作按鈕s=false"
},
"candidateCredentialBoundaryMetadataOnly": {
"title": "Candidate credential boundary metadata-only",
"body": "Checks that credential owner, retention, masking, and forbidden collection remain metadata-only.",
"guard": "secret collection=false; raw payload=false"
},
"candidateMaintenanceRollbackTraceable": {
"title": "Candidate maintenance and rollback traceable",
"body": "Checks that maintenance window, constraints, rollback owner, recovery path, and human contact are traceable.",
"guard": "host change=false; Kali update=false"
},
"candidateValidationRuntimeGateSeparate": {
"title": "Candidate validation and 執行期閘門 separate",
"body": "Checks that validation evidence pointer, post-check metrics, and 執行期閘門 requirement remain separate.",
"guard": "執行期閘門 opened=false; runtime execution=false"
},
"candidateNoExecutionAttestationPresent": {
"title": "Candidate no-execution attestation present",
"body": "Checks that not authorization, no execution, no approval, and no 執行期閘門 statements are visible.",
"guard": "not_authorization=true; approval record=false"
}
}
},
"hostOwnerDecisionRecordHumanRecordOwnerReviewCandidateOutcomes": {
"title": "Host Owner Decision Record Human Record Owner Review Candidate Outcome Lanes",
"subtitle": "Human record owner review candidate outcome lanes only display next-step routing after candidate checklist. They do not mark checklist passed, start review, mark review ready, collect owner decisions, create decision records, create approval records, or open 執行期閘門s.",
"laneLabel": "Review candidate outcome",
"nextLabel": "Next step",
"items": {
"readyForHumanRecordOwnerReviewPreparation": {
"title": "Ready for human record owner review preparation candidate",
"body": "All candidate checklist read-only conditions can be prepared for a future human record owner review surface, but this remains a preparation candidate.",
"next": "display only; review started=0"
},
"identityTraceNeedsRefresh": {
"title": "Identity trace needs refresh",
"body": "Candidate identity, source outcome, version, trace pointer, or queue review link needs refresh before the next layer.",
"next": "refresh identity trace; check passed=0"
},
"ownerBoundaryNeedsClarification": {
"title": "Owner boundary needs clarification",
"body": "Human record owner, backup owner, contact channel, or responsibility boundary still needs clarification and cannot count as owner engagement.",
"next": "clarify owner boundary; decision received=0"
},
"decisionSummaryNeedsClarification": {
"title": "Decision summary needs clarification",
"body": "Candidate decision summary, risk acceptance boundary, or no-execution statement is still unclear and cannot create a formal record.",
"next": "clarify summary; record created=false"
},
"scopeExpiryNeedsRefresh": {
"title": "範圍 and expiry need refresh",
"body": "Host, network, service, exclusion, observation intent, or expiry needs refresh before moving into the next human preparation layer.",
"next": "refresh scope; review ready=0"
},
"scanLimitsRemainAmbiguous": {
"title": "Scan limits remain ambiguous",
"body": "Observe-only, future active scan, or credentialed scan limits may still be mistaken for authorization and must remain routed to clarification.",
"next": "clarify limits; scan authorized=false"
},
"credentialBoundaryFailed": {
"title": "Credential boundary failed",
"body": "Credential owner, retention, masking, or forbidden collection failed the metadata-only boundary and must be quarantined.",
"next": "quarantine credential boundary; secret collection=false"
},
"maintenanceRollbackIncomplete": {
"title": "Maintenance and rollback incomplete",
"body": "Maintenance window, constraints, rollback owner, recovery path, or human contact is incomplete and cannot lead to host change.",
"next": "complete maintenance data; host change=false"
},
"runtimeGateStillRequired": {
"title": "Runtime gate still required",
"body": "Validation evidence, post-check metrics, or follow-up 執行期閘門 pointer still requires an independent gate and cannot open from candidate outcome.",
"next": "active 執行期閘門s=0; 操作按鈕s=false"
}
}
},
"hostOwnerDecisionRecordHumanRecordOwnerReviewPreparationPackets": {
"title": "Host Owner Decision Record Human Record Owner Review Preparation Packets",
"subtitle": "Human record owner review preparation packets only organize metadata needed by a future human record owner review surface. They do not mark preparation completed, start review, mark review ready, collect owner decisions, create decision records, create approval records, or open 執行期閘門s.",
"packetLabel": "Review preparation packet",
"guardLabel": "Guardrail",
"items": {
"preparationIdentityTrace": {
"title": "Preparation identity trace packet",
"body": "Organizes preparation id, source candidate outcome, version, trace pointer, and candidate checklist link so a future review surface can trace provenance.",
"guard": "prepared=0; review started=0"
},
"preparationOwnerBoundary": {
"title": "Preparation owner boundary packet",
"body": "Organizes human record owner, backup owner, contact channel, responsibility boundary, and open clarifications without treating owner as engaged or decided.",
"guard": "owner decision received=0; review ready=0"
},
"preparationDecisionSummary": {
"title": "Preparation decision summary packet",
"body": "Organizes candidate decision summary, risk acceptance boundary, no-execution statement, and formal record preface while remaining outside a decision record.",
"guard": "decision record created=false; accepted=0"
},
"preparationScopeExpiry": {
"title": "Preparation scope and expiry packet",
"body": "Organizes host, network, service, exclusion, observation intent, expiry, and refresh need so the preparation layer remains read-only visible.",
"guard": "scope preparation only; 執行期閘門 opened=false"
},
"preparationScanLimits": {
"title": "Preparation scan limits packet",
"body": "Organizes observe-only, future active scan, credentialed scan limits, and scan boundaries that still require separate approval.",
"guard": "scan authorized=false; 操作按鈕s=false"
},
"preparationCredentialBoundary": {
"title": "Preparation credential boundary packet",
"body": "Organizes credential owner, retention, masking, forbidden collection, and quarantine rules while allowing metadata only.",
"guard": "secret collection=false; raw payload=false"
},
"preparationMaintenanceRollback": {
"title": "Preparation maintenance and rollback packet",
"body": "Organizes maintenance window, constraints, rollback owner, recovery path, and human contact without authorizing host change.",
"guard": "host change=false; Kali update=false"
},
"preparationValidationRuntimeGate": {
"title": "Preparation validation and 執行期閘門 packet",
"body": "Organizes validation evidence pointer, post-check metrics, and independent 執行期閘門 requirement without opening a gate from preparation packet.",
"guard": "執行期閘門 opened=false; runtime execution=false"
},
"preparationNoExecutionAttestation": {
"title": "Preparation no-execution attestation packet",
"body": "Fixes not authorization, no execution, no approval, and no 執行期閘門 statements so the preparation packet is not mistaken for approval.",
"guard": "not_authorization=true; approval record=false"
}
}
},
"hostOwnerDecisionRecordHumanRecordOwnerReviewPreparationChecklist": {
"title": "Host Owner Decision Record Human Record Owner Review Preparation Checklist",
"subtitle": "Human record owner review preparation checklist only checks whether preparation packets are readable. It does not mark preparation completed, mark checklist passed, start review, mark review ready, collect owner decisions, create decision records, create approval records, or open 執行期閘門s.",
"checkLabel": "Review preparation check",
"guardLabel": "Guardrail",
"items": {
"preparationIdentityTraceReadable": {
"title": "Preparation identity trace readable",
"body": "Checks that preparation id, source candidate outcome, version, trace pointer, and candidate checklist link are traceable.",
"guard": "prepared=0; check passed=0"
},
"preparationOwnerBoundaryReadable": {
"title": "Preparation owner boundary readable",
"body": "Checks that human record owner, backup owner, contact channel, responsibility boundary, and open clarifications are readable without treating the owner as engaged.",
"guard": "owner decision received=0; review ready=0"
},
"preparationDecisionSummaryReadable": {
"title": "Preparation decision summary readable",
"body": "Checks that candidate decision summary, risk acceptance boundary, no-execution statement, and formal record preface are readable while remaining outside a decision record.",
"guard": "decision record created=false; accepted=0"
},
"preparationScopeExpiryCurrent": {
"title": "Preparation scope and expiry current",
"body": "Checks that host, network, service, exclusion, observation intent, expiry, and refresh need remain readable within the preparation layer.",
"guard": "scope check only; 執行期閘門 opened=false"
},
"preparationScanLimitsNotAuthorization": {
"title": "Preparation scan limits not authorization",
"body": "Checks that observe-only, future active scan, and credentialed scan limits are not written as scan authorization.",
"guard": "scan authorized=false; 操作按鈕s=false"
},
"preparationCredentialBoundaryMetadataOnly": {
"title": "Preparation credential boundary metadata-only",
"body": "Checks that credential owner, retention, masking, forbidden collection, and quarantine rules remain metadata-only.",
"guard": "secret collection=false; raw payload=false"
},
"preparationMaintenanceRollbackTraceable": {
"title": "Preparation maintenance and rollback traceable",
"body": "Checks that maintenance window, constraints, rollback owner, recovery path, and human contact are traceable.",
"guard": "host change=false; Kali update=false"
},
"preparationValidationRuntimeGateSeparate": {
"title": "Preparation validation and 執行期閘門 separate",
"body": "Checks that validation evidence pointer, post-check metrics, and independent 執行期閘門 requirement remain separate.",
"guard": "執行期閘門 opened=false; runtime execution=false"
},
"preparationNoExecutionAttestationPresent": {
"title": "Preparation no-execution attestation present",
"body": "Checks that not authorization, no execution, no approval, and no 執行期閘門 statements are visible so the checklist is not mistaken for approval.",
"guard": "not_authorization=true; approval record=false"
}
}
},
"progressHoldMovementGates": {
"title": "為什麼現在是 61%",
"subtitle": "AwoooP 正式只讀 landing 已有部署與消費證據,所以 headline 從 58% 保守重估到 61%。其餘四個高層 gate 仍是 0 / false框架、文件與前端可見性不會被灌水成 runtime 執行。",
"gateLabel": "移動門檻",
"moveLabel": "什麼時候會動",
"guardLabel": "不灌水原則",
"items": {
"ownerResponseAccepted": {
"title": "負責人回覆 accepted 仍是 0",
"body": "S4.9-S4.12 都還沒有負責人回覆 已收到 / 已接受S4.9 目前只是 request-ready。",
"move": "第一批脫敏負責人回覆通過 S4.9 preflight 與 S4.13 rollup 後headline 才有重估依據。",
"guard": "不把 request-ready、範本、preflight 或焦點當成 已收到 / 已接受。"
},
"redactedPayloadIngested": {
"title": "脫敏 payload 匯入仍未啟用",
"body": "目前只定義 evidence refs、redaction examples、quarantine 與 preflight尚未有 accepted payload ingestion。",
"move": "脫敏 payload 經人工批准、通過 preflight、進入只讀 ingestion 後runtime landing 才能重估。",
"guard": "不收原始載荷、不收 credential plaintext、不把文件範例當 ingestion。"
},
"activeRuntimeGate": {
"title": "主動 執行期閘門 仍是 0",
"body": "Kali `/execute`、SSH、主機更新、blocking control、repo / refs / workflow 動作都仍在獨立 gate 之外。",
"move": "人工批准、scope、rollback、post-check metrics 完整,並另開 active 執行期閘門 後才會動。",
"guard": "不從 IwoooS 前端、progress 數字或 checklist 開 執行期閘門。"
},
"githubPrimaryReady": {
"title": "GitHub 主要來源就緒數仍是 0",
"body": "GitHub target、refs truth、工作流程 / 機密 name parity、rollback ADR 都還在負責人回覆 / 就緒度階段。",
"move": "至少一批 repo 通過 target、refs、工作流程 / 機密 name 與 rollback readinessprimary_ready_count 才可大於 0。",
"guard": "不建 repo、不 sync refs、不切主要來源、不把候選項當就緒。"
},
"awooopReadOnlyLanding": {
"title": "AwoooP 正式只讀 landing 已驗證",
"body": "正式站已能在 AwoooP / IwoooS / 安全頁只讀顯示資安鏡像進度、證據邊界與禁止動作,且沒有接 execution router。",
"move": "這項證據已推動 headline 從 58% 重估到 61%;後續仍要等 owner response、runtime gate 或 GitHub primary 才能再動。",
"guard": "read-only landing 不是 操作按鈕、approval、runtime execution 或 blocking control。"
}
}
},
"headlineMovementAcceptanceGate": {
"title": "61% 重估驗收紀錄",
"subtitle": "S2.100 的五個高層 gate 中AwoooP production landing evidence 已有正式部署與只讀消費證據,因此本次只把 headline 從 58% 保守重估到 61%;其餘 owner response、脫敏匯入、執行期閘門與 GitHub 主要來源仍是 0 / false。",
"gateLabel": "重估 gate",
"acceptanceLabel": "驗收條件",
"guardLabel": "仍禁止",
"boundaryTitle": "進度重估邊界",
"summary": {
"headline": {
"label": "目前 headline",
"detail": "已從 58% 保守重估到 61%,不把框架層堆疊灌水成落地執行。"
},
"signals": {
"label": "移動訊號",
"detail": "五個高層 gate 中 1 個已有正式只讀 landing 證據。"
},
"s49Accepted": {
"label": "S4.9 accepted",
"detail": "五個 負責人回覆 template 尚未收到可接受 evidence。"
},
"review": {
"label": "重估紀錄",
"detail": "已建立本次 headline review recordruntime 仍未授權。"
}
},
"items": {
"s49OwnerResponseAccepted": {
"title": "S4.9 負責人回覆驗收",
"body": "下一個真正會推動 61% 的 P0 是 Gitea owner attestationpublic-only / local gap、org/user endpoint、110 adjacent scope、repo owner canonical scope、legacy / inaccessible disposition 五項要收到脫敏 evidence。",
"acceptance": "五項都通過 preflight 與 S4.13 validation rollup才可記錄 owner_response_accepted_count > 0。",
"guard": "不代填、不催收、不標記 已收到 / 已接受、不建立審批紀錄。"
},
"redactedPayloadAccepted": {
"title": "脫敏 payload 匯入驗收",
"body": "只有 redacted metadata pointer 可以進入只讀收件與驗收;原始 dump、git object、token、cookie、private key 或 credential plaintext 都要隔離。",
"acceptance": "人工批准 ingestion path、preflight 通過、quarantine 結果可追溯後payloads_ingested 才可改變。",
"guard": "不收明文機密、不保存原始載荷、不把文件範例當匯入完成。"
},
"runtimeGateApproved": {
"title": "執行期閘門人工批准",
"body": "Kali `/execute`、SSH、主機更新、掃描、修復、blocking control 與部署都必須另開人工 執行期閘門。",
"acceptance": "scope、rollback、maintenance window、post-check metrics 與人工批准都到齊後active_runtime_gate_count 才能大於 0。",
"guard": "IwoooS 沒有執行按鈕;進度看板不能啟動 runtime。"
},
"githubPrimaryEvidenceReady": {
"title": "GitHub 主要來源就緒證據",
"body": "Gitea 轉 GitHub 的長期方向需要 target owner、visibility、refs truth、工作流程 / 機密 name parity 與 rollback ADR 都能驗證。",
"acceptance": "至少一批 repo 有完整負責人回覆與 rollback readinessprimary_ready_count 才能從 0 往上。",
"guard": "不建立 repo、不同步 refs、不改 工作流程 / 機密、不切主要來源、不停用 Gitea。"
},
"awooopProductionLandingProof": {
"title": "AwoooP 正式只讀消費證據",
"body": "AwoooP 主線已在正式站只讀消費 IwoooS / security mirror 的 headline、evidence refs、guard result 與 forbidden actions。",
"acceptance": "已有 Gitea main commit、CD 成功與正式站路由驗證execution_router_linked=false、runtime_execution_authorized=false。",
"guard": "只讀 landing 不是 approval、操作按鈕、execution router 或 blocking control。"
},
"nextHeadlineReviewRecord": {
"title": "本次 headline review record",
"body": "本次重估只引用 AwoooP 正式只讀 landing 證據,說明為何從 58% 調整到 61%。",
"acceptance": "review record 必須引用具體 evidence refs、guard output、風險邊界與禁止動作清單本次仍鎖 runtime。",
"guard": "不因為新增看板、文件或清單就調整 headline。"
}
}
},
"sourceControlReadiness": {
"title": "GitHub 主要來源就緒度",
"subtitle": "The long-term Gitea-to-GitHub direction is shown as read-only readiness: candidate repos, 負責人回覆s, refs truth, 工作流程 / 機密 names, and rollback ADR must all be present before primary_ready_count can be reviewed.",
"gateLabel": "Readiness gate",
"guardLabel": "Still forbidden",
"items": {
"candidateRepos": {
"title": "Candidate repo inventory",
"body": "8 candidate repos and 7 in-scope repos are visible for inventory and owner-evidence alignment only.",
"guard": "No GitHub repo creation or visibility changes."
},
"primaryReady": {
"title": "primary_ready_count remains 0",
"body": "No repo has passed target, refs, 工作流程 / 機密 name, and rollback readiness yet.",
"guard": "No GitHub primary switch and no Gitea disablement."
},
"ownerResponses": {
"title": "負責人回覆 are still waiting",
"body": "S4.9-S4.12 include 22 templates; received=0 and accepted=0.",
"guard": "Do not treat request-ready as response accepted."
},
"refsTruth": {
"title": "Refs truth is not accepted",
"body": "main / dev truth, release tags, and deprecated refs still need owner decisions.",
"guard": "No refs push, delete, or force push."
},
"workflowSecrets": {
"title": "工作流程 / 機密 names are incomplete",
"body": "Workflow, runner, webhook, and secret-name parity evidence is still missing for 7 in-scope repos.",
"guard": "Collect names and owners only, never 機密明文值s."
},
"rollbackAdr": {
"title": "Rollback ADR is not approved",
"body": "Rollback owner, validation window, and trigger details still need human review for 7 in-scope repos.",
"guard": "No cutover dry-run and no primary switch."
}
}
},
"awooopCoverage": {
"title": "AwoooP 資安入口覆蓋狀態",
"subtitle": "把 AwoooP 8 個實際入口目前已接上的 IwoooS / 負責人回覆驗收邊界集中顯示。這只是入口覆蓋,不代表審批、執行、專案庫、分支 / 標籤參照、工作流程 / 機密設定、主要來源切換或 Gitea 停用授權。",
"routeLabel": "入口路徑",
"stageLabel": "完成階段",
"boundaryLabel": "仍維持",
"guardTitle": "覆蓋狀態不會打開的邊界",
"summary": {
"routes": {
"label": "AwoooP 入口",
"detail": "8 個實際頁面已列入資安邊界地圖。"
},
"covered": {
"label": "已可見覆蓋",
"detail": "首頁、工作鏈路、合約、租戶、執行監控、執行詳情、審批佇列與審批決策。"
},
"runtimeGates": {
"label": "執行期閘門",
"detail": "仍為 0入口覆蓋不會開閘門。"
},
"actions": {
"label": "執行按鈕",
"detail": "仍為 0不新增掃描、執行或修復。"
}
},
"items": {
"home": {
"title": "AwoooP 首頁",
"body": "S2.72 顯示負責人回覆驗收總覽,讓首頁可以理解整體資安網進度。",
"boundary": "只讀總覽,不建立審批紀錄或執行期閘門。"
},
"workItems": {
"title": "工作鏈路",
"body": "S2.73 把負責人回覆驗收候選放進工作項語境,方便追蹤但不推動執行。",
"boundary": "只建立可見工作項,不建立平台執行或修復動作。"
},
"contracts": {
"title": "合約儀表板",
"body": "S2.74 顯示資安合約與負責人回覆驗收候選,讓契約來源可追溯。",
"boundary": "不發布合約修訂、不改生命週期、不開主要來源切換。"
},
"approvals": {
"title": "審批佇列",
"body": "S2.75 顯示審批佇列的負責人回覆驗收邊界,避免把可見焦點誤當批准。",
"boundary": "不建立批准紀錄、不標記負責人回覆已收到或已接受。"
},
"tenants": {
"title": "租戶範圍",
"body": "S2.76 顯示租戶如何理解負責人回覆驗收範圍,但不修改租戶政策。",
"boundary": "不改租戶設定、不建立專案庫、不改分支或標籤參照。"
},
"runs": {
"title": "執行監控",
"body": "S2.77 顯示執行監控的負責人回覆驗收邊界,避免把監控可見性誤當執行。",
"boundary": "不建立平台執行、不接執行路由器、不呼叫外部工具。"
},
"runDetail": {
"title": "執行詳情",
"body": "S2.78 在單一執行詳情顯示驗收邊界與來源回覆包,讓檢視時仍保留只讀語義。",
"boundary": "不啟動工具、不補救、不建立執行期閘門。"
},
"approvalDecision": {
"title": "審批決策",
"body": "S2.79 在真正核准 / 拒絕前顯示審批決策與負責人回覆驗收分離。",
"boundary": "核准執行不等於負責人回覆已接受,也不等於資安落地執行。"
}
}
},
"securityConvergenceRoadmap": {
"title": "階段式資安收斂節奏",
"subtitle": "把目前的收斂策略明確寫在 IwoooS初期先做可視化與提醒不直接阻擋等負責人回覆、脫敏證據、人工審查、回滾條件與後驗證都齊全再分階段收緊。",
"movementLabel": "推進條件",
"guardLabel": "仍不會做",
"boundaryTitle": "逐步收緊仍維持的保護線",
"summary": {
"mode": {
"label": "目前節奏",
"value": "先可視",
"detail": "初期只做觀察與提醒,不直接阻擋產品流程。"
},
"coverage": {
"label": "入口覆蓋",
"detail": "AwoooP 8 個實際入口已可見資安邊界。"
},
"accepted": {
"label": "已接受回覆",
"detail": "S4.9-S4.12 仍是 0不能把看板當收件完成。"
},
"runtime": {
"label": "執行期閘門",
"detail": "仍為 0所有執行仍要獨立人工批准。"
}
},
"items": {
"visibilityFirst": {
"title": "先建立可視框架",
"body": "AwoooP 8 個入口已能看到 IwoooS 邊界與目前狀態,讓使用者知道資安網正在形成。",
"movement": "下一步是把覆蓋狀態與負責人回覆缺口保持同步,不急著阻擋。",
"guard": "不把入口覆蓋當成審批、執行、阻擋或落地授權。"
},
"ownerResponse": {
"title": "等待負責人回覆",
"body": "22 個回覆範本仍等待脫敏回覆;這是後續真正收緊前的第一個高層門檻。",
"movement": "收到並通過驗收後,才重新評估下一輪收斂幅度。",
"guard": "不把請求已準備好當成已收到或已接受。"
},
"redactedEvidence": {
"title": "收脫敏證據",
"body": "目前沒有匯入 payload後續只能先收可驗證、可隔離、可回溯的脫敏證據。",
"movement": "schema、遮罩、來源、隔離與拒收規則都通過後才進入下一步。",
"guard": "不收機密明文值、不保存 token value、不直接改外部系統。"
},
"humanDecision": {
"title": "人工審查後再升級",
"body": "資安收斂要經過人工審查與風險分級,避免初期把 LOW / MEDIUM 訊號直接變成阻擋。",
"movement": "人工決策、範圍、維護窗口、回滾與後驗證條件齊全才升級。",
"guard": "不讓單一看板或進度數字自動提高限制。"
},
"runtimeGate": {
"title": "最後才開執行期閘門",
"body": "目前主動執行期閘門仍為 0任何 Kali、SSH、主機更新或修復都還在獨立批准之外。",
"movement": "只有人工批准、範圍、回滾與後驗證完整時,才另開執行期閘門。",
"guard": "不從 IwoooS 前端建立掃描、執行、修復或主機更新動作。"
},
"sourceControlCutover": {
"title": "主要來源切換排最後",
"body": "GitHub 主要來源、Gitea 停用、分支 / 標籤參照與工作流程 / 機密設定仍全部等待負責人證據。",
"movement": "至少一批專案庫完成目標、分支 / 標籤、工作流程 / 機密名稱與回滾就緒後才重估。",
"guard": "不建立專案庫、不改可見性、不同步參照、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseCollectionBoard": {
"title": "下一步人工收件作戰板",
"subtitle": "把真正能推動 61% 的下一步集中顯示S4.9-S4.12 四包負責人回覆都還是 0 已收到 / 0 已接受。本看板只讓人知道要收什麼,不會寄送、建立、接受或執行任何動作。",
"packetLabel": "收件包",
"movementLabel": "收件條件",
"guardLabel": "仍不會做",
"boundaryTitle": "收件作戰板維持的保護線",
"summary": {
"packets": {
"label": "收件包",
"detail": "S4.9-S4.12 四包都已可見,但還沒收到。"
},
"templates": {
"label": "必備回覆",
"detail": "22 個負責人回覆範本仍需人工提供。"
},
"received": {
"label": "已收到",
"detail": "目前為 0不能把可見請求當成回覆。"
},
"accepted": {
"label": "已接受",
"detail": "目前為 0不能把收件作戰板當審批。"
}
},
"items": {
"giteaAttestation": {
"title": "Gitea 清冊負責人證明",
"body": "需要每個範圍內專案庫的負責人、目前用途、是否保留、是否轉 GitHub 與脫敏證據。",
"movement": "五項證明都齊全後,才允許進入負責人回覆驗收。",
"guard": "不建立、不刪除、不停用 Gitea 專案庫,也不改可見性。"
},
"githubTarget": {
"title": "GitHub 目標負責人決策",
"body": "需要確認目標 org / repo、可見性、分支保護、CODEOWNERS、CI 計費與回滾窗口。",
"movement": "七項目標決策都齊全後,才重新評估 GitHub 主要來源路線。",
"guard": "不建立 GitHub repo、不切主要來源、不啟用額外計費流程。"
},
"refsTruth": {
"title": "分支 / 標籤真相回覆",
"body": "需要 main、dev、release tag、deprecated refs 與保留策略的負責人判定。",
"movement": "五項 refs 真相都齊全後,才允許規劃同步或清理方案。",
"guard": "不同步、不刪除、不 force push 任何分支或標籤參照。"
},
"workflowSecretNames": {
"title": "工作流程 / 機密名稱回覆",
"body": "需要 workflow、runner、webhook、secret name parity 與部署責任人的脫敏回覆。",
"movement": "五項名稱與責任範圍齊全後,才允許進入設定差異審查。",
"guard": "不收機密明文值、不修改工作流程、不注入或旋轉 secret。"
}
}
},
"ownerResponseIntakeSafetyBoard": {
"title": "人工回覆安全驗收閘道",
"subtitle": "把收件後怎麼判定可收、補證、隔離或拒收先攤開。現在匯入=0、隔離=0、拒收=0這只是驗收規則可見不會自動匯入、通知、修復或升高限制。",
"laneLabel": "驗收分流",
"ruleLabel": "判定方式",
"guardLabel": "仍不會做",
"boundaryTitle": "驗收閘道維持的保護線",
"summary": {
"rules": {
"label": "安全規則",
"detail": "六條驗收分流先可見,避免收件後臨時判斷。"
},
"ingested": {
"label": "已匯入",
"detail": "目前為 0還沒有任何人工回覆進入正式匯入。"
},
"quarantined": {
"label": "已隔離",
"detail": "目前為 0若含機密明文值才會進隔離。"
},
"rejected": {
"label": "已拒收",
"detail": "目前為 0拒收規則只是先讓邊界透明。"
}
},
"items": {
"redactedEvidenceOnly": {
"title": "只接受脫敏證據",
"body": "人工回覆必須能對照來源、負責人、範圍與遮罩後證據,才能進入驗收。",
"rule": "缺少可驗證脫敏證據時,只能標記補證,不得匯入正式狀態。",
"guard": "不把自由文字、截圖或未遮罩內容當成已接受回覆。"
},
"ownerScopeCompletion": {
"title": "負責人範圍要齊全",
"body": "每包回覆都要有負責人、專案庫或範圍、決策、證據指標與回滾關聯。",
"rule": "範圍不完整時維持等待或補證,不得推動主要來源或收斂升級。",
"guard": "不把單一負責人口頭確認當成全部 S4.9-S4.12 驗收完成。"
},
"secretValueQuarantine": {
"title": "機密明文直接隔離",
"body": "任何權杖、密碼、私鑰、webhook 機密或可重用憑證值都不能進一般收件。",
"rule": "出現機密明文值時只能隔離並要求重提脫敏版本。",
"guard": "不保存、不展示、不複製、不轉送、不旋轉任何機密明文值。"
},
"repoMutationRequest": {
"title": "專案庫動作要求先拒收",
"body": "人工回覆若夾帶建立、刪除、改可見性或轉移專案庫要求,必須與收件驗收分離。",
"rule": "專案庫動作只能另走人工批准與回滾方案,不進收件作戰板。",
"guard": "不建立 GitHub 專案庫、不停用 Gitea、不改專案庫可見性。"
},
"refsMutationRequest": {
"title": "分支 / 標籤動作要求先拒收",
"body": "人工回覆可以描述分支 / 標籤真相,但不能在同一包裡要求同步、刪除或強制推送。",
"rule": "含分支 / 標籤異動要求時先拒收動作部分,只保留脫敏事實供人工審查。",
"guard": "不同步、不刪除、不強制推送任何分支或標籤參照。"
},
"runtimeExecutionRequest": {
"title": "執行要求一律另開閘門",
"body": "任何 Kali、SSH、主機更新、掃描、修復或部署要求都不能混在負責人回覆驗收裡。",
"rule": "執行要求只能另走人工批准、維護窗口、回滾與後驗證流程。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不建立執行期閘門。"
}
}
},
"ownerResponseReviewOutcomeBoard": {
"title": "人工回覆審查結果分流",
"subtitle": "把安全驗收後可能進入的結果先放到 IwoooS維持等待、要求補證、可進人工審查、隔離、拒收、只讀更新、需要人工決策。現在可審=0、已接受=0、執行期閘門=0分流只是讓流程透明不會自動批准或執行。",
"laneLabel": "結果分流",
"resultLabel": "審查結果",
"guardLabel": "仍不會做",
"boundaryTitle": "審查結果分流維持的保護線",
"summary": {
"lanes": {
"label": "結果分流",
"detail": "七條結果分流先可見,避免人工審查後語義混亂。"
},
"ready": {
"label": "可審",
"detail": "目前為 0還沒有任何回覆進入人工審查。"
},
"accepted": {
"label": "已接受",
"detail": "目前為 0分流不等於接受。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0審查結果不會自動開閘門。"
}
},
"items": {
"remainWaiting": {
"title": "維持等待",
"body": "回覆還沒到、來源不明或仍等待負責人確認時,狀態維持等待。",
"result": "只顯示等待原因,不建立審查紀錄、不提高進度。",
"guard": "不把等待狀態當成已收到或已接受。"
},
"needsEvidence": {
"title": "要求補證",
"body": "回覆內容有方向但缺少脫敏證據、範圍、負責人或回滾關聯時,先要求補證。",
"result": "只回到人工補證佇列,不進入主要來源或執行期判定。",
"guard": "不因為有部分內容就推動 GitHub、Gitea、分支 / 標籤或工作流程動作。"
},
"readyForHumanReview": {
"title": "可進人工審查",
"body": "脫敏證據、範圍、負責人與決策欄位都齊全時,才標示可進人工審查。",
"result": "只代表可由人審查,不代表已接受或已批准。",
"guard": "不自動接受、不建立執行期閘門、不改外部系統。"
},
"quarantined": {
"title": "隔離處理",
"body": "含機密明文、來源衝突或不可驗證資料時,結果只能進隔離。",
"result": "隔離結果只保留最小必要中繼資訊與補提方向。",
"guard": "不展示、不保存、不轉送任何機密明文值。"
},
"rejected": {
"title": "拒收",
"body": "回覆要求越權、夾帶執行、夾帶專案庫異動或無法脫敏時,必須拒收。",
"result": "拒收只關閉該回覆輸入,不代表整個資安工作停止。",
"guard": "不把拒收轉成自動修復、刪除、停用或封鎖。"
},
"readonlyUpdate": {
"title": "只讀狀態更新",
"body": "若人工審查只確認事實狀態,可以更新只讀看板與證據參照。",
"result": "只更新已提交文件、快照或顯示狀態。",
"guard": "不改執行期、不改專案庫、不改分支 / 標籤、不改工作流程 / 機密設定。"
},
"humanDecisionRequired": {
"title": "需要人工決策",
"body": "涉及主要來源、回滾、維護窗口、部署或阻擋升級時,必須另走人工決策。",
"result": "只能產生人工決策需求,不產生執行命令。",
"guard": "不切主要來源、不停用 Gitea、不呼叫 Kali、不開 SSH。"
}
}
},
"ownerResponseHumanDecisionQueueBoard": {
"title": "人工決策準備佇列",
"subtitle": "把需要人工決策前必須整理的資料先放到 IwoooS決策包草稿、證據追溯包、審查人指派、回滾窗口候選、執行期閘門分離與主要來源切換分離。現在可決策=0、已批准=0、執行期閘門=0這只是準備佇列不會建立審批紀錄或執行命令。",
"queueLabel": "準備佇列",
"prepLabel": "準備內容",
"guardLabel": "仍不會做",
"boundaryTitle": "人工決策準備佇列維持的保護線",
"summary": {
"queueItems": {
"label": "準備項",
"detail": "六個人工決策前置項目先可見,避免審查結果直接跳到批准。"
},
"ready": {
"label": "可決策",
"detail": "目前為 0還沒有任何回覆整理成可決策包。"
},
"approved": {
"label": "已批准",
"detail": "目前為 0準備佇列不等於人工批准。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0人工決策準備不會開啟執行期。"
}
},
"items": {
"decisionPacketDraft": {
"title": "決策包草稿",
"body": "把審查結果、負責人範圍、脫敏證據與待決策問題整理成草稿。",
"prep": "只產生可讀草稿,不建立正式人工決策紀錄。",
"guard": "不把草稿當批准、不提高進度、不啟動任何動作。"
},
"evidenceTraceBundle": {
"title": "證據追溯包",
"body": "整理來源、快照、證據參照與遮罩狀態,讓審查人能追溯每個判斷。",
"prep": "只引用已提交或脫敏證據,不收原始載荷或機密明文值。",
"guard": "不保存、不展示、不轉送任何機密明文值。"
},
"reviewerAssignment": {
"title": "審查人指派",
"body": "標示哪一類人需要看:專案庫負責人、資安審查人、部署責任人或主要來源負責人。",
"prep": "只顯示需要哪種審查角色,不自動通知或催收。",
"guard": "不建立審批紀錄、不代替人工簽核、不發送外部命令。"
},
"rollbackWindowCandidate": {
"title": "回滾窗口候選",
"body": "若決策會影響主要來源、部署、維護窗口或阻擋升級,先標出回滾窗口需求。",
"prep": "只列出候選窗口與待補證據,等待人工確認。",
"guard": "不安排維護、不部署、不切換主要來源。"
},
"runtimeGateSeparated": {
"title": "執行期閘門分離",
"body": "任何掃描、主機更新、修復、部署或阻擋控制都必須從決策準備中拆出去。",
"prep": "只保留需要另開執行期閘門的標記。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不建立執行期閘門。"
},
"sourceControlCutoverSeparated": {
"title": "主要來源切換分離",
"body": "GitHub 主要來源、Gitea 停用、分支 / 標籤參照或工作流程 / 機密設定都不能由準備佇列直接推進。",
"prep": "只把主要來源相關缺口列入待人工決策清單。",
"guard": "不建立專案庫、不改可見性、不同步參照、不停用 Gitea。"
}
}
},
"ownerResponseDecisionRecordDraftGuardBoard": {
"title": "人工決策紀錄草稿防誤用",
"subtitle": "即使未來開始整理人工決策紀錄,也必須先保護語義:草稿不是正式紀錄,正式紀錄不是執行命令,批准也不能自動推動主機、專案庫或主要來源切換。現在草稿=0、正式紀錄=0、已批准=0、執行期閘門=0。",
"guardItemLabel": "防誤用線",
"draftLabel": "草稿要求",
"guardLabel": "仍不會做",
"boundaryTitle": "人工決策紀錄草稿維持的保護線",
"summary": {
"guards": {
"label": "防誤用線",
"detail": "六條草稿保護線先可見,避免把紀錄草稿當正式批准。"
},
"drafts": {
"label": "草稿",
"detail": "目前為 0還沒有任何正式決策紀錄草稿。"
},
"formalRecords": {
"label": "正式紀錄",
"detail": "目前為 0草稿不等於正式紀錄。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0紀錄草稿不會啟動執行期。"
}
},
"items": {
"recordIdentityDraft": {
"title": "紀錄身分草稿",
"body": "每一份決策紀錄草稿都需要唯一身分、來源階段與對應證據參照,避免口頭決策散落。",
"draft": "只建立草稿身分欄位,不建立正式紀錄。",
"guard": "不把草稿編號當批准編號,也不提高整體進度。"
},
"decisionScopeSnapshot": {
"title": "決策範圍快照",
"body": "草稿必須標出適用專案庫、主機、服務、分支 / 標籤或工作流程範圍。",
"draft": "只引用已提交快照與脫敏證據,不讀取或修改外部系統。",
"guard": "不建立專案庫、不改分支 / 標籤、不改工作流程 / 機密設定。"
},
"reviewerRolePlaceholder": {
"title": "審查角色預留",
"body": "草稿只標示需要哪一類審查角色,讓後續人工簽核能找對人。",
"draft": "只保留角色欄位,不代填姓名、不自動通知、不催收。",
"guard": "不建立審批紀錄、不替人簽核、不產生外部任務。"
},
"evidenceVersionFreeze": {
"title": "證據版本凍結",
"body": "草稿要鎖定當下引用的文件、快照與證據版本,避免決策後證據漂移。",
"draft": "只凍結參照版本,不複製機密、不保存原始載荷。",
"guard": "不展示、不保存、不轉送任何機密明文值。"
},
"approvalNotExecutionBoundary": {
"title": "批准不等於執行",
"body": "即使未來有人工批准,也必須另外拆出執行期、維護窗口、回滾與後驗證。",
"draft": "只把需要另開執行期閘門的欄位標出。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不部署。"
},
"followupRuntimeGatePointer": {
"title": "後續執行期指標",
"body": "若決策牽涉掃描、修復、部署、主要來源切換或阻擋升級,草稿只能留下後續閘門指標。",
"draft": "只標記後續要走哪個人工閘門,不建立執行命令。",
"guard": "不切主要來源、不停用 Gitea、不建立執行期閘門。"
}
}
},
"ownerResponseFormalRecordCandidatePreflightBoard": {
"title": "人工決策正式紀錄候選預檢",
"subtitle": "草稿若要往正式紀錄候選前進,必須先通過七個完整性檢查;候選仍不是正式紀錄、不是人工批准,也不能啟動主機、專案庫、工作流程、主要來源或執行期閘門。現在候選=0、正式紀錄=0、已批准=0、執行期閘門=0。",
"checkItemLabel": "候選預檢",
"preflightLabel": "預檢要求",
"guardLabel": "仍不會做",
"boundaryTitle": "正式紀錄候選維持的保護線",
"summary": {
"checks": {
"label": "預檢項",
"detail": "七項正式紀錄候選檢查先可見,避免草稿直接升格。"
},
"candidates": {
"label": "候選",
"detail": "目前為 0還沒有任何正式紀錄候選。"
},
"formalRecords": {
"label": "正式紀錄",
"detail": "目前為 0候選不等於正式紀錄。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0正式紀錄候選不會啟動執行期。"
}
},
"items": {
"candidateIdentityTrace": {
"title": "候選身分追溯",
"body": "候選必須追溯到原始草稿、收件包、審查結果與證據版本,避免跳過中間狀態。",
"preflight": "只檢查追溯欄位是否齊全,不建立正式紀錄。",
"guard": "不把候選編號當正式紀錄編號或批准編號。"
},
"reviewerIdentityBoundary": {
"title": "審查人身分邊界",
"body": "候選只標記需要哪一類人工審查與簽核角色,不能自動代填或代簽。",
"preflight": "只檢查角色欄位、責任範圍與待補欄位。",
"guard": "不自動通知、不建立審批紀錄、不替任何人批准。"
},
"evidenceVersionChain": {
"title": "證據版本鏈",
"body": "候選要能連回已提交、已脫敏且可查的證據版本,避免引用漂移或口頭資訊。",
"preflight": "只檢查證據參照與版本鏈,不讀取外部系統。",
"guard": "不保存、不展示、不轉送機密明文或原始載荷。"
},
"scopeAndExpiry": {
"title": "範圍與期限",
"body": "正式紀錄候選必須標出適用專案庫、主機、服務、分支 / 標籤、工作流程範圍與有效期限。",
"preflight": "只檢查範圍與期限欄位是否明確。",
"guard": "不建立專案庫、不改可見性、不同步或刪除分支 / 標籤。"
},
"riskRollbackField": {
"title": "風險與回滾欄位",
"body": "候選需要保留風險、維護窗口、回滾負責人與後驗證欄位,避免批准後才補救。",
"preflight": "只檢查欄位存在與待補狀態。",
"guard": "不安排維護窗口、不部署、不建立修復工作。"
},
"runtimeGateSeparation": {
"title": "執行期分離",
"body": "任何掃描、修復、主機更新、部署或阻擋控制仍必須走獨立執行期閘門。",
"preflight": "只標記需要哪一種後續執行期閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不執行修復。"
},
"sourceControlSeparation": {
"title": "主要來源分離",
"body": "GitHub 主要來源切換、Gitea 停用、工作流程 / 機密設定或 refs 動作不能由候選直接推進。",
"preflight": "只標記需要另開主要來源或版本控制人工閘門。",
"guard": "不切 GitHub 主要來源、不停用 Gitea、不改 workflow / 機密設定。"
}
}
},
"ownerResponseFormalRecordCandidateOutcomeBoard": {
"title": "人工決策正式紀錄候選結果分流",
"subtitle": "正式紀錄候選通過預檢後,仍只能進入只讀結果分流;分流會指出等待、退回草稿、補證、可交人工紀錄負責人、隔離或拒收,但不會自動升格正式紀錄,也不會批准或執行。現在分流=8、可交接=0、已升格=0、執行期閘門=0。",
"laneLabel": "結果分流",
"resultLabel": "分流結果",
"guardLabel": "仍不會做",
"boundaryTitle": "正式紀錄候選分流維持的保護線",
"summary": {
"lanes": {
"label": "分流",
"detail": "八條候選結果分流先可見,避免候選直接升格。"
},
"ready": {
"label": "可交接",
"detail": "目前為 0還沒有候選可交人工紀錄負責人。"
},
"promoted": {
"label": "已升格",
"detail": "目前為 0沒有候選被升格正式紀錄。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0候選分流不會啟動執行期。"
}
},
"items": {
"remainCandidateWaiting": {
"title": "維持候選等待",
"body": "資料尚未足以交人工紀錄負責人時,候選維持等待,不升格也不退回。",
"result": "只更新只讀等待狀態。",
"guard": "不建立正式紀錄、不建立審批紀錄。"
},
"returnToDraft": {
"title": "退回草稿補齊",
"body": "若候選缺少追溯、範圍、角色或版本欄位,先退回草稿層補齊。",
"result": "只標記退回原因與待補欄位。",
"guard": "不刪草稿、不改證據、不提高進度。"
},
"needsEvidenceRefresh": {
"title": "要求證據更新",
"body": "若候選引用的證據版本過期、缺少脫敏證明或與範圍不一致,先要求補證。",
"result": "只列出需要更新的證據參照。",
"guard": "不讀取外部系統、不保存原始載荷。"
},
"needsReviewerClarification": {
"title": "要求審查說明",
"body": "若審查角色、責任範圍或簽核語義不清,候選必須回到人工說明。",
"result": "只標記需要哪一類人工說明。",
"guard": "不自動通知、不代填姓名、不替任何人批准。"
},
"readyForRecordOwner": {
"title": "可交紀錄負責人",
"body": "候選若欄位齊全,可進入人工紀錄負責人交接,但仍不是正式紀錄。",
"result": "只標記可交接,等待人工確認。",
"guard": "不自動升格、不建立正式紀錄、不建立審批紀錄。"
},
"quarantineSensitivePayload": {
"title": "隔離敏感載荷",
"body": "若候選含機密明文、token、cookie、private key 或 exploit payload必須先隔離。",
"result": "只標記隔離原因與來源欄位。",
"guard": "不展示、不保存、不轉送任何機密明文值。"
},
"rejectMutationRequest": {
"title": "拒收變更要求",
"body": "若候選夾帶專案庫、refs、workflow、機密設定、主機或部署變更要求先拒收。",
"result": "只標記拒收原因,等待重新提交只讀候選。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定。"
},
"runtimeOrCutoverGateRequired": {
"title": "另開執行或切換閘門",
"body": "若候選需要掃描、修復、主機更新、主要來源切換或 Gitea 停用,必須另開人工閘門。",
"result": "只標記需要哪一種後續閘門。",
"guard": "不呼叫 Kali、不開 SSH、不切 GitHub 主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerHandoffBoard": {
"title": "人工決策正式紀錄負責人交接準備",
"subtitle": "候選若進入可交接狀態,仍只能整理交接包,不能自動指派紀錄負責人、不能建立正式紀錄,也不能批准或執行。現在交接包=7、可交接=0、已指派=0、執行期閘門=0。",
"packetLabel": "交接包",
"handoffLabel": "交接要求",
"guardLabel": "仍不會做",
"boundaryTitle": "正式紀錄負責人交接維持的保護線",
"summary": {
"packets": {
"label": "交接包",
"detail": "七個交接包先可見,避免候選直接變成正式紀錄。"
},
"ready": {
"label": "可交接",
"detail": "目前為 0沒有候選可交給紀錄負責人。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0沒有任何正式紀錄負責人被自動指派。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0交接準備不會啟動執行期。"
}
},
"items": {
"handoffIdentityBundle": {
"title": "身分追溯包",
"body": "交接包需要保留候選、草稿、收件包、審查結果與來源階段的追溯鏈。",
"handoff": "只整理已提交的追溯參照。",
"guard": "不建立正式紀錄、不產生新的審批編號。"
},
"handoffDecisionContext": {
"title": "決策脈絡包",
"body": "交接包要說明候選為何可交接、仍缺哪些人工確認,以及哪些內容不能視為批准。",
"handoff": "只整理背景、限制與待人工確認欄位。",
"guard": "不替人工下決策、不自動批准。"
},
"handoffEvidenceLock": {
"title": "證據鎖定包",
"body": "交接前需要列出已脫敏、已提交、可追溯的證據版本與引用位置。",
"handoff": "只引用證據版本與文件路徑。",
"guard": "不讀取外部系統、不保存原始載荷或機密明文。"
},
"handoffReviewerNotes": {
"title": "審查備註包",
"body": "交接包要保留審查說明、退回理由、補證狀態與未決事項。",
"handoff": "只整理已存在的審查備註摘要。",
"guard": "不自動通知、不代填姓名、不建立外部任務。"
},
"handoffRiskRollback": {
"title": "風險回滾包",
"body": "若未來正式紀錄會影響主機、服務、主要來源或部署節奏,交接包只先列風險與回滾欄位。",
"handoff": "只標出風險、維護窗口、回滾負責人與後驗證欄位。",
"guard": "不安排維護、不部署、不建立修復工作。"
},
"handoffRuntimeGatePointer": {
"title": "執行期閘門指標包",
"body": "任何掃描、修復、主機更新或阻擋控制都必須留在獨立執行期閘門。",
"handoff": "只標記後續可能需要哪一種人工執行期閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不執行修復。"
},
"handoffSourceControlPointer": {
"title": "主要來源指標包",
"body": "GitHub 主要來源切換、Gitea 停用、refs 或 workflow / 機密設定 動作只能作為後續人工閘門指標。",
"handoff": "只標記版本控制與主要來源相關待決事項。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerHandoffReviewBoard": {
"title": "人工決策正式紀錄負責人交接驗收清單",
"subtitle": "交接包進入人工檢查前,先用七個只讀驗收項確認資料是否足夠;這仍不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在驗收項=7、通過=0、已指派=0、執行期閘門=0。",
"checkLabel": "驗收項",
"reviewLabel": "檢查方式",
"guardLabel": "仍不會做",
"boundaryTitle": "交接驗收清單維持的保護線",
"summary": {
"checks": {
"label": "驗收項",
"detail": "七個驗收項先可見,避免交接包被直接視為可指派。"
},
"passed": {
"label": "通過",
"detail": "目前為 0沒有任何交接驗收被標記通過。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0交接驗收不會啟動執行期。"
}
},
"items": {
"packetCompleteness": {
"title": "交接包完整性",
"body": "檢查七個交接包是否都有來源、摘要、限制、缺口與後續人工確認欄位。",
"review": "只列出缺漏欄位與待補項目。",
"guard": "不補寫正式紀錄、不自動產生批准文字。"
},
"recordOwnerIdentityScope": {
"title": "負責人身分範圍",
"body": "檢查交接包是否說明未來紀錄負責人的角色範圍、責任邊界與可聯絡依據。",
"review": "只確認身分欄位是否足夠人工判讀。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"authorityBoundaryMatch": {
"title": "權責邊界比對",
"body": "檢查交接包是否清楚區分可閱讀、可審查、可批准與可執行四種不同權限。",
"review": "只標記邊界是否清楚,避免審查語義混淆。",
"guard": "不把可審查當成可批准,不把批准當成可執行。"
},
"evidenceVersionConfirm": {
"title": "證據版本確認",
"body": "檢查交接包引用的證據是否已脫敏、可追溯,並標示版本或文件路徑。",
"review": "只確認證據指標是否可追溯。",
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNoteConfirm": {
"title": "審查備註確認",
"body": "檢查退回理由、補證狀態、人工備註與未決事項是否足夠讓下一位審查者接手。",
"review": "只整理既有備註是否完整。",
"guard": "不建立外部任務、不自動通知、不改審查結論。"
},
"mutationRequestReject": {
"title": "變更要求拒收檢查",
"body": "檢查交接包是否夾帶專案庫、refs、workflow、機密設定、部署或主機變更要求。",
"review": "只標記需要拒收或重送只讀版本的項目。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定、不部署。"
},
"runtimeCutoverSeparation": {
"title": "執行與切換分離",
"body": "檢查掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否被留在獨立人工閘門。",
"review": "只標記後續需要哪一類獨立閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard": {
"title": "人工決策正式紀錄負責人交接驗收結果分流",
"subtitle": "交接驗收後只會落到八條只讀結果分流;這仍不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在分流=8、可進負責人檢查=0、已指派=0、執行期閘門=0。",
"laneLabel": "結果分流",
"resultLabel": "分流結果",
"guardLabel": "仍不會做",
"boundaryTitle": "交接驗收結果分流維持的保護線",
"summary": {
"lanes": {
"label": "分流",
"detail": "八條結果分流先可見,避免驗收結果直接變成指派。"
},
"ready": {
"label": "可進檢查",
"detail": "目前為 0沒有交接包可進紀錄負責人檢查。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0結果分流不會啟動執行期。"
}
},
"items": {
"remainReviewWaiting": {
"title": "維持驗收等待",
"body": "若交接包仍在等待人工檢查,結果只能維持等待狀態。",
"result": "只顯示仍待驗收與缺少哪一類檢查。",
"guard": "不自動通過、不建立正式紀錄、不指派負責人。"
},
"requestPacketCompletion": {
"title": "要求補齊交接包",
"body": "若身分、脈絡、證據、備註、風險或指標包缺漏,必須退回補齊。",
"result": "只列出缺漏交接包與需要補充的欄位。",
"guard": "不代寫補件、不自動批准、不建立外部任務。"
},
"requestOwnerScopeClarification": {
"title": "要求負責人範圍說明",
"body": "若未來紀錄負責人的角色、權責或聯絡依據不清,必須要求人工說明。",
"result": "只標記需要補充哪一類負責人範圍。",
"guard": "不查外部帳號、不代填姓名、不自動指派。"
},
"requestEvidenceRefresh": {
"title": "要求證據版本更新",
"body": "若證據版本、文件路徑、脫敏狀態或引用位置不清,必須回到證據補正。",
"result": "只標記需要更新的證據指標。",
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"readyForRecordOwnerReview": {
"title": "可進負責人檢查",
"body": "若驗收項都足夠,交接包可以進入人工紀錄負責人檢查,但仍不是指派。",
"result": "只標記可進人工檢查,等待人工確認。",
"guard": "不自動升格、不建立正式紀錄、不建立審批紀錄。"
},
"quarantineSensitivePayload": {
"title": "隔離敏感載荷",
"body": "若交接包或補件夾帶 token、cookie、private key、密碼或 exploit payload必須隔離。",
"result": "只標記隔離原因與來源欄位。",
"guard": "不展示、不保存、不轉送任何機密明文值。"
},
"rejectMutationRequest": {
"title": "拒收變更要求",
"body": "若驗收結果夾帶專案庫、refs、workflow、機密設定、部署或主機變更要求先拒收。",
"result": "只標記拒收原因,等待重新提交只讀版本。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定、不部署。"
},
"runtimeOrCutoverGateRequired": {
"title": "另開執行或切換閘門",
"body": "若結果需要掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用,必須另開人工閘門。",
"result": "只標記需要哪一種後續閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerReviewPreparationBoard": {
"title": "人工決策正式紀錄負責人檢查準備包",
"subtitle": "交接驗收結果若可進負責人檢查,仍只能整理人工檢查前需要看的八個準備包;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在準備包=8、可檢查=0、已指派=0、執行期閘門=0。",
"packetLabel": "準備包",
"prepareLabel": "準備方式",
"guardLabel": "仍不會做",
"boundaryTitle": "負責人檢查準備包維持的保護線",
"summary": {
"packets": {
"label": "準備包",
"detail": "八個準備包先可見,避免可進檢查被直接視為指派。"
},
"ready": {
"label": "可檢查",
"detail": "目前為 0沒有交接包可進入負責人檢查。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0準備包不會啟動執行期。"
}
},
"items": {
"reviewIdentityPacket": {
"title": "檢查身分包",
"body": "保留交接驗收結果、候選紀錄、草稿與來源階段的追溯關係。",
"prepare": "只整理既有追溯參照與缺漏欄位。",
"guard": "不建立正式紀錄、不產生新的審批編號。"
},
"handoffOutcomeSnapshot": {
"title": "交接結果快照",
"body": "整理驗收結果分流、可進檢查理由、仍待人工確認與不得升格的限制。",
"prepare": "只整理結果摘要與限制說明。",
"guard": "不把可進檢查升格成已指派或已批准。"
},
"ownerScopePacket": {
"title": "負責人範圍包",
"body": "列出未來紀錄負責人需要確認的角色範圍、責任邊界與聯絡依據。",
"prepare": "只整理需要人工判讀的範圍欄位。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"authorityBoundaryPacket": {
"title": "權責邊界包",
"body": "明確區分可閱讀、可檢查、可審查、可批准與可執行的不同邊界。",
"prepare": "只標記邊界是否足夠清楚。",
"guard": "不把檢查當審批,不把批准當執行。"
},
"evidenceTracePacket": {
"title": "證據追溯包",
"body": "整理已脫敏、可追溯的證據版本、文件路徑、引用位置與補證狀態。",
"prepare": "只引用安全證據指標與文件路徑。",
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNotePacket": {
"title": "審查備註包",
"body": "整理退回理由、補件結果、人工備註、未決事項與下一位檢查者需要看的脈絡。",
"prepare": "只摘要既有備註與未決事項。",
"guard": "不建立外部任務、不自動通知、不改審查結論。"
},
"mutationRejectionPacket": {
"title": "變更拒收包",
"body": "整理專案庫、refs、workflow、機密設定、部署或主機變更要求是否已被拒收。",
"prepare": "只標記拒收理由與需要重送只讀版本的項目。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定、不部署。"
},
"runtimeCutoverPointer": {
"title": "執行切換指標包",
"body": "整理掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否需要另開人工閘門。",
"prepare": "只標記後續可能需要哪一種獨立閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerReviewChecklistBoard": {
"title": "人工決策正式紀錄負責人檢查清單",
"subtitle": "準備包若進入人工負責人檢查,仍只能逐項確認八個檢查點;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已指派=0、執行期閘門=0。",
"checkLabel": "檢查項",
"reviewLabel": "檢查方式",
"guardLabel": "仍不會做",
"boundaryTitle": "負責人檢查清單維持的保護線",
"summary": {
"checks": {
"label": "檢查項",
"detail": "八個檢查項先可見,避免準備包被直接視為已通過。"
},
"passed": {
"label": "通過",
"detail": "目前為 0沒有任何負責人檢查被標記通過。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0檢查清單不會啟動執行期。"
}
},
"items": {
"identityTraceCheck": {
"title": "身分追溯檢查",
"body": "確認交接驗收結果、候選紀錄、草稿、準備包與來源階段是否能互相追溯。",
"review": "只標記追溯鏈是否足夠清楚。",
"guard": "不建立正式紀錄、不產生新的審批編號。"
},
"handoffOutcomeCheck": {
"title": "交接結果檢查",
"body": "確認可進檢查理由、仍待人工確認與不得升格的限制是否完整。",
"review": "只確認結果摘要與限制是否可讀。",
"guard": "不把可進檢查升格成已指派或已批准。"
},
"ownerScopeCheck": {
"title": "負責人範圍檢查",
"body": "確認未來紀錄負責人的角色範圍、責任邊界與聯絡依據是否足夠人工判讀。",
"review": "只標記範圍欄位是否足夠。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"authorityBoundaryCheck": {
"title": "權責邊界檢查",
"body": "確認可閱讀、可檢查、可審查、可批准與可執行的邊界是否分離。",
"review": "只標記權責語義是否清楚。",
"guard": "不把檢查當審批,不把批准當執行。"
},
"evidenceTraceCheck": {
"title": "證據追溯檢查",
"body": "確認證據版本、文件路徑、引用位置、脫敏狀態與補證狀態是否足夠。",
"review": "只確認安全證據指標是否可追溯。",
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNoteCheck": {
"title": "審查備註檢查",
"body": "確認退回理由、補件結果、人工備註、未決事項與下一步說明是否完整。",
"review": "只標記備註與未決事項是否足夠。",
"guard": "不建立外部任務、不自動通知、不改審查結論。"
},
"mutationRejectionCheck": {
"title": "變更拒收檢查",
"body": "確認專案庫、refs、workflow、機密設定、部署或主機變更要求是否已被拒收或隔離。",
"review": "只標記拒收狀態與需要重送只讀版本的項目。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定、不部署。"
},
"runtimeCutoverSeparationCheck": {
"title": "執行切換分離檢查",
"body": "確認掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否留在獨立人工閘門。",
"review": "只標記後續是否需要獨立閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerReviewOutcomeBoard": {
"title": "人工決策正式紀錄負責人檢查結果分流",
"subtitle": "負責人檢查清單後只能進入八條只讀結果分流;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在分流=8、可進人工指派確認=0、已指派=0、執行期閘門=0。",
"laneLabel": "結果分流",
"resultLabel": "分流結果",
"guardLabel": "仍不會做",
"boundaryTitle": "負責人檢查結果分流維持的保護線",
"summary": {
"lanes": {
"label": "分流",
"detail": "八條分流先可見,避免檢查清單被直接視為已決策。"
},
"ready": {
"label": "可進人工指派確認",
"detail": "目前為 0沒有任何檢查結果可進入人工指派確認。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0結果分流不會啟動執行期。"
}
},
"items": {
"remainOwnerReviewWaiting": {
"title": "維持負責人檢查等待",
"body": "當檢查項尚未完整、人工備註不足或證據仍在補正時,維持等待。",
"result": "只標記仍在等待哪一類檢查。",
"guard": "不自動通過、不指派負責人、不建立正式紀錄。"
},
"requestTraceCompletion": {
"title": "要求追溯鏈補齊",
"body": "若交接驗收結果、候選紀錄、草稿、準備包或來源階段無法互相對應,退回補齊。",
"result": "只標記需要補哪一段追溯關係。",
"guard": "不產生審批編號、不改既有紀錄狀態。"
},
"requestOwnerScopeClarification": {
"title": "要求負責人範圍說明",
"body": "若角色範圍、責任邊界、聯絡依據或代理關係不清,要求人工補說明。",
"result": "只標記負責人範圍仍需說明。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"requestAuthorityBoundaryFix": {
"title": "要求權責邊界修正",
"body": "若可閱讀、可檢查、可審查、可批准與可執行的語義混在一起,退回修正。",
"result": "只標記需要修正哪一類權責語義。",
"guard": "不把檢查當批准,不把批准當執行。"
},
"readyForManualOwnerAssignmentReview": {
"title": "可進人工指派確認",
"body": "若八個檢查項都足夠,結果可以進入下一個人工指派確認,但仍不是已指派。",
"result": "只標記可進人工確認,等待人控決策。",
"guard": "不自動指派、不建立正式紀錄、不建立審批紀錄。"
},
"quarantineSensitivePayload": {
"title": "隔離敏感載荷",
"body": "若檢查資料夾帶 token、cookie、private key、密碼、未脫敏截圖或可執行載荷必須隔離。",
"result": "只標記隔離原因與來源欄位。",
"guard": "不展示、不保存、不轉送任何機密明文值。"
},
"rejectMutationRequest": {
"title": "拒收變更要求",
"body": "若結果夾帶專案庫、refs、workflow、機密設定、部署或主機變更要求必須拒收。",
"result": "只標記拒收原因,等待重新提交只讀版本。",
"guard": "不建立專案庫、不改 refs、不改 workflow / 機密設定、不部署。"
},
"runtimeOrPrimaryGateRequired": {
"title": "另開執行或主要來源閘門",
"body": "若後續需要掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用,必須另開人工閘門。",
"result": "只標記後續需要哪一種獨立閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerAssignmentPreparationBoard": {
"title": "人工決策正式紀錄負責人指派確認準備包",
"subtitle": "可進人工指派確認後,先整理八個只讀準備包;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在準備包=8、可確認=0、已指派=0、執行期閘門=0。",
"packetLabel": "準備包",
"preparationLabel": "確認準備",
"guardLabel": "仍不會做",
"boundaryTitle": "指派確認準備包維持的保護線",
"summary": {
"packets": {
"label": "準備包",
"detail": "八個準備包先可見,避免結果分流被直接視為已指派。"
},
"ready": {
"label": "可確認",
"detail": "目前為 0沒有任何準備包可進入人工指派確認。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0準備包不會啟動執行期。"
}
},
"items": {
"assignmentIdentityCandidate": {
"title": "指派身分候選包",
"body": "整理可被人工確認的負責人身分來源、角色名稱與來源證據索引。",
"preparation": "只標記身分候選資料是否可被人審閱讀。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"ownerScopeConfirmation": {
"title": "負責人範圍確認包",
"body": "整理負責人涵蓋的主機、專案、服務、專案庫、工作流程或網站範圍。",
"preparation": "只標記範圍欄位是否足以進人工確認。",
"guard": "不擴大掃描範圍、不把範圍視為授權。"
},
"authorityBoundaryConfirmation": {
"title": "權責邊界確認包",
"body": "整理可閱讀、可檢查、可審查、可批准與可執行的邊界,避免混用。",
"preparation": "只標記邊界語義是否可被人工確認。",
"guard": "不把指派確認當批准,不把批准當執行。"
},
"evidenceTraceConfirmation": {
"title": "證據追溯確認包",
"body": "整理交接驗收、檢查清單、結果分流與來源快照之間的追溯關係。",
"preparation": "只標記追溯鏈是否可讀與是否仍需補齊。",
"guard": "不產生審批編號、不改既有紀錄狀態。"
},
"reviewOutcomeReference": {
"title": "審查結果引用包",
"body": "整理 S2.94 的分流結果、補證要求、隔離或拒收理由,供人工確認引用。",
"preparation": "只引用只讀結果,不把結果變成正式決策。",
"guard": "不自動通過、不建立正式紀錄、不建立審批紀錄。"
},
"backupOwnerNote": {
"title": "代理與備援說明包",
"body": "若負責人需要代理人、備援窗口或跨工作階段接手說明,先以只讀欄位呈現。",
"preparation": "只標記需要補哪一類代理或備援說明。",
"guard": "不自動通知、不建立值班、不改 AwoooP 指派。"
},
"mutationRejectionConfirmation": {
"title": "變更要求拒收確認包",
"body": "確認準備包沒有夾帶專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求。",
"preparation": "只標記拒收原因與需要重新提交的欄位。",
"guard": "不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不部署。"
},
"runtimePrimarySeparation": {
"title": "執行與主要來源分離包",
"body": "若後續需要掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用,保留到獨立閘門。",
"preparation": "只標記後續需要哪一種獨立閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerAssignmentChecklistBoard": {
"title": "人工決策正式紀錄負責人指派確認清單",
"subtitle": "指派確認準備包後,仍要逐項檢查八個只讀條件;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已指派=0、執行期閘門=0。",
"checkLabel": "確認檢查",
"confirmationLabel": "確認條件",
"guardLabel": "仍不會做",
"boundaryTitle": "指派確認清單維持的保護線",
"summary": {
"checks": {
"label": "檢查項",
"detail": "八個確認檢查先可見,避免準備包被直接視為已指派。"
},
"passed": {
"label": "通過",
"detail": "目前為 0沒有任何指派確認檢查被標記通過。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0確認清單不會啟動執行期。"
}
},
"items": {
"assignmentIdentityReadable": {
"title": "指派身分可讀檢查",
"body": "確認負責人身分來源、角色名稱與來源證據索引是否可被人工閱讀。",
"confirmation": "只標記身分欄位是否完整可讀。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"ownerScopeCurrent": {
"title": "負責人範圍有效檢查",
"body": "確認主機、專案、服務、專案庫、工作流程或網站範圍仍是目前可審版本。",
"confirmation": "只標記範圍是否足以進人工確認。",
"guard": "不擴大掃描範圍、不把範圍視為授權。"
},
"authorityBoundaryReadable": {
"title": "權責邊界可讀檢查",
"body": "確認可閱讀、可檢查、可審查、可批准與可執行的邊界沒有混用。",
"confirmation": "只標記邊界語義是否仍需修正。",
"guard": "不把確認當批准,不把批准當執行。"
},
"evidenceTraceReadable": {
"title": "證據追溯可讀檢查",
"body": "確認交接驗收、檢查清單、結果分流、準備包與來源快照可以互相追溯。",
"confirmation": "只標記追溯鏈是否足以供人工閱讀。",
"guard": "不產生審批編號、不改既有紀錄狀態。"
},
"reviewOutcomeLinked": {
"title": "審查結果引用檢查",
"body": "確認 S2.94 分流結果、補證要求、隔離或拒收理由已被安全引用。",
"confirmation": "只確認引用關係,不把引用變成正式決策。",
"guard": "不自動通過、不建立正式紀錄、不建立審批紀錄。"
},
"backupOwnerNoteReadable": {
"title": "代理與備援說明檢查",
"body": "確認代理人、備援窗口或跨工作階段接手說明是否足以被人工理解。",
"confirmation": "只標記代理或備援說明是否仍需補齊。",
"guard": "不自動通知、不建立值班、不改 AwoooP 指派。"
},
"mutationRejectionConfirmed": {
"title": "變更要求拒收檢查",
"body": "確認清單沒有夾帶專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求。",
"confirmation": "只標記是否需要拒收並重送只讀版本。",
"guard": "不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不部署。"
},
"runtimePrimarySeparated": {
"title": "執行與主要來源分離檢查",
"body": "確認掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用都留在獨立閘門。",
"confirmation": "只標記後續是否需要獨立人工閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerAssignmentOutcomeBoard": {
"title": "人工決策正式紀錄負責人指派確認結果分流",
"subtitle": "指派確認清單後只能進入八條只讀結果分流;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在分流=8、可進人工指派決策=0、已指派=0、執行期閘門=0。",
"laneLabel": "結果分流",
"resultLabel": "分流結果",
"guardLabel": "仍不會做",
"boundaryTitle": "指派確認結果分流維持的保護線",
"summary": {
"lanes": {
"label": "分流",
"detail": "八條只讀結果分流先可見,避免確認清單被直接視為已指派。"
},
"ready": {
"label": "可進決策",
"detail": "目前為 0沒有任何項目可直接進入人工指派決策。"
},
"assigned": {
"label": "已指派",
"detail": "目前為 0仍沒有正式紀錄負責人被指定。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0結果分流不會啟動執行期。"
}
},
"items": {
"remainAssignmentCheckWaiting": {
"title": "維持指派確認等待",
"body": "確認清單尚未完整、尚未人工判讀或仍需等待原始負責人回覆時,維持在等待狀態。",
"result": "只標記仍需等待,不把等待改成通過。",
"guard": "不建立正式紀錄、不指派紀錄負責人、不更新審批狀態。"
},
"requestIdentityClarification": {
"title": "要求身分說明補齊",
"body": "負責人身分、角色、來源或代理說明不足時,只要求補齊可讀說明。",
"result": "只要求補身分欄位,不代填、不查外部帳號。",
"guard": "不自動指定人員、不建立值班、不通知外部服務。"
},
"requestScopeRefresh": {
"title": "要求負責人範圍更新",
"body": "主機、專案、服務、專案庫、網站、工作流程或機密名稱範圍過舊時,要求更新範圍描述。",
"result": "只要求更新可審範圍,不擴大掃描或執行授權。",
"guard": "不掃描、不登入主機、不修改專案庫或工作流程。"
},
"requestAuthorityBoundaryFix": {
"title": "要求權責邊界修正",
"body": "若確認、審查、批准、正式紀錄與執行邊界混用,回到人工修正。",
"result": "只要求修正文案與欄位語義,不提升權限。",
"guard": "不把確認當批准,不把批准當執行。"
},
"readyForManualOwnerAssignmentDecision": {
"title": "可進人工指派決策",
"body": "只有在身分、範圍、權責、證據與拒收檢查都可讀時,才標記可交給人工做下一步指派決策。",
"result": "只表示可被人工判讀,仍不是已指派或已批准。",
"guard": "不自動建立正式紀錄、不產生審批編號、不觸發 執行期閘門。"
},
"quarantineSensitivePayload": {
"title": "隔離敏感載荷",
"body": "若回覆夾帶密碼、token、金鑰、credential 明文或不可保存載荷,進入隔離分流。",
"result": "只保留脫敏後 metadata 與隔離理由。",
"guard": "不保存秘密值、不顯示明文、不把隔離內容交給前端。"
},
"rejectMutationRequest": {
"title": "拒收變更要求",
"body": "若回覆要求建立專案庫、改分支 / 標籤參照、改工作流程、改機密設定、部署或主機變更,直接拒收。",
"result": "只標記拒收原因與需要重送只讀版本。",
"guard": "不建立專案庫、不同步 refs、不改工作流程 / 機密設定、不部署。"
},
"runtimeOrPrimaryGateRequired": {
"title": "另開執行或主要來源閘門",
"body": "若後續需要 Kali 掃描、SSH、主機更新、修復、GitHub 主要來源切換或 Gitea 停用,必須另開獨立人工閘門。",
"result": "只標記需要哪一種後續閘門,不在本看板執行。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard": {
"title": "人工決策正式紀錄負責人指派決策準備包",
"subtitle": "指派確認結果分流後,只能整理八個只讀決策準備包;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在準備包=8、可進決策=0、已決策=0、執行期閘門=0。",
"packetLabel": "決策準備包",
"requirementLabel": "準備要求",
"guardLabel": "仍不會做",
"boundaryTitle": "指派決策準備包維持的保護線",
"summary": {
"packets": {
"label": "準備包",
"detail": "八個只讀準備包先可見,避免結果分流被直接視為已決策。"
},
"ready": {
"label": "可進決策",
"detail": "目前為 0沒有任何指派決策準備包被標記可交付。"
},
"decisions": {
"label": "已決策",
"detail": "目前為 0仍沒有任何正式負責人指派決策。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0準備包不會啟動執行期。"
}
},
"items": {
"outcomeTracePacket": {
"title": "結果分流追溯包",
"body": "整理 S2.97 八條分流的來源、目前分流、退回理由與可讀證據索引。",
"requirement": "只整理結果脈絡,不把分流結果改成決策。",
"guard": "不建立正式紀錄、不更新審批狀態、不標記已接受。"
},
"ownerIdentityPacket": {
"title": "負責人身分包",
"body": "整理候選負責人、代理人、角色名稱、來源證據與仍需補齊的身分欄位。",
"requirement": "只保留人工可讀身分欄位與缺口。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"scopeSnapshotPacket": {
"title": "範圍快照包",
"body": "整理主機、專案、服務、專案庫、網站、工作流程與機密名稱的目前可審範圍。",
"requirement": "只固定當前可審範圍,不擴大掃描或執行授權。",
"guard": "不掃描、不登入主機、不修改專案庫或工作流程。"
},
"authorityBoundaryPacket": {
"title": "權責邊界包",
"body": "整理確認、審查、指派、正式紀錄、批准與執行各自的邊界。",
"requirement": "只讓人工知道下一步需要哪一種角色判讀。",
"guard": "不把確認當批准,不把批准當執行。"
},
"evidenceReviewPacket": {
"title": "證據審查包",
"body": "整理交接、檢查、結果分流與準備包之間的證據鏈與版本標記。",
"requirement": "只準備可讀證據索引,不寫入正式決策紀錄。",
"guard": "不產生審批編號、不建立正式紀錄、不更改原始 evidence。"
},
"quarantineAndExceptionPacket": {
"title": "隔離與例外包",
"body": "整理敏感載荷隔離、缺欄、例外、退回與補證原因,保留脫敏 metadata。",
"requirement": "只顯示隔離原因與可讀 metadata。",
"guard": "不保存秘密值、不顯示明文、不把隔離內容交給前端。"
},
"mutationRejectionPacket": {
"title": "變更拒收包",
"body": "整理專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求的拒收理由。",
"requirement": "只標記拒收原因與需要重送的只讀版本。",
"guard": "不建立專案庫、不同步 refs、不改工作流程 / 機密設定、不部署。"
},
"runtimePrimaryGatePacket": {
"title": "執行與主要來源閘門包",
"body": "整理後續若要 Kali、SSH、主機更新、修復、GitHub 主要來源切換或 Gitea 停用時需要另開的人工閘門。",
"requirement": "只標記後續閘門類型,不在本看板執行。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard": {
"title": "人工決策正式紀錄負責人指派決策檢查清單",
"subtitle": "指派決策準備包後,仍要逐項檢查八個只讀條件;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已決策=0、執行期閘門=0。",
"checkLabel": "決策檢查",
"confirmationLabel": "確認條件",
"guardLabel": "仍不會做",
"boundaryTitle": "指派決策檢查清單維持的保護線",
"summary": {
"checks": {
"label": "檢查項",
"detail": "八個只讀檢查先可見,避免準備包被直接視為已決策。"
},
"passed": {
"label": "通過",
"detail": "目前為 0沒有任何指派決策檢查被標記通過。"
},
"decisions": {
"label": "已決策",
"detail": "目前為 0仍沒有任何正式負責人指派決策。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前為 0檢查清單不會啟動執行期。"
}
},
"items": {
"decisionTraceReadable": {
"title": "決策追溯可讀檢查",
"body": "確認結果分流、準備包、退回理由與證據索引是否能被人工完整追溯。",
"confirmation": "只標記追溯鏈是否足以供人工閱讀。",
"guard": "不建立正式紀錄、不更新審批狀態、不標記已接受。"
},
"ownerIdentityConfirmable": {
"title": "負責人身分可確認檢查",
"body": "確認候選負責人、代理人、角色名稱、來源證據與缺口欄位是否可人工判讀。",
"confirmation": "只標記身分欄位是否可確認。",
"guard": "不代填姓名、不查外部帳號、不自動指派。"
},
"scopeSnapshotCurrent": {
"title": "範圍快照有效檢查",
"body": "確認主機、專案、服務、專案庫、網站、工作流程與機密名稱範圍仍是目前可審版本。",
"confirmation": "只標記範圍快照是否足以進人工判讀。",
"guard": "不掃描、不登入主機、不修改專案庫或工作流程。"
},
"authorityBoundaryChecked": {
"title": "權責邊界已檢查",
"body": "確認確認、審查、指派、正式紀錄、批准與執行沒有被混用。",
"confirmation": "只標記邊界是否仍需人工修正。",
"guard": "不把確認當批准,不把批准當執行。"
},
"evidenceChainReadable": {
"title": "證據鏈可讀檢查",
"body": "確認交接、檢查、結果分流、準備包與後續人工決策可以互相追溯。",
"confirmation": "只標記證據鏈是否完整可讀。",
"guard": "不產生審批編號、不建立正式紀錄、不更改原始 evidence。"
},
"quarantineExceptionChecked": {
"title": "隔離與例外已檢查",
"body": "確認敏感載荷、缺欄、例外、退回與補證原因已用脫敏 metadata 呈現。",
"confirmation": "只標記隔離原因與例外欄位是否可讀。",
"guard": "不保存秘密值、不顯示明文、不把隔離內容交給前端。"
},
"mutationRejectionChecked": {
"title": "變更拒收已檢查",
"body": "確認沒有夾帶專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求。",
"confirmation": "只標記是否需要拒收並重送只讀版本。",
"guard": "不建立專案庫、不同步 refs、不改工作流程 / 機密設定、不部署。"
},
"runtimePrimarySeparated": {
"title": "執行與主要來源分離檢查",
"body": "確認 Kali、SSH、主機更新、修復、GitHub 主要來源切換或 Gitea 停用都留在獨立閘門。",
"confirmation": "只標記後續是否需要獨立人工閘門。",
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
}
}
},
"awooopReadOnlyLandingReadiness": {
"title": "AwoooP Read-Only Landing Readiness",
"subtitle": "S2.51 turns the AwoooP main-line read-only consumption path for IwoooS / security mirror state into an intake readiness board. This is landing readiness, not production_landing_enabled, and it does not connect an execution router.",
"readinessLabel": "Read-only intake",
"requirementLabel": "Intake requirement",
"guardLabel": "Still locked",
"items": {
"rollupSnapshotReadable": {
"title": "Rollup snapshots are readable",
"body": "`security-mirror-status-rollup.snapshot.json` and `iwooos-posture-projection.snapshot.json` can serve as the main read-only sources for AwoooP.",
"requirement": "AwoooP consumes committed snapshots and guard output only, without calling Kali, Gitea, GitHub, or runtime APIs directly.",
"guard": "production_landing_enabled=false; execution router linked=false"
},
"evidenceRefsReadable": {
"title": "Evidence refs are traceable",
"body": "IwoooS already lists evidence refs for security rollout, 負責人回覆 validation, Kali status, rollup, and projection state.",
"requirement": "AwoooP landing may show evidence refs and status summaries only; it must not store raw payloads, credential plaintext, or token values.",
"guard": "payloads_ingested=false; 機密明文值 collection=false"
},
"guardChecksKnown": {
"title": "Guard checks are known",
"body": "`security-mirror-progress-guard.py` and `source-control-owner-response-guard.py` are the required read-only preflight checks.",
"requirement": "AwoooP main-line intake must preserve progress, 負責人回覆, runtime flag, 操作按鈕, and forbidden output checks.",
"guard": "Do not skip guards; do not treat guard pass as runtime approval."
},
"routeGroupsKnown": {
"title": "Mirror route groups are known",
"body": "`security_mirror_route_v1` already defines read-only destinations for Operator Console, runtime state, channel event, audit evidence, and approval queue.",
"requirement": "AwoooP may display and classify by route group only; it must not add scan, execute, repair, repo, refs, or deploy actions.",
"guard": "action_buttons_allowed=false; runtime_execution_authorized=false"
},
"forbiddenOutputsLocked": {
"title": "Forbidden outputs stay locked",
"body": "IwoooS / rollup explicitly forbids 操作按鈕s, 執行期閘門s, GitHub primary switching, or production execution from landing readiness.",
"requirement": "AwoooP intake must preserve the forbidden output list and keep write, execution, switch, and secret-value collection paths closed.",
"guard": "Do not treat landing readiness as production consumption."
},
"productionHandoffPending": {
"title": "Production handoff is still pending",
"body": "This is only the AwoooP read-only landing intake preparation; it does not prove the AwoooP production main line consumes the state yet.",
"requirement": "A later PR / deployment evidence must prove AwoooP displays rollup, evidence refs, and guard results read-only.",
"guard": "progress_change_applied=false; headline percent delta=0"
}
}
},
"progressAcceleration": {
"title": "Progress Acceleration And Real Unlock Points",
"subtitle": "Progress is moving, but the 61% headline only gets reassessed when 負責人回覆s, 執行期閘門s, GitHub primary readiness, or AwoooP production landing produce real evidence. This board makes the next visible unlock points explicit.",
"laneLabel": "Acceleration lane",
"unlockLabel": "Unlock signal",
"guardLabel": "Low-friction boundary remains",
"items": {
"ownerResponses": {
"title": "Converge 負責人回覆s first",
"body": "S4.9-S4.12 負責人回覆s for Gitea, GitHub targets, refs truth, and 工作流程 / 機密 names are the main reason the headline is holding at 61%.",
"unlock": "The headline can be reassessed only after the first accepted redacted 負責人回覆s arrive.",
"guard": "Redacted evidence only; no repo creation, refs sync, workflow mutation, or 機密明文值 collection."
},
"redactedIngestion": {
"title": "Connect redacted evidence ingestion",
"body": "Security findings, Kali observe signals, and owner evidence need to enter the read-only intake plane as redacted metadata before runtime work.",
"unlock": "Runtime landing gets a real signal only after the redacted payload ingestion adapter is approved and passes preflight.",
"guard": "No raw payload, no credential plaintext, and no active scan."
},
"runtimeGate": {
"title": "Runtime gates stay separately approved",
"body": "Future scanning, repair, host update, or blocking controls must not auto-advance from frontend status.",
"unlock": "Runtime landing can be reassessed only after S3 / S3.4 has human approval, rollback, post-check metrics, and an active 執行期閘門.",
"guard": "active 執行期閘門=0; 操作按鈕=false; Kali /execute remains a block candidate."
},
"githubReadiness": {
"title": "Split GitHub primary readiness blockers",
"body": "The long-term GitHub direction is agreed, but targets, refs, 工作流程 / 機密 names, and rollback ADR still need full verification.",
"unlock": "primary_ready_count can move only after 負責人回覆s, refs truth, workflow parity, and rollback ADR are verifiable.",
"guard": "No primary switch, no force push, no refs deletion, and no unapproved target repo creation."
},
"awooopLanding": {
"title": "Make AwoooP / IwoooS visible in the main flow",
"body": "One reason progress feels slow is that security work still looks like backend contracts; the next steps, blockers, prohibitions, and unlock signals need to be visible in-product.",
"unlock": "Once AwoooP consumes the rollup and IwoooS board read-only, users can see the real blockers directly.",
"guard": "Read-only landing only; visible status is not authorization and does not add execution buttons."
},
"cadenceCompression": {
"title": "Move future cadence in batches",
"body": "S2.38-S2.45 split many checklist layers, making progress feel fragmented. Next work should favor P0 負責人回覆s and AwoooP landing over endlessly adding small checklist layers.",
"unlock": "Similar framework details should be batched in future reports; only high-level gate changes move the headline.",
"guard": "Faster cadence does not loosen safety; runtime and source-control cutover still need human gates."
}
}
},
"ownerResponseNextActionFocus": {
"title": "Owner Response Next-Action Focus",
"subtitle": "S2.47 makes the owner-response work that can actually move the 61% headline explicit: collect S4.9 Gitea owner attestation first, then GitHub targets, refs truth, and 工作流程 / 機密 names. This is display-only: no chasing, autofill, or received marking.",
"focusLabel": "Next focus",
"nextLabel": "Evidence to inspect",
"guardLabel": "Still forbidden",
"items": {
"giteaOwnerAttestation": {
"title": "Collect S4.9 Gitea owner attestation first",
"body": "Confirm Gitea coverage, public-only / local gaps, org/user endpoint, 110 adjacent source, canonical owner, and legacy disposition.",
"next": "Owner must answer the 5 redacted evidence refs in GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.",
"guard": "received=0; accepted=0; no token value storage, Gitea writes, refs sync, or primary switch."
},
"githubTargetOwnerDecision": {
"title": "Handle S4.10 GitHub target decisions next",
"body": "Confirm each GitHub target owner, visibility, canonical disposition, and not_found_or_private handling.",
"next": "After S4.9 is accepted, collect the 7 target responses from GITHUB-TARGET-OWNER-DECISION-RESPONSE.",
"guard": "No GitHub repo creation, visibility change, refs sync, or target response as primary approval."
},
"refsTruthOwnerResponse": {
"title": "Resolve S4.11 refs truth after that",
"body": "Clarify main/dev truth, deprecated drift, release tags, and GitHub-only refs so migration does not treat stale refs as truth.",
"next": "Repo owners must decide the 141 ref review items per repo / per ref.",
"guard": "No fetch, push, refs deletion, force push, or history rewrite."
},
"workflowSecretOwnerResponse": {
"title": "Complete S4.12 工作流程 / 機密 names last",
"body": "Fill webhook, runner, deploy key, branch protection / CODEOWNERS, and repository secret name parity gaps.",
"next": "Collect names, owners, and redacted parity evidence only so GitHub readiness has verifiable gaps.",
"guard": "No 機密明文值 collection, workflow mutation, runner enablement, or write token use."
}
}
},
"s49OwnerResponseRequestTemplates": {
"title": "S4.9 Owner Response Five Templates",
"subtitle": "S2.49 surfaces the five S4.9 templates the owner must answer one by one. This is only a request-ready list: the request is not sent, there is no chasing or autofill, no 已收到 / 已接受 marking, and no template is treated as Gitea inventory or GitHub migration approval.",
"templateLabel": "Template",
"ownerActionLabel": "負責人回覆",
"guardLabel": "Still forbidden",
"items": {
"publicOnlyVsLocalGiteaGap": {
"title": "Public-only / local Gitea gap",
"body": "Decide whether `wooo/clawbot-v5` and `wooo/wooo-aiops` belong in the current inventory / migration scope.",
"ownerAction": "Reply per repo with in scope, out of scope, legacy archived, external system, inaccessible, or needs more evidence, plus redacted evidence refs.",
"guard": "request_ready_not_sent; received=0; accepted=0; no Gitea writes, repo creation, or refs sync."
},
"orgUserEndpointIdentity": {
"title": "Gitea `wooo` org/user endpoint",
"body": "Clarify whether `wooo` in Gitea should be inventoried as a user, an org, or both, without treating endpoint 404 as absence.",
"ownerAction": "Reply with canonical endpoint identity, verification method, and follow-up owner.",
"guard": "No admin API calls, token use, or endpoint decision as inventory completed."
},
"internal110AdjacentScope": {
"title": "110 adjacent source scope",
"body": "Decide whether `bitan-pharmacy`, `root/momo-pro-system`, `tsenyang-website`, and `wooo/wooo-infra-config` belong in this scope.",
"ownerAction": "Classify each as in scope / out of scope / legacy / external / inaccessible, with redacted source evidence.",
"guard": "No private repo content reads, archive imports, or automatic migration inclusion."
},
"repoOwnerCanonicalScope": {
"title": "Repo owner / canonical / GitHub target",
"body": "Assign owner, canonical source, GitHub target candidate, and visibility review owner for in-scope repos.",
"ownerAction": "Reply with owner role/team, canonical source, GitHub target candidate, visibility review owner, and rationale.",
"guard": "No GitHub repo creation, visibility change, primary switch, or target candidate as approval."
},
"legacyOrInaccessibleDisposition": {
"title": "Legacy / inaccessible disposition",
"body": "Record disposition, rationale, and follow-up owner for legacy, inaccessible, or external repos.",
"ownerAction": "Mark archive, exclude, follow-up evidence, or external owner, with redacted trace.",
"guard": "No deletion, disabling, or repo archival; disposition is human classification, not execution."
}
}
},
"s49OwnerResponseDispatchFlow": {
"title": "S4.9 負責人回覆送件鏈路摘要",
"subtitle": "S2.106 把 S4.9 從工作單、封套、送件前檢查、結果分流、請求草稿到人工送件閘門整理成一條專業只讀鏈路。這是給使用者與 AwoooP 平行 Session 判讀目前卡點的摘要,不提供送出、批准、執行或主要來源切換入口。",
"stepLabel": "步驟",
"boundaryTitle": "送件鏈路邊界",
"boundaryIntro": "以下鍵值固定這條鏈路仍是只讀可視化,不是 request sent、稽核事件、人工批准或執行授權。",
"summary": {
"steps": {
"label": "鏈路步驟",
"detail": "六段只讀流程可供掃描。"
},
"current": {
"label": "目前焦點",
"detail": "停在送件請求草稿,不開送件。"
},
"sent": {
"label": "已送出",
"detail": "目前仍是 0不通知負責人。"
},
"accepted": {
"label": "已接受",
"detail": "目前仍是 0不推動 headline。"
}
},
"items": {
"workOrder": {
"title": "人工收件工作單",
"body": "五個 S4.9 收件項已可讀,但仍只是人工要填什麼的工作界面。"
},
"envelope": {
"title": "回覆封套欄位",
"body": "六個必填欄位仍是空白封套,不代表 owner 已提交。"
},
"preflight": {
"title": "送件前檢查",
"body": "六個檢查項目前通過數為 0不可升成可送件。"
},
"outcome": {
"title": "結果分流",
"body": "七條分流只說明補欄、修正、隔離、拒收或等待方向。"
},
"requestDraft": {
"title": "送件請求草稿",
"body": "送件文字、對象、脫敏證據與禁止變更條款仍待人工整理。"
},
"manualDispatchGate": {
"title": "人工送件閘門",
"body": "送件閘門尚未開啟,沒有按鈕、通知或稽核事件。"
}
}
},
"securityComplianceFrontStage": {
"title": "前台安全合規整合判定",
"subtitle": "S2.107 的專業判定是保留 `/security-compliance`,並把它改成 IwoooS 的前台友善入口。使用者仍可從熟悉的安全合規頁看到安全監控與合規統計,但資安網總覽、進度與執行邊界統一由 IwoooS 說明。",
"decisionLabel": "判定",
"boundaryTitle": "前台入口邊界",
"boundaryIntro": "以下鍵值固定:這是導覽與資訊架構整合,不是 runtime 授權、審批、掃描、修復、部署或 GitHub primary 切換。",
"summary": {
"route": {
"label": "前台路由",
"detail": "保留既有安全合規入口,避免連結失效。"
},
"decision": {
"label": "專業建議",
"detail": "整合到 IwoooS不移除。"
},
"removed": {
"label": "是否移除",
"detail": "不移除,改成橋接入口。"
},
"runtime": {
"label": "Runtime 控制",
"detail": "維持 0不新增執行控制。"
}
},
"items": {
"routePreserved": {
"title": "保留安全合規頁",
"body": "`/security-compliance` 保留 SecurityPanel 與 CompliancePanel 頁籤,讓前台使用者不用改變既有入口。"
},
"frontStageBridge": {
"title": "橋接到 IwoooS",
"body": "安全合規頁增加 IwoooS 前台說明與只讀導流IwoooS 作為資安網總覽與姿態來源。"
},
"singleSecurityNarrative": {
"title": "收斂資安敘事",
"body": "原本分散在安全、合規、治理、授權、告警與 Code Review 的內容,統一由 IwoooS 顯示整體邊界。"
},
"runtimeControls": {
"title": "不新增執行控制",
"body": "本階段只有可視化與資訊架構整理,不新增掃描、修復、批准、部署或 blocking control。"
}
}
},
"frontstageEntryRoles": {
"title": "前台資安入口角色分流",
"subtitle": "S2.108 把前台會看到的資安入口拆成清楚角色IwoooS 看總覽,安全合規給熟悉入口,安全 / 合規保留原始資料頁AwoooP 審批顯示人控等待。這只降低使用者困惑,不新增執行控制。",
"routeLabel": "路由",
"boundaryTitle": "入口分流邊界",
"boundaryIntro": "以下鍵值固定這是前台導覽與理解成本收斂不是掃描、修復、批准、部署、GitHub 主要來源切換或任何執行期入口。",
"summary": {
"entries": {
"label": "入口數",
"detail": "五個入口各有角色,不互相取代。"
},
"primary": {
"label": "總覽來源",
"detail": "資安網總覽與邊界以 IwoooS 為準。"
},
"familiar": {
"label": "熟悉入口",
"detail": "安全合規保留給前台使用者。"
},
"execution": {
"label": "執行入口",
"detail": "維持 0不從前台入口執行。"
}
},
"items": {
"iwooosOverview": {
"title": "IwoooS 資安總覽",
"body": "閱讀整體進度、Kali 主機、開發主機、原始碼版本來源、負責人回覆與執行期閘門邊界。"
},
"securityComplianceHub": {
"title": "安全合規前台入口",
"body": "保留既有安全監控與合規統計頁籤,讓使用者不用改變既有操作路徑。"
},
"securityMonitor": {
"title": "安全事件監控",
"body": "查看錯誤與議題類安全訊號,仍只保留原資料來源與只讀橋接。"
},
"complianceStats": {
"title": "合規統計",
"body": "查看事件摘要、處置劇本與自動修復統計,不把合規統計升成批准。"
},
"awooopApprovals": {
"title": "AwoooP 人控等待",
"body": "查看負責人回覆與審批等待狀態;這仍不是資安執行期閘門或執行入口。"
}
}
},
"lowFrictionRollout": {
"title": "低摩擦分階段收斂主控",
"subtitle": "S2.111 把安全合規頁的低摩擦收斂節奏同步回 IwoooS 主入口:目前先觀測與盤點,補齊證據後才進人工審查;只有明確批准後才開執行期閘門,最後再逐步收嚴。",
"phaseLabel": "階段",
"boundaryTitle": "分階段收斂邊界",
"boundaryIntro": "以下鍵值固定:這是 IwoooS 主入口的策略可視化,不是掃描、修復、批准、部署、主要來源切換或任何執行期入口。",
"summary": {
"phases": {
"label": "階段數",
"detail": "五段策略保持低摩擦。"
},
"current": {
"label": "目前階段",
"detail": "停在觀測優先,不阻擋流程。"
},
"runtime": {
"label": "執行期開閘",
"detail": "目前仍是 0等待批准。"
},
"enforcement": {
"label": "強制收嚴",
"detail": "目前仍是 0不一口氣鎖流程。"
}
},
"items": {
"observe": {
"title": "觀測與盤點",
"body": "整理 Kali、開發主機、專案、網站、監控與工具姿態不阻擋使用者流程。"
},
"evidence": {
"title": "補齊證據",
"body": "收斂脫敏證據、版本來源、負責人回覆與 AwoooP 只讀消費證明。"
},
"humanReview": {
"title": "人工審查",
"body": "由負責人確認例外、風險接受、修復順序與是否進入執行期閘門。"
},
"runtimeGate": {
"title": "批准後開閘",
"body": "只有明確批准後才允許掃描、修復、部署或主機變更的執行期流程。"
},
"tightening": {
"title": "逐步收嚴",
"body": "依證據與影響範圍分批提高管控,不一次把整個產品流程鎖死。"
}
}
},
"lowFrictionNextActions": {
"title": "低摩擦下一步行動邊界",
"subtitle": "S2.112 把 IwoooS 主入口的下一步拆成可做、準備與禁止:目前只能推只讀盤點、脫敏證據包與人工審查準備,掃描、主機變更、部署、來源切換仍要等明確批准與執行期閘門。",
"boundaryTitle": "下一步行動邊界",
"boundaryIntro": "以下鍵值固定:這是下一步行動的前台說明與防誤用邊界,不是掃描、修復、批准、部署、主機變更或版本來源操作入口。",
"summary": {
"allowed": {
"label": "可做項",
"detail": "只讀盤點與脫敏證據可以繼續。"
},
"prep": {
"label": "準備項",
"detail": "人工審查資料可整理,不等於批准。"
},
"blocked": {
"label": "禁止項",
"detail": "掃描、主機變更、部署與來源操作仍關閉。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前仍是 0沒有執行授權。"
}
},
"items": {
"observeInventory": {
"title": "只讀盤點與姿態整理",
"body": "可以繼續整理 Kali、開發主機、專案、網站、監控與工具的現況描述。",
"gate": "不可啟動掃描、登入主機或修改設定。"
},
"evidencePacket": {
"title": "脫敏證據包",
"body": "可以整理版本來源、負責人回覆、快照與 guard 結果的脫敏參照。",
"gate": "不可收集機密明文、token value 或未脫敏 payload。"
},
"humanReviewPrep": {
"title": "人工審查準備",
"body": "可以把例外、風險接受、修復順序與候選 gate 整理成人工審查材料。",
"gate": "不可把準備材料視為批准紀錄或執行期閘門。"
},
"runtimeClosed": {
"title": "執行期仍關閉",
"body": "掃描、修復、部署、SSH、主機更新、主要來源切換與 Gitea 停用都仍禁止。",
"gate": "只有明確批准與後續 執行期閘門 開啟後才可能進入執行。"
}
}
},
"progressMovementSignals": {
"title": "61% 進度移動訊號驗收條",
"subtitle": "S2.113 把真正會讓整體資安網 headline 往前的訊號拉到 IwoooSAwoooP 落地證據已驗證為 1讓整體從 58% 保守重估到 61%;負責人回覆、脫敏證據匯入、執行期閘門與 GitHub 主要來源仍是 0 或 false。",
"boundaryTitle": "進度移動驗收邊界",
"boundaryIntro": "以下鍵值固定:這是 headline 移動條件的只讀驗收條,不是進度灌水、批准、掃描、修復、部署、主機變更或版本來源操作入口。",
"summary": {
"headline": {
"label": "目前進度",
"detail": "已依正式只讀 landing 證據重估到 61%,不把框架細節灌水。"
},
"signals": {
"label": "移動訊號",
"detail": "五個訊號都要有可驗收證據。"
},
"passed": {
"label": "已通過",
"detail": "目前 1AwoooP 正式只讀 landing 是第一個 headline 移動證據。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前 0沒有執行授權。"
}
},
"items": {
"ownerResponse": {
"title": "負責人回覆接受",
"body": "S4.9 至少要有可追溯、已脫敏且通過驗收的 負責人回覆,才可能觸發 headline review。"
},
"redactedEvidence": {
"title": "脫敏證據匯入",
"body": "只接受 metadata 與脫敏參照;未脫敏 payload、機密明文與 token value 仍要隔離。"
},
"runtimeGate": {
"title": "執行期閘門開啟",
"body": "只有人工批准與後續 執行期閘門 開啟後,才可能進入掃描、修復或主機變更。"
},
"sourceControl": {
"title": "GitHub 主要來源就緒",
"body": "需要 target、refs truth、工作流程 / 機密 名稱與 rollback readiness 都有 owner evidence。"
},
"awooopLanding": {
"title": "AwoooP 落地證據",
"body": "AwoooP 需能只讀消費 snapshot、guard 與 evidence refs且不新增執行按鈕。"
}
}
},
"concreteSecurityWorkMap": {
"title": "目前具體工作地圖",
"subtitle": "S2.123 回應「很難理解有哪些具體工作」:把目前資安網拆成六條實體工作流。已完成的是前台可視化與只讀框架;真正會推動 61% 的下一步仍是 S4.9 負責人回覆被收到、脫敏並接受。",
"workLabel": "工作",
"boundaryTitle": "具體工作邊界",
"boundaryIntro": "以下鍵值固定:這張圖只是把具體工作流講清楚,不是 runtime 授權、Kali 掃描、主機變更、repo/refs/workflow/secret 操作、GitHub primary 切換或 Gitea 停用。",
"summary": {
"streams": {
"label": "工作流",
"detail": "六條把抽象資安網翻成具體工作。"
},
"visible": {
"label": "前台可見",
"detail": "六條都有可視化框架,不代表已執行。"
},
"realGate": {
"label": "下一真門檻",
"detail": "S4.9 負責人回覆 accepted 才會讓 61% 有機會移動。"
},
"runtime": {
"label": "執行授權",
"detail": "目前仍是 0沒有掃描、修復或部署。"
}
},
"items": {
"frontstageVisibility": {
"title": "前台資安入口與使用者可視化",
"body": "已把 IwoooS、既有安全/合規頁、AwoooP 首頁/工作鏈路/審批/合約/租戶/執行監控接成只讀資安視圖。",
"evidence": "具體產出:使用者現在能從前台看見 61%、GitHub readiness、負責人回覆、host coverage 與 執行期閘門 0。"
},
"hostScopeInventory": {
"title": "主機與範圍盤點框架",
"body": "已把 Kali 192.168.0.112、開發主機 192.168.0.168、192.168.0.111 放入 host coverage、action gate 與 evidence readiness。",
"evidence": "具體產出:看得到主機納管範圍與禁止動作;尚未 SSH、更新主機、掃描或變更設定。"
},
"sourceControlMigration": {
"title": "GitHub / Gitea 版本來源遷移準備",
"body": "已建立 GitHub primary readiness、rollback ADR、refs truth、workflow/secret 名稱盤點與 負責人回覆 驗收框架。",
"evidence": "具體產出:知道哪些 repo、refs、workflow/secret 要 owner 回覆;尚未建立 repo、同步 refs、切 primary 或停用 Gitea。"
},
"ownerEvidenceIntake": {
"title": "S4.9 負責人回覆與脫敏證據收件",
"body": "已把第一個能推動 61% 的路徑拆成工作單、封套欄位、送件前檢查、送件鏈路與第一解鎖證據包。",
"evidence": "具體產出:下一步很明確,是收到並驗收可追溯的 S4.9 負責人回覆;目前 received/accepted 仍是 0。"
},
"reviewerHumanFlow": {
"title": "reviewer / 人工審查流程",
"body": "已把證據包預檢、補件路徑、補件送審前檢查、結果分流、reviewer 指派準備、指派前檢查與結果分流串起來。",
"evidence": "具體產出:人工 reviewer 未來知道看什麼、退回什麼、隔離什麼;目前 queue/candidate/assigned 仍是 0。"
},
"runtimeExecutionGate": {
"title": "runtime 掃描、修復、部署與主機變更",
"body": "已把所有執行動作放在人工批准與後續 執行期閘門 之後,不讓初期框架把資安限制拉太高。",
"evidence": "具體產出:目前 active_runtime_gate_count=0scan/deploy/host change/source-control mutation 全部仍禁止。"
}
}
},
"concreteSecurityDeliveryChecklist": {
"title": "目前具體交付清單",
"subtitle": "S2.124 把六條具體工作流再拆成可追蹤交付項目:每一項都標明已交付內容、下一步需要的證據,以及目前仍被禁止的動作。這是只讀交付清單,不是批准、掃描、修復、部署或主機操作入口。",
"deliverableLabel": "交付",
"deliveredLabel": "已交付",
"nextLabel": "下一步",
"blockedLabel": "未開放",
"boundaryTitle": "交付清單邊界",
"boundaryIntro": "以下鍵值固定交付清單只說明目前實際產出與下一個證據門檻負責人回覆、reviewer queue、執行期閘門、Kali 執行、GitHub primary 切換與 Gitea 停用仍全部未開。",
"summary": {
"items": {
"label": "交付項目",
"detail": "六項對應六條具體工作流。"
},
"framework": {
"label": "目前型態",
"detail": "只讀框架與證據欄位,不是執行。"
},
"blocked": {
"label": "下一門檻",
"detail": "先等 S4.9 負責人回覆 脫敏證據。"
},
"runtime": {
"label": "runtime",
"detail": "目前仍是 0沒有掃描或部署。"
}
},
"items": {
"visibilitySurface": {
"title": "IwoooS 前台可見工作台",
"delivered": "已把 IwoooS、既有安全/合規頁與 AwoooP 多個入口串成同一套只讀資安視圖。",
"next": "持續把資安狀態改成使用者看得懂的工作項目與證據狀態。",
"blocked": "不可新增執行按鈕,也不可把前台視圖當成批准紀錄。"
},
"hostScopeEvidence": {
"title": "主機範圍與證據欄位",
"delivered": "已把 Kali 192.168.0.112、開發主機 192.168.0.168、192.168.0.111 納入只讀 host coverage 與 action gate。",
"next": "等待脫敏主機證據、範圍確認與負責人回覆進入收件流程。",
"blocked": "不可 SSH、更新主機、掃描、調整設定或收未脫敏主機資料。"
},
"sourceControlEvidence": {
"title": "GitHub / Gitea 遷移證據",
"delivered": "已建立 GitHub primary readiness、rollback ADR、refs truth、workflow/secret 名稱與 負責人回覆 驗收框架。",
"next": "等待 GitHub target owner、refs truth、workflow/secret 名稱與 Gitea attestation 的脫敏 負責人回覆。",
"blocked": "不可建立 repo、同步 refs、修改 workflow/secret、切 GitHub primary 或停用 Gitea。"
},
"s49OwnerPacket": {
"title": "S4.9 第一解鎖證據包",
"delivered": "已定義工作單、封套欄位、送件前檢查、送件結果分流、送件鏈路與第一解鎖證據包。",
"next": "收到可追溯、已脫敏且可預檢的 S4.9 負責人回覆。",
"blocked": "不可收 raw payload、機密明文、token value 或把草稿當成已收到。"
},
"reviewerPreparation": {
"title": "人工 reviewer 準備序列",
"delivered": "已把預檢、補件路徑、補件送審前檢查、結果分流、reviewer 指派準備、指派前檢查與結果分流串成只讀序列。",
"next": "等 owner evidence 被接受後,才討論是否開 reviewer queue 與建立 reviewer candidate。",
"blocked": "不可開 queue、建立 candidate、指派 reviewer 或建立稽核事件。"
},
"runtimeGate": {
"title": "runtime 開閘條件",
"delivered": "已把掃描、修復、部署、主機變更與 Kali 執行放在後續人工批准與 執行期閘門 之後。",
"next": "需要明確人工批准、scope、rollback、disable 條件與 active 執行期閘門。",
"blocked": "不可 scan、deploy、host change、Kali execution、source-control mutation 或生產部署。"
}
}
},
"concreteSecurityBlockerResolution": {
"title": "目前阻塞與解除條件",
"subtitle": "S2.125 把 61% 無法前進的原因拆成六個阻塞點。每個阻塞點都標明為什麼卡住,以及要用哪種脫敏證據或人工 gate 才能解除;這仍是只讀狀態,不是批准或執行入口。",
"blockerLabel": "阻塞",
"whyLabel": "卡住原因",
"unlockLabel": "解除條件",
"boundaryTitle": "阻塞解除邊界",
"boundaryIntro": "以下鍵值固定:阻塞解除圖只說明為什麼 headline 仍是 61%,不會自動收件、開 reviewer queue、啟動 Kali、改主機、同步 refs、切 GitHub primary 或停用 Gitea。",
"summary": {
"blockers": {
"label": "阻塞點",
"detail": "六個阻塞共同讓 headline 暫停。"
},
"resolved": {
"label": "已解除",
"detail": "目前 0還沒有可驗收解除證據。"
},
"first": {
"label": "第一解除",
"detail": "先從 S4.9 負責人回覆 開始。"
},
"runtime": {
"label": "執行期閘門",
"detail": "目前 0不會執行掃描或部署。"
}
},
"items": {
"ownerResponseMissing": {
"title": "S4.9 負責人回覆 尚未收到",
"why": "沒有可追溯負責人回覆,就不能把下一步視為有效進度證據。",
"unlock": "收到已脫敏、含 owner role / decision / scope / reason / follow-up owner 的 S4.9 回覆。"
},
"redactedEvidenceMissing": {
"title": "脫敏證據參照尚未成立",
"why": "未脫敏 payload、機密明文與 token value 都不能進入前台或台帳。",
"unlock": "只收 metadata、evidence refs、脫敏聲明與預檢軌跡並通過收件預檢。"
},
"reviewerQueueClosed": {
"title": "reviewer queue 仍關閉",
"why": "證據未被接受前,不應建立 reviewer candidate 或指派 reviewer。",
"unlock": "owner evidence accepted 後,再由人工決定是否開 queue、建立 candidate 與指派 reviewer。"
},
"sourceControlNotReady": {
"title": "GitHub primary readiness 未成立",
"why": "GitHub target owner、refs truth、workflow/secret 名稱與 rollback readiness 還沒有 owner evidence。",
"unlock": "四類版本來源證據都收到、脫敏、預檢並接受後,才可進入 primary readiness review。"
},
"hostEvidencePending": {
"title": "主機證據仍待收件",
"why": "Kali 與開發主機雖已納入範圍,但沒有被授權執行 live 掃描或主機調校。",
"unlock": "收到脫敏主機範圍、owner 回覆、變更風險與 rollback 條件後,才討論 執行期閘門。"
},
"runtimeGateClosed": {
"title": "執行期閘門 未開",
"why": "目前所有 scan、repair、deploy、host change、Kali execution 都被擋在人工批准之後。",
"unlock": "需要明確人工批准、scope、rollback、disable 條件與 active 執行期閘門 才能執行。"
}
}
},
"threeAxisProductProgress": {
"title": "三軸進度與全產品套用範圍",
"subtitle": "S2.126 回應「是否也套用在所有專案產品」:所有專案產品都套用同一套三軸進度,但第一階段只套只讀治理與可視化,不自動套 runtime enforcement。這讓框架進度、整體加權進度與落地執行進度分開顯示不再只看到 61%。",
"scopeLabel": "範圍",
"currentLabel": "目前套用",
"nextLabel": "下一步",
"boundaryLabel": "邊界",
"boundaryTitle": "三軸與全產品邊界",
"boundaryIntro": "以下鍵值固定:全產品先套三軸進度、只讀資安投影與證據欄位;不會因此自動掃描、修復、部署、改主機、同步 refs、切 GitHub primary 或停用 Gitea。",
"summary": {
"headline": {
"label": "整體加權",
"detail": "已因 AwoooP 正式只讀 landing 證據保守重估到 61%。"
},
"framework": {
"label": "框架建置",
"detail": "可視化、契約、guard、文件已推到 86-88%。"
},
"runtime": {
"label": "落地執行",
"detail": "提升到 40-45%,但執行期閘門仍未開。"
},
"products": {
"label": "產品套用",
"detail": "所有產品先套只讀治理,不套強制執行。"
}
},
"items": {
"awoooiCore": {
"title": "AWOOOI / IwoooS / AwoooP 核心產品",
"current": "已套用三軸進度、IwoooS 可視化、AwoooP 只讀鏡像與 guard。",
"next": "繼續把 owner evidence、reviewer、執行期閘門 變成可追蹤欄位。",
"boundary": "不得把核心產品的可視化當成批准或執行。"
},
"websites": {
"title": "所有前台網站與公開產品頁",
"current": "可套用安全狀態摘要、低摩擦說明、合規 / 風險可視化與繁中文案規範。",
"next": "先接只讀資安摘要,不放掃描、修復、部署或主機操作按鈕。",
"boundary": "不得讓公開頁面暴露內網 IP、敏感證據、機密明文值 或 raw payload。"
},
"sourceControl": {
"title": "GitHub / Gitea 所有專案庫",
"current": "可套用 GitHub primary readiness、refs truth、工作流程 / 機密 名稱與 rollback readiness 欄位。",
"next": "等待 負責人回覆 與脫敏證據後,再評估每個 repo 的 primary readiness。",
"boundary": "不得自動建立 repo、同步 refs、修改 工作流程 / 機密、切 primary 或停用 Gitea。"
},
"hosts": {
"title": "Kali 與開發主機",
"current": "可套用 host coverage、action gate、evidence readiness 與三軸進度。",
"next": "等待人工批准與主機範圍證據後,才討論 live scan 或調校。",
"boundary": "不得自動 SSH、更新主機、掃描、變更設定或收未脫敏資料。"
},
"toolsMonitoring": {
"title": "監控、工具與自動化流程",
"current": "可套用只讀狀態、阻塞解除條件、evidence refs 與人工 gate 顯示。",
"next": "先讓工具輸出 metadata-only evidence再接 reviewer 與 執行期閘門。",
"boundary": "不得讓工具自動觸發修復、部署、secret 收集或外部付費變更。"
},
"futureProducts": {
"title": "未來新增專案與產品",
"current": "預設繼承三軸進度、繁中可視化、只讀 governance 與低摩擦收斂節奏。",
"next": "新產品先接框架與證據欄位,再依 owner evidence 分階段收嚴。",
"boundary": "不得讓新產品一建立就套高強度限制或 runtime enforcement。"
}
}
},
"productRolloutWaveLedger": {
"title": "全產品分階段套用台帳",
"subtitle": "S2.127 把「所有專案產品都套用」轉成六個 rollout wave先套只讀可視化與證據欄位再依 owner evidence、人工審查與 執行期閘門 分段收嚴。這仍是產品套用台帳,不是掃描、修復、部署或主機操作入口。",
"waveLabel": "波次",
"allowedLabel": "目前可做",
"beforeRuntimeLabel": "進 runtime 前",
"forbiddenLabel": "仍禁止",
"boundaryTitle": "套用台帳邊界",
"boundaryIntro": "以下鍵值固定:全產品 rollout 目前停在 read-only visibility waveruntime wave、enforcement wave、owner accepted 與 active 執行期閘門 全部仍是 0。",
"summary": {
"waves": {
"label": "套用波次",
"detail": "六個波次覆蓋核心產品、網站、版本來源、主機、工具與未來產品。"
},
"current": {
"label": "目前波次",
"detail": "只讀可視化與證據欄位先行。"
},
"runtime": {
"label": "runtime 波次",
"detail": "目前 0不會掃描、修復或部署。"
},
"nextGate": {
"label": "下一門檻",
"detail": "第一個 runtime 候選仍是 S4.9 accepted。"
}
},
"items": {
"coreProduct": {
"title": "核心產品波次",
"allowed": "AWOOOI、IwoooS、AwoooP 先維持同一份三軸進度與只讀 guard。",
"beforeRuntime": "需要 owner evidence accepted、reviewer queue 人工開啟與 active 執行期閘門。",
"forbidden": "不得從核心產品頁直接批准、執行、掃描或部署。"
},
"publicSurfaces": {
"title": "公開網站波次",
"allowed": "前台網站可顯示資安摘要、合規狀態、風險分流與繁中文案。",
"beforeRuntime": "需要公開內容脫敏審查、敏感欄位封鎖與人工內容 owner 接受。",
"forbidden": "不得暴露內網 IP、機密明文值、raw payload、掃描結果原文或主機細節。"
},
"sourceControl": {
"title": "版本來源波次",
"allowed": "GitHub / Gitea 專案庫只顯示 target、refs truth、工作流程 / 機密 名稱與 rollback readiness。",
"beforeRuntime": "需要逐 repo 負責人回覆、refs truth accepted、工作流程 / 機密 名稱驗收與 rollback ADR approval。",
"forbidden": "不得建立 repo、改可見性、同步 / 刪除 / 強推 refs、修改 工作流程 / 機密 或切 primary。"
},
"hostCoverage": {
"title": "主機覆蓋波次",
"allowed": "Kali、192.168.0.168、192.168.0.111 只顯示 coverage、action gate 與 evidence readiness。",
"beforeRuntime": "需要明確主機 scope、maintenance window、credential handling、rollback 與人工 執行期閘門。",
"forbidden": "不得自動 SSH、更新主機、掃描、調校、收未脫敏資料或執行 Kali /execute。"
},
"monitoringTools": {
"title": "監控工具波次",
"allowed": "監控、告警、Code Review、工具台只顯示 metadata-only evidence 與阻塞解除條件。",
"beforeRuntime": "需要工具輸出通過 redaction / retention / reviewer checks且 owner 接受後才接 執行期閘門。",
"forbidden": "不得由工具自動觸發修復、部署、付費 provider 變更、secret 收集或外部送出。"
},
"futureTemplate": {
"title": "未來產品模板波次",
"allowed": "新專案預設繼承三軸進度、繁中 UI、只讀 governance、false runtime flags。",
"beforeRuntime": "需要產品 owner、資料分級、scope、rollback、disable 條件與逐階段審查。",
"forbidden": "不得讓新產品一建立就套 blocking enforcement、host action、source-control mutation 或 production deploy。"
}
}
},
"productRolloutAcceptanceGates": {
"title": "全產品 rollout 波次驗收門檻",
"subtitle": "S2.128 把 S2.127 的六個產品波次再補上驗收門檻每個波次都要先通過只讀證據、owner evidence、脫敏審查、版本來源證明、主機安全窗口與 rollback / disable 條件,才可能被列入後續 runtime 候選。這仍是驗收門檻可視化,不是批准或執行。",
"gateLabel": "門檻",
"requiredEvidenceLabel": "需要證據",
"acceptanceSignalLabel": "驗收訊號",
"stillClosedLabel": "仍關閉",
"boundaryTitle": "波次驗收邊界",
"boundaryIntro": "以下鍵值固定:全產品 rollout 目前只做到 read-only acceptance通過門檻、owner accepted、runtime wave、enforcement wave 與 active 執行期閘門 全部仍是 0。",
"summary": {
"gateCount": {
"label": "驗收門檻",
"detail": "六個門檻覆蓋可視證據、owner、脫敏、版本、主機與回復。"
},
"passed": {
"label": "已通過",
"detail": "目前 0不把台帳完成當驗收通過。"
},
"ownerEvidence": {
"label": "第一證據",
"detail": "第一個可前進訊號仍是 S4.9 owner evidence accepted。"
},
"runtime": {
"label": "runtime 波次",
"detail": "目前 0尚未開掃描、修復、部署或主機操作。"
}
},
"items": {
"visibilityEvidence": {
"title": "只讀可視證據完整",
"requiredEvidence": "每個產品波次都要能顯示範圍、目前狀態、下一門檻與禁止動作。",
"acceptanceSignal": "使用者能從 IwoooS 看懂該產品目前停在哪個只讀波次。",
"stillClosed": "不因可視化完成就啟用 blocking enforcement 或 操作按鈕。"
},
"ownerEvidence": {
"title": "負責人證據已收件並接受",
"requiredEvidence": "需要產品 owner、範圍、資料分級、風險說明與脫敏 evidence pointer。",
"acceptanceSignal": "負責人回覆 已收到 / 已接受 計數由人工驗收後才可移動。",
"stillClosed": "目前 received=0、accepted=0不得視為任何產品已批准。"
},
"redactionReview": {
"title": "脫敏與公開呈現通過",
"requiredEvidence": "公開頁、AwoooP、IwoooS 與工具台只能保留 metadata、摘要與 false flags。",
"acceptanceSignal": "raw payload、機密明文值、內網細節與掃描原文都被拒收或遮罩。",
"stillClosed": "不得收機密明文、raw payload、未脫敏截圖或可直接攻擊的細節。"
},
"sourceControlProof": {
"title": "版本來源證明齊備",
"requiredEvidence": "GitHub / Gitea target、refs truth、工作流程 / 機密 名稱、rollback readiness 都要逐 repo 可追溯。",
"acceptanceSignal": "refs truth accepted、工作流程 / 機密 名稱驗收與 rollback ADR 皆由人工確認。",
"stillClosed": "不得建立 repo、改可見性、同步 refs、改 工作流程 / 機密、切 primary 或停用 Gitea。"
},
"hostSafetyWindow": {
"title": "主機安全窗口與 rollback 可用",
"requiredEvidence": "Kali、192.168.0.168、192.168.0.111 需要 scope、maintenance window、credential handling 與 rollback owner。",
"acceptanceSignal": "主機 owner 明確接受後,才可建立後續 執行期閘門 候選。",
"stillClosed": "目前不得 SSH、掃描、更新主機、調校設定或執行 Kali /execute。"
},
"rollbackDisable": {
"title": "回復與停用條件可操作",
"requiredEvidence": "每個波次都要有 disable 條件、rollback owner、驗證方式與停止條件。",
"acceptanceSignal": "人工審查確認失敗時能回到只讀狀態,且不留下半套 enforcement。",
"stillClosed": "不得在沒有回復條件前啟用 production deploy、blocking control 或 source-control mutation。"
}
}
},
"productRolloutAcceptanceOutcomes": {
"title": "全產品 rollout 驗收結果分流",
"subtitle": "S2.129 把 S2.128 的驗收門檻往後補成七條結果分流:維持只讀、退回補證、隔離敏感、版本待證、主機暫停、待人工審與 runtime 未開。這讓所有產品的後續狀態可以被理解,但仍不建立 reviewer candidate、執行期閘門 或任何執行動作。",
"laneLabel": "分流",
"whyLabel": "判定原因",
"nextLabel": "下一步",
"blockedLabel": "仍禁止",
"boundaryTitle": "結果分流邊界",
"boundaryIntro": "以下鍵值固定:目前結果分流只做 read-only outcome routingreturned、quarantined、human review candidate、runtime candidate、owner accepted 與 active 執行期閘門 全部仍是 0。",
"summary": {
"outcomes": {
"label": "結果分流",
"detail": "七條分流覆蓋只讀、補證、隔離、版本、主機、人工審與 runtime。"
},
"accepted": {
"label": "已接受",
"detail": "目前 0不把結果分流當驗收通過。"
},
"quarantine": {
"label": "隔離件",
"detail": "目前 0若有敏感內容只會進隔離說明。"
},
"runtime": {
"label": "runtime 候選",
"detail": "目前 0不建立執行期閘門。"
}
},
"items": {
"keepReadOnly": {
"title": "維持只讀分流",
"why": "證據不足或尚未進人工驗收時,產品波次維持可視化與證據欄位。",
"next": "持續顯示範圍、門檻、false flags 與下一個 owner evidence。",
"blocked": "不得因此啟用 blocking enforcement、操作按鈕、掃描或部署。"
},
"returnEvidence": {
"title": "退回補證分流",
"why": "owner 回覆、範圍、資料分級、rollback 或 disable 條件缺漏。",
"next": "退回對應產品 owner 補 metadata-only evidence pointer。",
"blocked": "不得用口頭說明、截圖原文、raw payload 或 機密明文值 補證。"
},
"quarantineSensitive": {
"title": "敏感內容隔離分流",
"why": "若 evidence 含機密明文、內網細節、掃描原文或未脫敏 payload只能隔離。",
"next": "保留隔離原因與脫敏要求,等待重新提交安全摘要。",
"blocked": "不得在公開頁、AwoooP、IwoooS 或工具台顯示敏感原文。"
},
"sourceControlHold": {
"title": "版本來源待證分流",
"why": "GitHub / Gitea target、refs truth、工作流程 / 機密 名稱或 rollback readiness 尚未通過。",
"next": "回到逐 repo 負責人回覆、refs truth 與 rollback ADR 驗收。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary 或停用 Gitea。"
},
"hostSafetyHold": {
"title": "主機安全暫停分流",
"why": "Kali、192.168.0.168、192.168.0.111 尚缺 scope、maintenance window、credential handling 或 rollback owner。",
"next": "等待主機 owner 明確接受後,才可列入後續 執行期閘門 候選。",
"blocked": "不得 SSH、更新主機、掃描、調校或執行 Kali /execute。"
},
"humanReviewCandidate": {
"title": "人工審查候選分流",
"why": "只有所有必要 evidence 都脫敏且可追溯時,才可能成為人工審查候選。",
"next": "由 reviewer queue 人工開啟後,才可進下一階段審查。",
"blocked": "目前 candidate=0、queue=false不得自動指派 reviewer 或建立稽核事件。"
},
"runtimeDenied": {
"title": "runtime 未開分流",
"why": "即使某些資訊已可見,只要 active 執行期閘門 為 0就不能執行。",
"next": "等待 owner accepted、人工審查、rollback / disable 可用與 執行期閘門 明確批准。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作或正式環境變更。"
}
}
},
"productEvidenceWiringMap": {
"title": "全產品證據接線地圖",
"subtitle": "S2.130 把所有產品下一步要接的證據線整理成六條 metadata-only channel產品範圍、負責人回覆、脫敏證據、版本來源真相、主機安全窗口與監控工具摘要。這是只讀接線圖不代表任何產品已完成接線、通過驗收或可進 runtime。",
"channelLabel": "證據線",
"evidenceLabel": "需要證據",
"handoffLabel": "交接方式",
"blockedLabel": "仍禁止",
"boundaryTitle": "證據接線邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only evidence wiringconnected product、owner accepted、redacted evidence accepted、source-control truth accepted、ready for human review 與 ready for runtime 全部仍是 0。",
"summary": {
"channels": {
"label": "證據線",
"detail": "六條證據線覆蓋範圍、負責人、脫敏、版本、主機與工具。"
},
"connected": {
"label": "已接線產品",
"detail": "目前 0不把可視化欄位當完成接線。"
},
"accepted": {
"label": "已接受證據",
"detail": "目前 0所有 owner / evidence 仍待人工驗收。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0不會觸發掃描、修復或部署。"
}
},
"items": {
"productScope": {
"title": "產品範圍接線",
"evidence": "每個產品要有產品名稱、owner、公開面、內部面、資料分級與適用波次。",
"handoff": "先以 metadata-only scope pointer 交給 IwoooS 顯示,不匯入 raw inventory。",
"blocked": "不得因範圍欄位存在就自動納入掃描、blocking policy 或正式部署。"
},
"ownerResponse": {
"title": "負責人回覆接線",
"evidence": "需要 owner role、判定、理由、受影響範圍、脫敏證據參照與後續負責人。",
"handoff": "回到 S4.9 負責人回覆 封套與預檢流程,人工接受後才更新計數。",
"blocked": "不得自動送 request、代填 負責人回覆、建立審批或把口頭批准當 evidence。"
},
"redactedEvidence": {
"title": "脫敏證據接線",
"evidence": "只允許摘要、hash、檔名、時間、來源系統與可追溯 evidence ref。",
"handoff": "敏感內容先進隔離分流,重新提交安全摘要後才可回到接線圖。",
"blocked": "不得收 機密明文值、raw payload、掃描原文、內網拓撲細節或未遮罩截圖。"
},
"sourceControlTruth": {
"title": "版本來源真相接線",
"evidence": "GitHub / Gitea target、refs truth、工作流程 / 機密 名稱與 rollback readiness 要逐 repo 對照。",
"handoff": "只顯示 refs truth 與 readiness metadata等 owner accepted 後再列入人工審查候選。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostSafetyWindow": {
"title": "主機安全窗口接線",
"evidence": "Kali、192.168.0.168、192.168.0.111 需要 scope、maintenance window、credential handling 與 rollback owner。",
"handoff": "先只顯示主機證據缺口與等待窗口,不開 live scan 或 SSH path。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"monitoringToolEvidence": {
"title": "監控工具摘要接線",
"evidence": "監控、告警、Code Review 與工具輸出只接摘要、狀態、時間與 evidence ref。",
"handoff": "工具先產生可讀摘要,通過脫敏與 owner review 後才進下一階段。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
}
}
},
"productEvidenceWiringPreflight": {
"title": "全產品證據接線預檢",
"subtitle": "S2.131 把 S2.130 的六條證據線補上接線前預檢:範圍 metadata、負責人封套、脫敏邊界、版本來源真相、主機安全窗口與工具摘要都要先通過只能進只讀接線候選。這不是送件、驗收、審批或 runtime 入口。",
"checkLabel": "預檢",
"checkPointLabel": "檢查重點",
"passSignalLabel": "通過訊號",
"failRouteLabel": "未通過分流",
"stillClosedLabel": "仍關閉",
"boundaryTitle": "接線預檢邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only evidence wiring preflightpassed、ready for connection、owner accepted、ready for human review 與 ready for runtime 全部仍是 0。",
"summary": {
"checks": {
"label": "預檢項",
"detail": "六項預檢對應六條證據線。"
},
"passed": {
"label": "已通過",
"detail": "目前 0不把欄位存在當預檢通過。"
},
"quarantine": {
"label": "隔離件",
"detail": "目前 0敏感內容只會被隔離不會接線。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0預檢不會開執行期閘門。"
}
},
"items": {
"scopeMetadata": {
"title": "產品範圍 metadata 預檢",
"checkPoint": "確認產品名稱、owner、公開面、內部面、資料分級與適用波次都存在且可追溯。",
"passSignal": "只允許產生 read-only scope pointer不代表產品已接線。",
"failRoute": "缺欄位或範圍不明時退回產品 owner 補 scope metadata。",
"stillClosed": "不得自動納入掃描、阻擋策略、正式部署或主機操作。"
},
"ownerEnvelope": {
"title": "負責人回覆封套預檢",
"checkPoint": "確認 owner role、判定、理由、受影響範圍、脫敏證據參照與後續負責人都完整。",
"passSignal": "人工接受前只標示封套可讀,不增加 已收到 / 已接受 計數。",
"failRoute": "欄位不完整、判定不清或缺後續負責人時退回補件。",
"stillClosed": "不得自動送 request、代填回覆、建立審批或把口頭同意當證據。"
},
"redactionBoundary": {
"title": "脫敏邊界預檢",
"checkPoint": "確認 evidence 只含摘要、hash、檔名、時間、來源系統與可追溯 ref。",
"passSignal": "通過後才可成為 metadata-only 接線候選。",
"failRoute": "出現 raw payload、機密明文值、內網拓撲或未遮罩截圖時直接隔離。",
"stillClosed": "不得在前台、AwoooP、IwoooS 或工具台顯示敏感原文。"
},
"sourceTruth": {
"title": "版本來源真相預檢",
"checkPoint": "確認 GitHub / Gitea target、refs truth、工作流程 / 機密 名稱與 rollback readiness 可逐 repo 對照。",
"passSignal": "只建立 read-only truth candidate不代表 primary readiness。",
"failRoute": "target、refs 或 rollback 缺證時退回版本來源待證分流。",
"stillClosed": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostWindow": {
"title": "主機安全窗口預檢",
"checkPoint": "確認 Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling 與 rollback owner 都只以 metadata 呈現。",
"passSignal": "只可標示 host evidence gap 已可讀,不能建立 live action。",
"failRoute": "缺窗口、credential 邊界或 rollback owner 時維持主機安全暫停。",
"stillClosed": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolOutput": {
"title": "監控工具摘要預檢",
"checkPoint": "確認監控、告警、Code Review 與工具輸出只含摘要、狀態、時間與 evidence ref。",
"passSignal": "通過後只可放進只讀摘要接線候選。",
"failRoute": "若工具輸出含 raw payload、外送資料或機密值退回隔離與重提摘要。",
"stillClosed": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
}
}
},
"productEvidenceWiringPreflightOutcomes": {
"title": "全產品證據接線預檢結果分流",
"subtitle": "S2.132 把 S2.131 的預檢結果拆成八條分流:維持只讀、退回範圍、退回封套、隔離敏感、版本暫停、主機暫停、工具待摘要與 runtime 關閉。這讓所有產品的接線前狀態更容易理解,但仍不建立 reviewer candidate、稽核事件或 執行期閘門。",
"outcomeLabel": "結果",
"whyLabel": "判定原因",
"nextLabel": "下一步",
"blockedLabel": "仍禁止",
"boundaryTitle": "預檢結果分流邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only preflight outcome routingready for connection、returned、quarantined、runtime candidate、owner accepted、ready for human review 與 ready for runtime 全部仍是 0。",
"summary": {
"outcomes": {
"label": "結果分流",
"detail": "八條分流覆蓋只讀、退回、隔離、暫停與 runtime 關閉。"
},
"ready": {
"label": "可接線",
"detail": "目前 0不把預檢可見當接線完成。"
},
"returned": {
"label": "退回件",
"detail": "目前 0若缺 scope 或封套只會退回補件。"
},
"runtime": {
"label": "runtime 候選",
"detail": "目前 0結果分流不會開執行期閘門。"
}
},
"items": {
"stayReadOnly": {
"title": "維持只讀分流",
"why": "預檢尚未有人工接受訊號時,所有產品都維持只讀接線候選。",
"next": "繼續顯示 scope、owner、redaction、source truth、host window 與 tool summary 缺口。",
"blocked": "不得啟用 操作按鈕、blocking policy、掃描、修復或部署。"
},
"returnScope": {
"title": "退回範圍分流",
"why": "產品名稱、owner、公開面、內部面、資料分級或適用波次缺漏。",
"next": "退回產品 owner 補 metadata-only scope pointer。",
"blocked": "不得用 raw inventory、內網拓撲原文或未脫敏截圖補範圍。"
},
"returnOwnerEnvelope": {
"title": "退回封套分流",
"why": "owner role、判定、理由、受影響範圍、脫敏證據參照或後續負責人不完整。",
"next": "回到 S4.9 負責人回覆 封套與預檢流程補件。",
"blocked": "不得代填 負責人回覆、自動送 request、建立審批或把口頭同意當證據。"
},
"quarantineSensitive": {
"title": "隔離敏感分流",
"why": "證據或工具輸出含 raw payload、機密明文值、內網細節或未遮罩截圖。",
"next": "只保留隔離原因與重新提交安全摘要的要求。",
"blocked": "不得在前台、AwoooP、IwoooS、工具台或文件中顯示敏感原文。"
},
"sourceTruthHold": {
"title": "版本來源暫停分流",
"why": "GitHub / Gitea target、refs truth、工作流程 / 機密 名稱或 rollback readiness 缺證。",
"next": "回到逐 repo 版本來源真相與 rollback readiness 補證。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostWindowHold": {
"title": "主機安全暫停分流",
"why": "Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling 或 rollback owner 不完整。",
"next": "等待主機 owner 以 metadata-only 形式補齊窗口與 rollback 邊界。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummaryHold": {
"title": "工具摘要待補分流",
"why": "監控、告警、Code Review 或工具輸出尚未轉成安全摘要與 evidence ref。",
"next": "退回工具輸出產生可讀摘要、狀態、時間與 evidence ref。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"runtimeClosed": {
"title": "runtime 關閉分流",
"why": "即使預檢可見,只要 active 執行期閘門 為 0就不能執行。",
"next": "等待 owner accepted、人工審查、rollback / disable 可用與 執行期閘門 明確批准。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作或正式環境變更。"
}
}
},
"productEvidenceWiringPreflightRecoveryLedger": {
"title": "全產品預檢補件回收台帳",
"subtitle": "S2.133 把 S2.132 的退回、隔離與暫停分流接成七個只讀補件隊列。使用者可以看到每一類產品要補什麼、由誰補、怎麼回到預檢,但這裡不送出 request、不催收、不接受證據、不建立審批也不開 執行期閘門。",
"queueLabel": "隊列",
"ownerLabel": "負責人",
"requiredLabel": "需要補齊",
"handoffLabel": "回收方式",
"blockedLabel": "仍禁止",
"boundaryTitle": "補件回收台帳邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only recovery ledgersubmitted、accepted、returned、quarantined、ready for preflight retry、ready for human review 與 ready for runtime 全部仍是 0。",
"summary": {
"queues": {
"label": "補件隊列",
"detail": "七個隊列覆蓋範圍、封套、脫敏、版本、主機、工具摘要與 runtime 門檻。"
},
"submitted": {
"label": "已回收",
"detail": "目前 0不把台帳可見當補件送回。"
},
"accepted": {
"label": "已接受",
"detail": "目前 0不把補件台帳當人工驗收。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0補件回收不會開執行期閘門。"
}
},
"items": {
"scopePacket": {
"title": "範圍 metadata 補件",
"owner": "產品 owner 或網站 owner。",
"required": "產品名稱、公開面、內部面、資料分級、適用波次與 evidence ref。",
"handoff": "只以 metadata-only scope pointer 回到預檢,不匯入 raw inventory。",
"blocked": "不得貼內網拓撲原文、未遮罩截圖、完整資產 dump 或掃描輸出。"
},
"ownerEnvelope": {
"title": "負責人封套補件",
"owner": "S4.9 負責人回覆 負責人或後續指定負責人。",
"required": "owner role、decision、理由、受影響範圍、脫敏 evidence refs 與 follow-up owner。",
"handoff": "回到 負責人回覆 封套預檢,只標示補件待檢。",
"blocked": "不得代填、代簽、送出 request、建立審批或把聊天同意當正式證據。"
},
"redactedEvidence": {
"title": "脫敏證據重送",
"owner": "證據提供者與安全審查者共同確認。",
"required": "摘要、時間、來源、遮罩策略、evidence ref 與不含 raw payload 的聲明。",
"handoff": "敏感內容只回到隔離原因;重新提交時只收安全摘要。",
"blocked": "不得顯示 機密明文值、token、credential、raw log、host dump 或未遮罩截圖。"
},
"sourceTruth": {
"title": "版本來源補證",
"owner": "repo owner、GitHub / Gitea migration owner 或 rollback owner。",
"required": "canonical target、refs truth、工作流程 / 機密 名稱清單、rollback readiness 與 owner evidence ref。",
"handoff": "回到版本來源真相檢查與 rollback readiness不改任何 repo 狀態。",
"blocked": "不得建立 repo、改可見性、同步 / 刪除 / 強制推送 refs、改 工作流程 / 機密、切 primary 或停用 Gitea。"
},
"hostWindow": {
"title": "主機窗口補齊",
"owner": "Kali、192.168.0.168、192.168.0.111 對應主機 owner。",
"required": "scope、maintenance window、credential handling、rollback owner 與 validation 指標。",
"handoff": "只回收 metadata-only host safety window不建立 live action。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummary": {
"title": "工具摘要補件",
"owner": "監控、告警、Code Review 或工具鏈負責人。",
"required": "摘要、狀態、時間、來源工具、脫敏方式與 evidence ref。",
"handoff": "只把工具輸出轉成可讀摘要,等待下一輪預檢。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"runtimeGate": {
"title": "runtime 門檻待補",
"owner": "人工審查負責人、rollback / disable owner 與 執行期閘門 owner。",
"required": "owner accepted、人工審查結果、rollback / disable 可用性、後驗證與明確 gate 記錄。",
"handoff": "只顯示 runtime 還缺哪些條件,不建立 gate。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作或正式環境變更。"
}
}
},
"productEvidenceWiringPreflightRetryGates": {
"title": "全產品補件重試門檻",
"subtitle": "S2.134 把 S2.133 回收後的補件整理成六個重試門檻:範圍、封套、脫敏、版本、主機與工具摘要都要先符合只讀條件,才可能重新進預檢候選。這不是送件、驗收、接受、審批或 runtime 入口。",
"gateLabel": "門檻",
"readyLabel": "可重試條件",
"retryLabel": "重試方式",
"blockedLabel": "仍禁止",
"boundaryTitle": "補件重試門檻邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only recovery retry gateretry candidate、submitted、passed、failed、ready for connection、ready for human review 與 ready for runtime 全部仍是 0。",
"summary": {
"gates": {
"label": "重試門檻",
"detail": "六個門檻覆蓋 scope、owner、redaction、source、host 與 tool summary。"
},
"candidate": {
"label": "重試候選",
"detail": "目前 0不把補件回收當可重試。"
},
"passed": {
"label": "通過重試",
"detail": "目前 0不把重試門檻當驗收通過。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0重試門檻不會開執行期閘門。"
}
},
"items": {
"scopeReady": {
"title": "範圍重試門檻",
"ready": "產品名稱、owner、公開面、內部面、資料分級、適用波次與 evidence ref 都完整。",
"retry": "只可標示為 scope retry candidate重新跑 S2.131 範圍預檢。",
"blocked": "不得匯入 raw inventory、內網拓撲原文、完整資產 dump 或掃描輸出。"
},
"ownerReady": {
"title": "封套重試門檻",
"ready": "owner role、decision、理由、受影響範圍、脫敏 evidence refs 與 follow-up owner 都可讀。",
"retry": "只可回到 owner envelope preflight不標記 負責人回覆 accepted。",
"blocked": "不得代填、代簽、催收、送出 request、建立審批或把口頭同意當證據。"
},
"redactionReady": {
"title": "脫敏重試門檻",
"ready": "補件只含摘要、時間、來源、遮罩策略、evidence ref 與不含 raw payload 的聲明。",
"retry": "只可移出隔離原因的下一輪摘要候選,不保留敏感原文。",
"blocked": "不得顯示 機密明文值、token、credential、raw log、host dump 或未遮罩截圖。"
},
"sourceReady": {
"title": "版本重試門檻",
"ready": "canonical target、refs truth、工作流程 / 機密 名稱與 rollback readiness 均有 owner evidence ref。",
"retry": "只可重跑版本來源真相預檢,不改 GitHub / Gitea 狀態。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostReady": {
"title": "主機重試門檻",
"ready": "Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling 與 rollback owner 均以 metadata 呈現。",
"retry": "只可標示 host safety window retry candidate等待人工再檢。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolReady": {
"title": "工具摘要重試門檻",
"ready": "監控、告警、Code Review 或工具輸出已轉為摘要、狀態、時間、來源工具與 evidence ref。",
"retry": "只可回到工具摘要預檢,不讓工具自動修復或部署。",
"blocked": "不得外送資料、增加付費 provider 呼叫、收機密明文或觸發自動修復。"
}
}
},
"productEvidenceWiringPreflightRetryOutcomes": {
"title": "全產品重試結果分流",
"subtitle": "S2.135 把 S2.134 的重試門檻後續結果拆成八條分流:維持只讀候選、退回補件、隔離敏感、版本退回、主機暫停、摘要退回、等待人工審查與 runtime 仍關閉。這讓所有產品看得懂重試後往哪裡走但仍不代表接線完成、owner accepted、reviewer queue 開啟或 runtime 授權。",
"outcomeLabel": "結果",
"decisionLabel": "判定",
"nextLabel": "下一步",
"blockedLabel": "仍禁止",
"boundaryTitle": "重試結果分流邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only retry outcome routingready for connection、returned、quarantined、human review candidate、runtime candidate 與 ready for runtime 全部仍是 0。",
"summary": {
"outcomes": {
"label": "結果分流",
"detail": "八條分流覆蓋候選、退回、隔離、暫停、人工審查等待與 runtime 關閉。"
},
"ready": {
"label": "可接線",
"detail": "目前 0不把重試結果當接線完成。"
},
"review": {
"label": "人工審查",
"detail": "目前 0不把重試結果當 reviewer queue 已開。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0重試結果不會開執行期閘門。"
}
},
"items": {
"stayCandidate": {
"title": "維持只讀候選",
"decision": "補件已符合重新預檢的基本形狀,但尚未有人工接受或正式接線訊號。",
"next": "保留為 metadata-only retry outcome candidate等待下一輪預檢與人工審查條件補齊。",
"blocked": "不得把候選狀態升格為已接線、已接受、已審查或可執行。"
},
"returnSupplement": {
"title": "退回補件",
"decision": "補件仍缺 scope、owner role、decision、理由、evidence ref 或 follow-up owner。",
"next": "退回 S2.133 補件回收台帳,要求產品 owner 重新補齊 metadata-only 欄位。",
"blocked": "不得代填、代簽、催收、自動送 request、建立審批或把聊天同意當正式證據。"
},
"quarantineSensitive": {
"title": "隔離敏感",
"decision": "重試內容仍含 raw payload、機密明文值、credential、host dump、內網細節或未遮罩截圖。",
"next": "只保留隔離原因與重新提交安全摘要的要求,不把原文放進前台或文件。",
"blocked": "不得在 IwoooS、AwoooP、前台、工具台或文件中顯示敏感原文。"
},
"sourceTruthReturn": {
"title": "版本來源退回",
"decision": "canonical target、refs truth、工作流程 / 機密 名稱或 rollback readiness 仍無 owner evidence ref。",
"next": "回到版本來源補證隊列,等待 repo owner 以脫敏方式補足來源真相。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostWindowPause": {
"title": "主機安全暫停",
"decision": "Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling 或 rollback owner 仍不完整。",
"next": "等待主機 owner 補 metadata-only host safety window再回到重試門檻。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummaryReturn": {
"title": "工具摘要退回",
"decision": "監控、告警、Code Review 或工具輸出尚未轉成安全摘要、狀態、時間、來源工具與 evidence ref。",
"next": "退回工具鏈負責人產生可讀摘要與脫敏參照,再重新進預檢。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"humanReviewWait": {
"title": "等待人工審查",
"decision": "重試結果可讀但尚未達到 reviewer queue 開啟條件,也沒有 owner accepted。",
"next": "等待人工審查負責人確認 owner accepted、脫敏證據、rollback / disable 與後驗證條件。",
"blocked": "不得建立 reviewer candidate、指派 reviewer、建立稽核事件或標記人工審查完成。"
},
"runtimeStillClosed": {
"title": "runtime 仍關閉",
"decision": "即使重試結果可見,只要 active 執行期閘門 為 0就不能執行。",
"next": "等待明確 執行期閘門、rollback / disable 可用與人工批准後再進下一階段。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作或正式環境變更。"
}
}
},
"productEvidenceWiringPreflightRetryReviewCandidate": {
"title": "全產品人工審查候選準備",
"subtitle": "S2.136 把 S2.135 的等待人工審查分流拆成八個只讀準備包:候選識別、結果來源、負責人與範圍、脫敏聲明、版本來源證據、主機窗口、工具摘要證據與 runtime 分離。這讓所有產品知道進 reviewer queue 前要整理什麼,但仍不建立候選、不指派 reviewer、不產生稽核事件也不開 執行期閘門。",
"packetLabel": "準備包",
"requiredLabel": "需要整理",
"handoffLabel": "交接方式",
"blockedLabel": "仍禁止",
"boundaryTitle": "人工審查候選準備邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only retry review candidate preparationpacket completed、ready、queue open、candidate created、reviewer assigned、audit emitted 與 ready for runtime 全部仍是 0 / false。",
"summary": {
"packets": {
"label": "準備包",
"detail": "八個準備包覆蓋候選識別、來源追溯、範圍、脫敏、版本、主機、工具與 runtime 分離。"
},
"ready": {
"label": "可進候選",
"detail": "目前 0不把準備包可見當 reviewer 候選成立。"
},
"queue": {
"label": "審查佇列",
"detail": "目前 0不開 reviewer queue、不指派 reviewer。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0人工審查候選準備不會開執行期閘門。"
}
},
"items": {
"candidateIdentity": {
"title": "候選識別準備包",
"required": "產品名稱、候選批次、來源分流、重試時間、owner 與可追溯 evidence ref。",
"handoff": "只建立 read-only candidate identity draft不建立 reviewer candidate。",
"blocked": "不得把候選識別當成審查排程、人工接受、稽核事件或 runtime 授權。"
},
"sourceOutcomeTrace": {
"title": "重試結果來源包",
"required": "對應 S2.135 分流、退回 / 隔離 / 等待原因、補件來源與前一輪預檢參照。",
"handoff": "只把重試結果來源串成 metadata trace等待人工判讀。",
"blocked": "不得覆寫原分流、跳過退回原因、隱藏隔離原因或改寫證據歷程。"
},
"ownerScopePacket": {
"title": "負責人與範圍包",
"required": "owner role、decision、reason、scope、follow-up owner、產品公開面與內部面。",
"handoff": "只整理給人工審查的範圍摘要,不標記 負責人回覆 accepted。",
"blocked": "不得代填、代簽、送出 request、建立審批或把口頭同意當正式證據。"
},
"redactionAttestation": {
"title": "脫敏聲明包",
"required": "摘要、遮罩策略、不含 raw payload 聲明、機密明文值 排除聲明與 evidence ref。",
"handoff": "只交接脫敏聲明與安全摘要,不保留敏感原文。",
"blocked": "不得顯示 token、credential、raw log、host dump、內網細節或未遮罩截圖。"
},
"sourceControlReadiness": {
"title": "版本來源證據包",
"required": "canonical target、refs truth、工作流程 / 機密 名稱、rollback readiness 與 repo owner evidence ref。",
"handoff": "只交接版本來源真相摘要,不改 GitHub / Gitea 狀態。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostSafetyWindow": {
"title": "主機安全窗口包",
"required": "Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling、rollback owner 與 validation 指標。",
"handoff": "只交接 metadata-only host safety window不建立 live action。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummaryEvidence": {
"title": "工具摘要證據包",
"required": "監控、告警、Code Review 或工具輸出的摘要、狀態、時間、來源工具、脫敏方式與 evidence ref。",
"handoff": "只交接工具摘要,讓人工審查可以理解訊號來源。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"runtimeSeparation": {
"title": "runtime 分離包",
"required": "active 執行期閘門=0、rollback / disable 尚待確認、後驗證待補與 no-execution attestation。",
"handoff": "只提醒人工審查前 runtime 仍關閉,不能轉成執行工作。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作、正式環境變更或開啟 操作按鈕。"
}
}
},
"productEvidenceWiringPreflightRetryReviewCandidatePreflight": {
"title": "全產品人工審查候選預檢",
"subtitle": "S2.137 把 S2.136 的八個人工審查候選準備包再拆成八個送入 reviewer queue 前的只讀預檢。這一步只確認識別、來源、範圍、脫敏、版本、主機、工具摘要與 runtime 分離是否可讀,不建立 reviewer candidate、不開 reviewer queue、不指派 reviewer、不建立稽核事件也不開 執行期閘門。",
"checkLabel": "預檢",
"requirementLabel": "需要確認",
"passLabel": "通過訊號",
"failLabel": "未通過分流",
"blockedLabel": "仍禁止",
"boundaryTitle": "人工審查候選預檢邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only retry review candidate preflightpassed、ready for queue、queue open、candidate created、reviewer assigned、audit emitted 與 ready for runtime 全部仍是 0 / false。",
"summary": {
"checks": {
"label": "預檢項",
"detail": "八項預檢覆蓋候選識別、來源追溯、範圍、脫敏、版本、主機、工具與 runtime 分離。"
},
"passed": {
"label": "已通過",
"detail": "目前 0不把準備包存在當預檢通過。"
},
"queue": {
"label": "審查佇列",
"detail": "目前 0不開 reviewer queue、不建立 reviewer candidate。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0候選預檢不會開執行期閘門。"
}
},
"items": {
"candidateIdentity": {
"title": "候選識別預檢",
"requirement": "產品名稱、候選批次、來源分流、重試時間、owner 與 evidence ref 都能追溯。",
"pass": "只可標示 candidate identity readable不建立 reviewer candidate。",
"fail": "缺批次、來源或 owner 時退回 S2.136 候選識別準備包。",
"blocked": "不得把識別可讀當成排程完成、人工接受、稽核事件或 runtime 授權。"
},
"sourceOutcomeTrace": {
"title": "重試結果來源預檢",
"requirement": "S2.135 分流、退回 / 隔離 / 等待原因、補件來源與前一輪預檢參照都可追溯。",
"pass": "只可標示 outcome trace readable等待人工判讀。",
"fail": "來源缺漏、分流不一致或隔離原因不明時退回結果來源包。",
"blocked": "不得覆寫原分流、跳過退回原因、隱藏隔離原因或改寫證據歷程。"
},
"ownerScope": {
"title": "負責人與範圍預檢",
"requirement": "owner role、decision、reason、scope、follow-up owner、公開面與內部面都可讀。",
"pass": "只可標示 owner scope readable不標記 負責人回覆 accepted。",
"fail": "缺 owner、decision、scope 或 follow-up owner 時退回補件。",
"blocked": "不得代填、代簽、送出 request、建立審批或把口頭同意當正式證據。"
},
"redactionAttestation": {
"title": "脫敏聲明預檢",
"requirement": "摘要、遮罩策略、不含 raw payload 聲明、機密明文值 排除聲明與 evidence ref 都存在。",
"pass": "只可標示 redaction attestation readable不匯入敏感原文。",
"fail": "若出現 raw payload、機密明文值、credential 或未遮罩截圖,直接隔離。",
"blocked": "不得顯示 token、credential、raw log、host dump、內網細節或未遮罩截圖。"
},
"sourceControlTruth": {
"title": "版本來源證據預檢",
"requirement": "canonical target、refs truth、工作流程 / 機密 名稱、rollback readiness 與 repo owner evidence ref 都可追溯。",
"pass": "只可標示 source-control truth readable不改 GitHub / Gitea 狀態。",
"fail": "版本來源、refs 或 rollback 缺證時退回版本來源證據包。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostSafetyWindow": {
"title": "主機安全窗口預檢",
"requirement": "Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling、rollback owner 與 validation 指標都以 metadata 呈現。",
"pass": "只可標示 host safety window readable不建立 live action。",
"fail": "缺窗口、credential 邊界或 rollback owner 時維持主機暫停。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummary": {
"title": "工具摘要預檢",
"requirement": "監控、告警、Code Review 或工具輸出已轉為摘要、狀態、時間、來源工具、脫敏方式與 evidence ref。",
"pass": "只可標示 tool summary readable讓人工審查理解訊號來源。",
"fail": "工具輸出含 raw payload、外送資料或機密值時退回摘要補件。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"runtimeSeparation": {
"title": "runtime 分離預檢",
"requirement": "active 執行期閘門=0、rollback / disable 尚待確認、後驗證待補與 no-execution attestation 都可見。",
"pass": "只可標示 runtime separation readable不能轉成執行工作。",
"fail": "若出現執行要求、操作按鈕 或 gate open 暗示,退回 runtime 分離包。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作、正式環境變更或開啟 操作按鈕。"
}
}
},
"productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes": {
"title": "全產品人工審查候選預檢結果分流",
"subtitle": "S2.138 把 S2.137 的預檢結果拆成八條只讀分流:維持只讀、退回識別、退回來源、退回範圍、隔離敏感、版本 / 主機暫停、等待人工審查與 runtime 仍關閉。這讓所有專案產品看懂預檢後下一步,但仍不建立 reviewer candidate、不開 reviewer queue、不指派 reviewer、不建立稽核事件也不開 執行期閘門。",
"outcomeLabel": "分流",
"decisionLabel": "判定",
"nextLabel": "下一步",
"blockedLabel": "仍禁止",
"boundaryTitle": "人工審查候選預檢結果分流邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only retry review candidate preflight outcome routingready for queue、returned、quarantined、candidate created、reviewer assigned、audit emitted 與 ready for runtime 全部仍是 0 / false。",
"summary": {
"outcomes": {
"label": "分流數",
"detail": "八條結果分流覆蓋維持只讀、退回、隔離、暫停、等待人工審查與 runtime 關閉。"
},
"ready": {
"label": "可進佇列",
"detail": "目前 0不把結果分流可見當 reviewer queue 可開。"
},
"queue": {
"label": "審查佇列",
"detail": "目前 0不建立 reviewer candidate、不指派 reviewer。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0預檢結果分流不會開執行期閘門。"
}
},
"items": {
"stayReadOnly": {
"title": "維持只讀候選",
"decision": "八項預檢都只能被標示為可讀候選,尚未通過人工審查。",
"next": "保留在 IwoooS 前台作為只讀狀態,等待 負責人回覆 與人工審查條件補齊。",
"blocked": "不得把可讀候選當成 reviewer candidate、正式收件、稽核事件或 runtime 授權。"
},
"returnIdentity": {
"title": "退回識別補件",
"decision": "產品名稱、批次、來源分流、重試時間、owner 或 evidence ref 缺漏時退回。",
"next": "回到 S2.136 候選識別準備包補齊 metadata-only 識別欄位。",
"blocked": "不得代填 owner、跳過批次追溯、建立審查排程或送出 request。"
},
"returnTrace": {
"title": "退回來源追溯",
"decision": "S2.135 分流、退回 / 隔離 / 等待原因、補件來源或前一輪預檢參照不一致時退回。",
"next": "回到結果來源包補齊來源鏈路,維持可讀但不接受。",
"blocked": "不得覆寫原分流、刪除失敗原因、改寫證據歷程或把來源缺口視為通過。"
},
"returnOwnerScope": {
"title": "退回負責人與範圍",
"decision": "owner role、decision、reason、scope、follow-up owner、公開面或內部面缺漏時退回。",
"next": "回到負責人與範圍包補件,等待人工可讀範圍成立。",
"blocked": "不得代簽、代填、送審批、把口頭同意當正式證據或標記 負責人回覆 accepted。"
},
"quarantineRedaction": {
"title": "隔離敏感證據",
"decision": "出現 raw payload、機密明文值、credential、未遮罩截圖或可識別內網細節時隔離。",
"next": "只保留脫敏摘要與 evidence ref要求重新提交安全摘要。",
"blocked": "不得顯示、轉送、匯入、保存或讓工具處理敏感原文。"
},
"sourceHostHold": {
"title": "版本 / 主機暫停",
"decision": "版本來源、refs truth、rollback、Kali / 開發主機窗口或 rollback owner 缺證時暫停。",
"next": "回到版本來源證據包或主機安全窗口包,補齊 canonical target 與 maintenance window。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、SSH、掃描、更新主機、調校或切換 GitHub primary。"
},
"readyForHumanReviewWait": {
"title": "等待人工審查",
"decision": "metadata-only 欄位可讀、敏感證據已隔離、版本與主機仍維持只讀時,才可標示為等待人工審查候選。",
"next": "停在等待人工審查,不開 reviewer queue直到 負責人回覆 與正式審查條件另行成立。",
"blocked": "不得自動建立 reviewer candidate、指派 reviewer、產生 audit event、批准或觸發任何修復。"
},
"runtimeStillClosed": {
"title": "runtime 仍關閉",
"decision": "不論前述分流結果如何active 執行期閘門 仍為 0操作按鈕 仍不可用。",
"next": "只顯示 no-execution attestation等待後續人工決策與 執行期閘門 文件化。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作、正式環境變更或開啟 操作按鈕。"
}
}
},
"productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger": {
"title": "全產品人工審查候選預檢補件回收台帳",
"subtitle": "S2.139 把 S2.138 的退回、隔離與暫停結果整理成八個只讀補件回收佇列:識別補件、來源補件、範圍補件、脫敏重送、版本補證、主機窗口補證、工具摘要補件與 runtime 聲明。這讓所有專案產品知道被退回後要補什麼、由誰補、如何回到預檢,但仍不接受補件、不建立 reviewer candidate、不開 reviewer queue、不產生稽核事件也不開 執行期閘門。",
"queueLabel": "回收佇列",
"ownerLabel": "負責角色",
"requiredLabel": "需要補齊",
"recoveryLabel": "回收方式",
"blockedLabel": "仍禁止",
"boundaryTitle": "預檢補件回收台帳邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only retry review candidate preflight recovery ledgersubmitted、accepted、rejected、quarantined、ready for preflight retry、candidate created、reviewer assigned、audit emitted 與 ready for runtime 全部仍是 0 / false。",
"summary": {
"queues": {
"label": "回收佇列",
"detail": "八個佇列覆蓋識別、來源、範圍、脫敏、版本、主機、工具摘要與 runtime 聲明。"
},
"submitted": {
"label": "已送補件",
"detail": "目前 0不把台帳可見當補件已送出。"
},
"accepted": {
"label": "已接受",
"detail": "目前 0不把補件整理當人工接受或審查通過。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0補件回收台帳不會開執行期閘門。"
}
},
"items": {
"identitySupplement": {
"title": "識別補件回收",
"owner": "產品 owner 或指定資料整理人,只補 metadata不代填決策。",
"required": "產品名稱、批次、來源分流、重試時間、owner、evidence ref 與缺漏原因。",
"recovery": "補齊後只能回到 S2.137 候選識別預檢,不能直接進 reviewer queue。",
"blocked": "不得代填 owner、跳過批次追溯、建立審查排程、送出 request 或建立候選。"
},
"traceSupplement": {
"title": "來源追溯補件回收",
"owner": "證據整理人與來源系統 owner 共同補足分流來源。",
"required": "S2.135 分流、退回 / 隔離 / 等待原因、補件來源、前一輪預檢參照與 evidence ref。",
"recovery": "補齊後只標示 outcome trace 可重新預檢,等待人工判讀。",
"blocked": "不得覆寫原分流、刪除失敗原因、改寫證據歷程或把來源缺口視為通過。"
},
"ownerScopeSupplement": {
"title": "負責人與範圍補件回收",
"owner": "scope owner 補足 role、decision、reason、scope 與 follow-up owner。",
"required": "公開面、內部面、決策理由、範圍邊界、後續負責人與口頭同意排除聲明。",
"recovery": "補齊後只回到 owner scope 預檢,不標記 負責人回覆 accepted。",
"blocked": "不得代簽、代填、送審批、把口頭同意當正式證據或建立正式紀錄。"
},
"redactionResubmission": {
"title": "脫敏重送回收",
"owner": "證據提交者必須移除 raw payload、機密明文值、credential 與未遮罩截圖。",
"required": "脫敏摘要、遮罩策略、不含 raw payload 聲明、機密明文值 排除聲明與 evidence ref。",
"recovery": "只收安全摘要與 evidence pointer若仍含敏感值維持隔離。",
"blocked": "不得顯示、轉送、匯入、保存、貼上或讓工具處理敏感原文。"
},
"sourceControlEvidence": {
"title": "版本來源補證回收",
"owner": "repo owner 或 release owner 補 canonical target、refs truth 與 rollback readiness。",
"required": "GitHub / Gitea 目標、分支 / 標籤真相、工作流程 / 機密 名稱、rollback owner 與 evidence ref。",
"recovery": "只補版本來源真相摘要,等待 source-control truth 預檢重跑。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostWindowEvidence": {
"title": "主機窗口補證回收",
"owner": "主機維運 owner 補 Kali、192.168.0.168、192.168.0.111 的窗口與回復責任。",
"required": "scope、maintenance window、credential handling、rollback owner、validation 指標與 no-execution 聲明。",
"recovery": "只收 metadata-only host window等待主機安全窗口預檢。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummarySupplement": {
"title": "工具摘要補件回收",
"owner": "監控、告警、Code Review 或工具輸出 owner 只補摘要與來源。",
"required": "摘要、狀態、時間、來源工具、脫敏方式、evidence ref 與外送資料排除聲明。",
"recovery": "補齊後只讓人工審查理解訊號來源,不讓工具自動修復。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"runtimeAttestation": {
"title": "runtime 分離聲明回收",
"owner": "平台 owner 補 active 執行期閘門=0、操作按鈕 關閉與 no-execution attestation。",
"required": "執行期閘門 關閉、rollback / disable 尚待確認、後驗證待補與正式決策缺口。",
"recovery": "只作為後續人工決策的邊界證據,不能轉成執行工作。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作、正式環境變更或開啟 操作按鈕。"
}
}
},
"productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates": {
"title": "全產品人工審查候選預檢補件重試門檻",
"subtitle": "S2.140 把 S2.139 的補件回收台帳再拆成八個只讀重試門檻:識別、來源、範圍、脫敏、版本、主機窗口、工具摘要與 runtime 分離。這讓所有專案產品知道補件回收後何時可以重新回到 S2.137 預檢,但仍不接受補件、不標記通過、不建立 reviewer candidate、不開 reviewer queue、不產生稽核事件也不開 執行期閘門。",
"gateLabel": "門檻",
"readyLabel": "可重試條件",
"retryLabel": "重試方式",
"blockedLabel": "仍禁止",
"boundaryTitle": "補件重試門檻邊界",
"boundaryIntro": "以下鍵值固定:目前只做 read-only retry review candidate preflight recovery retry gatecandidate、submitted、passed、ready for preflight retry、ready for human review、candidate created、reviewer assigned、audit emitted 與 ready for runtime 全部仍是 0 / false。",
"summary": {
"gates": {
"label": "重試門檻",
"detail": "八個門檻覆蓋識別、來源、範圍、脫敏、版本、主機、工具摘要與 runtime 分離。"
},
"candidates": {
"label": "可重試候選",
"detail": "目前 0不把補件回收台帳當可重試成立。"
},
"passed": {
"label": "已通過",
"detail": "目前 0不把重試條件可見當預檢通過。"
},
"runtime": {
"label": "runtime 就緒",
"detail": "目前 0補件重試門檻不會開執行期閘門。"
}
},
"items": {
"identityGate": {
"title": "識別重試門檻",
"ready": "產品名稱、批次、來源分流、重試時間、owner、evidence ref 與缺漏原因都補齊。",
"retry": "只能回到 S2.137 候選識別預檢,重新檢查 metadata 可讀性。",
"blocked": "不得跳過識別重試、建立審查排程、送出 request、建立候選或代填 owner。"
},
"traceGate": {
"title": "來源重試門檻",
"ready": "S2.135 分流、退回 / 隔離 / 等待原因、補件來源與前一輪預檢參照都一致。",
"retry": "只標示 outcome trace 可重新預檢,等待人工判讀來源鏈路。",
"blocked": "不得覆寫原分流、刪除失敗原因、改寫證據歷程或把來源缺口視為通過。"
},
"ownerScopeGate": {
"title": "負責人與範圍重試門檻",
"ready": "owner role、decision、reason、scope、follow-up owner、公開面、內部面與口頭同意排除聲明都可讀。",
"retry": "只能重跑 owner scope 預檢,不標記 負責人回覆 accepted。",
"blocked": "不得代簽、代填、送審批、把口頭同意當正式證據或建立正式紀錄。"
},
"redactionGate": {
"title": "脫敏重試門檻",
"ready": "脫敏摘要、遮罩策略、不含 raw payload 聲明、機密明文值 排除聲明與 evidence ref 都存在。",
"retry": "只以安全摘要與 evidence pointer 回到脫敏預檢;若仍含敏感值,維持隔離。",
"blocked": "不得顯示、轉送、匯入、保存、貼上或讓工具處理敏感原文。"
},
"sourceControlGate": {
"title": "版本來源重試門檻",
"ready": "GitHub / Gitea 目標、分支 / 標籤真相、工作流程 / 機密 名稱、rollback owner 與 evidence ref 都可追溯。",
"retry": "只重跑 source-control truth 預檢,不改任何版本來源狀態。",
"blocked": "不得建立 repo、同步 refs、改 工作流程 / 機密、切 primary、停用 Gitea 或改可見性。"
},
"hostWindowGate": {
"title": "主機窗口重試門檻",
"ready": "Kali、192.168.0.168、192.168.0.111 的 scope、maintenance window、credential handling、rollback owner、validation 指標與 no-execution 聲明都補齊。",
"retry": "只以 metadata-only host window 回到主機安全窗口預檢。",
"blocked": "不得 SSH、更新主機、掃描、調校、收 credential 明文或執行 Kali /execute。"
},
"toolSummaryGate": {
"title": "工具摘要重試門檻",
"ready": "摘要、狀態、時間、來源工具、脫敏方式、evidence ref 與外送資料排除聲明都存在。",
"retry": "只讓人工審查重新理解訊號來源,不讓工具自動修復。",
"blocked": "不得讓工具自動修復、部署、外送資料、增加付費 provider 呼叫或收機密明文。"
},
"runtimeGate": {
"title": "runtime 分離重試門檻",
"ready": "active 執行期閘門=0、操作按鈕 關閉、rollback / disable 尚待確認、後驗證待補與 no-execution attestation 都可見。",
"retry": "只重跑 runtime separation 預檢,確認仍不可執行。",
"blocked": "不得掃描、修復、部署、主機變更、版本來源操作、正式環境變更或開啟 操作按鈕。"
}
}
},
"firstProgressUnlockPath": {
"title": "第一個進度解鎖路徑",
"subtitle": "S2.114 把 61% 下一個真正能往前的路徑收斂到 S4.9 負責人回覆:先收到可追溯回覆,再補齊脫敏證據參照,通過收件預檢與審查接受後,才可能成為 headline review 候選。",
"stepLabel": "步驟",
"boundaryTitle": "第一解鎖路徑邊界",
"boundaryIntro": "以下鍵值固定:這是 S4.9 第一解鎖路徑的只讀收斂,不是送件完成、回覆已收到、批准、掃描、修復、部署或執行期入口。",
"summary": {
"focus": {
"label": "目前焦點",
"detail": "S4.9 是第一個可能推動 61% 的收件路徑。"
},
"steps": {
"label": "解鎖步驟",
"detail": "五步都需要證據,不跳步。"
},
"accepted": {
"label": "已接受",
"detail": "目前 0還不能觸發 headline review。"
},
"headline": {
"label": "進度審查",
"detail": "目前未開,只能等待證據。"
}
},
"items": {
"ownerResponseScope": {
"title": "收到負責人回覆",
"body": "先確認 S4.9 owner role、decision、reason、scope 與 follow-up owner 都可追溯。"
},
"redactedEvidencePointer": {
"title": "補齊脫敏證據參照",
"body": "只收 metadata 與 evidence refs不收機密明文、token value 或未脫敏 payload。"
},
"intakePreflight": {
"title": "通過收件預檢",
"body": "檢查欄位完整、範圍一致、敏感內容隔離與禁止變更條款都成立。"
},
"reviewAcceptance": {
"title": "審查接受",
"body": "人工 reviewer 接受後,才可把 S4.9 視為有效 movement signal。"
},
"headlineReviewCandidate": {
"title": "成為進度審查候選",
"body": "只有 accepted evidence 出現後,才可能進入 headline review目前仍未授權。"
}
}
},
"firstUnlockEvidencePacket": {
"title": "第一解鎖證據包",
"subtitle": "S2.115 把 S4.9 要讓 61% 真正前進所需的證據收斂成五個欄位:負責人判定 metadata、範圍與來源參照、脫敏聲明、收件預檢軌跡、審查接受摘要。這裡只顯示要補什麼不收 raw payload、不收機密明文、不開 headline review。",
"slotLabel": "欄位",
"boundaryTitle": "證據包收件邊界",
"boundaryIntro": "以下鍵值固定:這是第一解鎖證據包的只讀欄位定義,不是送件、收件、驗收通過、審批、掃描、修復、部署或執行期入口。",
"summary": {
"slots": {
"label": "證據欄位",
"detail": "五個欄位缺一不可。"
},
"filled": {
"label": "已補齊",
"detail": "目前仍是 0不把定義當證據。"
},
"accepted": {
"label": "已接受",
"detail": "目前仍是 0不能觸發進度審查。"
},
"payload": {
"label": "敏感 payload",
"detail": "raw payload、token value 與機密明文都禁止收件。"
}
},
"items": {
"ownerDecisionMetadata": {
"title": "負責人判定 metadata",
"body": "需要 owner role、decision、reason、follow-up owner 與判定時間;不接受口頭同意。"
},
"scopeEvidenceRefs": {
"title": "範圍與來源參照",
"body": "需要對應 S4.9 範圍、Gitea / GitHub 來源脈絡與可追溯 evidence refs。"
},
"redactionAttestation": {
"title": "脫敏聲明",
"body": "需要明確標示只含 metadata 與 evidence pointerraw payload 與機密值已隔離。"
},
"preflightTrace": {
"title": "收件預檢軌跡",
"body": "需要欄位完整、範圍一致、敏感內容隔離與禁止變更條款的預檢結果。"
},
"reviewAcceptanceSummary": {
"title": "審查接受摘要",
"body": "人工 reviewer 接受後才可形成 movement signal目前仍未接受、未授權。"
}
}
},
"firstUnlockEvidencePacketPreflightOutcomes": {
"title": "第一解鎖證據包預檢分流",
"subtitle": "S2.116 把第一解鎖證據包進來後的結果分成六條只讀分流:可進審查、補 owner metadata、補範圍參照、隔離 raw payload、拒收機密值、等待 reviewer。這裡只說明預檢結果不把任何分流當成已接受或授權。",
"laneLabel": "分流",
"boundaryTitle": "預檢分流邊界",
"boundaryIntro": "以下鍵值固定這是第一解鎖證據包的預檢結果分流不是證據已補齊、審查已接受、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"lanes": {
"label": "結果分流",
"detail": "六條分流讓補證、隔離與拒收不混在一起。"
},
"ready": {
"label": "可進審查",
"detail": "目前仍是 0沒有可審查證據包。"
},
"quarantine": {
"label": "已隔離",
"detail": "目前仍是 0若有 raw payload 才會隔離。"
},
"accepted": {
"label": "已接受",
"detail": "目前仍是 0不能推動 headline。"
}
},
"items": {
"readyForReview": {
"title": "可進人工審查",
"body": "五個欄位完整、只有 metadata 與脫敏參照時,才可進 reviewer queue目前仍是 0。"
},
"needsOwnerMetadata": {
"title": "要求補 owner metadata",
"body": "缺 owner role、decision、reason、follow-up owner 或判定時間時,只能退回補欄。"
},
"needsScopeRefs": {
"title": "要求補範圍參照",
"body": "缺 S4.9 範圍、來源脈絡或 evidence refs 時,不能進審查。"
},
"quarantineRawPayload": {
"title": "隔離 raw payload",
"body": "任何未脫敏 payload、截圖原文或高風險輸出都要隔離不進一般審查。"
},
"rejectSecretValue": {
"title": "拒收機密明文值",
"body": "token value、登入口令、私鑰或其他機密明文值直接拒收不保留在前端或 snapshot。"
},
"waitingReviewer": {
"title": "等待 reviewer 接受",
"body": "預檢可通過也不代表 accepted仍需人工 reviewer 接受後才可能形成 movement signal。"
}
}
},
"firstUnlockEvidencePacketSupplementPath": {
"title": "第一解鎖證據包補件路徑",
"subtitle": "S2.117 把第一解鎖證據包未通過預檢時的補件方式拆成五步:補 owner metadata、補範圍參照、補脫敏聲明、補預檢軌跡、等待 reviewer queue。這裡只顯示補件路徑不送出 request、不接受證據、不開 headline review。",
"stepLabel": "補件步驟",
"boundaryTitle": "補件路徑邊界",
"boundaryIntro": "以下鍵值固定這是第一解鎖證據包的補件說明不是送件、收件、審查接受、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"steps": {
"label": "補件步驟",
"detail": "五步只說明缺口,不代表已補齊。"
},
"ready": {
"label": "可送審",
"detail": "目前仍是 0沒有可送審補件。"
},
"submitted": {
"label": "已送出",
"detail": "目前仍是 0不把路徑當 request sent。"
},
"accepted": {
"label": "已接受",
"detail": "目前仍是 0headline 不提高。"
}
},
"items": {
"ownerMetadataPatch": {
"title": "補 owner metadata",
"body": "補齊 owner role、decision、reason、follow-up owner 與判定時間;缺一項就不能進審查。"
},
"scopeRefsPatch": {
"title": "補範圍與來源參照",
"body": "補上 S4.9 scope、Gitea / GitHub 來源脈絡與 evidence refs避免範圍漂移。"
},
"redactionPatch": {
"title": "補脫敏聲明",
"body": "只允許 metadata 與 evidence pointerraw payload、token value、私鑰與登入口令仍不可收。"
},
"preflightTracePatch": {
"title": "補預檢軌跡",
"body": "補上欄位完整、範圍一致、敏感內容隔離與禁止變更條款的檢查結果。"
},
"reviewerQueuePatch": {
"title": "等待 reviewer queue",
"body": "補件就緒也只是進入人工 reviewer queueaccepted 前不得成為 movement signal。"
}
}
},
"firstUnlockEvidencePacketSupplementPreReview": {
"title": "第一解鎖證據包補件送審前檢查",
"subtitle": "S2.118 把補件要進 reviewer queue 前的檢查拆成六項owner metadata 完整、範圍參照可追溯、脫敏聲明成立、預檢軌跡附上、禁止變更條款維持、reviewer queue 未開。這裡只顯示送審前檢查,不代表補件已送出或已接受。",
"checkLabel": "檢查",
"boundaryTitle": "送審前檢查邊界",
"boundaryIntro": "以下鍵值固定這是補件送審前檢查不是送件、收件、審查接受、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"checks": {
"label": "檢查項",
"detail": "六項都只是送審前條件。"
},
"passed": {
"label": "已通過",
"detail": "目前仍是 0不把檢查表當通過。"
},
"ready": {
"label": "可送審",
"detail": "目前仍是 0reviewer queue 未開。"
},
"queue": {
"label": "審查佇列",
"detail": "目前 false沒有送審入口。"
}
},
"items": {
"ownerMetadataComplete": {
"title": "owner metadata 完整",
"body": "確認 owner role、decision、reason、follow-up owner 與判定時間都存在且可追溯。"
},
"scopeRefsTraceable": {
"title": "範圍參照可追溯",
"body": "確認 S4.9 scope、來源脈絡與 evidence refs 一致,不把其他專案或其他主機混入。"
},
"redactionAttested": {
"title": "脫敏聲明成立",
"body": "確認只含 metadata 與 evidence pointerraw payload、token value、私鑰與登入口令都未進入收件。"
},
"preflightTraceAttached": {
"title": "預檢軌跡附上",
"body": "確認欄位完整、範圍一致、敏感內容隔離與禁止變更條款都有檢查結果。"
},
"noMutationClauseHeld": {
"title": "禁止變更條款維持",
"body": "確認補件不會觸發 repo、refs、workflow、secret、Kali、SSH、部署或主機變更。"
},
"reviewerQueueReady": {
"title": "reviewer queue 未開",
"body": "即使前五項都補齊,也要等人工 reviewer queue 開啟;目前仍是 false。"
}
}
},
"firstUnlockEvidencePacketSupplementPreReviewOutcomes": {
"title": "第一解鎖證據包補件送審結果分流",
"subtitle": "S2.119 把補件送審前檢查後可能出現的結果拆成六條只讀分流:可排入 reviewer queue、退回補件、隔離敏感材料、拒收變更要求、維持佇列未開、等待 reviewer 指派。這裡只顯示結果分流,不代表 queue 已開、補件已送出或審查已接受。",
"outcomeLabel": "結果",
"boundaryTitle": "結果分流邊界",
"boundaryIntro": "以下鍵值固定這是補件送審前檢查後的只讀結果分流不是送件、收件、審查接受、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"lanes": {
"label": "結果分流",
"detail": "六條分流讓可排隊、退回、隔離與拒收不混在一起。"
},
"ready": {
"label": "可排隊",
"detail": "目前仍是 0reviewer queue 未開。"
},
"returned": {
"label": "退回補件",
"detail": "目前仍是 0沒有已退回項。"
},
"assigned": {
"label": "已指派",
"detail": "目前仍是 0沒有 reviewer 指派。"
}
},
"items": {
"readyForReviewerQueue": {
"title": "可排入 reviewer queue",
"body": "六項檢查都通過且 queue 開啟時,才可排入 reviewer queue目前仍是 0。"
},
"returnToSupplement": {
"title": "退回補件",
"body": "owner metadata、scope refs、脫敏聲明或預檢軌跡不足時只能退回補件。"
},
"quarantineSensitiveMaterial": {
"title": "隔離敏感材料",
"body": "raw payload、token value、私鑰、登入口令或未脫敏輸出都要隔離不進一般審查。"
},
"rejectMutationRequest": {
"title": "拒收變更要求",
"body": "任何要求 repo、refs、workflow、secret、Kali、SSH、部署或主機變更的內容直接拒收。"
},
"keepQueueClosed": {
"title": "維持佇列未開",
"body": "沒有人工 reviewer queue 開啟前,即使補件完整也不能進入審查流程。"
},
"waitReviewerAssignment": {
"title": "等待 reviewer 指派",
"body": "queue 開啟後仍需人工 reviewer 指派;未指派前不形成 accepted evidence。"
}
}
},
"firstUnlockEvidencePacketReviewerAssignmentPreparation": {
"title": "第一解鎖證據包 reviewer 指派準備包",
"subtitle": "S2.120 把補件結果分流之後,若未來要進人工 reviewer 指派前需要整理的六個準備包前台化佇列狀態凍結、reviewer 角色邊界、範圍包、證據索引、衝突揭露、指派稽核草稿。這裡只顯示準備包,不代表 reviewer candidate 已成立、queue 已開或 reviewer 已指派。",
"packetLabel": "準備包",
"boundaryTitle": "指派準備邊界",
"boundaryIntro": "以下鍵值固定:這是 reviewer 指派前的只讀準備包,不是開 queue、指派 reviewer、接受補件、建立稽核事件、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"packets": {
"label": "準備包",
"detail": "六個準備包讓指派前資料不混成授權。"
},
"ready": {
"label": "可指派",
"detail": "目前仍是 0沒有可指派狀態。"
},
"candidates": {
"label": "候選 reviewer",
"detail": "目前仍是 0沒有候選 reviewer。"
},
"assigned": {
"label": "已指派",
"detail": "目前仍是 0沒有 reviewer 指派。"
}
},
"items": {
"queueStatusFreeze": {
"title": "佇列狀態凍結",
"body": "把 queue_open=false、ready_for_queue_count=0 與 request_sent=false 固定在同一個準備包,避免被誤讀成已開佇列。"
},
"reviewerRoleBoundary": {
"title": "reviewer 角色邊界",
"body": "只描述未來人工 reviewer 需要檢查的責任邊界,不建立 reviewer candidate 或 reviewer assignment。"
},
"scopePacket": {
"title": "範圍包",
"body": "整理 S4.9 scope、來源脈絡與 evidence refs 的對照,仍不能把其他主機或其他專案混入。"
},
"evidencePointerIndex": {
"title": "證據索引",
"body": "只索引 metadata 與 evidence pointerraw payload、token value、私鑰與登入口令仍不得進入準備包。"
},
"conflictDisclosure": {
"title": "衝突揭露",
"body": "標示 source、scope、owner 或禁止變更條款的衝突,衝突未釐清前不能進 reviewer 指派。"
},
"assignmentAuditDraft": {
"title": "指派稽核草稿",
"body": "只準備未來可留痕的 metadata shape目前 assignment_audit_event_emitted 仍是 0。"
}
}
},
"firstUnlockEvidencePacketReviewerAssignmentPreflight": {
"title": "第一解鎖證據包 reviewer 指派前檢查",
"subtitle": "S2.121 把 reviewer 指派準備包之後的六項檢查前台化:佇列仍關閉、角色邊界可追溯、範圍包可追溯、證據索引已脫敏、衝突揭露已釐清、稽核草稿只含 metadata。這裡只顯示指派前檢查不代表 reviewer candidate 已成立、queue 已開或 reviewer 已指派。",
"checkLabel": "檢查",
"boundaryTitle": "指派前檢查邊界",
"boundaryIntro": "以下鍵值固定:這是 reviewer 指派前的只讀檢查,不是開 queue、建立 reviewer candidate、指派 reviewer、接受補件、建立稽核事件、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"checks": {
"label": "檢查項",
"detail": "六項都只是指派前核對條件。"
},
"passed": {
"label": "已通過",
"detail": "目前仍是 0不把清單當通過。"
},
"ready": {
"label": "可指派",
"detail": "目前仍是 0queue 仍關閉。"
},
"assigned": {
"label": "已指派",
"detail": "目前仍是 0沒有 reviewer 指派。"
}
},
"items": {
"queueStillClosed": {
"title": "佇列仍關閉",
"body": "確認 queue_open=false、ready_for_queue_count=0、request_sent=false避免檢查清單被當成已開 queue。"
},
"roleBoundaryTraceable": {
"title": "角色邊界可追溯",
"body": "確認 reviewer 只負責人工審查與建議不具備部署、掃描、repo、refs、workflow 或 secret 操作權。"
},
"scopePacketTraceable": {
"title": "範圍包可追溯",
"body": "確認 S4.9 scope、來源脈絡與 evidence refs 都能對照,且沒有混入其他主機或其他專案。"
},
"evidenceIndexRedacted": {
"title": "證據索引已脫敏",
"body": "確認只保留 metadata 與 evidence pointerraw payload、token value、私鑰與登入口令仍不可收。"
},
"conflictDisclosureClear": {
"title": "衝突揭露已釐清",
"body": "source、scope、owner 或禁止變更條款有衝突時,必須停在待釐清,不得進 reviewer 指派。"
},
"auditDraftMetadataOnly": {
"title": "稽核草稿只含 metadata",
"body": "確認未來稽核事件只會保留 metadata shape目前 audit_event_emitted 仍是 0。"
}
}
},
"firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome": {
"title": "第一解鎖證據包 reviewer 指派前檢查結果分流",
"subtitle": "S2.122 把 reviewer 指派前檢查後的六條結果分流前台化:維持佇列關閉、退回角色邊界、退回範圍包、隔離未脫敏證據、暫停衝突揭露、保留 metadata-only 稽核草稿。這裡只顯示分流,不代表 reviewer candidate 已成立、queue 已開或 reviewer 已指派。",
"outcomeLabel": "結果",
"boundaryTitle": "指派前結果分流邊界",
"boundaryIntro": "以下鍵值固定:這是 reviewer 指派前檢查後的只讀結果分流,不是建立 reviewer candidate、開 queue、指派 reviewer、接受補件、建立稽核事件、headline review、掃描、修復、部署或執行期入口。",
"summary": {
"outcomes": {
"label": "分流",
"detail": "六條只讀結果讓後續處理不混成授權。"
},
"candidates": {
"label": "候選 reviewer",
"detail": "目前仍是 0沒有 reviewer candidate。"
},
"assigned": {
"label": "已指派",
"detail": "目前仍是 0沒有 reviewer 指派。"
},
"audit": {
"label": "稽核事件",
"detail": "目前仍是 0沒有建立稽核事件。"
}
},
"items": {
"keepQueueClosed": {
"title": "維持佇列關閉",
"body": "只要 passed_count=0 或 ready_count=0就維持 queue_open=false不進 reviewer candidate。"
},
"returnRoleBoundary": {
"title": "退回角色邊界",
"body": "reviewer 權責不清時退回補齊仍不得賦予部署、掃描、repo、refs、workflow 或 secret 操作權。"
},
"returnScopePacket": {
"title": "退回範圍包",
"body": "scope、source 或 evidence refs 不可追溯時退回補件,避免混入其他主機或其他專案。"
},
"quarantineEvidenceIndex": {
"title": "隔離未脫敏證據",
"body": "若出現 raw payload、token value、私鑰或登入口令必須隔離並不得進 reviewer 指派。"
},
"holdConflictDisclosure": {
"title": "暫停衝突揭露",
"body": "source、scope、owner 或禁止變更條款衝突未釐清前,停在 conflict hold不建立 candidate。"
},
"keepAuditDraftMetadataOnly": {
"title": "保留 metadata 稽核草稿",
"body": "只保留未來稽核事件的 metadata shape目前 audit_event_emitted 仍是 0。"
}
}
},
"s49OwnerResponseWorkOrder": {
"title": "S4.9 Owner Response 人工收件工作單",
"subtitle": "S2.101 把第一個真正能推動 61% 的 S4.9 回覆收件格式放到 IwoooS每項都要包含 owner role/team、decision、decision reason、受影響 scope、脫敏 evidence refs 與 follow-up owner。這裡只是人工收件工作單不送出 request、不收件、不標記 已收到 / 已接受。",
"itemLabel": "收件項目",
"requiredFieldsLabel": "必填欄位",
"acceptanceLabel": "驗收方式",
"guardLabel": "仍禁止",
"boundaryTitle": "S4.9 收件邊界",
"summary": {
"items": {
"label": "工作項",
"detail": "五個 S4.9 負責人回覆 項目仍全部未收。"
},
"fields": {
"label": "每項必填",
"detail": "六個欄位缺一不可,避免口頭同意被誤收。"
},
"received": {
"label": "已收到",
"detail": "目前仍是 0不把工作單當回覆。"
},
"accepted": {
"label": "已接受",
"detail": "目前仍是 0五項通過前不得 accepted。"
}
},
"items": {
"scopeGapResponse": {
"title": "Public-only / local gap 回覆",
"body": "請 owner 判定 public-only 與 local Gitea 差異是否納入本輪 inventory / migration scope。",
"requiredFields": "owner role/team、decision、decision reason、affected scope、redacted evidence refs、follow-up owner。",
"acceptance": "decision 必須落在 in scope、out of scope、legacy archived、external system、inaccessible 或 needs more evidence。",
"guard": "不建立 repo、不讀私有內容、不同步 refs、不把差異判定當 migration approval。"
},
"endpointIdentityResponse": {
"title": "Gitea `wooo` endpoint 身分回覆",
"body": "請 owner 判定 `wooo` 應以 user、org 或雙重來源盤點,避免把 endpoint 404 誤讀成不存在。",
"requiredFields": "owner role/team、canonical endpoint identity、decision reason、affected endpoint、redacted evidence refs、follow-up owner。",
"acceptance": "必須能追溯到已知 endpoint evidence且不得含 token、cookie、private URL credential 或 admin API payload。",
"guard": "不呼叫 Gitea admin API、不使用 token、不把 endpoint 身分當 inventory completed。"
},
"adjacentSourceResponse": {
"title": "110 adjacent source scope 回覆",
"body": "請 owner 判定 `bitan-pharmacy`、`root/momo-pro-system`、`tsenyang-website`、`wooo/wooo-infra-config` 是否納入本輪 scope。",
"requiredFields": "owner role/team、per-source decision、decision reason、affected source、redacted evidence refs、follow-up owner。",
"acceptance": "逐項標示 in scope、out of scope、legacy、external、inaccessible 或 needs more evidence並保留脫敏 trace。",
"guard": "不讀取私有 repo 內容、不匯入 archive、不把 110 adjacent source 自動納入 migration。"
},
"canonicalOwnerResponse": {
"title": "Repo owner / canonical scope 回覆",
"body": "請 owner 為 in-scope repo 指定 canonical source、GitHub target candidate、visibility review owner 與理由。",
"requiredFields": "owner role/team、canonical source、GitHub target candidate、visibility review owner、redacted evidence refs、follow-up owner。",
"acceptance": "target candidate 只能作為 readiness evidence需後續 S4.10 / S4.11 / S4.12 驗收後才可進 primary review。",
"guard": "不建立 GitHub repo、不改 visibility、不切 primary、不把 target candidate 當 approval。"
},
"legacyDispositionResponse": {
"title": "Legacy / inaccessible disposition 回覆",
"body": "請 owner 對 legacy、inaccessible 或 external repo 留下 disposition、理由與後續負責人。",
"requiredFields": "owner role/team、disposition、decision reason、affected repo/source、redacted evidence refs、follow-up owner。",
"acceptance": "disposition 只能是 archive candidate、exclude、follow-up evidence、external owner 或 needs more evidence。",
"guard": "不刪除、不停用、不封存 repodisposition 只是人工分類,不是執行命令。"
}
}
},
"s49OwnerResponseEnvelope": {
"title": "S4.9 負責人回覆封套欄位",
"subtitle": "S2.102 把 S4.9 負責人回覆的六個必填欄位做成只讀回覆封套矩陣。這讓負責人可以照同一格式回覆,也讓審查者能逐欄驗收;目前仍是空白封套,不提交、不收件、不建立稽核事件。",
"fieldLabel": "封套欄位",
"formatLabel": "建議格式",
"guardLabel": "仍禁止",
"boundaryTitle": "回覆封套邊界",
"summary": {
"fields": {
"label": "欄位",
"detail": "六個欄位缺一不可。"
},
"filled": {
"label": "已填",
"detail": "目前仍是 0不把封套當回覆。"
},
"submitted": {
"label": "已提交",
"detail": "目前仍是 0不送出請求。"
},
"accepted": {
"label": "已接受",
"detail": "目前仍是 0不開進度重估。"
}
},
"items": {
"ownerRoleTeam": {
"title": "負責人角色 / 團隊",
"body": "標示這筆 S4.9 回覆由哪個角色、團隊或負責人代表提供。",
"format": "使用角色 / 團隊名稱與可追溯責任範圍,不填個人密碼、權杖或私人聯絡資訊。",
"guard": "不把負責人欄位當審批人、不自動指派權責。"
},
"decision": {
"title": "判定 / 處置",
"body": "標示這筆回覆的判定結果,例如納入範圍、排除範圍、既有封存、外部系統、無法存取或需要更多證據。",
"format": "只能使用該收件項允許值,避免自由文字被誤讀成遷移批准。",
"guard": "不把同意、可進行或看起來沒問題升級成主要來源切換。"
},
"decisionReason": {
"title": "判定理由",
"body": "說明判定理由,讓審查者能追溯為什麼該專案庫、端點或範圍被納入、排除或要求補證。",
"format": "使用短句與證據參照對應,不貼原始日誌、私有網址憑證或機密片段。",
"guard": "不把理由欄當正式 ADR、不把口頭理由當審批紀錄。"
},
"affectedScope": {
"title": "受影響範圍",
"body": "列出受影響專案庫、端點、來源或範圍,讓 S4.13 驗收彙整能對應到正確收件項。",
"format": "使用專案庫 / 端點 / 來源名稱或脫敏識別碼,不貼封存檔、資料庫傾印或 Git 物件包。",
"guard": "不讀取私有內容、不匯入來源、不自動擴大遷移範圍。"
},
"redactedEvidenceRefs": {
"title": "脫敏證據參照",
"body": "引用已脫敏的文件、快照、中繼資料指標或審查者可追溯的證據參照。",
"format": "只接受脫敏參照權杖、機密、cookie、session、私鑰、憑證明文必須隔離。",
"guard": "不保存機密明文、不把證據參照當載荷匯入。"
},
"followupOwner": {
"title": "後續負責人",
"body": "指定若需要補證、隔離、拒收或後續 S4.10-S4.12 判定時的負責人。",
"format": "使用角色 / 團隊 / 工作窗口,不含私人機密與一次性憑證。",
"guard": "不把後續負責人當批准者、不開執行期閘門。"
}
}
},
"s49OwnerResponseEnvelopePreflight": {
"title": "S4.9 負責人回覆封套送件前檢查",
"subtitle": "S2.103 把回覆封套送出前的六個檢查點做成只讀看板。它只協助負責人與審查者確認欄位、判定、證據、範圍、變更要求與後續負責人是否可讀;目前通過=0、可送件=0不送出、不收件、不建立稽核事件。",
"checkLabel": "送件前檢查",
"failureLabel": "不通過時",
"guardLabel": "仍禁止",
"boundaryTitle": "送件前檢查邊界",
"summary": {
"checks": {
"label": "檢查項",
"detail": "六個檢查缺一不可。"
},
"passed": {
"label": "通過",
"detail": "目前仍是 0不把封套當可送件。"
},
"ready": {
"label": "可送件",
"detail": "目前仍是 0不開收件。"
},
"submitted": {
"label": "已提交",
"detail": "目前仍是 0不送出請求。"
}
},
"items": {
"fieldCompleteness": {
"title": "六欄完整檢查",
"body": "確認負責人角色 / 團隊、判定 / 處置、判定理由、受影響範圍、脫敏證據參照、後續負責人六欄都存在。",
"failure": "缺欄時只能要求補齊,不得標記可送件。",
"guard": "不接受口頭同意、不用缺欄封套建立審批紀錄。"
},
"allowedDisposition": {
"title": "判定值允許檢查",
"body": "確認判定落在該收件項允許值內,避免自由文字被誤讀成遷移或主要來源批准。",
"failure": "判定值不明確時只能要求負責人修正。",
"guard": "不把同意、可進行、看起來沒問題升級成執行授權。"
},
"redactedEvidence": {
"title": "脫敏證據檢查",
"body": "確認證據只引用脫敏文件、快照或中繼資料指標沒有機密明文、權杖、私鑰、cookie 或 session。",
"failure": "出現敏感載荷時只能隔離,不得匯入或轉送。",
"guard": "不保存機密明文、不把證據參照當載荷匯入。"
},
"scopeTraceability": {
"title": "範圍追溯檢查",
"body": "確認受影響專案庫、端點、來源或範圍能對應到 S4.9 五個人工收件項之一。",
"failure": "範圍無法對應時只能要求補證或修正範圍。",
"guard": "不讀取私有內容、不匯入來源、不自動擴大遷移範圍。"
},
"mutationRequestRejected": {
"title": "變更要求拒收檢查",
"body": "確認回覆封套沒有夾帶建立專案庫、改可見性、同步分支、修改工作流程或收集機密值的要求。",
"failure": "夾帶變更要求時只能拒收或拆到獨立人工閘門。",
"guard": "不從封套觸發 GitHub、Gitea、分支 / 標籤參照、工作流程、機密設定或執行器動作。"
},
"followupOwnerTrace": {
"title": "後續負責人追溯檢查",
"body": "確認補證、隔離、拒收或後續 S4.10-S4.12 判定都有可追溯角色或團隊。",
"failure": "沒有後續負責人時只能維持等待,不得進入接受。",
"guard": "不把後續負責人當批准者、不開執行期閘門。"
}
}
},
"s49OwnerResponseEnvelopePreflightOutcome": {
"title": "S4.9 負責人回覆封套送件前結果分流",
"subtitle": "S2.104 把送件前檢查後的七種結果做成只讀分流。它只說明封套不通過時要補欄、修正判定、隔離敏感證據、修正範圍、拒收變更要求或維持等待;目前可進收件=0不送出、不收件、不接受。",
"laneLabel": "結果分流",
"nextLabel": "下一步",
"guardLabel": "仍禁止",
"boundaryTitle": "結果分流邊界",
"summary": {
"lanes": {
"label": "分流",
"detail": "七條分流只供人工判讀。"
},
"ready": {
"label": "可進收件",
"detail": "目前仍是 0不開收件。"
},
"quarantined": {
"label": "已隔離",
"detail": "目前仍是 0不保存敏感載荷。"
},
"rejected": {
"label": "已拒收",
"detail": "目前仍是 0不建立拒收紀錄。"
}
},
"items": {
"keepEnvelopeWaiting": {
"title": "維持封套等待",
"body": "封套尚未通過送件前檢查時,保持等待狀態,避免被誤認成已送出或已收到。",
"next": "回到封套欄位與送件前檢查,不建立任何收件事件。",
"guard": "不把等待狀態當進度增加、不開人工批准。"
},
"requestFieldCompletion": {
"title": "要求補齊欄位",
"body": "六欄任一缺漏時,要求補齊負責人角色 / 團隊、判定、理由、範圍、脫敏證據或後續負責人。",
"next": "只回到補欄,不標記可進收件。",
"guard": "不接受口頭補充、不用缺欄封套建立審批紀錄。"
},
"requestDispositionCorrection": {
"title": "要求修正判定",
"body": "判定值不在允許範圍或語意模糊時,要求負責人改成可驗收的明確判定。",
"next": "只要求修正判定,不推進主要來源或遷移判定。",
"guard": "不把同意、可進行或看起來沒問題當執行授權。"
},
"quarantineSensitiveEvidence": {
"title": "隔離敏感證據",
"body": "若封套含機密明文、權杖、私鑰、cookie、session 或私有憑證,必須先隔離。",
"next": "只進隔離與脫敏補證,不匯入原始載荷。",
"guard": "不保存機密明文、不轉送敏感載荷。"
},
"requestScopeCorrection": {
"title": "要求修正範圍",
"body": "受影響專案庫、端點、來源或範圍無法對應 S4.9 收件項時,要求補證或修正。",
"next": "只回到範圍補正,不自動擴大遷移範圍。",
"guard": "不讀取私有內容、不匯入來源。"
},
"rejectMutationRequest": {
"title": "拒收變更要求",
"body": "封套夾帶建立專案庫、改可見性、同步分支、修改工作流程或收集機密值時,直接分流為拒收。",
"next": "只記為需另開人工閘門的變更要求,不在封套內處理。",
"guard": "不從封套觸發 GitHub、Gitea、分支 / 標籤參照、工作流程、機密設定或執行器動作。"
},
"keepFollowupOwnerWaiting": {
"title": "維持後續負責人等待",
"body": "補證、隔離、拒收或後續 S4.10-S4.12 判定沒有可追溯角色或團隊時,維持等待。",
"next": "只要求補上後續負責人,不進入接受。",
"guard": "不把後續負責人當批准者、不開執行期閘門。"
}
}
},
"s49OwnerResponseRequestDraft": {
"title": "S4.9 負責人回覆送件請求草稿",
"subtitle": "S2.105 把送件請求拆成只讀草稿,讓封套、預檢與結果分流之後仍有明確的防誤送邊界。這裡只顯示送件前要整理的草稿項,不寄送 request、不通知負責人、不建立稽核事件、不標記收到或接受。",
"draftLabel": "草稿項",
"gapLabel": "目前缺口",
"guardLabel": "仍禁止",
"boundaryTitle": "送件草稿邊界",
"summary": {
"drafts": {
"label": "草稿項",
"detail": "六個草稿項只供人工整理。"
},
"ready": {
"label": "可送件",
"detail": "目前仍是 0不開送件。"
},
"sent": {
"label": "已送出",
"detail": "目前仍是 0不通知負責人。"
},
"emitted": {
"label": "稽核事件",
"detail": "目前仍是 0不寫入事件。"
}
},
"items": {
"scopeMappingDraft": {
"title": "收件範圍對應草稿",
"body": "把 S4.9 五個人工收件項對應到封套範圍,確認每筆請求只問已定義的清冊、端點、鄰近來源、標準負責人或 legacy disposition 問題。",
"gap": "尚未有可送出的範圍對應,不建立 request。",
"guard": "不自動擴大專案庫範圍、不把範圍草稿當 負責人回覆。"
},
"ownerRecipientDraft": {
"title": "負責人收件對象草稿",
"body": "只列出需要人工確認的角色、團隊或後續負責人欄位,不推定個人信箱、帳號或權限。",
"gap": "收件對象尚未確認,不寄送通知。",
"guard": "不抓取私有通訊錄、不自動標記 owner 已通知。"
},
"redactedEvidenceDraft": {
"title": "脫敏證據參照草稿",
"body": "只允許引用脫敏快照、文件路徑或 metadata 指標,避免把 token、私鑰、cookie、session 或原始 inventory payload 放進請求。",
"gap": "尚未有可接受的脫敏證據包,不進收件。",
"guard": "不保存機密明文、不轉送敏感載荷。"
},
"noMutationClauseDraft": {
"title": "禁止變更條款草稿",
"body": "送件文字必須明確說明這不是建立專案庫、改可見性、同步分支、修改 workflow、收集 機密明文值 或切換主要來源的要求。",
"gap": "禁止變更條款未經人工確認前,不可送件。",
"guard": "不把 request 草稿變成 GitHub、Gitea、分支 / 標籤參照、工作流程或機密設定動作。"
},
"auditTemplateDraft": {
"title": "稽核事件範本草稿",
"body": "預先標出未來若人工送件時需要留下的事件欄位,但目前仍是 template only沒有 event id、沒有 emitted timestamp。",
"gap": "稽核事件仍未發出,不能作為已送件證據。",
"guard": "不寫入 production audit、不把範本當正式紀錄。"
},
"manualDispatchGateDraft": {
"title": "人工送件閘門草稿",
"body": "把送件前最後一道人工確認獨立出來:只有確認收件範圍、對象、脫敏證據、禁止變更條款與稽核範本後,才可另行批准送件。",
"gap": "人工送件閘門未開request_sent 仍為 false。",
"guard": "不提供送出按鈕、不代替負責人回覆、不開執行期閘門。"
}
}
},
"s49OwnerResponsePreflight": {
"title": "S4.9 Owner Response Intake Preflight",
"subtitle": "S2.48 surfaces the 6 S4.9 intake preflight checks in IwoooS: known attestation item, complete fields, allowed decision, redacted evidence, no execution request, and no accepted state until all five items are covered. This is preflight display only: no request send, received marking, or audit event creation.",
"checkLabel": "Preflight",
"failureLabel": "If it fails",
"guardLabel": "Still forbidden",
"items": {
"knownAttestationItem": {
"title": "Match a known S4.7 item",
"body": "The 負責人回覆 must map to public-only / local gap, org/user endpoint, 110 adjacent source, canonical owner, or legacy disposition.",
"failure": "Unclear mapping can only request owner correction.",
"guard": "Do not treat vague text as coverage attestation or auto-map it to an item."
},
"requiredOwnerFields": {
"title": "Required owner fields complete",
"body": "Each response needs owner role/team, decision, decision reason, affected scope, evidence refs, and followup owner.",
"failure": "Missing fields can only request more evidence.",
"guard": "No verbal OK and no approval record from incomplete responses."
},
"allowedDecision": {
"title": "Decision is allowed",
"body": "The decision must fit the acceptable decisions for the matching template so free text is not misread as authorization.",
"failure": "Invalid decisions request owner correction.",
"guard": "Do not upgrade OK / looks fine language into migration or primary approval."
},
"redactedEvidenceOnly": {
"title": "Redacted evidence refs only",
"body": "Evidence may only point to repo docs, snapshots, or redacted metadata pointers; no tokens, 機密設定, cookies, sessions, private keys, or private URL credentials.",
"failure": "Sensitive payloads go to quarantine.",
"guard": "No raw secret storage, DB dump import, git object pack, or repo archive collection."
},
"noExecutionRequest": {
"title": "No execution request",
"body": "Responses must not request Gitea/GitHub writes, repo creation, visibility changes, refs sync/delete/force-push, workflow/secret/runner changes, scans, or runtime actions.",
"failure": "Embedded execution asks are rejected.",
"guard": "No Gitea writes, GitHub repo creation, refs sync, or 執行期閘門 opening."
},
"allFiveItemsBeforeAccepted": {
"title": "All five items before Accepted",
"body": "S4.9 cannot be accepted until all five response templates have acceptable 負責人回覆s.",
"failure": "Partial responses remain waiting or request more evidence.",
"guard": "Visible preflight is not request sent, received, accepted, or audit emitted."
}
}
},
"awooopCrossSessionHandoff": {
"title": "AwoooP Cross-Session Handoff",
"subtitle": "S2.52 freezes the current PR, branch, progress semantics, required guards, forbidden actions, and next coordination gate as read-only handoff packets so another AwoooP Session can continue without treating the handoff as production landing or execution authorization.",
"packetLabel": "Handoff packet",
"handoffLabel": "Handoff note",
"guardLabel": "Still locked",
"items": {
"branchAndPrAnchor": {
"title": "PR / branch anchor",
"body": "PR #117 and codex/security-supply-chain-contracts-20260512 are the current read-only sync anchors.",
"handoff": "The other Session should confirm the same PR, branch, and latest commit, then read LOGBOOK and the rollup ledger.",
"guard": "Do not merge, deploy, switch primary, or mutate refs from the handoff."
},
"progressSemantics": {
"title": "進度語義",
"body": "headline 仍是 61%framework 86-88%runtime / ingestion / GitHub primary / AwoooP production landing 40-45%。",
"handoff": "AwoooP production landing evidence 已記錄;後續新 UI / docs / snapshot 仍只能進 framework_detail ledger除非 負責人回覆、執行期閘門或 GitHub primary 有新 evidence。",
"guard": "不把 framework detail、readiness、handoff、guard pass 當 headline delta。"
},
"requiredGuardCommands": {
"title": "Required guards",
"body": "Run security-mirror-progress-guard.py and source-control-owner-response-guard.py before taking over.",
"handoff": "Continue read-only projection only after both guards pass; if either fails, fix the contract or snapshot first.",
"guard": "Do not skip guards; do not treat guard pass as runtime approval."
},
"forbiddenRuntimeActions": {
"title": "Runtime forbidden actions",
"body": "Kali /execute, SSH, host update, active scan, credentialed scan, blocking control, repo / refs / workflow actions remain unauthorized.",
"handoff": "The other Session may only add read-only evidence, UI projection, docs, snapshots, and guards.",
"guard": "runtime_execution_authorized=false; action_buttons_allowed=false"
},
"awooopReadOnlyInputs": {
"title": "AwoooP read-only inputs",
"body": "AwoooP may consume the rollup snapshot, IwoooS projection, 負責人回覆 validation rollup, Kali status, and rollout policy.",
"handoff": "Main-line AwoooP intake may display only state, evidence refs, route groups, and forbidden actions.",
"guard": "Do not store raw payloads, credential plaintext, token values, or execution payloads."
},
"nextCoordinationGate": {
"title": "下一個協調 Gate",
"body": "AwoooP production landing 已成為第一個完成的高層 gate下一個真正能再推動 headline 的 gate 是負責人回覆 accepted、redacted payload ingestion、active 執行期閘門或 GitHub primary ready。",
"handoff": "另一個 Session 若要繼續推進,必須沿用這份 read-only consumption evidence不得把它升級成 execution router。",
"guard": "不把 handoff packet 或 landing evidence 當 runtime execution。"
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink