1580 lines
72 KiB
JSON
1580 lines
72 KiB
JSON
{
|
||
"schema_version": "source_control_owner_response_validation_rollup_v1",
|
||
"status": "draft_waiting_owner_responses",
|
||
"date": "2026-05-19",
|
||
"mode": "owner_response_validation_rollup_only",
|
||
"runtime_execution_authorized": false,
|
||
"source_contracts": [
|
||
"gitea_inventory_owner_attestation_response_v1",
|
||
"github_target_owner_decision_response_v1",
|
||
"source_control_ref_truth_owner_response_v1",
|
||
"source_control_workflow_secret_name_owner_response_v1"
|
||
],
|
||
"source_indexes": [
|
||
"docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
|
||
"docs/security/github-target-owner-decision-response.snapshot.json",
|
||
"docs/security/source-control-ref-truth-owner-response.snapshot.json",
|
||
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
|
||
"docs/security/security-mirror-status-rollup.snapshot.json",
|
||
"docs/security/source-control-primary-readiness-gate.snapshot.json",
|
||
"docs/security/security-approval-review-packet.snapshot.json",
|
||
"docs/security/security-followup-runtime-gate.snapshot.json"
|
||
],
|
||
"summary": {
|
||
"rollup_status": "waiting_owner_responses",
|
||
"response_packet_count": 4,
|
||
"validation_lane_count": 4,
|
||
"total_response_template_count": 22,
|
||
"total_received_response_count": 0,
|
||
"total_accepted_response_count": 0,
|
||
"total_rejected_response_count": 0,
|
||
"total_acceptance_check_count": 32,
|
||
"total_rejection_rule_count": 40,
|
||
"owner_response_evidence_routing_rule_count": 6,
|
||
"owner_response_validation_display_section_count": 8,
|
||
"owner_response_validation_state_transition_rule_count": 7,
|
||
"owner_response_validation_reviewer_checklist_count": 9,
|
||
"owner_response_validation_reviewer_outcome_lane_count": 7,
|
||
"owner_response_validation_reviewer_audit_event_template_count": 4,
|
||
"owner_response_validation_reviewer_audit_display_section_count": 5,
|
||
"owner_response_validation_reviewer_audit_collection_check_count": 6,
|
||
"owner_response_validation_reviewer_audit_redaction_example_count": 5,
|
||
"owner_response_validation_reviewer_audit_retention_rule_count": 5,
|
||
"quarantine_required": true,
|
||
"primary_ready_count": 0,
|
||
"runtime_execution_authorized": false,
|
||
"token_value_collection_allowed": false,
|
||
"secret_value_collection_allowed": false,
|
||
"write_token_allowed": false,
|
||
"repo_creation_authorized": false,
|
||
"visibility_change_authorized": false,
|
||
"gitea_repo_write_authorized": false,
|
||
"refs_sync_authorized": false,
|
||
"refs_delete_authorized": false,
|
||
"force_push_authorized": false,
|
||
"workflow_modification_authorized": false,
|
||
"runner_enablement_authorized": false,
|
||
"github_hosted_runner_enable_authorized": false,
|
||
"github_primary_switch_authorized": false,
|
||
"action_buttons_allowed": false
|
||
},
|
||
"validation_lanes": [
|
||
{
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"source_contract": "gitea_inventory_owner_attestation_response_v1",
|
||
"response_packet": "docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
|
||
"human_doc": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"scope_summary": "5 個 Gitea coverage attestation items:public-only/local gap、org/user endpoint、110 adjacent scope、canonical owner、legacy/inaccessible disposition。",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"5 個 S4.7 attestation items 皆有可驗收 owner response",
|
||
"response 只能引用脫敏 evidence refs",
|
||
"不得保存 token value、raw secret、DB dump、git object 或 repo write payload"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only Gitea coverage matrix wording",
|
||
"更新 owner / canonical / legacy disposition 欄位",
|
||
"維持 gitea_repo_inventory_v1.status=partial 直到 S4.6 payload 驗收通過"
|
||
],
|
||
"forbidden_actions": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"lane_id": "s4_10_github_target_owner_decision_response",
|
||
"source_contract": "github_target_owner_decision_response_v1",
|
||
"response_packet": "docs/security/github-target-owner-decision-response.snapshot.json",
|
||
"human_doc": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
|
||
"scope_summary": "7 個 approval-required GitHub targets 的 owner、visibility、canonical response。",
|
||
"response_template_count": 7,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"7 個 target response 都有 owner / visibility / canonical disposition",
|
||
"not_found_or_private 不得自動解讀為可建立 repo",
|
||
"response 不得夾帶 repo creation、visibility change 或 refs sync payload"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only GitHub target decision table wording",
|
||
"更新 repo-by-repo approval package 的 owner / visibility / canonical 欄位",
|
||
"維持 primary_ready_count=0"
|
||
],
|
||
"forbidden_actions": [
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"lane_id": "s4_11_ref_truth_owner_response",
|
||
"source_contract": "source_control_ref_truth_owner_response_v1",
|
||
"response_packet": "docs/security/source-control-ref-truth-owner-response.snapshot.json",
|
||
"human_doc": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
|
||
"scope_summary": "S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks,加上 141 個 refs review items 的 main/dev truth、deprecated drift、release tag retention、GitHub-only refs disposition。",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"main/dev truth 與 release tags 必須有 deploy / artifact / rollback owner",
|
||
"deprecated candidate 只能更新 disposition,不代表 delete approval",
|
||
"backfill candidate 只能更新 review wording,不代表 push approval"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only ref truth classification disposition",
|
||
"更新 draft reconcile plan wording",
|
||
"維持 refs sync / delete / force push disabled"
|
||
],
|
||
"forbidden_actions": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"lane_id": "s4_12_workflow_secret_name_owner_response",
|
||
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
|
||
"response_packet": "docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
|
||
"human_doc": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
|
||
"scope_summary": "webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 的 redacted owner response request / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / response。",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"每個 lane 只能保存允許欄位與脫敏 metadata",
|
||
"GitHub hosted runner 只能進 risk review,不得啟用或消耗 hosted minutes",
|
||
"secret name parity 只保存名稱、scope、owner 與 present/absent,不保存 value/hash/partial token",
|
||
"request packet 只提示 owner 要回覆什麼,不代表 request sent、response received、secret value collection、workflow modification 或 runner enablement",
|
||
"template status ledger 只逐項顯示 waiting_owner_response,不代表 request sent、response received 或 accepted",
|
||
"audit event templates 只定義 0 emitted 的脫敏 metadata,不代表 production ingestion 或 runtime authorization",
|
||
"redaction examples 只示範安全回覆形狀,不代表 owner response received、accepted 或 secret value collection",
|
||
"collection checks 只維持 request / received / accepted 分離,不代表 owner response received、accepted 或 workflow / secret 執行授權",
|
||
"intake preflight checks 只分類可審、補證、隔離或拒收,不代表 owner response accepted 或 workflow / secret 執行授權"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only workflow / secret name inventory wording",
|
||
"更新 redacted export request disposition",
|
||
"維持 workflow / secret parity blocker 直到實際 redacted evidence 完成"
|
||
],
|
||
"forbidden_actions": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"cross_packet_acceptance_checks": [
|
||
{
|
||
"check_id": "all_source_packets_schema_valid",
|
||
"title": "四個 source response packets 都必須 JSON / schema 結構有效",
|
||
"required": true,
|
||
"pass_condition": "source packet 可被解析,且 summary 欄位存在",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "template_counts_match",
|
||
"title": "response template count 必須與各 source packet summary 一致",
|
||
"required": true,
|
||
"pass_condition": "5 + 7 + 5 + 5 = 22",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "response_counts_explicit",
|
||
"title": "received / accepted / rejected count 必須明確列出",
|
||
"required": true,
|
||
"pass_condition": "所有 source packets 目前皆為 0 / 0 / 0",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "accepted_response_does_not_unlock_runtime",
|
||
"title": "即使未來 response 被接受,也不得直接解鎖 runtime",
|
||
"required": true,
|
||
"pass_condition": "readiness effect 只允許更新 read-only wording 或 matrix 欄位",
|
||
"failure_lane": "block_candidate",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "rejection_rules_present",
|
||
"title": "四個 packets 都必須保留 rejection rules",
|
||
"required": true,
|
||
"pass_condition": "每包 10 個 rejection rules,總數 40",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_secret_or_token_value",
|
||
"title": "不得收集 token、secret、private key、cookie、session 或 partial credential",
|
||
"required": true,
|
||
"pass_condition": "所有收件與輸出欄位只允許脫敏 evidence refs 或名稱 metadata",
|
||
"failure_lane": "hard_reject",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_write_or_admin_action",
|
||
"title": "不得夾帶 write token、admin API、repo write、workflow 修改或 runner 啟用",
|
||
"required": true,
|
||
"pass_condition": "所有 write / admin / execution flags 皆為 false",
|
||
"failure_lane": "hard_reject",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_refs_or_primary_action",
|
||
"title": "不得把 owner response 當成 refs sync、delete、force push 或 primary approval",
|
||
"required": true,
|
||
"pass_condition": "refs_sync / refs_delete / force_push / github_primary_switch 皆為 false",
|
||
"failure_lane": "hard_reject",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "quarantine_uncertain_payload",
|
||
"title": "任何不確定是否含敏感值的 response 必須隔離",
|
||
"required": true,
|
||
"pass_condition": "quarantine_required=true 且 quarantine rules 已列出",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "rollup_and_readiness_must_be_updated_together",
|
||
"title": "接受 response 後必須同步更新 rollup 與 readiness wording",
|
||
"required": true,
|
||
"pass_condition": "更新 source packet、validation rollup、security mirror rollup、primary readiness gate 與 LOGBOOK",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"quarantine_rules": [
|
||
"response 夾帶 token、secret、cookie、session、private key、deploy key material、runner token 或 partial credential 時 hard reject。",
|
||
"response 夾帶完整 webhook URL、query token、header、body、未脫敏 screenshot 或 private URL credential 時 hard reject。",
|
||
"response 要求 write API、repo 建立、visibility change、workflow 修改、runner 啟用、secret rotate、refs sync、delete refs、force push 或 GitHub primary switch 時 hard reject。",
|
||
"response 缺 lane、repo、provider、owner、decision、decision_reason 或 evidence_refs 時 request_more_evidence。",
|
||
"response 的敏感性不確定時先 quarantine,不猜測、不修補、不自動接受。"
|
||
],
|
||
"owner_response_evidence_routing_rules": [
|
||
{
|
||
"rule_id": "evidence-routing-known-lane",
|
||
"display_order": 1,
|
||
"title": "已知 owner response lane 才能進入對應 source packet preflight",
|
||
"match_condition": "evidence pointer 明確標示 S4.9 / S4.10 / S4.11 / S4.12 其中一個 lane,且 template_id 屬於該 lane 的既有 response templates。",
|
||
"safe_route": "route_to_source_packet_intake_preflight",
|
||
"blocked_route": "request_more_evidence_if_lane_or_template_unknown",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-required-fields",
|
||
"display_order": 2,
|
||
"title": "缺少 owner / decision / evidence refs 時只要求補證",
|
||
"match_condition": "lane 已知,但 owner、decision、decision_reason、repo/provider metadata 或 evidence_refs 缺漏。",
|
||
"safe_route": "request_more_evidence",
|
||
"blocked_route": "do_not_increment_received_or_accepted_count",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-sensitive-payload",
|
||
"display_order": 3,
|
||
"title": "疑似敏感 payload 一律先送 mirror quarantine",
|
||
"match_condition": "evidence pointer、摘要或附件暗示 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
|
||
"safe_route": "mirror_quarantine",
|
||
"blocked_route": "do_not_store_raw_payload_or_render_sensitive_material",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-execution-request",
|
||
"display_order": 4,
|
||
"title": "夾帶執行要求時 hard reject",
|
||
"match_condition": "response 要求建立 repo、修改 visibility、write token、sync/delete/force push refs、修改 workflow/webhook/runner/deploy key/branch protection/repository secret、啟用 GitHub hosted runner、Kali scan 或 GitHub primary switch。",
|
||
"safe_route": "hard_reject_execution_request",
|
||
"blocked_route": "do_not_create_runtime_gate_or_action_button",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-cross-packet-conflict",
|
||
"display_order": 5,
|
||
"title": "跨包互相矛盾時只進 owner review",
|
||
"match_condition": "S4.9 canonical owner、S4.10 GitHub target、S4.11 refs truth 或 S4.12 workflow / secret name parity 之間出現 owner、repo、visibility、truth source 或 secret 名稱矛盾。",
|
||
"safe_route": "cross_packet_owner_review",
|
||
"blocked_route": "do_not_auto_merge_or_override_source_packet",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-accepted-metadata",
|
||
"display_order": 6,
|
||
"title": "通過驗收後只允許更新只讀 wording",
|
||
"match_condition": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
|
||
"safe_route": "read_only_readiness_wording_update",
|
||
"blocked_route": "do_not_unlock_repo_refs_workflow_secret_runner_or_primary_actions",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_display_sections": [
|
||
{
|
||
"section_id": "display-validation-summary",
|
||
"display_order": 1,
|
||
"title": "Owner response validation 總覽",
|
||
"content_source": "summary:response_packet_count、validation_lane_count、total_response_template_count、received / accepted / rejected count、runtime flags。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-missing-response-lanes",
|
||
"display_order": 2,
|
||
"title": "Missing owner response lanes",
|
||
"content_source": "missing_response_lanes:S4.9 / S4.10 / S4.11 / S4.12 四條缺口、next_owner_action 與 still_forbidden。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-owner-response-collection-order",
|
||
"display_order": 3,
|
||
"title": "Owner response collection order",
|
||
"content_source": "owner_response_collection_order:四步收件順序、required_packet、minimum_response 與 blocked_until_received。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-next-collection-candidate",
|
||
"display_order": 4,
|
||
"title": "Next collection candidate",
|
||
"content_source": "next_collection_candidate:目前只顯示 S4.9 Gitea owner attestation response,received / accepted 皆為 0。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-cross-packet-acceptance-checks",
|
||
"display_order": 5,
|
||
"title": "Cross-packet acceptance checks",
|
||
"content_source": "cross_packet_acceptance_checks:10 個跨包驗收檢查,只作 read-only validation,不授權 runtime。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-evidence-routing-rules",
|
||
"display_order": 6,
|
||
"title": "Evidence routing rules",
|
||
"content_source": "owner_response_evidence_routing_rules:6 條 evidence pointer 只讀路由,補證、隔離、拒收、跨包 review 或只讀更新。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-quarantine-and-forbidden-actions",
|
||
"display_order": 7,
|
||
"title": "Quarantine 與禁止事項",
|
||
"content_source": "quarantine_rules、forbidden_actions、summary false flags:顯示敏感 payload、write/admin/action button 與 primary 禁令。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-latest-local-validation",
|
||
"display_order": 8,
|
||
"title": "最新本機只讀驗證",
|
||
"content_source": "latest_local_validation:repo_snapshot_only、SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK、received / accepted count 仍為 0。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_state_transition_rules": [
|
||
{
|
||
"rule_id": "transition-waiting-to-received-pending-validation",
|
||
"display_order": 1,
|
||
"from_state": "waiting_owner_response",
|
||
"trigger": "收到已知 S4.9 / S4.10 / S4.11 / S4.12 lane 的 owner response evidence pointer。",
|
||
"required_checks": [
|
||
"lane 與 template_id 已知",
|
||
"owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 完整",
|
||
"evidence refs 已脫敏且沒有 raw secret/token/private URL credential"
|
||
],
|
||
"next_state": "received_pending_validation",
|
||
"allowed_update": "只允許 source packet 與 rollup 顯示 received_pending_validation 候選;不得增加 accepted count。",
|
||
"blocked_updates": [
|
||
"mark_accepted",
|
||
"create_runtime_gate",
|
||
"add_action_button",
|
||
"repo_or_refs_or_workflow_secret_change"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-missing-required-fields-to-request-more-evidence",
|
||
"display_order": 2,
|
||
"from_state": "waiting_owner_response",
|
||
"trigger": "response 缺少必填 owner、decision、reason、repo/provider metadata 或 evidence_refs。",
|
||
"required_checks": [
|
||
"已能判斷 lane 或 template 缺口",
|
||
"沒有敏感 payload",
|
||
"沒有執行要求"
|
||
],
|
||
"next_state": "request_more_evidence",
|
||
"allowed_update": "只允許顯示補證缺口與下一步 owner action。",
|
||
"blocked_updates": [
|
||
"increment_received_count",
|
||
"increment_accepted_count",
|
||
"store_raw_payload",
|
||
"unlock_primary_readiness"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-sensitive-payload-to-mirror-quarantine",
|
||
"display_order": 3,
|
||
"from_state": "waiting_owner_response_or_received_pending_validation",
|
||
"trigger": "response 或 evidence pointer 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
|
||
"required_checks": [
|
||
"敏感性不確定即視為需要隔離",
|
||
"不得渲染或保存 raw payload",
|
||
"不得把 masked/partial credential 當成可保存 evidence"
|
||
],
|
||
"next_state": "mirror_quarantine",
|
||
"allowed_update": "只允許顯示 quarantine pointer 與 redaction request。",
|
||
"blocked_updates": [
|
||
"store_sensitive_payload",
|
||
"render_sensitive_material",
|
||
"increment_received_count",
|
||
"increment_accepted_count"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-execution-request-to-hard-rejected",
|
||
"display_order": 4,
|
||
"from_state": "waiting_owner_response_or_received_pending_validation",
|
||
"trigger": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
|
||
"required_checks": [
|
||
"偵測到任何 write/admin/runtime intent",
|
||
"blocked route 已指向 do_not_create_runtime_gate_or_action_button",
|
||
"仍保留 redacted rejection evidence"
|
||
],
|
||
"next_state": "hard_rejected_execution_request",
|
||
"allowed_update": "只允許顯示拒收原因與仍禁止事項。",
|
||
"blocked_updates": [
|
||
"create_runtime_gate",
|
||
"enqueue_execution",
|
||
"add_action_button",
|
||
"change_repo_refs_workflow_secret_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-cross-packet-conflict-to-owner-review",
|
||
"display_order": 5,
|
||
"from_state": "received_pending_validation",
|
||
"trigger": "S4.9 owner/canonical、S4.10 target/visibility、S4.11 refs truth 或 S4.12 workflow/secret name parity 互相矛盾。",
|
||
"required_checks": [
|
||
"矛盾欄位可指向來源 packet",
|
||
"不得自動覆蓋 source packet",
|
||
"不得把任一 packet 視為較高權威"
|
||
],
|
||
"next_state": "cross_packet_owner_review",
|
||
"allowed_update": "只允許顯示 reviewer 需要確認的欄位與 evidence refs。",
|
||
"blocked_updates": [
|
||
"auto_merge_response",
|
||
"override_source_packet",
|
||
"mark_primary_ready",
|
||
"unlock_refs_or_workflow_actions"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-validation-pass-to-read-only-update",
|
||
"display_order": 6,
|
||
"from_state": "received_pending_validation",
|
||
"trigger": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過。",
|
||
"required_checks": [
|
||
"所有 evidence refs 完全脫敏",
|
||
"source packet、validation rollup、security mirror rollup、primary readiness wording 與 LOGBOOK 可同步更新",
|
||
"received / accepted count 的變更仍只限文件與 snapshot"
|
||
],
|
||
"next_state": "accepted_read_only_update",
|
||
"allowed_update": "只允許更新 read-only evidence、matrix、decision table、reconcile wording 或 readiness wording。",
|
||
"blocked_updates": [
|
||
"create_repo",
|
||
"sync_or_delete_refs",
|
||
"modify_workflow_or_secret",
|
||
"enable_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-post-update-stays-waiting-runtime-gate",
|
||
"display_order": 7,
|
||
"from_state": "accepted_read_only_update",
|
||
"trigger": "read-only wording 已更新,但仍未取得 runtime gate、owner approval、rollback ADR、redacted payload ingestion 或 primary readiness。",
|
||
"required_checks": [
|
||
"active_runtime_gate_count 仍為 0",
|
||
"github_primary_ready_count 仍為 0",
|
||
"action_buttons_allowed 仍為 false"
|
||
],
|
||
"next_state": "waiting_followup_runtime_gate",
|
||
"allowed_update": "只允許提示後續需要人工批准與獨立 runtime gate。",
|
||
"blocked_updates": [
|
||
"treat_read_only_update_as_runtime_approval",
|
||
"auto_execute_scan_or_migration",
|
||
"switch_github_primary",
|
||
"consume_github_hosted_runner_minutes"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_checklist": [
|
||
{
|
||
"checklist_id": "checklist-confirm-lane-and-template",
|
||
"display_order": 1,
|
||
"title": "確認 owner response lane 與 template 已知",
|
||
"reviewer_action": "確認 evidence pointer 只屬於 S4.9 / S4.10 / S4.11 / S4.12 的既有 lane 與 template_id。",
|
||
"required_evidence": [
|
||
"lane_id",
|
||
"template_id",
|
||
"source_packet_path"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "request_more_evidence",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-required-owner-fields",
|
||
"display_order": 2,
|
||
"title": "確認 owner / decision / reason / metadata 欄位完整",
|
||
"reviewer_action": "確認 owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 都存在且可追溯。",
|
||
"required_evidence": [
|
||
"owner",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo_or_provider_metadata",
|
||
"evidence_refs"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "request_more_evidence",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-redacted-evidence-refs",
|
||
"display_order": 3,
|
||
"title": "確認 evidence refs 已脫敏且不含 raw payload",
|
||
"reviewer_action": "只接受文件路徑、ticket id、hash 或摘要;不得貼入 token、secret、private URL credential 或未脫敏截圖。",
|
||
"required_evidence": [
|
||
"redacted_evidence_refs",
|
||
"no_raw_payload_statement"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "mirror_quarantine",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-source-packet-preflight",
|
||
"display_order": 4,
|
||
"title": "確認 source packet preflight 通過",
|
||
"reviewer_action": "依對應 S4.9 / S4.10 / S4.11 / S4.12 intake preflight checks 判定可審、補證、隔離或拒收。",
|
||
"required_evidence": [
|
||
"source_packet_preflight_result",
|
||
"preflight_check_ids"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "source_packet_preflight_failure_route",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-cross-packet-consistency",
|
||
"display_order": 5,
|
||
"title": "確認 S4.9-S4.12 跨包一致性",
|
||
"reviewer_action": "確認 owner、repo、visibility、truth source、workflow / secret name parity 沒有互相矛盾。",
|
||
"required_evidence": [
|
||
"cross_packet_acceptance_check_ids",
|
||
"consistency_summary"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "cross_packet_owner_review",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-no-sensitive-payload",
|
||
"display_order": 6,
|
||
"title": "確認沒有敏感 payload",
|
||
"reviewer_action": "確認 response 不含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或 partial credential。",
|
||
"required_evidence": [
|
||
"sensitive_payload_scan_result",
|
||
"redaction_summary"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "mirror_quarantine",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-no-execution-intent",
|
||
"display_order": 7,
|
||
"title": "確認沒有執行意圖",
|
||
"reviewer_action": "確認 response 沒有要求 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret 變更、Kali scan、GitHub hosted runner 或 GitHub primary switch。",
|
||
"required_evidence": [
|
||
"execution_intent_review_result",
|
||
"blocked_action_summary"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "hard_rejected_execution_request",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-read-only-update-scope",
|
||
"display_order": 8,
|
||
"title": "確認通過後只更新 read-only wording",
|
||
"reviewer_action": "確認即使 response 通過,也只更新 evidence、matrix、decision table、reconcile wording 或 readiness wording。",
|
||
"required_evidence": [
|
||
"read_only_update_targets",
|
||
"no_runtime_unlock_statement"
|
||
],
|
||
"pass_state": "accepted_read_only_update",
|
||
"fail_route": "block_candidate",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-followup-runtime-gate-still-required",
|
||
"display_order": 9,
|
||
"title": "確認後續 runtime gate 仍需獨立批准",
|
||
"reviewer_action": "確認 active_runtime_gate_count 仍為 0、github_primary_ready_count 仍為 0、action_buttons_allowed 仍為 false。",
|
||
"required_evidence": [
|
||
"active_runtime_gate_count",
|
||
"github_primary_ready_count",
|
||
"action_buttons_allowed"
|
||
],
|
||
"pass_state": "waiting_followup_runtime_gate",
|
||
"fail_route": "block_candidate",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_outcome_lanes": [
|
||
{
|
||
"outcome_lane_id": "outcome-keep-waiting-owner-response",
|
||
"display_order": 1,
|
||
"title": "繼續等待 owner response",
|
||
"when_reviewer_finds": "尚未收到 owner response evidence pointer,或目前只看到 request packet / template status / audit template / redaction example / display section。",
|
||
"safe_result": "keep_waiting_owner_response",
|
||
"allowed_update": "只顯示 waiting 狀態、缺口摘要與 next collection candidate。",
|
||
"blocked_updates": [
|
||
"increment_received_count",
|
||
"increment_accepted_count",
|
||
"mark_primary_ready",
|
||
"create_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-request-more-evidence",
|
||
"display_order": 2,
|
||
"title": "要求補證",
|
||
"when_reviewer_finds": "lane / template 已知但缺 owner、decision、reason、repo/provider metadata、evidence refs 或 source packet preflight 結果。",
|
||
"safe_result": "request_more_evidence",
|
||
"allowed_update": "只顯示缺哪些欄位與下一步 owner action。",
|
||
"blocked_updates": [
|
||
"increment_accepted_count",
|
||
"unlock_primary_readiness",
|
||
"enqueue_execution",
|
||
"store_raw_payload"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-mirror-quarantine-sensitive-payload",
|
||
"display_order": 3,
|
||
"title": "敏感 payload 進 mirror quarantine",
|
||
"when_reviewer_finds": "evidence pointer 或 response 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential、partial credential 或未脫敏截圖。",
|
||
"safe_result": "mirror_quarantine",
|
||
"allowed_update": "只顯示 quarantine pointer、redaction request 與不得保存 raw payload 的提示。",
|
||
"blocked_updates": [
|
||
"store_sensitive_payload",
|
||
"render_sensitive_material",
|
||
"increment_received_count",
|
||
"increment_accepted_count"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-hard-reject-execution-request",
|
||
"display_order": 4,
|
||
"title": "拒收執行要求",
|
||
"when_reviewer_finds": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
|
||
"safe_result": "hard_rejected_execution_request",
|
||
"allowed_update": "只顯示拒收原因、blocked action summary 與仍禁止事項。",
|
||
"blocked_updates": [
|
||
"create_runtime_gate",
|
||
"enqueue_execution",
|
||
"add_action_button",
|
||
"change_repo_refs_workflow_secret_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-cross-packet-owner-review",
|
||
"display_order": 5,
|
||
"title": "跨包 owner review",
|
||
"when_reviewer_finds": "S4.9 / S4.10 / S4.11 / S4.12 之間的 owner、repo、visibility、truth source 或 workflow / secret name parity 互相矛盾。",
|
||
"safe_result": "cross_packet_owner_review",
|
||
"allowed_update": "只顯示矛盾欄位、來源 packet 與 reviewer 需要確認的 evidence refs。",
|
||
"blocked_updates": [
|
||
"auto_merge_response",
|
||
"override_source_packet",
|
||
"mark_primary_ready",
|
||
"unlock_refs_or_workflow_actions"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-read-only-update-candidate",
|
||
"display_order": 6,
|
||
"title": "只讀更新候選",
|
||
"when_reviewer_finds": "source packet preflight、acceptance checks、cross-packet checks、reviewer checklist 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
|
||
"safe_result": "accepted_read_only_update_candidate",
|
||
"allowed_update": "只允許更新 evidence、matrix、decision table、reconcile wording、readiness wording 與 LOGBOOK。",
|
||
"blocked_updates": [
|
||
"create_repo",
|
||
"sync_or_delete_refs",
|
||
"modify_workflow_or_secret",
|
||
"enable_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-waiting-followup-runtime-gate",
|
||
"display_order": 7,
|
||
"title": "仍等待後續 runtime gate",
|
||
"when_reviewer_finds": "只讀 wording 已完成或可完成,但 active_runtime_gate_count=0、github_primary_ready_count=0、action_buttons_allowed=false。",
|
||
"safe_result": "waiting_followup_runtime_gate",
|
||
"allowed_update": "只顯示後續仍需人工批准、rollback / disable plan 與獨立 runtime gate。",
|
||
"blocked_updates": [
|
||
"treat_read_only_update_as_runtime_approval",
|
||
"auto_execute_scan_or_migration",
|
||
"switch_github_primary",
|
||
"consume_github_hosted_runner_minutes"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_event_templates": [
|
||
{
|
||
"event_template_id": "audit-reviewer-outcome-review-opened",
|
||
"display_order": 1,
|
||
"title": "Reviewer 開始檢查 owner response outcome",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 打開 S4.13 owner response validation rollup 並準備依 checklist / outcome lanes 做只讀分類。",
|
||
"allowed_metadata": [
|
||
"reviewer_id_or_role",
|
||
"lane_id",
|
||
"template_id",
|
||
"source_packet_path",
|
||
"review_started_at_taipei",
|
||
"redacted_evidence_ref_count"
|
||
],
|
||
"forbidden_payloads": [
|
||
"raw_owner_response_body",
|
||
"token_or_secret_value",
|
||
"private_key_or_deploy_key_material",
|
||
"cookie_or_session",
|
||
"authorization_header",
|
||
"private_url_credential",
|
||
"unredacted_screenshot"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-reviewer-outcome-classified",
|
||
"display_order": 2,
|
||
"title": "Reviewer outcome lane 已分類",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 依 7 條 outcome lanes 將 evidence pointer 分類為等待、補證、隔離、拒收、跨包 review、只讀候選或等待 runtime gate。",
|
||
"allowed_metadata": [
|
||
"outcome_lane_id",
|
||
"classification_reason",
|
||
"checklist_pass_count",
|
||
"checklist_fail_count",
|
||
"redacted_evidence_refs",
|
||
"reviewed_at_taipei"
|
||
],
|
||
"forbidden_payloads": [
|
||
"raw_owner_response_body",
|
||
"token_or_secret_value",
|
||
"secret_hash_or_masked_token",
|
||
"partial_credential",
|
||
"runner_token",
|
||
"webhook_secret",
|
||
"deploy_key_value",
|
||
"private_url_credential"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-reviewer-quarantine-or-reject-recorded",
|
||
"display_order": 3,
|
||
"title": "隔離或拒收原因已留痕模板",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 將 response 分類為 mirror quarantine 或 hard rejected execution request。",
|
||
"allowed_metadata": [
|
||
"outcome_lane_id",
|
||
"blocked_reason_code",
|
||
"redaction_required",
|
||
"quarantine_pointer",
|
||
"blocked_action_summary",
|
||
"reviewed_at_taipei"
|
||
],
|
||
"forbidden_payloads": [
|
||
"sensitive_payload",
|
||
"raw_request_body",
|
||
"raw_response_body",
|
||
"credential_value",
|
||
"private_key",
|
||
"authorization_header",
|
||
"cookie_or_session",
|
||
"execution_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-reviewer-readonly-update-noted",
|
||
"display_order": 4,
|
||
"title": "只讀更新候選已記錄模板",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 將 response 分類為 read-only update candidate 或 waiting follow-up runtime gate。",
|
||
"allowed_metadata": [
|
||
"outcome_lane_id",
|
||
"read_only_update_targets",
|
||
"followup_runtime_gate_required",
|
||
"active_runtime_gate_count",
|
||
"github_primary_ready_count",
|
||
"action_buttons_allowed"
|
||
],
|
||
"forbidden_payloads": [
|
||
"runtime_approval",
|
||
"execution_command",
|
||
"repo_write_token",
|
||
"refs_update_payload",
|
||
"workflow_secret_value",
|
||
"runner_registration_token",
|
||
"github_primary_switch_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_display_sections": [
|
||
{
|
||
"section_id": "display-reviewer-audit-template-summary",
|
||
"display_order": 1,
|
||
"title": "Reviewer audit template 總覽",
|
||
"content_source": "顯示 4 個 reviewer audit event templates、template_only_not_emitted、emitted_event_count=0 與 not approval 邊界。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-metadata-fields",
|
||
"display_order": 2,
|
||
"title": "允許顯示的脫敏 metadata 欄位",
|
||
"content_source": "只顯示 reviewer role、lane、template、source packet、classification reason、checklist pass/fail count、redacted evidence refs、read-only targets 與 gate count 等 metadata 名稱;不得顯示 raw owner response。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-forbidden-payloads",
|
||
"display_order": 3,
|
||
"title": "禁止 payload 顯示與保存",
|
||
"content_source": "顯示 forbidden_payloads 清單,明確擋住 token、secret、private key、deploy key material、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw request / response body、未脫敏截圖與 execution payload。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-emission-status",
|
||
"display_order": 4,
|
||
"title": "Reviewer audit emitted 狀態",
|
||
"content_source": "顯示全部 reviewer audit templates 目前 emitted_event_count=0、stored_raw_payload_allowed=false,代表尚未啟用 production ingestion。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-non-authorization-boundary",
|
||
"display_order": 5,
|
||
"title": "非授權邊界",
|
||
"content_source": "顯示 reviewer audit display sections 只固定 UI 呈現,不代表 owner response received、accepted、approval、runtime gate、execution queue、action button、repo / refs / workflow / secret / runner 變更、Kali scan 或 GitHub primary switch。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_collection_checks": [
|
||
{
|
||
"check_id": "check-reviewer-audit-template-visible",
|
||
"display_order": 1,
|
||
"title": "Reviewer audit templates 必須先可見",
|
||
"check_requirement": "AwoooP 只能在顯示 4 個 reviewer audit event templates 與 5 個 reviewer audit display sections 後,才顯示 reviewer audit collection check 狀態。",
|
||
"safe_result": "display_collection_check_waiting_not_ingested",
|
||
"blocked_interpretations": [
|
||
"treat_template_visible_as_event_emitted",
|
||
"treat_display_section_as_audit_ingestion",
|
||
"skip_template_boundary_before_collection_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-metadata-only",
|
||
"display_order": 2,
|
||
"title": "Reviewer audit 僅允許 metadata",
|
||
"check_requirement": "collection check 只能確認 allowed_metadata 欄位名稱、redacted evidence refs 與 count 類數值,不得要求或保存 raw owner response。",
|
||
"safe_result": "metadata_only_check_pass_or_waiting",
|
||
"blocked_interpretations": [
|
||
"request_raw_owner_response",
|
||
"store_unredacted_evidence",
|
||
"accept_sensitive_value_as_metadata"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-forbidden-payloads-blocked",
|
||
"display_order": 3,
|
||
"title": "Forbidden payload 必須阻擋",
|
||
"check_requirement": "任何 token、secret、private key、deploy key material、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw body、未脫敏截圖或 execution payload 都只能進 quarantine / reject 顯示。",
|
||
"safe_result": "forbidden_payloads_blocked_or_quarantined",
|
||
"blocked_interpretations": [
|
||
"store_sensitive_payload_for_audit",
|
||
"mask_then_accept_secret_value",
|
||
"turn_execution_payload_into_action"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-emitted-remains-zero",
|
||
"display_order": 4,
|
||
"title": "Reviewer audit emitted 必須仍為 0",
|
||
"check_requirement": "在 production ingestion 未另行批准前,所有 reviewer audit event templates 的 emitted_event_count 必須維持 0,stored_raw_payload_allowed 必須維持 false。",
|
||
"safe_result": "template_only_not_emitted",
|
||
"blocked_interpretations": [
|
||
"treat_zero_emitted_template_as_production_ingestion",
|
||
"increment_emitted_count_from_display",
|
||
"store_raw_payload_after_collection_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-no-runtime-side-effect",
|
||
"display_order": 5,
|
||
"title": "Reviewer audit 檢查不得有 runtime side effect",
|
||
"check_requirement": "collection checks 只顯示 pass / waiting / blocked 的只讀狀態,不得建立 runtime gate、execution queue、action button、scan request、repo action 或 workflow / secret change。",
|
||
"safe_result": "read_only_check_no_runtime_side_effect",
|
||
"blocked_interpretations": [
|
||
"create_runtime_gate",
|
||
"enqueue_execution",
|
||
"add_action_button",
|
||
"start_kali_scan",
|
||
"modify_repo_or_workflow"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-owner-response-counts-unchanged",
|
||
"display_order": 6,
|
||
"title": "Owner response counters 不得因 audit check 增加",
|
||
"check_requirement": "reviewer audit collection checks 通過也不能增加 received_response_count、accepted_response_count、reviewer_audit_events_emitted、primary_ready_count 或 active_runtime_gate_count。",
|
||
"safe_result": "counters_unchanged_waiting_owner_response",
|
||
"blocked_interpretations": [
|
||
"treat_collection_check_pass_as_owner_response_received",
|
||
"treat_collection_check_pass_as_owner_response_accepted",
|
||
"treat_collection_check_pass_as_primary_ready",
|
||
"treat_collection_check_pass_as_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_redaction_examples": [
|
||
{
|
||
"example_id": "redaction-reviewer-role-lane-template-metadata",
|
||
"display_order": 1,
|
||
"title": "Reviewer / lane / template metadata 脫敏範例",
|
||
"unsafe_input_shape": "Reviewer 開始檢查時可能附帶原始 owner response 文字、內部截圖、私有 URL 或未脫敏 evidence 內容。",
|
||
"safe_metadata_shape": "只顯示 reviewer_role、lane_id、template_id、source_packet_path、review_started_at_taipei 與 redacted_evidence_ref_count。",
|
||
"blocked_payloads": [
|
||
"raw_owner_response_body",
|
||
"unredacted_screenshot",
|
||
"private_url_credential",
|
||
"authorization_header",
|
||
"cookie_or_session"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-classification-reason-summary",
|
||
"display_order": 2,
|
||
"title": "Outcome classification reason 脫敏範例",
|
||
"unsafe_input_shape": "Reviewer 分類理由可能引用 token 片段、secret hash、partial credential、runner token 或 webhook secret。",
|
||
"safe_metadata_shape": "只顯示 outcome_lane_id、classification_reason_summary、checklist_pass_count、checklist_fail_count、redacted_evidence_ref_ids 與 reviewed_at_taipei。",
|
||
"blocked_payloads": [
|
||
"token_or_secret_value",
|
||
"secret_hash_or_masked_token",
|
||
"partial_credential",
|
||
"runner_token",
|
||
"webhook_secret"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-quarantine-pointer",
|
||
"display_order": 3,
|
||
"title": "Quarantine pointer 脫敏範例",
|
||
"unsafe_input_shape": "隔離或拒收原因可能包含 raw request body、raw response body、credential value、private key 或 execution payload。",
|
||
"safe_metadata_shape": "只顯示 outcome_lane_id、blocked_reason_code、redaction_required=true、quarantine_pointer_id、blocked_action_summary 與 reviewed_at_taipei。",
|
||
"blocked_payloads": [
|
||
"raw_request_body",
|
||
"raw_response_body",
|
||
"credential_value",
|
||
"private_key",
|
||
"execution_payload"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-readonly-update-targets",
|
||
"display_order": 4,
|
||
"title": "Read-only update targets 脫敏範例",
|
||
"unsafe_input_shape": "只讀更新候選可能被誤寫成 execution command、refs update payload、workflow secret value 或 GitHub primary switch payload。",
|
||
"safe_metadata_shape": "只顯示 outcome_lane_id、read_only_update_target_ids、followup_runtime_gate_required、active_runtime_gate_count、github_primary_ready_count 與 action_buttons_allowed=false。",
|
||
"blocked_payloads": [
|
||
"execution_command",
|
||
"repo_write_token",
|
||
"refs_update_payload",
|
||
"workflow_secret_value",
|
||
"github_primary_switch_payload"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-runtime-gate-counter-summary",
|
||
"display_order": 5,
|
||
"title": "Runtime gate counter summary 脫敏範例",
|
||
"unsafe_input_shape": "Reviewer audit summary 可能把 collection check pass 誤寫成 owner response received、accepted、primary ready 或 runtime gate active。",
|
||
"safe_metadata_shape": "只顯示 received_response_count=0、accepted_response_count=0、reviewer_audit_events_emitted=0、primary_ready_count=0、active_runtime_gate_count=0 與 not_authorization=true。",
|
||
"blocked_payloads": [
|
||
"runtime_approval",
|
||
"execution_queue_id",
|
||
"action_button_payload",
|
||
"scan_request_payload",
|
||
"primary_switch_payload"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_retention_rules": [
|
||
{
|
||
"rule_id": "retention-reviewer-start-metadata-only",
|
||
"display_order": 1,
|
||
"title": "Reviewer start metadata retention",
|
||
"retained_metadata_shape": "只可保留 reviewer_role、lane_id、template_id、source_packet_path、review_started_at_taipei 與 redacted_evidence_ref_count。",
|
||
"retention_boundary": "保留範圍僅限 reviewer audit metadata;不得保留 owner response 內文、截圖內容、私有 URL credential 或 session 類資料。",
|
||
"blocked_payloads": [
|
||
"raw_owner_response_body",
|
||
"unredacted_screenshot",
|
||
"private_url_credential",
|
||
"authorization_header",
|
||
"cookie_or_session"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-classification-summary-only",
|
||
"display_order": 2,
|
||
"title": "Classification summary retention",
|
||
"retained_metadata_shape": "只可保留 outcome_lane_id、classification_reason_summary、checklist_pass_count、checklist_fail_count、redacted_evidence_ref_ids 與 reviewed_at_taipei。",
|
||
"retention_boundary": "分類理由必須是摘要;不得保留 token 片段、secret hash、partial credential、runner token 或 webhook secret。",
|
||
"blocked_payloads": [
|
||
"token_or_secret_value",
|
||
"secret_hash_or_masked_token",
|
||
"partial_credential",
|
||
"runner_token",
|
||
"webhook_secret"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-quarantine-pointer-only",
|
||
"display_order": 3,
|
||
"title": "Quarantine pointer retention",
|
||
"retained_metadata_shape": "只可保留 outcome_lane_id、blocked_reason_code、redaction_required、quarantine_pointer_id、blocked_action_summary 與 reviewed_at_taipei。",
|
||
"retention_boundary": "隔離資料只保留 pointer 與 reason code;不得保留 raw request / response body、credential value、private key 或 execution payload。",
|
||
"blocked_payloads": [
|
||
"raw_request_body",
|
||
"raw_response_body",
|
||
"credential_value",
|
||
"private_key",
|
||
"execution_payload"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-readonly-update-targets-only",
|
||
"display_order": 4,
|
||
"title": "Read-only update target retention",
|
||
"retained_metadata_shape": "只可保留 outcome_lane_id、read_only_update_target_ids、followup_runtime_gate_required、active_runtime_gate_count、github_primary_ready_count 與 action_buttons_allowed=false。",
|
||
"retention_boundary": "只讀更新候選只保留目標 ID 與 gate counter;不得保留 execution command、repo write token、refs update payload、workflow secret value 或 primary switch payload。",
|
||
"blocked_payloads": [
|
||
"execution_command",
|
||
"repo_write_token",
|
||
"refs_update_payload",
|
||
"workflow_secret_value",
|
||
"github_primary_switch_payload"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-counter-snapshot-only",
|
||
"display_order": 5,
|
||
"title": "Counter snapshot retention",
|
||
"retained_metadata_shape": "只可保留 received_response_count=0、accepted_response_count=0、reviewer_audit_events_emitted=0、primary_ready_count=0、active_runtime_gate_count=0 與 not_authorization=true。",
|
||
"retention_boundary": "counter snapshot 只作狀態顯示;不得把 counter 或 check pass 轉成 runtime approval、execution queue、action button、scan request 或 primary switch。",
|
||
"blocked_payloads": [
|
||
"runtime_approval",
|
||
"execution_queue_id",
|
||
"action_button_payload",
|
||
"scan_request_payload",
|
||
"primary_switch_payload"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"readiness_effects": [
|
||
{
|
||
"effect_id": "gitea_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.9 request packet 已顯示、template status ledger / audit event templates / redaction examples / display sections / collection checks 已確認 request / received / accepted 分離,audit events emitted=0,且 5 個 response templates 全部接受;S4.6 redacted payload 仍需另外驗收。",
|
||
"allowed_update": "只更新 Gitea coverage matrix、owner / canonical disposition 與 readiness wording;gitea_repo_inventory_v1 仍不得直接標記 ok。",
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"effect_id": "github_target_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.10 7 個 target response 全部接受。",
|
||
"allowed_update": "只更新 GitHub target decision table、repo approval package 與 primary readiness blocker wording。",
|
||
"still_forbidden": [
|
||
"create_github_repo",
|
||
"change_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"effect_id": "ref_truth_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.11 request packet 已顯示,template status ledger 已維持 request / received / accepted 分離,audit event templates 維持 0 emitted,redaction examples 未被當成 response,collection checks 未被當成 approval,intake preflight checks 未被當成 execution authorization,5 個 lane response 全部接受,且 batch scope 可重現。",
|
||
"allowed_update": "只更新 ref truth classification disposition 與 draft reconcile plan wording。",
|
||
"still_forbidden": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"effect_id": "workflow_secret_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.12 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 只作顯示,5 個 workflow / secret lanes 全部接受,且所有 evidence 已脫敏。",
|
||
"allowed_update": "只更新 workflow / secret name inventory、redacted export request 與 readiness wording。",
|
||
"still_forbidden": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"allowed_outputs": [
|
||
"mirror_owner_response_validation_rollup",
|
||
"display_cross_packet_counts",
|
||
"display_missing_owner_response_lanes",
|
||
"display_next_collection_candidate",
|
||
"display_owner_response_evidence_routing_rules",
|
||
"display_owner_response_validation_sections",
|
||
"display_owner_response_validation_state_transition_rules",
|
||
"display_owner_response_validation_reviewer_checklist",
|
||
"display_owner_response_validation_reviewer_outcome_lanes",
|
||
"display_owner_response_validation_reviewer_audit_event_templates",
|
||
"display_owner_response_validation_reviewer_audit_display_sections",
|
||
"display_owner_response_validation_reviewer_audit_collection_checks",
|
||
"display_owner_response_validation_reviewer_audit_redaction_examples",
|
||
"display_owner_response_validation_reviewer_audit_retention_rules",
|
||
"route_invalid_response_to_quarantine",
|
||
"update_read_only_readiness_wording_after_accepted_response"
|
||
],
|
||
"missing_response_lanes": [
|
||
{
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"source_contract": "gitea_inventory_owner_attestation_response_v1",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.9 owner response request packet 回覆 5 個 Gitea coverage attestation items;AwoooP 需用 template status ledger / audit event templates / redaction examples / display sections / collection checks 逐項追蹤,且只能引用脫敏 evidence refs。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"lane_id": "s4_10_github_target_owner_decision_response",
|
||
"source_contract": "github_target_owner_decision_response_v1",
|
||
"response_template_count": 7,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 7 個 GitHub target 的 owner / visibility / canonical disposition。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"lane_id": "s4_11_ref_truth_owner_response",
|
||
"source_contract": "source_control_ref_truth_owner_response_v1",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 refs truth、deprecated drift、release tags 與 GitHub-only refs disposition。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"lane_id": "s4_12_workflow_secret_name_owner_response",
|
||
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.12 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 的脫敏狀態;template status ledger 會維持 waiting、audit event templates 維持 0 emitted、redaction examples 只作參考,直到實際收到脫敏 response。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"owner_response_collection_order": [
|
||
{
|
||
"order": 1,
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"reason": "先確認 Gitea 覆蓋範圍與 canonical owner,避免後續 GitHub target / refs 判定建立在不完整 inventory 上。",
|
||
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"minimum_response": [
|
||
"public-only/local gap disposition",
|
||
"org/user endpoint disposition",
|
||
"110 adjacent source scope",
|
||
"canonical owner",
|
||
"legacy/inaccessible disposition"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"order": 2,
|
||
"lane_id": "s4_10_github_target_owner_decision_response",
|
||
"reason": "再確認 GitHub target owner / visibility / canonical,避免 not_found_or_private 被誤解成可直接建立 repo。",
|
||
"required_packet": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
|
||
"minimum_response": [
|
||
"repo owner",
|
||
"target visibility",
|
||
"canonical target disposition",
|
||
"not_found_or_private handling"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"order": 3,
|
||
"lane_id": "s4_11_ref_truth_owner_response",
|
||
"reason": "GitHub target owner / visibility 明確後,再判定 branch / tag 真相來源,避免 refs sync 或 delete 被提前誤用。",
|
||
"required_packet": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
|
||
"minimum_response": [
|
||
"main/dev truth disposition",
|
||
"deprecated drift disposition",
|
||
"release tag retention",
|
||
"GitHub-only refs disposition"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"order": 4,
|
||
"lane_id": "s4_12_workflow_secret_name_owner_response",
|
||
"reason": "最後補 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱 parity,避免 secret 或 runner 變更早於 source truth。",
|
||
"required_packet": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
|
||
"minimum_response": [
|
||
"webhook redacted state",
|
||
"runner label owner",
|
||
"deploy key redacted state",
|
||
"branch protection / CODEOWNERS state",
|
||
"repository secret name parity"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"next_collection_candidate": {
|
||
"order": 1,
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"display_status": "next_owner_response_required",
|
||
"source_contract": "gitea_inventory_owner_attestation_response_v1",
|
||
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"required_response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"minimum_response": [
|
||
"public-only/local gap disposition",
|
||
"org/user endpoint disposition",
|
||
"110 adjacent source scope",
|
||
"canonical owner",
|
||
"legacy/inaccessible disposition"
|
||
],
|
||
"awooop_display_mode": "display_next_collection_item_only",
|
||
"why_next": "S4.9 是後續 GitHub target、refs truth 與 workflow / secret parity 判定的前置 scope / canonical owner 來源;未收到前不得推進後續 source-control owner response 接受狀態。",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
"latest_local_validation": {
|
||
"status": "repo_snapshot_guard_pass",
|
||
"date": "2026-05-19",
|
||
"scope": "repo_snapshot_only",
|
||
"command": "python3 scripts/security/source-control-owner-response-guard.py",
|
||
"result": "SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK",
|
||
"validated_lanes": [
|
||
"s4_9_gitea_inventory_owner_attestation_response",
|
||
"s4_10_github_target_owner_decision_response",
|
||
"s4_11_ref_truth_owner_response",
|
||
"s4_12_workflow_secret_name_owner_response"
|
||
],
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_actions_authorized": false,
|
||
"repo_or_refs_actions_authorized": false,
|
||
"workflow_or_secret_actions_authorized": false,
|
||
"not_authorization": true
|
||
},
|
||
"forbidden_actions": [
|
||
"runtime_execution",
|
||
"store_token_or_secret_value",
|
||
"use_write_token",
|
||
"create_repo",
|
||
"change_repo_visibility",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"modify_workflow_or_secret",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary",
|
||
"add_action_button"
|
||
]
|
||
}
|