awoooi/docs/security/github-target-decision.snapshot.json

{
  "schema_version": "github_target_decision_v1",
  "status": "draft",
  "decision_count": 8,
  "approval_required_count": 7,
  "decisions": [
    {
      "github_repo": "owenhytsai/awoooi",
      "source_key": "wooo/awoooi",
      "probe_status": "exists",
      "target_state": "exists_refs_blocked",
      "recommended_action": "hold_refs_reconcile",
      "risk": "HIGH",
      "approval_required": true,
      "blocked_until": [
        "Gitea/GitHub main SHA 對齊或人工指定真相來源",
        "branches/tags/workflows/webhooks/secrets 名稱 inventory 完成",
        "GitHub primary ADR 完成"
      ],
      "evidence_refs": [
        "docs/security/GITEA-GITHUB-MIGRATION-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "GitHub repo 可讀，但 refs blocked，不可切 primary。"
    },
    {
      "github_repo": "owenhytsai/clawbot-v5",
      "source_key": "wooo/clawbot-v5",
      "probe_status": "exists",
      "target_state": "exists_refs_blocked",
      "recommended_action": "hold_refs_reconcile",
      "risk": "MEDIUM",
      "approval_required": true,
      "blocked_until": [
        "Gitea/GitHub main SHA 對齊或人工指定真相來源",
        "GitHub 缺 Gitea tag 的處理方式已決定"
      ],
      "evidence_refs": [
        "docs/security/SOURCE-CONTROL-CLAWBOT-V5-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "GitHub repo 可讀，但 main SHA 與 tag 不一致。"
    },
    {
      "github_repo": "owenhytsai/wooo-aiops",
      "source_key": "wooo/wooo-aiops",
      "probe_status": "exists",
      "target_state": "exists_refs_blocked",
      "recommended_action": "hold_refs_reconcile",
      "risk": "MEDIUM",
      "approval_required": true,
      "blocked_until": [
        "Gitea/GitHub main SHA 對齊或人工指定真相來源",
        "GitHub-only branch 與 tags 的來源已釐清"
      ],
      "evidence_refs": [
        "docs/security/SOURCE-CONTROL-WOOO-AIOPS-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "GitHub repo 可讀，但 GitHub tags 比 Gitea 多，需釐清真相來源。"
    },
    {
      "github_repo": "owenhytsai/wooo-infra-config",
      "source_key": "wooo/wooo-infra-config",
      "probe_status": "exists",
      "target_state": "exists_aligned",
      "recommended_action": "confirm_internal_remote_purpose",
      "risk": "MEDIUM",
      "approval_required": true,
      "blocked_until": [
        "110 internal remote 用途已確認",
        "若 110 remote 為舊主控，已降級或移除",
        "infra secrets 名稱 inventory 完成"
      ],
      "evidence_refs": [
        "docs/security/GIT-REMOTE-REFS-WOOO-INFRA-CONFIG-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "GitHub 與本機 main 對齊；110 internal remote 不可讀，需判斷用途。"
    },
    {
      "github_repo": "owenhytsai/ewoooc",
      "source_key": "wooo/ewoooc / root/momo-pro-system / momo working trees",
      "probe_status": "not_found_or_private",
      "target_state": "not_found_or_private",
      "recommended_action": "create_or_grant_access_after_approval",
      "risk": "HIGH",
      "approval_required": true,
      "blocked_until": [
        "ewoooc/momo-pro-system canonical 關係人工確認",
        "server-side refs diff 完成",
        "GitHub repo visibility 與 owner 決策完成"
      ],
      "evidence_refs": [
        "docs/security/GITEA-PUBLIC-REPO-SEARCH-SNAPSHOT.md",
        "docs/security/LOCAL-REPO-CANONICAL-EWOOOC-MOMO-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "GitHub target 未授權 probe 看不到，且 momo/ewoooc lineage unrelated，不可自動建立 mirror。"
    },
    {
      "github_repo": "owenhytsai/bitan-pharmacy",
      "source_key": "bitan-pharmacy",
      "probe_status": "not_found_or_private",
      "target_state": "not_found_or_private",
      "recommended_action": "create_or_grant_access_after_approval",
      "risk": "MEDIUM",
      "approval_required": true,
      "blocked_until": [
        "確認 repo 是否仍 active",
        "GitHub repo visibility 與 owner 決策完成"
      ],
      "evidence_refs": [
        "docs/security/GIT-REMOTE-REFS-BITAN-TSENYANG-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "110 remote 與本機 main 對齊，可作 source candidate；GitHub target 未確認。"
    },
    {
      "github_repo": "owenhytsai/tsenyang-website",
      "source_key": "tsenyang-website",
      "probe_status": "not_found_or_private",
      "target_state": "not_found_or_private",
      "recommended_action": "create_or_grant_access_after_approval",
      "risk": "MEDIUM",
      "approval_required": true,
      "blocked_until": [
        "確認 repo 是否仍 active",
        "GitHub repo visibility 與 owner 決策完成"
      ],
      "evidence_refs": [
        "docs/security/GIT-REMOTE-REFS-BITAN-TSENYANG-SNAPSHOT.md",
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "110 remote 與本機 main 對齊，可作 source candidate；GitHub target 未確認。"
    },
    {
      "github_repo": "nexu-io/open-design",
      "source_key": "open-design",
      "probe_status": "exists",
      "target_state": "external_scope",
      "recommended_action": "scope_review_only",
      "risk": "LOW",
      "approval_required": false,
      "blocked_until": [
        "確認是否屬於 AWOOOI 資安網範圍"
      ],
      "evidence_refs": [
        "docs/security/github-target-probe.snapshot.json"
      ],
      "notes": "外部/設計 repo，先做 scope review，不納入主控切換。"
    }
  ]
}