Files
awoooi/docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md
Your Name 9e15fd08b3
All checks were successful
CD Pipeline / tests (push) Successful in 1m39s
Code Review / ai-code-review (push) Successful in 15s
CD Pipeline / build-and-deploy (push) Successful in 5m19s
CD Pipeline / post-deploy-checks (push) Successful in 2m11s
feat(web): land iwooos security posture surfaces
2026-05-25 20:35:52 +08:00

73 lines
4.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# GitHub Target 建立與可見性決策表
| 項目 | 內容 |
|------|------|
| 日期 | 2026-05-12 |
| 狀態 | 草案,等待人工決策 |
| 上游 evidence | `docs/security/GITHUB-TARGET-PROBE-SNAPSHOT.md``docs/security/SOURCE-CONTROL-MIGRATION-MATRIX.md` |
| JSON snapshot | `docs/security/github-target-decision.snapshot.json` |
| Repo-by-repo approval package | `docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md` |
| Owner response 收件包 | `docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md` |
| 原則 | 不自動建立 repo、不改 visibility、不同步 refs、不切 primary |
## 0. 核心結論
目前 GitHub target 分成四類:
1. 已存在但 refs blocked`awoooi``clawbot-v5``wooo-aiops`
2. 已存在且本機 GitHub remote 對齊,但 110 internal remote 用途待判定:`wooo-infra-config`
3. GitHub target 未授權 probe 看不到:`ewoooc``bitan-pharmacy``tsenyang-website`
4. 外部/設計 repo需 scope review`nexu-io/open-design`
因此現階段不得建立自動 mirror也不得把 GitHub primary 視為 ready。
S4.10 已補 owner decision response request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 與收件包;它只定義 7 個 approval-required targets 的回覆請求、回覆欄位、驗收規則與拒收規則,目前 received / accepted response 皆為 0不代表 repo creation、visibility change、refs sync 或 primary approval。
## 1. 決策表
| GitHub target | Source key | Probe | Target state | 建議動作 | 風險 | 人工批准 |
|---------------|------------|-------|--------------|----------|------|----------|
| `owenhytsai/awoooi` | `wooo/awoooi` | `exists` | `exists_refs_blocked` | hold refs reconcile | HIGH | 是 |
| `owenhytsai/clawbot-v5` | `wooo/clawbot-v5` | `exists` | `exists_refs_blocked` | hold refs reconcile | MEDIUM | 是 |
| `owenhytsai/wooo-aiops` | `wooo/wooo-aiops` | `exists` | `exists_refs_blocked` | hold refs reconcile | MEDIUM | 是 |
| `owenhytsai/wooo-infra-config` | `wooo/wooo-infra-config` | `exists` | `exists_aligned` | confirm internal remote purpose | MEDIUM | 是 |
| `owenhytsai/ewoooc` | `wooo/ewoooc` / `root/momo-pro-system` | `not_found_or_private` | `not_found_or_private` | create or grant access after approval | HIGH | 是 |
| `owenhytsai/bitan-pharmacy` | `bitan-pharmacy` | `not_found_or_private` | `not_found_or_private` | create or grant access after approval | MEDIUM | 是 |
| `owenhytsai/tsenyang-website` | `tsenyang-website` | `not_found_or_private` | `not_found_or_private` | create or grant access after approval | MEDIUM | 是 |
| `nexu-io/open-design` | `open-design` | `exists` | `external_scope` | scope review only | LOW | 否 |
## 2. 建立 / 授權前 gate
| Repo | Blocked until |
|------|---------------|
| `owenhytsai/ewoooc` | `ewoooc/momo-pro-system` canonical 關係人工確認、server-side refs diff、visibility/owner 決策 |
| `owenhytsai/bitan-pharmacy` | 確認仍 active、visibility/owner 決策 |
| `owenhytsai/tsenyang-website` | 確認仍 active、visibility/owner 決策 |
| `owenhytsai/wooo-infra-config` | 110 internal remote 用途確認、若為舊主控則降級或移除 |
## 3. AwoooP 消費方式
AwoooP 可以 mirror `github_target_decision_v1` 作為 migration planning evidence但只能做
- Runtime State / Channel Event 顯示。
- read-only policy 建議。
- approval candidate 建立。
AwoooP 不得直接做:
- 建立 GitHub repo。
- 修改 repo visibility。
- 新增 secret。
- 同步 refs。
- 切 GitHub primary。
## 4. 下一步
1. 統帥或 repo owner 決定 `ewoooc``bitan-pharmacy``tsenyang-website` 的 GitHub target visibility。
2. 針對 `ewoooc/momo-pro-system` 完成 server-side refs diff 與 canonical 判定。
3. 確認 `bitan-pharmacy``tsenyang-website` 是否仍 active。
4. 確認 `wooo-infra-config` 的 110 internal remote 是否應移除或保留為 mirror。
5. 依 S4.10 `GITHUB-TARGET-OWNER-DECISION-RESPONSE.md` 收到並驗收 owner / visibility / canonical response。
6. 任何 repo 建立、visibility 修改或 mirror 行為,都必須先走 approval。
7. Approval 只套用高風險執行動作read-only inventory 與 evidence mirror 不應被過度阻擋。