2278 lines
107 KiB
JSON
2278 lines
107 KiB
JSON
{
|
||
"schema_version": "source_control_owner_response_validation_rollup_v1",
|
||
"status": "draft_waiting_owner_responses",
|
||
"date": "2026-06-04",
|
||
"mode": "owner_response_validation_rollup_only",
|
||
"runtime_execution_authorized": false,
|
||
"source_contracts": [
|
||
"gitea_inventory_owner_attestation_response_v1",
|
||
"github_target_owner_decision_response_v1",
|
||
"source_control_ref_truth_owner_response_v1",
|
||
"source_control_workflow_secret_name_owner_response_v1"
|
||
],
|
||
"source_indexes": [
|
||
"docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
|
||
"docs/security/github-target-owner-decision-response.snapshot.json",
|
||
"docs/security/source-control-ref-truth-owner-response.snapshot.json",
|
||
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
|
||
"docs/security/security-mirror-status-rollup.snapshot.json",
|
||
"docs/security/source-control-primary-readiness-gate.snapshot.json",
|
||
"docs/security/security-approval-review-packet.snapshot.json",
|
||
"docs/security/security-followup-runtime-gate.snapshot.json"
|
||
],
|
||
"summary": {
|
||
"rollup_status": "waiting_owner_responses",
|
||
"response_packet_count": 4,
|
||
"validation_lane_count": 4,
|
||
"total_response_template_count": 22,
|
||
"total_received_response_count": 0,
|
||
"total_accepted_response_count": 0,
|
||
"total_rejected_response_count": 0,
|
||
"total_acceptance_check_count": 32,
|
||
"total_rejection_rule_count": 40,
|
||
"owner_response_evidence_routing_rule_count": 6,
|
||
"owner_response_validation_display_section_count": 8,
|
||
"owner_response_validation_state_transition_rule_count": 7,
|
||
"owner_response_validation_reviewer_checklist_count": 9,
|
||
"owner_response_validation_reviewer_outcome_lane_count": 7,
|
||
"owner_response_validation_reviewer_audit_event_template_count": 4,
|
||
"owner_response_validation_reviewer_audit_display_section_count": 5,
|
||
"owner_response_validation_reviewer_audit_collection_check_count": 6,
|
||
"owner_response_validation_reviewer_audit_redaction_example_count": 5,
|
||
"owner_response_validation_reviewer_audit_retention_rule_count": 5,
|
||
"owner_response_validation_reviewer_audit_retention_check_count": 6,
|
||
"quarantine_required": true,
|
||
"primary_ready_count": 0,
|
||
"runtime_execution_authorized": false,
|
||
"token_value_collection_allowed": false,
|
||
"secret_value_collection_allowed": false,
|
||
"write_token_allowed": false,
|
||
"repo_creation_authorized": false,
|
||
"visibility_change_authorized": false,
|
||
"gitea_repo_write_authorized": false,
|
||
"refs_sync_authorized": false,
|
||
"refs_delete_authorized": false,
|
||
"force_push_authorized": false,
|
||
"workflow_modification_authorized": false,
|
||
"runner_enablement_authorized": false,
|
||
"github_hosted_runner_enable_authorized": false,
|
||
"github_primary_switch_authorized": false,
|
||
"action_buttons_allowed": false,
|
||
"owner_response_validation_reviewer_audit_handoff_packet_count": 6,
|
||
"owner_response_validation_reviewer_audit_handoff_check_count": 6,
|
||
"owner_response_validation_parallel_session_sync_check_count": 6,
|
||
"owner_response_validation_parallel_session_conflict_lane_count": 6,
|
||
"owner_response_validation_parallel_session_recovery_check_count": 6,
|
||
"owner_response_validation_parallel_session_recovery_outcome_lane_count": 7
|
||
},
|
||
"validation_lanes": [
|
||
{
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"source_contract": "gitea_inventory_owner_attestation_response_v1",
|
||
"response_packet": "docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
|
||
"human_doc": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"scope_summary": "5 個 Gitea coverage attestation items:public-only/local gap、org/user endpoint、110 adjacent scope、canonical owner、legacy/inaccessible disposition。",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"5 個 S4.7 attestation items 皆有可驗收 owner response",
|
||
"response 只能引用脫敏 evidence refs",
|
||
"不得保存 token value、raw secret、DB dump、git object 或 repo write payload"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only Gitea coverage matrix wording",
|
||
"更新 owner / canonical / legacy disposition 欄位",
|
||
"維持 gitea_repo_inventory_v1.status=partial 直到 S4.6 payload 驗收通過"
|
||
],
|
||
"forbidden_actions": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"lane_id": "s4_10_github_target_owner_decision_response",
|
||
"source_contract": "github_target_owner_decision_response_v1",
|
||
"response_packet": "docs/security/github-target-owner-decision-response.snapshot.json",
|
||
"human_doc": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
|
||
"scope_summary": "7 個 approval-required GitHub targets 的 owner、visibility、canonical response。",
|
||
"response_template_count": 7,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"7 個 target response 都有 owner / visibility / canonical disposition",
|
||
"not_found_or_private 不得自動解讀為可建立 repo",
|
||
"response 不得夾帶 repo creation、visibility change 或 refs sync payload"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only GitHub target decision table wording",
|
||
"更新 repo-by-repo approval package 的 owner / visibility / canonical 欄位",
|
||
"維持 primary_ready_count=0"
|
||
],
|
||
"forbidden_actions": [
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"lane_id": "s4_11_ref_truth_owner_response",
|
||
"source_contract": "source_control_ref_truth_owner_response_v1",
|
||
"response_packet": "docs/security/source-control-ref-truth-owner-response.snapshot.json",
|
||
"human_doc": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
|
||
"scope_summary": "S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks,加上 194 個 refs review items 的 main/dev truth、deprecated drift、release tag retention、GitHub-only refs disposition。",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"main/dev truth 與 release tags 必須有 deploy / artifact / rollback owner",
|
||
"deprecated candidate 只能更新 disposition,不代表 delete approval",
|
||
"backfill candidate 只能更新 review wording,不代表 push approval"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only ref truth classification disposition",
|
||
"更新 draft reconcile plan wording",
|
||
"維持 refs sync / delete / force push disabled"
|
||
],
|
||
"forbidden_actions": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"lane_id": "s4_12_workflow_secret_name_owner_response",
|
||
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
|
||
"response_packet": "docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
|
||
"human_doc": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
|
||
"scope_summary": "webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 的 redacted owner response request / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / response。",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"required_before_ready": [
|
||
"每個 lane 只能保存允許欄位與脫敏 metadata",
|
||
"GitHub hosted runner 只能進 risk review,不得啟用或消耗 hosted minutes",
|
||
"secret name parity 只保存名稱、scope、owner 與 present/absent,不保存 value/hash/partial token",
|
||
"request packet 只提示 owner 要回覆什麼,不代表 request sent、response received、secret value collection、workflow modification 或 runner enablement",
|
||
"template status ledger 只逐項顯示 waiting_owner_response,不代表 request sent、response received 或 accepted",
|
||
"audit event templates 只定義 0 emitted 的脫敏 metadata,不代表 production ingestion 或 runtime authorization",
|
||
"redaction examples 只示範安全回覆形狀,不代表 owner response received、accepted 或 secret value collection",
|
||
"collection checks 只維持 request / received / accepted 分離,不代表 owner response received、accepted 或 workflow / secret 執行授權",
|
||
"intake preflight checks 只分類可審、補證、隔離或拒收,不代表 owner response accepted 或 workflow / secret 執行授權"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 read-only workflow / secret name inventory wording",
|
||
"更新 redacted export request disposition",
|
||
"維持 workflow / secret parity blocker 直到實際 redacted evidence 完成"
|
||
],
|
||
"forbidden_actions": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
],
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"cross_packet_acceptance_checks": [
|
||
{
|
||
"check_id": "all_source_packets_schema_valid",
|
||
"title": "四個 source response packets 都必須 JSON / schema 結構有效",
|
||
"required": true,
|
||
"pass_condition": "source packet 可被解析,且 summary 欄位存在",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "template_counts_match",
|
||
"title": "response template count 必須與各 source packet summary 一致",
|
||
"required": true,
|
||
"pass_condition": "5 + 7 + 5 + 5 = 22",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "response_counts_explicit",
|
||
"title": "received / accepted / rejected count 必須明確列出",
|
||
"required": true,
|
||
"pass_condition": "所有 source packets 目前皆為 0 / 0 / 0",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "accepted_response_does_not_unlock_runtime",
|
||
"title": "即使未來 response 被接受,也不得直接解鎖 runtime",
|
||
"required": true,
|
||
"pass_condition": "readiness effect 只允許更新 read-only wording 或 matrix 欄位",
|
||
"failure_lane": "block_candidate",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "rejection_rules_present",
|
||
"title": "四個 packets 都必須保留 rejection rules",
|
||
"required": true,
|
||
"pass_condition": "每包 10 個 rejection rules,總數 40",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_secret_or_token_value",
|
||
"title": "不得收集 token、secret、private key、cookie、session 或 partial credential",
|
||
"required": true,
|
||
"pass_condition": "所有收件與輸出欄位只允許脫敏 evidence refs 或名稱 metadata",
|
||
"failure_lane": "hard_reject",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_write_or_admin_action",
|
||
"title": "不得夾帶 write token、admin API、repo write、workflow 修改或 runner 啟用",
|
||
"required": true,
|
||
"pass_condition": "所有 write / admin / execution flags 皆為 false",
|
||
"failure_lane": "hard_reject",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_refs_or_primary_action",
|
||
"title": "不得把 owner response 當成 refs sync、delete、force push 或 primary approval",
|
||
"required": true,
|
||
"pass_condition": "refs_sync / refs_delete / force_push / github_primary_switch 皆為 false",
|
||
"failure_lane": "hard_reject",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "quarantine_uncertain_payload",
|
||
"title": "任何不確定是否含敏感值的 response 必須隔離",
|
||
"required": true,
|
||
"pass_condition": "quarantine_required=true 且 quarantine rules 已列出",
|
||
"failure_lane": "mirror_quarantine",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "rollup_and_readiness_must_be_updated_together",
|
||
"title": "接受 response 後必須同步更新 rollup 與 readiness wording",
|
||
"required": true,
|
||
"pass_condition": "更新 source packet、validation rollup、security mirror rollup、primary readiness gate 與 LOGBOOK",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"quarantine_rules": [
|
||
"response 夾帶 token、secret、cookie、session、private key、deploy key material、runner token 或 partial credential 時 hard reject。",
|
||
"response 夾帶完整 webhook URL、query token、header、body、未脫敏 screenshot 或 private URL credential 時 hard reject。",
|
||
"response 要求 write API、repo 建立、visibility change、workflow 修改、runner 啟用、secret rotate、refs sync、delete refs、force push 或 GitHub primary switch 時 hard reject。",
|
||
"response 缺 lane、repo、provider、owner、decision、decision_reason 或 evidence_refs 時 request_more_evidence。",
|
||
"response 的敏感性不確定時先 quarantine,不猜測、不修補、不自動接受。"
|
||
],
|
||
"owner_response_evidence_routing_rules": [
|
||
{
|
||
"rule_id": "evidence-routing-known-lane",
|
||
"display_order": 1,
|
||
"title": "已知 owner response lane 才能進入對應 source packet preflight",
|
||
"match_condition": "evidence pointer 明確標示 S4.9 / S4.10 / S4.11 / S4.12 其中一個 lane,且 template_id 屬於該 lane 的既有 response templates。",
|
||
"safe_route": "route_to_source_packet_intake_preflight",
|
||
"blocked_route": "request_more_evidence_if_lane_or_template_unknown",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-required-fields",
|
||
"display_order": 2,
|
||
"title": "缺少 owner / decision / evidence refs 時只要求補證",
|
||
"match_condition": "lane 已知,但 owner、decision、decision_reason、repo/provider metadata 或 evidence_refs 缺漏。",
|
||
"safe_route": "request_more_evidence",
|
||
"blocked_route": "do_not_increment_received_or_accepted_count",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-sensitive-payload",
|
||
"display_order": 3,
|
||
"title": "疑似敏感 payload 一律先送 mirror quarantine",
|
||
"match_condition": "evidence pointer、摘要或附件暗示 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
|
||
"safe_route": "mirror_quarantine",
|
||
"blocked_route": "do_not_store_raw_payload_or_render_sensitive_material",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-execution-request",
|
||
"display_order": 4,
|
||
"title": "夾帶執行要求時 hard reject",
|
||
"match_condition": "response 要求建立 repo、修改 visibility、write token、sync/delete/force push refs、修改 workflow/webhook/runner/deploy key/branch protection/repository secret、啟用 GitHub hosted runner、Kali scan 或 GitHub primary switch。",
|
||
"safe_route": "hard_reject_execution_request",
|
||
"blocked_route": "do_not_create_runtime_gate_or_action_button",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-cross-packet-conflict",
|
||
"display_order": 5,
|
||
"title": "跨包互相矛盾時只進 owner review",
|
||
"match_condition": "S4.9 canonical owner、S4.10 GitHub target、S4.11 refs truth 或 S4.12 workflow / secret name parity 之間出現 owner、repo、visibility、truth source 或 secret 名稱矛盾。",
|
||
"safe_route": "cross_packet_owner_review",
|
||
"blocked_route": "do_not_auto_merge_or_override_source_packet",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "evidence-routing-accepted-metadata",
|
||
"display_order": 6,
|
||
"title": "通過驗收後只允許更新只讀 wording",
|
||
"match_condition": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
|
||
"safe_route": "read_only_readiness_wording_update",
|
||
"blocked_route": "do_not_unlock_repo_refs_workflow_secret_runner_or_primary_actions",
|
||
"awooop_display_mode": "display_evidence_route_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_display_sections": [
|
||
{
|
||
"section_id": "display-validation-summary",
|
||
"display_order": 1,
|
||
"title": "Owner response validation 總覽",
|
||
"content_source": "summary:response_packet_count、validation_lane_count、total_response_template_count、received / accepted / rejected count、runtime flags。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-missing-response-lanes",
|
||
"display_order": 2,
|
||
"title": "Missing owner response lanes",
|
||
"content_source": "missing_response_lanes:S4.9 / S4.10 / S4.11 / S4.12 四條缺口、next_owner_action 與 still_forbidden。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-owner-response-collection-order",
|
||
"display_order": 3,
|
||
"title": "Owner response collection order",
|
||
"content_source": "owner_response_collection_order:四步收件順序、required_packet、minimum_response 與 blocked_until_received。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-next-collection-candidate",
|
||
"display_order": 4,
|
||
"title": "Next collection candidate",
|
||
"content_source": "next_collection_candidate:目前只顯示 S4.9 Gitea owner attestation response,received / accepted 皆為 0。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-cross-packet-acceptance-checks",
|
||
"display_order": 5,
|
||
"title": "Cross-packet acceptance checks",
|
||
"content_source": "cross_packet_acceptance_checks:10 個跨包驗收檢查,只作 read-only validation,不授權 runtime。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-evidence-routing-rules",
|
||
"display_order": 6,
|
||
"title": "Evidence routing rules",
|
||
"content_source": "owner_response_evidence_routing_rules:6 條 evidence pointer 只讀路由,補證、隔離、拒收、跨包 review 或只讀更新。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-quarantine-and-forbidden-actions",
|
||
"display_order": 7,
|
||
"title": "Quarantine 與禁止事項",
|
||
"content_source": "quarantine_rules、forbidden_actions、summary false flags:顯示敏感 payload、write/admin/action button 與 primary 禁令。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-latest-local-validation",
|
||
"display_order": 8,
|
||
"title": "最新本機只讀驗證",
|
||
"content_source": "latest_local_validation:repo_snapshot_only、SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK、received / accepted count 仍為 0。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_validation_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_state_transition_rules": [
|
||
{
|
||
"rule_id": "transition-waiting-to-received-pending-validation",
|
||
"display_order": 1,
|
||
"from_state": "waiting_owner_response",
|
||
"trigger": "收到已知 S4.9 / S4.10 / S4.11 / S4.12 lane 的 owner response evidence pointer。",
|
||
"required_checks": [
|
||
"lane 與 template_id 已知",
|
||
"owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 完整",
|
||
"evidence refs 已脫敏且沒有 raw secret/token/private URL credential"
|
||
],
|
||
"next_state": "received_pending_validation",
|
||
"allowed_update": "只允許 source packet 與 rollup 顯示 received_pending_validation 候選;不得增加 accepted count。",
|
||
"blocked_updates": [
|
||
"mark_accepted",
|
||
"create_runtime_gate",
|
||
"add_action_button",
|
||
"repo_or_refs_or_workflow_secret_change"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-missing-required-fields-to-request-more-evidence",
|
||
"display_order": 2,
|
||
"from_state": "waiting_owner_response",
|
||
"trigger": "response 缺少必填 owner、decision、reason、repo/provider metadata 或 evidence_refs。",
|
||
"required_checks": [
|
||
"已能判斷 lane 或 template 缺口",
|
||
"沒有敏感 payload",
|
||
"沒有執行要求"
|
||
],
|
||
"next_state": "request_more_evidence",
|
||
"allowed_update": "只允許顯示補證缺口與下一步 owner action。",
|
||
"blocked_updates": [
|
||
"increment_received_count",
|
||
"increment_accepted_count",
|
||
"store_raw_payload",
|
||
"unlock_primary_readiness"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-sensitive-payload-to-mirror-quarantine",
|
||
"display_order": 3,
|
||
"from_state": "waiting_owner_response_or_received_pending_validation",
|
||
"trigger": "response 或 evidence pointer 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
|
||
"required_checks": [
|
||
"敏感性不確定即視為需要隔離",
|
||
"不得渲染或保存 raw payload",
|
||
"不得把 masked/partial credential 當成可保存 evidence"
|
||
],
|
||
"next_state": "mirror_quarantine",
|
||
"allowed_update": "只允許顯示 quarantine pointer 與 redaction request。",
|
||
"blocked_updates": [
|
||
"store_sensitive_payload",
|
||
"render_sensitive_material",
|
||
"increment_received_count",
|
||
"increment_accepted_count"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-execution-request-to-hard-rejected",
|
||
"display_order": 4,
|
||
"from_state": "waiting_owner_response_or_received_pending_validation",
|
||
"trigger": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
|
||
"required_checks": [
|
||
"偵測到任何 write/admin/runtime intent",
|
||
"blocked route 已指向 do_not_create_runtime_gate_or_action_button",
|
||
"仍保留 redacted rejection evidence"
|
||
],
|
||
"next_state": "hard_rejected_execution_request",
|
||
"allowed_update": "只允許顯示拒收原因與仍禁止事項。",
|
||
"blocked_updates": [
|
||
"create_runtime_gate",
|
||
"enqueue_execution",
|
||
"add_action_button",
|
||
"change_repo_refs_workflow_secret_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-cross-packet-conflict-to-owner-review",
|
||
"display_order": 5,
|
||
"from_state": "received_pending_validation",
|
||
"trigger": "S4.9 owner/canonical、S4.10 target/visibility、S4.11 refs truth 或 S4.12 workflow/secret name parity 互相矛盾。",
|
||
"required_checks": [
|
||
"矛盾欄位可指向來源 packet",
|
||
"不得自動覆蓋 source packet",
|
||
"不得把任一 packet 視為較高權威"
|
||
],
|
||
"next_state": "cross_packet_owner_review",
|
||
"allowed_update": "只允許顯示 reviewer 需要確認的欄位與 evidence refs。",
|
||
"blocked_updates": [
|
||
"auto_merge_response",
|
||
"override_source_packet",
|
||
"mark_primary_ready",
|
||
"unlock_refs_or_workflow_actions"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-validation-pass-to-read-only-update",
|
||
"display_order": 6,
|
||
"from_state": "received_pending_validation",
|
||
"trigger": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過。",
|
||
"required_checks": [
|
||
"所有 evidence refs 完全脫敏",
|
||
"source packet、validation rollup、security mirror rollup、primary readiness wording 與 LOGBOOK 可同步更新",
|
||
"received / accepted count 的變更仍只限文件與 snapshot"
|
||
],
|
||
"next_state": "accepted_read_only_update",
|
||
"allowed_update": "只允許更新 read-only evidence、matrix、decision table、reconcile wording 或 readiness wording。",
|
||
"blocked_updates": [
|
||
"create_repo",
|
||
"sync_or_delete_refs",
|
||
"modify_workflow_or_secret",
|
||
"enable_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "transition-post-update-stays-waiting-runtime-gate",
|
||
"display_order": 7,
|
||
"from_state": "accepted_read_only_update",
|
||
"trigger": "read-only wording 已更新,但仍未取得 runtime gate、owner approval、rollback ADR、redacted payload ingestion 或 primary readiness。",
|
||
"required_checks": [
|
||
"active_runtime_gate_count 仍為 0",
|
||
"github_primary_ready_count 仍為 0",
|
||
"action_buttons_allowed 仍為 false"
|
||
],
|
||
"next_state": "waiting_followup_runtime_gate",
|
||
"allowed_update": "只允許提示後續需要人工批准與獨立 runtime gate。",
|
||
"blocked_updates": [
|
||
"treat_read_only_update_as_runtime_approval",
|
||
"auto_execute_scan_or_migration",
|
||
"switch_github_primary",
|
||
"consume_github_hosted_runner_minutes"
|
||
],
|
||
"awooop_display_mode": "display_state_transition_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_checklist": [
|
||
{
|
||
"checklist_id": "checklist-confirm-lane-and-template",
|
||
"display_order": 1,
|
||
"title": "確認 owner response lane 與 template 已知",
|
||
"reviewer_action": "確認 evidence pointer 只屬於 S4.9 / S4.10 / S4.11 / S4.12 的既有 lane 與 template_id。",
|
||
"required_evidence": [
|
||
"lane_id",
|
||
"template_id",
|
||
"source_packet_path"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "request_more_evidence",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-required-owner-fields",
|
||
"display_order": 2,
|
||
"title": "確認 owner / decision / reason / metadata 欄位完整",
|
||
"reviewer_action": "確認 owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 都存在且可追溯。",
|
||
"required_evidence": [
|
||
"owner",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo_or_provider_metadata",
|
||
"evidence_refs"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "request_more_evidence",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-redacted-evidence-refs",
|
||
"display_order": 3,
|
||
"title": "確認 evidence refs 已脫敏且不含 raw payload",
|
||
"reviewer_action": "只接受文件路徑、ticket id、hash 或摘要;不得貼入 token、secret、private URL credential 或未脫敏截圖。",
|
||
"required_evidence": [
|
||
"redacted_evidence_refs",
|
||
"no_raw_payload_statement"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "mirror_quarantine",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-source-packet-preflight",
|
||
"display_order": 4,
|
||
"title": "確認 source packet preflight 通過",
|
||
"reviewer_action": "依對應 S4.9 / S4.10 / S4.11 / S4.12 intake preflight checks 判定可審、補證、隔離或拒收。",
|
||
"required_evidence": [
|
||
"source_packet_preflight_result",
|
||
"preflight_check_ids"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "source_packet_preflight_failure_route",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-cross-packet-consistency",
|
||
"display_order": 5,
|
||
"title": "確認 S4.9-S4.12 跨包一致性",
|
||
"reviewer_action": "確認 owner、repo、visibility、truth source、workflow / secret name parity 沒有互相矛盾。",
|
||
"required_evidence": [
|
||
"cross_packet_acceptance_check_ids",
|
||
"consistency_summary"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "cross_packet_owner_review",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-no-sensitive-payload",
|
||
"display_order": 6,
|
||
"title": "確認沒有敏感 payload",
|
||
"reviewer_action": "確認 response 不含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或 partial credential。",
|
||
"required_evidence": [
|
||
"sensitive_payload_scan_result",
|
||
"redaction_summary"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "mirror_quarantine",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-no-execution-intent",
|
||
"display_order": 7,
|
||
"title": "確認沒有執行意圖",
|
||
"reviewer_action": "確認 response 沒有要求 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret 變更、Kali scan、GitHub hosted runner 或 GitHub primary switch。",
|
||
"required_evidence": [
|
||
"execution_intent_review_result",
|
||
"blocked_action_summary"
|
||
],
|
||
"pass_state": "received_pending_validation",
|
||
"fail_route": "hard_rejected_execution_request",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-read-only-update-scope",
|
||
"display_order": 8,
|
||
"title": "確認通過後只更新 read-only wording",
|
||
"reviewer_action": "確認即使 response 通過,也只更新 evidence、matrix、decision table、reconcile wording 或 readiness wording。",
|
||
"required_evidence": [
|
||
"read_only_update_targets",
|
||
"no_runtime_unlock_statement"
|
||
],
|
||
"pass_state": "accepted_read_only_update",
|
||
"fail_route": "block_candidate",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"checklist_id": "checklist-confirm-followup-runtime-gate-still-required",
|
||
"display_order": 9,
|
||
"title": "確認後續 runtime gate 仍需獨立批准",
|
||
"reviewer_action": "確認 active_runtime_gate_count 仍為 0、github_primary_ready_count 仍為 0、action_buttons_allowed 仍為 false。",
|
||
"required_evidence": [
|
||
"active_runtime_gate_count",
|
||
"github_primary_ready_count",
|
||
"action_buttons_allowed"
|
||
],
|
||
"pass_state": "waiting_followup_runtime_gate",
|
||
"fail_route": "block_candidate",
|
||
"awooop_display_mode": "display_reviewer_checklist_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_outcome_lanes": [
|
||
{
|
||
"outcome_lane_id": "outcome-keep-waiting-owner-response",
|
||
"display_order": 1,
|
||
"title": "繼續等待 owner response",
|
||
"when_reviewer_finds": "尚未收到 owner response evidence pointer,或目前只看到 request packet / template status / audit template / redaction example / display section。",
|
||
"safe_result": "keep_waiting_owner_response",
|
||
"allowed_update": "只顯示 waiting 狀態、缺口摘要與 next collection candidate。",
|
||
"blocked_updates": [
|
||
"increment_received_count",
|
||
"increment_accepted_count",
|
||
"mark_primary_ready",
|
||
"create_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-request-more-evidence",
|
||
"display_order": 2,
|
||
"title": "要求補證",
|
||
"when_reviewer_finds": "lane / template 已知但缺 owner、decision、reason、repo/provider metadata、evidence refs 或 source packet preflight 結果。",
|
||
"safe_result": "request_more_evidence",
|
||
"allowed_update": "只顯示缺哪些欄位與下一步 owner action。",
|
||
"blocked_updates": [
|
||
"increment_accepted_count",
|
||
"unlock_primary_readiness",
|
||
"enqueue_execution",
|
||
"store_raw_payload"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-mirror-quarantine-sensitive-payload",
|
||
"display_order": 3,
|
||
"title": "敏感 payload 進 mirror quarantine",
|
||
"when_reviewer_finds": "evidence pointer 或 response 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential、partial credential 或未脫敏截圖。",
|
||
"safe_result": "mirror_quarantine",
|
||
"allowed_update": "只顯示 quarantine pointer、redaction request 與不得保存 raw payload 的提示。",
|
||
"blocked_updates": [
|
||
"store_sensitive_payload",
|
||
"render_sensitive_material",
|
||
"increment_received_count",
|
||
"increment_accepted_count"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-hard-reject-execution-request",
|
||
"display_order": 4,
|
||
"title": "拒收執行要求",
|
||
"when_reviewer_finds": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
|
||
"safe_result": "hard_rejected_execution_request",
|
||
"allowed_update": "只顯示拒收原因、blocked action summary 與仍禁止事項。",
|
||
"blocked_updates": [
|
||
"create_runtime_gate",
|
||
"enqueue_execution",
|
||
"add_action_button",
|
||
"change_repo_refs_workflow_secret_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-cross-packet-owner-review",
|
||
"display_order": 5,
|
||
"title": "跨包 owner review",
|
||
"when_reviewer_finds": "S4.9 / S4.10 / S4.11 / S4.12 之間的 owner、repo、visibility、truth source 或 workflow / secret name parity 互相矛盾。",
|
||
"safe_result": "cross_packet_owner_review",
|
||
"allowed_update": "只顯示矛盾欄位、來源 packet 與 reviewer 需要確認的 evidence refs。",
|
||
"blocked_updates": [
|
||
"auto_merge_response",
|
||
"override_source_packet",
|
||
"mark_primary_ready",
|
||
"unlock_refs_or_workflow_actions"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-read-only-update-candidate",
|
||
"display_order": 6,
|
||
"title": "只讀更新候選",
|
||
"when_reviewer_finds": "source packet preflight、acceptance checks、cross-packet checks、reviewer checklist 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
|
||
"safe_result": "accepted_read_only_update_candidate",
|
||
"allowed_update": "只允許更新 evidence、matrix、decision table、reconcile wording、readiness wording 與 LOGBOOK。",
|
||
"blocked_updates": [
|
||
"create_repo",
|
||
"sync_or_delete_refs",
|
||
"modify_workflow_or_secret",
|
||
"enable_runner_or_primary"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"outcome_lane_id": "outcome-waiting-followup-runtime-gate",
|
||
"display_order": 7,
|
||
"title": "仍等待後續 runtime gate",
|
||
"when_reviewer_finds": "只讀 wording 已完成或可完成,但 active_runtime_gate_count=0、github_primary_ready_count=0、action_buttons_allowed=false。",
|
||
"safe_result": "waiting_followup_runtime_gate",
|
||
"allowed_update": "只顯示後續仍需人工批准、rollback / disable plan 與獨立 runtime gate。",
|
||
"blocked_updates": [
|
||
"treat_read_only_update_as_runtime_approval",
|
||
"auto_execute_scan_or_migration",
|
||
"switch_github_primary",
|
||
"consume_github_hosted_runner_minutes"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_event_templates": [
|
||
{
|
||
"event_template_id": "audit-reviewer-outcome-review-opened",
|
||
"display_order": 1,
|
||
"title": "Reviewer 開始檢查 owner response outcome",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 打開 S4.13 owner response validation rollup 並準備依 checklist / outcome lanes 做只讀分類。",
|
||
"allowed_metadata": [
|
||
"reviewer_id_or_role",
|
||
"lane_id",
|
||
"template_id",
|
||
"source_packet_path",
|
||
"review_started_at_taipei",
|
||
"redacted_evidence_ref_count"
|
||
],
|
||
"forbidden_payloads": [
|
||
"raw_owner_response_body",
|
||
"token_or_secret_value",
|
||
"private_key_or_deploy_key_material",
|
||
"cookie_or_session",
|
||
"authorization_header",
|
||
"private_url_credential",
|
||
"unredacted_screenshot"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-reviewer-outcome-classified",
|
||
"display_order": 2,
|
||
"title": "Reviewer outcome lane 已分類",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 依 7 條 outcome lanes 將 evidence pointer 分類為等待、補證、隔離、拒收、跨包 review、只讀候選或等待 runtime gate。",
|
||
"allowed_metadata": [
|
||
"outcome_lane_id",
|
||
"classification_reason",
|
||
"checklist_pass_count",
|
||
"checklist_fail_count",
|
||
"redacted_evidence_refs",
|
||
"reviewed_at_taipei"
|
||
],
|
||
"forbidden_payloads": [
|
||
"raw_owner_response_body",
|
||
"token_or_secret_value",
|
||
"secret_hash_or_masked_token",
|
||
"partial_credential",
|
||
"runner_token",
|
||
"webhook_secret",
|
||
"deploy_key_value",
|
||
"private_url_credential"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-reviewer-quarantine-or-reject-recorded",
|
||
"display_order": 3,
|
||
"title": "隔離或拒收原因已留痕模板",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 將 response 分類為 mirror quarantine 或 hard rejected execution request。",
|
||
"allowed_metadata": [
|
||
"outcome_lane_id",
|
||
"blocked_reason_code",
|
||
"redaction_required",
|
||
"quarantine_pointer",
|
||
"blocked_action_summary",
|
||
"reviewed_at_taipei"
|
||
],
|
||
"forbidden_payloads": [
|
||
"sensitive_payload",
|
||
"raw_request_body",
|
||
"raw_response_body",
|
||
"credential_value",
|
||
"private_key",
|
||
"authorization_header",
|
||
"cookie_or_session",
|
||
"execution_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-reviewer-readonly-update-noted",
|
||
"display_order": 4,
|
||
"title": "只讀更新候選已記錄模板",
|
||
"event_status": "template_only_not_emitted",
|
||
"event_trigger": "Reviewer 將 response 分類為 read-only update candidate 或 waiting follow-up runtime gate。",
|
||
"allowed_metadata": [
|
||
"outcome_lane_id",
|
||
"read_only_update_targets",
|
||
"followup_runtime_gate_required",
|
||
"active_runtime_gate_count",
|
||
"github_primary_ready_count",
|
||
"action_buttons_allowed"
|
||
],
|
||
"forbidden_payloads": [
|
||
"runtime_approval",
|
||
"execution_command",
|
||
"repo_write_token",
|
||
"refs_update_payload",
|
||
"workflow_secret_value",
|
||
"runner_registration_token",
|
||
"github_primary_switch_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_reviewer_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_display_sections": [
|
||
{
|
||
"section_id": "display-reviewer-audit-template-summary",
|
||
"display_order": 1,
|
||
"title": "Reviewer audit template 總覽",
|
||
"content_source": "顯示 4 個 reviewer audit event templates、template_only_not_emitted、emitted_event_count=0 與 not approval 邊界。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-metadata-fields",
|
||
"display_order": 2,
|
||
"title": "允許顯示的脫敏 metadata 欄位",
|
||
"content_source": "只顯示 reviewer role、lane、template、source packet、classification reason、checklist pass/fail count、redacted evidence refs、read-only targets 與 gate count 等 metadata 名稱;不得顯示 raw owner response。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-forbidden-payloads",
|
||
"display_order": 3,
|
||
"title": "禁止 payload 顯示與保存",
|
||
"content_source": "顯示 forbidden_payloads 清單,明確擋住 token、secret、private key、deploy key material、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw request / response body、未脫敏截圖與 execution payload。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-emission-status",
|
||
"display_order": 4,
|
||
"title": "Reviewer audit emitted 狀態",
|
||
"content_source": "顯示全部 reviewer audit templates 目前 emitted_event_count=0、stored_raw_payload_allowed=false,代表尚未啟用 production ingestion。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"section_id": "display-reviewer-audit-non-authorization-boundary",
|
||
"display_order": 5,
|
||
"title": "非授權邊界",
|
||
"content_source": "顯示 reviewer audit display sections 只固定 UI 呈現,不代表 owner response received、accepted、approval、runtime gate、execution queue、action button、repo / refs / workflow / secret / runner 變更、Kali scan 或 GitHub primary switch。",
|
||
"section_status": "display_contract_only",
|
||
"awooop_display_mode": "display_reviewer_audit_section_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_collection_checks": [
|
||
{
|
||
"check_id": "check-reviewer-audit-template-visible",
|
||
"display_order": 1,
|
||
"title": "Reviewer audit templates 必須先可見",
|
||
"check_requirement": "AwoooP 只能在顯示 4 個 reviewer audit event templates 與 5 個 reviewer audit display sections 後,才顯示 reviewer audit collection check 狀態。",
|
||
"safe_result": "display_collection_check_waiting_not_ingested",
|
||
"blocked_interpretations": [
|
||
"treat_template_visible_as_event_emitted",
|
||
"treat_display_section_as_audit_ingestion",
|
||
"skip_template_boundary_before_collection_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-metadata-only",
|
||
"display_order": 2,
|
||
"title": "Reviewer audit 僅允許 metadata",
|
||
"check_requirement": "collection check 只能確認 allowed_metadata 欄位名稱、redacted evidence refs 與 count 類數值,不得要求或保存 raw owner response。",
|
||
"safe_result": "metadata_only_check_pass_or_waiting",
|
||
"blocked_interpretations": [
|
||
"request_raw_owner_response",
|
||
"store_unredacted_evidence",
|
||
"accept_sensitive_value_as_metadata"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-forbidden-payloads-blocked",
|
||
"display_order": 3,
|
||
"title": "Forbidden payload 必須阻擋",
|
||
"check_requirement": "任何 token、secret、private key、deploy key material、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw body、未脫敏截圖或 execution payload 都只能進 quarantine / reject 顯示。",
|
||
"safe_result": "forbidden_payloads_blocked_or_quarantined",
|
||
"blocked_interpretations": [
|
||
"store_sensitive_payload_for_audit",
|
||
"mask_then_accept_secret_value",
|
||
"turn_execution_payload_into_action"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-emitted-remains-zero",
|
||
"display_order": 4,
|
||
"title": "Reviewer audit emitted 必須仍為 0",
|
||
"check_requirement": "在 production ingestion 未另行批准前,所有 reviewer audit event templates 的 emitted_event_count 必須維持 0,stored_raw_payload_allowed 必須維持 false。",
|
||
"safe_result": "template_only_not_emitted",
|
||
"blocked_interpretations": [
|
||
"treat_zero_emitted_template_as_production_ingestion",
|
||
"increment_emitted_count_from_display",
|
||
"store_raw_payload_after_collection_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-no-runtime-side-effect",
|
||
"display_order": 5,
|
||
"title": "Reviewer audit 檢查不得有 runtime side effect",
|
||
"check_requirement": "collection checks 只顯示 pass / waiting / blocked 的只讀狀態,不得建立 runtime gate、execution queue、action button、scan request、repo action 或 workflow / secret change。",
|
||
"safe_result": "read_only_check_no_runtime_side_effect",
|
||
"blocked_interpretations": [
|
||
"create_runtime_gate",
|
||
"enqueue_execution",
|
||
"add_action_button",
|
||
"start_kali_scan",
|
||
"modify_repo_or_workflow"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-owner-response-counts-unchanged",
|
||
"display_order": 6,
|
||
"title": "Owner response counters 不得因 audit check 增加",
|
||
"check_requirement": "reviewer audit collection checks 通過也不能增加 received_response_count、accepted_response_count、reviewer_audit_events_emitted、primary_ready_count 或 active_runtime_gate_count。",
|
||
"safe_result": "counters_unchanged_waiting_owner_response",
|
||
"blocked_interpretations": [
|
||
"treat_collection_check_pass_as_owner_response_received",
|
||
"treat_collection_check_pass_as_owner_response_accepted",
|
||
"treat_collection_check_pass_as_primary_ready",
|
||
"treat_collection_check_pass_as_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_redaction_examples": [
|
||
{
|
||
"example_id": "redaction-reviewer-role-lane-template-metadata",
|
||
"display_order": 1,
|
||
"title": "Reviewer / lane / template metadata 脫敏範例",
|
||
"unsafe_input_shape": "Reviewer 開始檢查時可能附帶原始 owner response 文字、內部截圖、私有 URL 或未脫敏 evidence 內容。",
|
||
"safe_metadata_shape": "只顯示 reviewer_role、lane_id、template_id、source_packet_path、review_started_at_taipei 與 redacted_evidence_ref_count。",
|
||
"blocked_payloads": [
|
||
"raw_owner_response_body",
|
||
"unredacted_screenshot",
|
||
"private_url_credential",
|
||
"authorization_header",
|
||
"cookie_or_session"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-classification-reason-summary",
|
||
"display_order": 2,
|
||
"title": "Outcome classification reason 脫敏範例",
|
||
"unsafe_input_shape": "Reviewer 分類理由可能引用 token 片段、secret hash、partial credential、runner token 或 webhook secret。",
|
||
"safe_metadata_shape": "只顯示 outcome_lane_id、classification_reason_summary、checklist_pass_count、checklist_fail_count、redacted_evidence_ref_ids 與 reviewed_at_taipei。",
|
||
"blocked_payloads": [
|
||
"token_or_secret_value",
|
||
"secret_hash_or_masked_token",
|
||
"partial_credential",
|
||
"runner_token",
|
||
"webhook_secret"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-quarantine-pointer",
|
||
"display_order": 3,
|
||
"title": "Quarantine pointer 脫敏範例",
|
||
"unsafe_input_shape": "隔離或拒收原因可能包含 raw request body、raw response body、credential value、private key 或 execution payload。",
|
||
"safe_metadata_shape": "只顯示 outcome_lane_id、blocked_reason_code、redaction_required=true、quarantine_pointer_id、blocked_action_summary 與 reviewed_at_taipei。",
|
||
"blocked_payloads": [
|
||
"raw_request_body",
|
||
"raw_response_body",
|
||
"credential_value",
|
||
"private_key",
|
||
"execution_payload"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-readonly-update-targets",
|
||
"display_order": 4,
|
||
"title": "Read-only update targets 脫敏範例",
|
||
"unsafe_input_shape": "只讀更新候選可能被誤寫成 execution command、refs update payload、workflow secret value 或 GitHub primary switch payload。",
|
||
"safe_metadata_shape": "只顯示 outcome_lane_id、read_only_update_target_ids、followup_runtime_gate_required、active_runtime_gate_count、github_primary_ready_count 與 action_buttons_allowed=false。",
|
||
"blocked_payloads": [
|
||
"execution_command",
|
||
"repo_write_token",
|
||
"refs_update_payload",
|
||
"workflow_secret_value",
|
||
"github_primary_switch_payload"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-runtime-gate-counter-summary",
|
||
"display_order": 5,
|
||
"title": "Runtime gate counter summary 脫敏範例",
|
||
"unsafe_input_shape": "Reviewer audit summary 可能把 collection check pass 誤寫成 owner response received、accepted、primary ready 或 runtime gate active。",
|
||
"safe_metadata_shape": "只顯示 received_response_count=0、accepted_response_count=0、reviewer_audit_events_emitted=0、primary_ready_count=0、active_runtime_gate_count=0 與 not_authorization=true。",
|
||
"blocked_payloads": [
|
||
"runtime_approval",
|
||
"execution_queue_id",
|
||
"action_button_payload",
|
||
"scan_request_payload",
|
||
"primary_switch_payload"
|
||
],
|
||
"redaction_status": "example_only_not_response",
|
||
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_retention_rules": [
|
||
{
|
||
"rule_id": "retention-reviewer-start-metadata-only",
|
||
"display_order": 1,
|
||
"title": "Reviewer start metadata retention",
|
||
"retained_metadata_shape": "只可保留 reviewer_role、lane_id、template_id、source_packet_path、review_started_at_taipei 與 redacted_evidence_ref_count。",
|
||
"retention_boundary": "保留範圍僅限 reviewer audit metadata;不得保留 owner response 內文、截圖內容、私有 URL credential 或 session 類資料。",
|
||
"blocked_payloads": [
|
||
"raw_owner_response_body",
|
||
"unredacted_screenshot",
|
||
"private_url_credential",
|
||
"authorization_header",
|
||
"cookie_or_session"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-classification-summary-only",
|
||
"display_order": 2,
|
||
"title": "Classification summary retention",
|
||
"retained_metadata_shape": "只可保留 outcome_lane_id、classification_reason_summary、checklist_pass_count、checklist_fail_count、redacted_evidence_ref_ids 與 reviewed_at_taipei。",
|
||
"retention_boundary": "分類理由必須是摘要;不得保留 token 片段、secret hash、partial credential、runner token 或 webhook secret。",
|
||
"blocked_payloads": [
|
||
"token_or_secret_value",
|
||
"secret_hash_or_masked_token",
|
||
"partial_credential",
|
||
"runner_token",
|
||
"webhook_secret"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-quarantine-pointer-only",
|
||
"display_order": 3,
|
||
"title": "Quarantine pointer retention",
|
||
"retained_metadata_shape": "只可保留 outcome_lane_id、blocked_reason_code、redaction_required、quarantine_pointer_id、blocked_action_summary 與 reviewed_at_taipei。",
|
||
"retention_boundary": "隔離資料只保留 pointer 與 reason code;不得保留 raw request / response body、credential value、private key 或 execution payload。",
|
||
"blocked_payloads": [
|
||
"raw_request_body",
|
||
"raw_response_body",
|
||
"credential_value",
|
||
"private_key",
|
||
"execution_payload"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-readonly-update-targets-only",
|
||
"display_order": 4,
|
||
"title": "Read-only update target retention",
|
||
"retained_metadata_shape": "只可保留 outcome_lane_id、read_only_update_target_ids、followup_runtime_gate_required、active_runtime_gate_count、github_primary_ready_count 與 action_buttons_allowed=false。",
|
||
"retention_boundary": "只讀更新候選只保留目標 ID 與 gate counter;不得保留 execution command、repo write token、refs update payload、workflow secret value 或 primary switch payload。",
|
||
"blocked_payloads": [
|
||
"execution_command",
|
||
"repo_write_token",
|
||
"refs_update_payload",
|
||
"workflow_secret_value",
|
||
"github_primary_switch_payload"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"rule_id": "retention-counter-snapshot-only",
|
||
"display_order": 5,
|
||
"title": "Counter snapshot retention",
|
||
"retained_metadata_shape": "只可保留 received_response_count=0、accepted_response_count=0、reviewer_audit_events_emitted=0、primary_ready_count=0、active_runtime_gate_count=0 與 not_authorization=true。",
|
||
"retention_boundary": "counter snapshot 只作狀態顯示;不得把 counter 或 check pass 轉成 runtime approval、execution queue、action button、scan request 或 primary switch。",
|
||
"blocked_payloads": [
|
||
"runtime_approval",
|
||
"execution_queue_id",
|
||
"action_button_payload",
|
||
"scan_request_payload",
|
||
"primary_switch_payload"
|
||
],
|
||
"retention_status": "metadata_retention_rule_only",
|
||
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_retention_checks": [
|
||
{
|
||
"check_id": "check-reviewer-audit-retention-rules-visible",
|
||
"display_order": 1,
|
||
"title": "Retention rules visible before retention check",
|
||
"check_requirement": "AwoooP 只能在顯示 5 條 reviewer audit retention rules 後,才顯示 retention check 狀態。",
|
||
"safe_result": "display_retention_check_waiting_not_ingested",
|
||
"blocked_interpretations": [
|
||
"run_retention_check_before_rules_visible",
|
||
"treat_retention_check_as_ingestion_ready",
|
||
"enable_audit_storage_from_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-retained-metadata-only",
|
||
"display_order": 2,
|
||
"title": "Retained metadata shape only",
|
||
"check_requirement": "retention check 只能確認 retained_metadata_shape、reason code、pointer、counter 與 redacted evidence refs,不得要求或保存 raw payload。",
|
||
"safe_result": "metadata_only_retention_check",
|
||
"blocked_interpretations": [
|
||
"store_raw_owner_response_for_retention",
|
||
"store_unredacted_evidence_for_retention",
|
||
"store_private_url_or_session"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-raw-payloads-blocked",
|
||
"display_order": 3,
|
||
"title": "Raw payload retention blocked",
|
||
"check_requirement": "raw request body、raw response body、unredacted screenshot、execution payload、private key 與 credential value 必須被拒收或隔離。",
|
||
"safe_result": "raw_payload_retention_blocked",
|
||
"blocked_interpretations": [
|
||
"retain_raw_request_body",
|
||
"retain_raw_response_body",
|
||
"retain_unredacted_screenshot",
|
||
"retain_execution_payload"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-secret-retention-blocked",
|
||
"display_order": 4,
|
||
"title": "Secret retention blocked",
|
||
"check_requirement": "token、secret、secret hash、partial credential、runner token、webhook secret、authorization header 與 cookie / session 都不得進入 retention。",
|
||
"safe_result": "secret_retention_blocked",
|
||
"blocked_interpretations": [
|
||
"retain_token_value",
|
||
"retain_secret_hash",
|
||
"retain_partial_credential",
|
||
"retain_authorization_header"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-counter-snapshot-only",
|
||
"display_order": 5,
|
||
"title": "Counter snapshot only",
|
||
"check_requirement": "retention checks 通過也不能增加 received_response_count、accepted_response_count、reviewer_audit_events_emitted、primary_ready_count 或 active_runtime_gate_count。",
|
||
"safe_result": "counter_snapshot_only",
|
||
"blocked_interpretations": [
|
||
"treat_retention_check_pass_as_owner_response_received",
|
||
"treat_retention_check_pass_as_owner_response_accepted",
|
||
"treat_retention_check_pass_as_audit_event_emitted",
|
||
"treat_retention_check_pass_as_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-reviewer-audit-no-runtime-retention-side-effect",
|
||
"display_order": 6,
|
||
"title": "No runtime retention side effect",
|
||
"check_requirement": "retention checks 只顯示 pass / waiting / blocked 的只讀狀態,不得建立 runtime gate、execution queue、action button、scan request、repo action 或 workflow / secret change。",
|
||
"safe_result": "read_only_retention_check_no_side_effect",
|
||
"blocked_interpretations": [
|
||
"create_runtime_gate_from_retention_check",
|
||
"create_execution_queue_from_retention_check",
|
||
"add_action_button_from_retention_check",
|
||
"start_scan_from_retention_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_handoff_packets": [
|
||
{
|
||
"packet_id": "handoff-current-counters-and-boundary",
|
||
"display_order": 1,
|
||
"title": "目前 counters 與非授權邊界",
|
||
"handoff_content": "交接時必須顯示 received=0、accepted=0、reviewer audit emitted=0、primary ready=0、active runtime gate=0 與 headline 58%。",
|
||
"safe_consumer_action": "AwoooP / 另一個 Session 只能把它當成只讀狀態摘要與 resume pointer。",
|
||
"blocked_interpretations": [
|
||
"treat_handoff_as_progress_approval",
|
||
"treat_handoff_as_runtime_gate",
|
||
"increase_received_or_accepted_count"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"packet_id": "handoff-required-source-packets",
|
||
"display_order": 2,
|
||
"title": "必讀 source packets",
|
||
"handoff_content": "接手者必須同時讀取 S4.9 Gitea、S4.10 GitHub target、S4.11 refs truth、S4.12 workflow / secret name 四包 owner response snapshot,以及 S4.13 validation rollup 與 security mirror status rollup。",
|
||
"safe_consumer_action": "只把這些檔案當成顯示與人工 review 的上下文來源,不能跳過 source packet preflight。",
|
||
"blocked_interpretations": [
|
||
"accept_owner_response_from_handoff_only",
|
||
"skip_source_packet_preflight",
|
||
"treat_handoff_packet_as_source_of_truth_override"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"packet_id": "handoff-safe-display-fields",
|
||
"display_order": 3,
|
||
"title": "安全顯示欄位",
|
||
"handoff_content": "交接畫面只顯示 lane id、template id、count、waiting / blocked / quarantine 狀態、脫敏 evidence refs、reason code、pointer 與 metadata shape。",
|
||
"safe_consumer_action": "Operator Console 可顯示摘要、缺口、下一個收件項目與 reviewer audit metadata 欄位名稱。",
|
||
"blocked_interpretations": [
|
||
"render_raw_owner_response",
|
||
"render_unredacted_screenshot",
|
||
"render_private_url_or_authorization_header"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"packet_id": "handoff-forbidden-runtime-interpretations",
|
||
"display_order": 4,
|
||
"title": "禁止 runtime 誤讀",
|
||
"handoff_content": "handoff packet 不能被解讀成 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret 變更、Kali scan、GitHub hosted runner 或 GitHub primary switch。",
|
||
"safe_consumer_action": "只顯示禁止事項與 blocked reason,不新增 action button、execution queue 或 runner job。",
|
||
"blocked_interpretations": [
|
||
"create_action_button_from_handoff",
|
||
"enqueue_runtime_job_from_handoff",
|
||
"start_scan_or_repo_action_from_handoff"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"packet_id": "handoff-next-owner-response-focus",
|
||
"display_order": 5,
|
||
"title": "下一個 owner response focus",
|
||
"handoff_content": "下一個建議收件仍是 S4.9 Gitea owner attestation response,需依 5 個 Gitea coverage attestation templates 回覆脫敏 evidence refs。",
|
||
"safe_consumer_action": "AwoooP 只能顯示 next_collection_candidate=S4.9 與 request packet,不得自動催收、代填或接受 response。",
|
||
"blocked_interpretations": [
|
||
"auto_collect_owner_response_from_handoff",
|
||
"mark_s4_9_received_from_handoff",
|
||
"accept_owner_decision_without_redacted_evidence"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"packet_id": "handoff-post-review-followup-gates",
|
||
"display_order": 6,
|
||
"title": "交接後仍需 follow-up gates",
|
||
"handoff_content": "未來即使 owner response 通過,也仍需 redacted payload 驗收、rollback ADR owner approval、逐 repo 人工批准與獨立 runtime gate,才能討論執行層動作。",
|
||
"safe_consumer_action": "接手者只能把後續 gate 顯示為 waiting / approval required,不得把 handoff completion 當成落地完成。",
|
||
"blocked_interpretations": [
|
||
"treat_handoff_complete_as_primary_ready",
|
||
"treat_handoff_complete_as_payload_ingested",
|
||
"treat_handoff_complete_as_runtime_approved"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_reviewer_audit_handoff_checks": [
|
||
{
|
||
"check_id": "check-handoff-packets-visible",
|
||
"display_order": 1,
|
||
"title": "Handoff packets visible before consumption",
|
||
"check_requirement": "AwoooP 只能在 6 個 reviewer audit handoff packets 全部可見後,才顯示 handoff consumption check 狀態。",
|
||
"safe_result": "display_handoff_check_waiting_not_consumed",
|
||
"blocked_interpretations": [
|
||
"consume_handoff_before_packets_visible",
|
||
"treat_handoff_check_as_runtime_ready",
|
||
"hide_missing_handoff_packet"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-handoff-counters-remain-zero",
|
||
"display_order": 2,
|
||
"title": "Counters remain zero",
|
||
"check_requirement": "handoff checks 通過也不能增加 received_response_count、accepted_response_count、reviewer_audit_events_emitted、primary_ready_count 或 active_runtime_gate_count。",
|
||
"safe_result": "handoff_counter_snapshot_only",
|
||
"blocked_interpretations": [
|
||
"treat_handoff_check_pass_as_owner_response_received",
|
||
"treat_handoff_check_pass_as_owner_response_accepted",
|
||
"treat_handoff_check_pass_as_audit_event_emitted",
|
||
"treat_handoff_check_pass_as_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-handoff-source-packets-required",
|
||
"display_order": 3,
|
||
"title": "Source packets required before review",
|
||
"check_requirement": "接手者必須先讀 S4.9、S4.10、S4.11、S4.12 四包 owner response source packets 與 S4.13 rollup,不能只靠 handoff 摘要接受 response。",
|
||
"safe_result": "source_packet_preflight_required",
|
||
"blocked_interpretations": [
|
||
"accept_owner_response_from_handoff_only",
|
||
"skip_source_packet_preflight",
|
||
"override_source_packet_from_handoff"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-handoff-safe-display-only",
|
||
"display_order": 4,
|
||
"title": "Safe display fields only",
|
||
"check_requirement": "handoff consumption 只能顯示 lane id、template id、count、狀態、脫敏 evidence refs、reason code、pointer 與 metadata shape。",
|
||
"safe_result": "safe_display_only",
|
||
"blocked_interpretations": [
|
||
"render_raw_owner_response",
|
||
"render_unredacted_screenshot",
|
||
"render_authorization_header_or_private_url"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-handoff-runtime-interpretations-blocked",
|
||
"display_order": 5,
|
||
"title": "Runtime interpretations blocked",
|
||
"check_requirement": "handoff consumption 不得新增 runtime gate、execution queue、action button、scan request、repo action、refs action、workflow / secret change、runner enablement 或 primary switch。",
|
||
"safe_result": "handoff_runtime_interpretation_blocked",
|
||
"blocked_interpretations": [
|
||
"create_action_button_from_handoff_check",
|
||
"enqueue_runtime_job_from_handoff_check",
|
||
"start_scan_or_repo_action_from_handoff_check",
|
||
"switch_primary_from_handoff_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-handoff-next-focus-not-received",
|
||
"display_order": 6,
|
||
"title": "Next focus remains not received",
|
||
"check_requirement": "handoff checks 只能顯示 next_collection_candidate=S4.9,不能自動催收、代填、標記 received、標記 accepted 或建立 follow-up runtime gate。",
|
||
"safe_result": "next_focus_display_only_not_received",
|
||
"blocked_interpretations": [
|
||
"auto_collect_owner_response_from_handoff_check",
|
||
"mark_s4_9_received_from_handoff_check",
|
||
"mark_s4_9_accepted_from_handoff_check",
|
||
"create_followup_runtime_gate_from_handoff_check"
|
||
],
|
||
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_parallel_session_sync_checks": [
|
||
{
|
||
"check_id": "check-parallel-session-same-pr-branch",
|
||
"display_order": 1,
|
||
"title": "Same PR branch before continuing",
|
||
"check_requirement": "AwoooP 主線與另一個 Security Supply Chain Session 必須先確認正在讀取同一個 PR #117 分支 codex/security-supply-chain-contracts-20260512,且本地與遠端無分歧。",
|
||
"safe_result": "same_branch_read_only_sync_required",
|
||
"blocked_interpretations": [
|
||
"continue_on_unfetched_branch",
|
||
"treat_parallel_session_as_runtime_owner",
|
||
"merge_without_branch_sync"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_sync_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-parallel-session-latest-delta-visible",
|
||
"display_order": 2,
|
||
"title": "Latest delta visible",
|
||
"check_requirement": "接手前必須顯示 latest progress delta,避免另一個 Session 只讀到舊的 handoff packets 或舊 ledger。",
|
||
"safe_result": "latest_delta_display_only",
|
||
"blocked_interpretations": [
|
||
"continue_from_stale_delta",
|
||
"skip_progress_ledger_review",
|
||
"treat_delta_visibility_as_authorization"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_sync_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-parallel-session-owner-response-counters-zero",
|
||
"display_order": 3,
|
||
"title": "Owner response counters remain zero",
|
||
"check_requirement": "同步檢查通過也不得增加 received_response_count、accepted_response_count、reviewer_audit_events_emitted、primary_ready_count 或 active_runtime_gate_count。",
|
||
"safe_result": "parallel_sync_counter_snapshot_only",
|
||
"blocked_interpretations": [
|
||
"treat_parallel_sync_as_owner_response_received",
|
||
"treat_parallel_sync_as_owner_response_accepted",
|
||
"treat_parallel_sync_as_audit_event_emitted",
|
||
"treat_parallel_sync_as_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_sync_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-parallel-session-runtime-flags-false",
|
||
"display_order": 4,
|
||
"title": "Runtime flags stay false",
|
||
"check_requirement": "兩個 Session 同步後仍必須確認 runtime_execution_authorized、repo_creation_authorized、refs_sync_authorized、workflow_modification_authorized、github_primary_switch_authorized 與 action_buttons_allowed 都是 false。",
|
||
"safe_result": "parallel_sync_runtime_flags_false",
|
||
"blocked_interpretations": [
|
||
"treat_sync_complete_as_runtime_authorized",
|
||
"create_action_button_from_parallel_sync",
|
||
"enqueue_runtime_job_from_parallel_sync",
|
||
"start_kali_or_repo_action_from_parallel_sync"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_sync_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-parallel-session-source-control-mutations-blocked",
|
||
"display_order": 5,
|
||
"title": "Source-control mutations blocked",
|
||
"check_requirement": "同步檢查只允許 docs/schema/snapshot/guard 類只讀更新;不得建立 repo、改 visibility、sync/delete refs、force push、改 workflow/secret/runner、切 GitHub primary 或停用 Gitea。",
|
||
"safe_result": "parallel_sync_source_control_mutations_blocked",
|
||
"blocked_interpretations": [
|
||
"create_repo_from_parallel_sync",
|
||
"sync_refs_from_parallel_sync",
|
||
"modify_workflow_or_secret_from_parallel_sync",
|
||
"switch_primary_from_parallel_sync"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_sync_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-parallel-session-next-focus-stays-s4-9",
|
||
"display_order": 6,
|
||
"title": "Next focus stays S4.9",
|
||
"check_requirement": "同步檢查只能顯示 next_collection_candidate=S4.9 Gitea owner attestation response;不得把另一個 Session 的接手視為催收、代填、received、accepted 或 follow-up runtime gate。",
|
||
"safe_result": "parallel_sync_next_focus_s4_9_display_only",
|
||
"blocked_interpretations": [
|
||
"auto_collect_owner_response_from_parallel_sync",
|
||
"mark_s4_9_received_from_parallel_sync",
|
||
"mark_s4_9_accepted_from_parallel_sync",
|
||
"create_followup_runtime_gate_from_parallel_sync"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_sync_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_parallel_session_conflict_lanes": [
|
||
{
|
||
"lane_id": "conflict-stale-or-diverged-branch",
|
||
"display_order": 1,
|
||
"title": "Stale or diverged PR branch",
|
||
"conflict_condition": "任一 Session 發現本地 HEAD 與 gitea/codex/security-supply-chain-contracts-20260512 不是 0/0 同步,或不是 PR #117 的同一分支。",
|
||
"safe_result": "pause_and_resync_branch_read_only",
|
||
"required_operator_action": "只顯示需要 fetch / rebase planning / 人工確認;不得自動 merge、force push 或覆蓋另一個 Session 的更新。",
|
||
"blocked_actions": [
|
||
"auto_merge_diverged_branch",
|
||
"force_push_to_reconcile_sessions",
|
||
"overwrite_other_session_changes"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "conflict-stale-progress-delta",
|
||
"display_order": 2,
|
||
"title": "Stale progress delta",
|
||
"conflict_condition": "另一個 Session 看到的 latest delta、ledger length 或 LOGBOOK latest entry 與本 rollup 不一致。",
|
||
"safe_result": "refresh_rollup_and_logbook_before_continue",
|
||
"required_operator_action": "只顯示需要重讀 status rollup、LOGBOOK、handoff 與 guard output;不得把舊 delta 當成可繼續工作的授權。",
|
||
"blocked_actions": [
|
||
"continue_from_stale_delta",
|
||
"skip_logbook_refresh",
|
||
"treat_stale_delta_as_authorization"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "conflict-owner-response-counter-drift",
|
||
"display_order": 3,
|
||
"title": "Owner response counter drift",
|
||
"conflict_condition": "任一 Session 看到 received、accepted、reviewer audit emitted、primary ready 或 active runtime gate count 不是 0,且沒有對應 source packet 與人工驗收紀錄。",
|
||
"safe_result": "hold_as_counter_drift_until_evidence_review",
|
||
"required_operator_action": "只顯示 counter drift,需要人工比對 source packet、audit metadata 與 LOGBOOK;不得自動採信或回寫 counter。",
|
||
"blocked_actions": [
|
||
"auto_accept_counter_drift",
|
||
"mark_owner_response_received_without_source_packet",
|
||
"create_runtime_gate_from_counter_drift"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "conflict-runtime-flag-drift",
|
||
"display_order": 4,
|
||
"title": "Runtime flag drift",
|
||
"conflict_condition": "任一 Session 看到 runtime_execution_authorized、repo_creation_authorized、refs_sync_authorized、workflow_modification_authorized、github_primary_switch_authorized 或 action_buttons_allowed 變成 true。",
|
||
"safe_result": "block_runtime_flag_drift_for_manual_review",
|
||
"required_operator_action": "只顯示 false flag drift 與需人工 review 的欄位;不得建立 action button、runtime queue 或 scan request。",
|
||
"blocked_actions": [
|
||
"treat_true_flag_as_approved",
|
||
"create_action_button_from_flag_drift",
|
||
"enqueue_runtime_job_from_flag_drift"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "conflict-source-control-mutation-request",
|
||
"display_order": 5,
|
||
"title": "Source-control mutation request",
|
||
"conflict_condition": "任一 Session 或外部要求把同步檢查結果轉成 repo creation、visibility change、refs sync/delete/force push、workflow/secret/runner change、Gitea disable 或 GitHub primary switch。",
|
||
"safe_result": "reject_mutation_request_in_mirror_phase",
|
||
"required_operator_action": "只顯示拒收原因、blocked action summary 與仍需 owner response / runtime gate;不得排入執行。",
|
||
"blocked_actions": [
|
||
"create_repo_from_conflict_lane",
|
||
"sync_refs_from_conflict_lane",
|
||
"modify_workflow_secret_runner_from_conflict_lane",
|
||
"disable_gitea_or_switch_primary_from_conflict_lane"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "conflict-next-focus-drift",
|
||
"display_order": 6,
|
||
"title": "Next focus drift",
|
||
"conflict_condition": "任一 Session 看到 next_collection_candidate 不是 S4.9,或把 S4.10 / S4.11 / S4.12 提前當成可 accepted。",
|
||
"safe_result": "restore_next_focus_to_s4_9_display_only",
|
||
"required_operator_action": "只顯示需回到 S4.9 Gitea owner attestation response 的收件順序;不得催收、代填、標記 received/accepted 或建立 follow-up runtime gate。",
|
||
"blocked_actions": [
|
||
"auto_collect_owner_response_from_focus_drift",
|
||
"mark_later_lane_accepted_from_focus_drift",
|
||
"create_followup_runtime_gate_from_focus_drift"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_parallel_session_recovery_checks": [
|
||
{
|
||
"check_id": "check-recovery-fetch-and-compare-branch",
|
||
"display_order": 1,
|
||
"title": "Fetch and compare branch before recovery",
|
||
"check_requirement": "命中 conflict lane 後,AwoooP 與另一個 Session 必須先顯示 git fetch 後的 HEAD 對 gitea/codex/security-supply-chain-contracts-20260512 為 0/0;若不是 0/0,只能停下請人工判定。",
|
||
"safe_result": "recovery_branch_compare_read_only",
|
||
"blocked_interpretations": [
|
||
"auto_rebase_after_conflict",
|
||
"auto_merge_after_conflict",
|
||
"force_push_after_conflict"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-recovery-read-latest-ledger",
|
||
"display_order": 2,
|
||
"title": "Read latest ledger and LOGBOOK",
|
||
"check_requirement": "復原前必須重新讀取 status rollup latest delta、progress_delta_ledger length、LOGBOOK latest entry 與 handoff summary;不得從衝突前的舊上下文繼續。",
|
||
"safe_result": "recovery_latest_ledger_read_only",
|
||
"blocked_interpretations": [
|
||
"continue_from_pre_conflict_context",
|
||
"skip_logbook_after_conflict",
|
||
"treat_ledger_read_as_authorization"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-recovery-rerun-readonly-guards",
|
||
"display_order": 3,
|
||
"title": "Rerun read-only guards",
|
||
"check_requirement": "復原前必須重跑 source-control-owner-response guard 與 security-mirror-progress guard;guard pass 只代表 snapshot 邊界一致,不代表 owner response、runtime gate 或 source-control mutation 授權。",
|
||
"safe_result": "recovery_guards_pass_display_only",
|
||
"blocked_interpretations": [
|
||
"treat_guard_pass_as_owner_response",
|
||
"treat_guard_pass_as_runtime_gate",
|
||
"treat_guard_pass_as_primary_approval"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-recovery-review-staged-diff-only",
|
||
"display_order": 4,
|
||
"title": "Review staged diff before continuing",
|
||
"check_requirement": "若復原後有 staged 或 unstaged diff,只能顯示 docs/schema/snapshot/guard 類只讀變更;不得把別的 Session 的變更覆蓋、丟棄或自動合併。",
|
||
"safe_result": "recovery_diff_review_read_only",
|
||
"blocked_interpretations": [
|
||
"overwrite_other_session_changes",
|
||
"drop_unreviewed_changes",
|
||
"stage_runtime_or_secret_change_from_recovery"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-recovery-keep-runtime-flags-false",
|
||
"display_order": 5,
|
||
"title": "Keep runtime flags false after recovery",
|
||
"check_requirement": "復原後仍必須確認 runtime_execution_authorized、repo_creation_authorized、refs_sync_authorized、workflow_modification_authorized、github_primary_switch_authorized 與 action_buttons_allowed 全部為 false。",
|
||
"safe_result": "recovery_runtime_flags_false",
|
||
"blocked_interpretations": [
|
||
"create_action_button_after_recovery",
|
||
"enqueue_runtime_job_after_recovery",
|
||
"start_kali_or_repo_action_after_recovery"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "check-recovery-record-next-focus-s4-9",
|
||
"display_order": 6,
|
||
"title": "Record next focus remains S4.9",
|
||
"check_requirement": "復原完成後只能把 next_collection_candidate 顯示為 S4.9 Gitea owner attestation response;不得把復原完成視為催收、代填、received、accepted 或 follow-up runtime gate。",
|
||
"safe_result": "recovery_next_focus_s4_9_display_only",
|
||
"blocked_interpretations": [
|
||
"auto_collect_owner_response_after_recovery",
|
||
"mark_s4_9_received_after_recovery",
|
||
"create_followup_runtime_gate_after_recovery"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_check_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_validation_parallel_session_recovery_outcome_lanes": [
|
||
{
|
||
"lane_id": "outcome-recovery-ready-readonly",
|
||
"display_order": 1,
|
||
"title": "Recovery ready for read-only continuation",
|
||
"outcome_condition": "branch compare 為 0/0、latest ledger / LOGBOOK 已重讀、兩個只讀 guard 通過、diff 只含 docs/schema/snapshot/guard 類更新、false flags 仍為 false,且 next_collection_candidate 仍是 S4.9。",
|
||
"safe_result": "continue_read_only_from_latest_head",
|
||
"allowed_next_step": "只允許在最新 HEAD 上繼續下一個 mirror-only docs/schema/snapshot/guard 階段;不得把 recovery ready 視為 owner response received、accepted 或 runtime gate。",
|
||
"blocked_interpretations": [
|
||
"treat_recovery_ready_as_merge_approval",
|
||
"treat_recovery_ready_as_owner_response",
|
||
"treat_recovery_ready_as_runtime_gate"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "outcome-recovery-branch-still-diverged",
|
||
"display_order": 2,
|
||
"title": "Branch still diverged after fetch",
|
||
"outcome_condition": "git fetch 後本地 HEAD 與遠端 PR 分支仍不是 0/0,或不是 codex/security-supply-chain-contracts-20260512 同一分支。",
|
||
"safe_result": "pause_for_manual_branch_review",
|
||
"allowed_next_step": "停下並只顯示分支分歧狀態;人工判定前不得 rebase、merge、force push、覆蓋或丟棄另一個 Session 的變更。",
|
||
"blocked_interpretations": [
|
||
"auto_rebase_still_diverged_branch",
|
||
"auto_merge_still_diverged_branch",
|
||
"force_push_still_diverged_branch"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "outcome-recovery-ledger-still-stale",
|
||
"display_order": 3,
|
||
"title": "Ledger or handoff still stale",
|
||
"outcome_condition": "latest delta、progress_delta_ledger length、LOGBOOK latest entry 或 AwoooP handoff summary 仍不一致。",
|
||
"safe_result": "pause_and_reread_handoff_sources",
|
||
"allowed_next_step": "只允許重讀 rollup、LOGBOOK、handoff 與 guard output;不得從舊上下文繼續,也不得標記任何 owner response received/accepted。",
|
||
"blocked_interpretations": [
|
||
"continue_from_stale_ledger",
|
||
"skip_latest_logbook_after_recovery",
|
||
"mark_response_received_from_stale_handoff"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "outcome-recovery-guard-failed",
|
||
"display_order": 4,
|
||
"title": "Read-only guard failed",
|
||
"outcome_condition": "source-control-owner-response guard、security-mirror-progress guard、JSON parse 或 targeted jq 任一失敗。",
|
||
"safe_result": "block_recovery_until_snapshot_fixed",
|
||
"allowed_next_step": "只允許修正 docs/schema/snapshot/guard 的一致性或更新證據;不得把 guard failed 轉成 runtime action、source-control mutation 或人工批准。",
|
||
"blocked_interpretations": [
|
||
"ignore_guard_failure",
|
||
"treat_guard_failure_as_runtime_incident",
|
||
"open_action_button_from_guard_failure"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "outcome-recovery-diff-out-of-scope",
|
||
"display_order": 5,
|
||
"title": "Diff out of mirror-only scope",
|
||
"outcome_condition": "staged 或 unstaged diff 含 runtime code、workflow、secret、runner、refs、deploy、Kali execute、GitHub primary 或 Gitea disable 相關變更。",
|
||
"safe_result": "quarantine_diff_for_human_review",
|
||
"allowed_next_step": "只允許把 out-of-scope diff 標示給人工 review;不得自動 stage、commit、push、丟棄、套用或合併。",
|
||
"blocked_interpretations": [
|
||
"stage_out_of_scope_diff",
|
||
"commit_out_of_scope_diff",
|
||
"drop_out_of_scope_diff_without_review"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "outcome-recovery-runtime-flag-drift",
|
||
"display_order": 6,
|
||
"title": "Runtime flag drift after recovery",
|
||
"outcome_condition": "runtime_execution_authorized、repo_creation_authorized、refs_sync_authorized、workflow_modification_authorized、github_primary_switch_authorized 或 action_buttons_allowed 任一變成 true。",
|
||
"safe_result": "block_runtime_interpretation_and_review_flags",
|
||
"allowed_next_step": "只允許回查是哪個 snapshot 或文件讓 false flag 漂移;人工批准前不得建立 action button、runtime queue 或 source-control operation。",
|
||
"blocked_interpretations": [
|
||
"accept_runtime_flag_drift",
|
||
"create_action_button_from_flag_drift",
|
||
"enqueue_runtime_job_from_flag_drift"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"lane_id": "outcome-recovery-next-focus-drift",
|
||
"display_order": 7,
|
||
"title": "Next focus drift after recovery",
|
||
"outcome_condition": "復原後 next_collection_candidate 不是 S4.9,或 S4.10 / S4.11 / S4.12 被提前視為 received / accepted。",
|
||
"safe_result": "restore_s4_9_display_only_focus",
|
||
"allowed_next_step": "只允許把下一個 owner response focus 顯示回 S4.9 Gitea owner attestation response;不得催收、代填、標記 received/accepted 或建立 follow-up runtime gate。",
|
||
"blocked_interpretations": [
|
||
"advance_next_focus_without_owner_response",
|
||
"mark_later_packet_received_after_recovery",
|
||
"create_followup_gate_from_focus_drift"
|
||
],
|
||
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"readiness_effects": [
|
||
{
|
||
"effect_id": "gitea_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.9 request packet 已顯示、template status ledger / audit event templates / redaction examples / display sections / collection checks 已確認 request / received / accepted 分離,audit events emitted=0,且 5 個 response templates 全部接受;S4.6 redacted payload 仍需另外驗收。",
|
||
"allowed_update": "只更新 Gitea coverage matrix、owner / canonical disposition 與 readiness wording;gitea_repo_inventory_v1 仍不得直接標記 ok。",
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"effect_id": "github_target_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.10 7 個 target response 全部接受。",
|
||
"allowed_update": "只更新 GitHub target decision table、repo approval package 與 primary readiness blocker wording。",
|
||
"still_forbidden": [
|
||
"create_github_repo",
|
||
"change_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"effect_id": "ref_truth_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.11 request packet 已顯示,template status ledger 已維持 request / received / accepted 分離,audit event templates 維持 0 emitted,redaction examples 未被當成 response,collection checks 未被當成 approval,intake preflight checks 未被當成 execution authorization,5 個 lane response 全部接受,且 batch scope 可重現。",
|
||
"allowed_update": "只更新 ref truth classification disposition 與 draft reconcile plan wording。",
|
||
"still_forbidden": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"effect_id": "workflow_secret_owner_response_accepted",
|
||
"when_all_checks_pass": "S4.12 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 只作顯示,5 個 workflow / secret lanes 全部接受,且所有 evidence 已脫敏。",
|
||
"allowed_update": "只更新 workflow / secret name inventory、redacted export request 與 readiness wording。",
|
||
"still_forbidden": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"allowed_outputs": [
|
||
"mirror_owner_response_validation_rollup",
|
||
"display_cross_packet_counts",
|
||
"display_missing_owner_response_lanes",
|
||
"display_next_collection_candidate",
|
||
"display_owner_response_evidence_routing_rules",
|
||
"display_owner_response_validation_sections",
|
||
"display_owner_response_validation_state_transition_rules",
|
||
"display_owner_response_validation_reviewer_checklist",
|
||
"display_owner_response_validation_reviewer_outcome_lanes",
|
||
"display_owner_response_validation_reviewer_audit_event_templates",
|
||
"display_owner_response_validation_reviewer_audit_display_sections",
|
||
"display_owner_response_validation_reviewer_audit_collection_checks",
|
||
"display_owner_response_validation_reviewer_audit_redaction_examples",
|
||
"display_owner_response_validation_reviewer_audit_retention_rules",
|
||
"display_owner_response_validation_reviewer_audit_retention_checks",
|
||
"display_owner_response_validation_reviewer_audit_handoff_packets",
|
||
"display_owner_response_validation_reviewer_audit_handoff_checks",
|
||
"display_owner_response_validation_parallel_session_sync_checks",
|
||
"display_owner_response_validation_parallel_session_conflict_lanes",
|
||
"display_owner_response_validation_parallel_session_recovery_checks",
|
||
"display_owner_response_validation_parallel_session_recovery_outcome_lanes",
|
||
"route_invalid_response_to_quarantine",
|
||
"update_read_only_readiness_wording_after_accepted_response"
|
||
],
|
||
"missing_response_lanes": [
|
||
{
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"source_contract": "gitea_inventory_owner_attestation_response_v1",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.9 owner response request packet 回覆 5 個 Gitea coverage attestation items;AwoooP 需用 template status ledger / audit event templates / redaction examples / display sections / collection checks 逐項追蹤,且只能引用脫敏 evidence refs。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"lane_id": "s4_10_github_target_owner_decision_response",
|
||
"source_contract": "github_target_owner_decision_response_v1",
|
||
"response_template_count": 7,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 7 個 GitHub target 的 owner / visibility / canonical disposition。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"lane_id": "s4_11_ref_truth_owner_response",
|
||
"source_contract": "source_control_ref_truth_owner_response_v1",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 refs truth、deprecated drift、release tags 與 GitHub-only refs disposition。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"lane_id": "s4_12_workflow_secret_name_owner_response",
|
||
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"current_status": "waiting_owner_response",
|
||
"next_owner_action": "Owner 需依 S4.12 request packet、template status ledger、audit event templates、redaction examples、collection checks 與 intake preflight checks 回覆 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 的脫敏狀態;template status ledger 會維持 waiting、audit event templates 維持 0 emitted、redaction examples 只作參考,直到實際收到脫敏 response。",
|
||
"awooop_display_mode": "observe_missing_response",
|
||
"still_forbidden": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"owner_response_collection_order": [
|
||
{
|
||
"order": 1,
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"reason": "先確認 Gitea 覆蓋範圍與 canonical owner,避免後續 GitHub target / refs 判定建立在不完整 inventory 上。",
|
||
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"minimum_response": [
|
||
"public-only/local gap disposition",
|
||
"org/user endpoint disposition",
|
||
"110 adjacent source scope",
|
||
"canonical owner",
|
||
"legacy/inaccessible disposition"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"order": 2,
|
||
"lane_id": "s4_10_github_target_owner_decision_response",
|
||
"reason": "再確認 GitHub target owner / visibility / canonical,避免 not_found_or_private 被誤解成可直接建立 repo。",
|
||
"required_packet": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
|
||
"minimum_response": [
|
||
"repo owner",
|
||
"target visibility",
|
||
"canonical target disposition",
|
||
"not_found_or_private handling"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"create_github_repo",
|
||
"change_repo_visibility",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"order": 3,
|
||
"lane_id": "s4_11_ref_truth_owner_response",
|
||
"reason": "GitHub target owner / visibility 明確後,再判定 branch / tag 真相來源,避免 refs sync 或 delete 被提前誤用。",
|
||
"required_packet": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
|
||
"minimum_response": [
|
||
"main/dev truth disposition",
|
||
"deprecated drift disposition",
|
||
"release tag retention",
|
||
"GitHub-only refs disposition"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"fetch_refs",
|
||
"push_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
{
|
||
"order": 4,
|
||
"lane_id": "s4_12_workflow_secret_name_owner_response",
|
||
"reason": "最後補 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱 parity,避免 secret 或 runner 變更早於 source truth。",
|
||
"required_packet": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
|
||
"minimum_response": [
|
||
"webhook redacted state",
|
||
"runner label owner",
|
||
"deploy key redacted state",
|
||
"branch protection / CODEOWNERS state",
|
||
"repository secret name parity"
|
||
],
|
||
"awooop_action": "display_next_collection_item",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"still_forbidden": [
|
||
"store_secret_value",
|
||
"modify_workflow",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary"
|
||
]
|
||
}
|
||
],
|
||
"next_collection_candidate": {
|
||
"order": 1,
|
||
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
|
||
"display_status": "next_owner_response_required",
|
||
"source_contract": "gitea_inventory_owner_attestation_response_v1",
|
||
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
|
||
"required_response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"minimum_response": [
|
||
"public-only/local gap disposition",
|
||
"org/user endpoint disposition",
|
||
"110 adjacent source scope",
|
||
"canonical owner",
|
||
"legacy/inaccessible disposition"
|
||
],
|
||
"awooop_display_mode": "display_next_collection_item_only",
|
||
"why_next": "S4.9 是後續 GitHub target、refs truth 與 workflow / secret parity 判定的前置 scope / canonical owner 來源;未收到前不得推進後續 source-control owner response 接受狀態。",
|
||
"blocked_until_received": true,
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"store_token_value",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"switch_github_primary"
|
||
]
|
||
},
|
||
"latest_local_validation": {
|
||
"status": "repo_snapshot_guard_pass",
|
||
"date": "2026-06-04",
|
||
"scope": "repo_snapshot_only",
|
||
"command": "python3 scripts/security/source-control-owner-response-guard.py --root .",
|
||
"result": "SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK",
|
||
"validated_lanes": [
|
||
"s4_9_gitea_inventory_owner_attestation_response",
|
||
"s4_10_github_target_owner_decision_response",
|
||
"s4_11_ref_truth_owner_response",
|
||
"s4_12_workflow_secret_name_owner_response"
|
||
],
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"runtime_actions_authorized": false,
|
||
"repo_or_refs_actions_authorized": false,
|
||
"workflow_or_secret_actions_authorized": false,
|
||
"not_authorization": true
|
||
},
|
||
"forbidden_actions": [
|
||
"runtime_execution",
|
||
"store_token_or_secret_value",
|
||
"use_write_token",
|
||
"create_repo",
|
||
"change_repo_visibility",
|
||
"write_gitea_repo",
|
||
"sync_refs",
|
||
"delete_refs",
|
||
"force_push",
|
||
"modify_workflow_or_secret",
|
||
"enable_runner",
|
||
"enable_github_hosted_runner",
|
||
"switch_github_primary",
|
||
"add_action_button"
|
||
]
|
||
}
|