1011 lines
43 KiB
JSON
1011 lines
43 KiB
JSON
{
|
||
"schema_version": "source_control_ref_truth_owner_response_v1",
|
||
"status": "draft_waiting_owner_response",
|
||
"date": "2026-06-04",
|
||
"mode": "owner_ref_truth_response_intake_only",
|
||
"runtime_execution_authorized": false,
|
||
"source_contract": "source_control_ref_truth_classification_v1",
|
||
"target_contract": "source_control_reconcile_plan_v1",
|
||
"source_indexes": [
|
||
"docs/security/source-control-ref-truth-classification.snapshot.json",
|
||
"docs/security/source-control-ref-detail-diff.snapshot.json",
|
||
"docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md",
|
||
"docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md",
|
||
"docs/security/source-control-reconcile-plan.snapshot.json",
|
||
"docs/security/source-control-primary-readiness-gate.snapshot.json",
|
||
"docs/security/security-approval-review-packet.snapshot.json",
|
||
"docs/security/security-followup-runtime-gate.snapshot.json"
|
||
],
|
||
"summary": {
|
||
"owner_response_status": "waiting_owner_response",
|
||
"repo_count": 3,
|
||
"total_ref_review_item_count": 194,
|
||
"manual_truth_required_count": 4,
|
||
"deprecated_candidate_count": 142,
|
||
"release_tag_review_count": 3,
|
||
"github_only_review_count": 20,
|
||
"owner_response_request_packet_count": 1,
|
||
"owner_response_template_status_count": 5,
|
||
"owner_response_audit_event_template_count": 3,
|
||
"owner_response_redaction_example_count": 5,
|
||
"owner_response_collection_check_count": 6,
|
||
"intake_preflight_check_count": 6,
|
||
"response_template_count": 5,
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"acceptance_check_count": 8,
|
||
"rejection_rule_count": 10,
|
||
"refs_sync_authorized": false,
|
||
"refs_delete_authorized": false,
|
||
"force_push_authorized": false,
|
||
"github_primary_switch_authorized": false,
|
||
"secret_value_collection_allowed": false,
|
||
"action_buttons_allowed": false
|
||
},
|
||
"owner_response_request_packet": {
|
||
"request_id": "s4_11_ref_truth_owner_response_request",
|
||
"display_status": "ready_to_request_owner_response",
|
||
"requested_packet": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
|
||
"required_response_item_count": 5,
|
||
"requested_template_ids": [
|
||
"response-main-branch-truth-source",
|
||
"response-active-dev-branch-truth-source",
|
||
"response-drift-deprecated-candidate-batch",
|
||
"response-release-tag-retention",
|
||
"response-github-only-ref-review"
|
||
],
|
||
"owner_instruction_summary": "請 owner 只依 S4.11 五個 templates 回覆 main/dev truth、deprecated drift、release tag retention 與 GitHub-only refs disposition,並只引用脫敏 evidence refs;不要貼 token、secret、private clone URL credential、git object、repo archive、API request body 或任何可執行 refs payload。",
|
||
"allowed_response_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo",
|
||
"ref_name",
|
||
"tag_name",
|
||
"ref_pattern_or_ref_list",
|
||
"truth_source_or_sha",
|
||
"branch_disposition",
|
||
"retention_disposition",
|
||
"github_only_owner",
|
||
"deploy_marker_owner",
|
||
"production_source_owner",
|
||
"rollback_point_owner",
|
||
"workflow_owner",
|
||
"artifact_owner",
|
||
"audit_owner",
|
||
"backfill_candidate_reason",
|
||
"evidence_refs",
|
||
"followup_owner"
|
||
],
|
||
"evidence_ref_rules": [
|
||
"只允許 repo 內既有文件、snapshot 或已脫敏 owner metadata pointer。",
|
||
"main/dev truth 必須逐 repo/ref 標示候選真相來源或補證 owner,不得只寫全域結論。",
|
||
"deprecated candidate 與 backfill candidate 只能是 read-only disposition,不得視為 delete、push 或 sync approval。",
|
||
"release tag 必須指定 artifact、deploy marker、rollback 或補證 owner。",
|
||
"不得提供 token value、secret value、private clone URL credential、cookie、session、deploy key value 或截圖中的敏感值。",
|
||
"不確定是否含敏感值時先走 mirror quarantine,不得直接貼入 response。"
|
||
],
|
||
"forbidden_payloads": [
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"private_clone_url_credential",
|
||
"fetch_refs_request",
|
||
"push_refs_request",
|
||
"delete_refs_request",
|
||
"force_push_request",
|
||
"mirror_sync_request",
|
||
"tag_rewrite_request",
|
||
"branch_rewrite_request",
|
||
"github_primary_switch_request",
|
||
"repo_creation_command",
|
||
"visibility_change_command",
|
||
"repo_archive",
|
||
"git_object_pack",
|
||
"db_dump",
|
||
"api_request_or_response_body",
|
||
"execution_request_payload"
|
||
],
|
||
"allowed_submission_modes": [
|
||
"markdown_table_redacted_metadata",
|
||
"json_redacted_metadata_pointer",
|
||
"existing_repo_doc_reference",
|
||
"awooop_manual_review_note"
|
||
],
|
||
"awooop_display_mode": "display_owner_response_request_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"不 fetch refs",
|
||
"不 push refs",
|
||
"不 delete refs",
|
||
"不 force push",
|
||
"不 rewrite branch 或 tag",
|
||
"不切 GitHub primary",
|
||
"不建立 repo 或修改 visibility",
|
||
"不停用、刪除、封存或降級 Gitea repo",
|
||
"不保存 secret / token / private key / cookie / session / deploy key value",
|
||
"不新增 AwoooP execution action button"
|
||
]
|
||
},
|
||
"owner_response_template_statuses": [
|
||
{
|
||
"template_id": "response-main-branch-truth-source",
|
||
"lane": "main_truth_required",
|
||
"display_order": 1,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需逐 repo 回覆 main branch truth source、deploy marker owner、production source owner 與 rollback point owner;不得把 request ready 當成 refs sync approval。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"不 fetch refs",
|
||
"不 push refs",
|
||
"不 delete refs",
|
||
"不 force push",
|
||
"不切 GitHub primary"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-active-dev-branch-truth-source",
|
||
"lane": "active_branch_truth_required",
|
||
"display_order": 2,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需回覆 `wooo/awoooi dev` 是否仍為 active workflow、legacy candidate 或需補 workflow owner;不得把 legacy candidate 當成 delete approval。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"不 fetch refs",
|
||
"不 push refs",
|
||
"不 delete refs",
|
||
"不 force push",
|
||
"不 rewrite branch"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-drift-deprecated-candidate-batch",
|
||
"lane": "archive_or_deprecate_candidate",
|
||
"display_order": 3,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需回覆 `drift/adopt-*` batch 的 deprecated、audit retention 或 split batch disposition;不得把 deprecated candidate 當成 prune/delete approval。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"不 prune refs",
|
||
"不 delete refs",
|
||
"不 force push",
|
||
"不把 batch disposition 當執行批准"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-release-tag-retention",
|
||
"lane": "release_tag_missing_on_github",
|
||
"display_order": 4,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需回覆 release tag retention、artifact owner 與 deploy marker owner;不得把 tag retention 當成 tag push、rewrite 或 delete approval。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"不 push tag",
|
||
"不 rewrite tag",
|
||
"不 delete tag",
|
||
"不切 GitHub primary"
|
||
]
|
||
},
|
||
{
|
||
"template_id": "response-github-only-ref-review",
|
||
"lane": "github_only_manual_review",
|
||
"display_order": 5,
|
||
"collection_status": "waiting_owner_response",
|
||
"request_status": "request_ready_not_sent",
|
||
"received_response_count": 0,
|
||
"accepted_response_count": 0,
|
||
"rejected_response_count": 0,
|
||
"latest_outcome_lane": "keep_waiting_owner_response",
|
||
"next_owner_action": "Owner 需回覆 GitHub-only branch / UAT tags 的保留、backfill candidate、legacy 或補證 owner;不得把 backfill candidate 當成 push approval。",
|
||
"awooop_display_mode": "display_template_status_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true,
|
||
"still_forbidden": [
|
||
"不 push refs",
|
||
"不 delete GitHub-only refs",
|
||
"不 backfill refs",
|
||
"不切 GitHub primary"
|
||
]
|
||
}
|
||
],
|
||
"owner_response_audit_event_templates": [
|
||
{
|
||
"event_template_id": "audit-ref-truth-response-request-shown",
|
||
"display_order": 1,
|
||
"event_status": "template_only_not_emitted",
|
||
"trigger": "AwoooP 顯示 S4.11 refs truth owner response request packet 時。",
|
||
"purpose": "只記錄 request packet 已可顯示或已顯示的 metadata,不代表 request 已送出、owner response 已收到或 refs action 已授權。",
|
||
"allowed_metadata_fields": [
|
||
"event_template_id",
|
||
"request_id",
|
||
"requested_template_ids",
|
||
"source_contract",
|
||
"target_contract",
|
||
"displayed_by_role",
|
||
"displayed_at_taipei",
|
||
"source_document_ref"
|
||
],
|
||
"forbidden_payloads": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"private_clone_url_credential",
|
||
"fetch_refs_request",
|
||
"push_refs_request",
|
||
"delete_refs_request",
|
||
"force_push_request",
|
||
"mirror_sync_request",
|
||
"tag_rewrite_request",
|
||
"branch_rewrite_request",
|
||
"github_primary_switch_request",
|
||
"repo_archive",
|
||
"git_object_pack",
|
||
"db_dump",
|
||
"api_request_or_response_body",
|
||
"execution_request_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-ref-truth-response-received-metadata",
|
||
"display_order": 2,
|
||
"event_status": "template_only_not_emitted",
|
||
"trigger": "Owner 提供 S4.11 refs truth response metadata pointer 時。",
|
||
"purpose": "只記錄 response 已收到的脫敏 metadata pointer;不得保存 response 原文、git object、repo archive、API raw body 或敏感 payload。",
|
||
"allowed_metadata_fields": [
|
||
"event_template_id",
|
||
"template_id",
|
||
"lane",
|
||
"repo",
|
||
"ref_name_or_pattern",
|
||
"owner_role_or_team",
|
||
"received_at_taipei",
|
||
"redacted_evidence_refs",
|
||
"source_document_ref"
|
||
],
|
||
"forbidden_payloads": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"private_clone_url_credential",
|
||
"fetch_refs_request",
|
||
"push_refs_request",
|
||
"delete_refs_request",
|
||
"force_push_request",
|
||
"mirror_sync_request",
|
||
"tag_rewrite_request",
|
||
"branch_rewrite_request",
|
||
"github_primary_switch_request",
|
||
"repo_archive",
|
||
"git_object_pack",
|
||
"db_dump",
|
||
"api_request_or_response_body",
|
||
"execution_request_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"event_template_id": "audit-ref-truth-response-outcome-classified",
|
||
"display_order": 3,
|
||
"event_status": "template_only_not_emitted",
|
||
"trigger": "AwoooP 依 S4.11 acceptance checks 與 rejection rules 分類 refs truth owner response 時。",
|
||
"purpose": "只記錄分類結果與下一步提示;不得把 outcome、owner wording 或單項 response 當成 refs sync、delete、force push、backfill、tag rewrite 或 GitHub primary 授權。",
|
||
"allowed_metadata_fields": [
|
||
"event_template_id",
|
||
"template_id",
|
||
"lane",
|
||
"repo",
|
||
"ref_name_or_pattern",
|
||
"collection_status",
|
||
"latest_outcome_lane",
|
||
"next_owner_action",
|
||
"classified_at_taipei",
|
||
"classified_by_role"
|
||
],
|
||
"forbidden_payloads": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_key",
|
||
"cookie_or_session",
|
||
"private_clone_url_credential",
|
||
"fetch_refs_request",
|
||
"push_refs_request",
|
||
"delete_refs_request",
|
||
"force_push_request",
|
||
"mirror_sync_request",
|
||
"tag_rewrite_request",
|
||
"branch_rewrite_request",
|
||
"github_primary_switch_request",
|
||
"repo_archive",
|
||
"git_object_pack",
|
||
"db_dump",
|
||
"api_request_or_response_body",
|
||
"execution_request_payload"
|
||
],
|
||
"emitted_event_count": 0,
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_audit_template_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_redaction_examples": [
|
||
{
|
||
"example_id": "redaction-ref-truth-existing-doc-ref",
|
||
"display_order": 1,
|
||
"example_status": "template_example_only",
|
||
"category": "ref_truth_existing_document_reference",
|
||
"safe_response_shape": [
|
||
"template_id=response-main-branch-truth-source",
|
||
"repo=wooo/awoooi",
|
||
"ref_name=main",
|
||
"decision=hold_pending_deploy_marker",
|
||
"evidence_refs=[docs/security/source-control-ref-truth-classification.snapshot.json, docs/security/source-control-primary-readiness-gate.snapshot.json]",
|
||
"decision_reason=引用既有 snapshot 與 readiness blocker,不貼 git object、repo archive 或 API raw body"
|
||
],
|
||
"required_redactions": [
|
||
"外部 evidence 只保留 repo 內文件路徑、snapshot 路徑或已脫敏 metadata pointer",
|
||
"若引用 commit 或 deploy marker,只能寫短 SHA、文件 ref 或 owner metadata,不貼完整 object pack",
|
||
"不得貼完整 API request/response body、private clone URL、token 或 repo archive"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"token_value",
|
||
"secret_value",
|
||
"private_clone_url_credential",
|
||
"api_request_or_response_body",
|
||
"repo_archive",
|
||
"git_object_pack"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-main-branch-truth-metadata",
|
||
"display_order": 2,
|
||
"example_status": "template_example_only",
|
||
"category": "main_branch_truth_source_metadata",
|
||
"safe_response_shape": [
|
||
"owner_role_or_team=repo-owner-or-platform-team",
|
||
"repo=wooo/clawbot-v5",
|
||
"ref_name=main",
|
||
"truth_source_or_sha=short_sha_or_existing_snapshot_ref",
|
||
"deploy_marker_owner=platform-ops",
|
||
"rollback_point_owner=release-owner"
|
||
],
|
||
"required_redactions": [
|
||
"truth_source_or_sha 只能填短 SHA、既有 snapshot ref 或補證 owner,不貼完整 git object",
|
||
"owner 欄位只寫角色或團隊,不寫密碼、session、one-time code、token 或個人敏感資訊",
|
||
"deploy / rollback 說明只代表 owner metadata,不代表 push、tag rewrite、primary switch 或 rollback 執行"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"password",
|
||
"cookie",
|
||
"session",
|
||
"one_time_code",
|
||
"deploy_key_value",
|
||
"approval_phrase_as_execution_authorization"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-deprecated-batch-disposition",
|
||
"display_order": 3,
|
||
"example_status": "template_example_only",
|
||
"category": "deprecated_ref_batch_disposition",
|
||
"safe_response_shape": [
|
||
"template_id=response-drift-deprecated-candidate-batch",
|
||
"repo=wooo/awoooi",
|
||
"ref_pattern_or_ref_list=drift/adopt-*",
|
||
"decision=mark_deprecated_candidate",
|
||
"retention_owner=audit-owner",
|
||
"audit_or_rollback_use=metadata_only"
|
||
],
|
||
"required_redactions": [
|
||
"批次範圍必須可重現,但只能用 ref pattern、count 或已脫敏 ref list,不貼 object pack",
|
||
"deprecated candidate 只代表 read-only disposition,不代表 prune、delete refs 或 force push approval",
|
||
"若需要拆批,回覆 split_batch_requires_more_evidence 並引用 repo 內 snapshot 或 redacted metadata pointer"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"git_object_pack",
|
||
"repo_archive",
|
||
"prune_refs_command",
|
||
"delete_refs_command",
|
||
"force_push_command",
|
||
"mirror_sync_request"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-release-tag-retention-metadata",
|
||
"display_order": 4,
|
||
"example_status": "template_example_only",
|
||
"category": "release_tag_retention_metadata",
|
||
"safe_response_shape": [
|
||
"template_id=response-release-tag-retention",
|
||
"repo=wooo/awoooi",
|
||
"tag_name=v2026-redacted",
|
||
"decision=keep_release_tag_candidate",
|
||
"artifact_owner=release-owner",
|
||
"rollback_point_owner=platform-ops",
|
||
"evidence_refs=[docs/security/source-control-ref-detail-diff.snapshot.json]"
|
||
],
|
||
"required_redactions": [
|
||
"tag name 與 artifact owner 只能作 retention metadata,不代表 tag push、rewrite 或 delete approval",
|
||
"artifact evidence 只引用 repo 內文件或 redacted metadata pointer,不貼 artifact binary、archive 或 secret",
|
||
"若缺 artifact owner,應回覆 hold_pending_artifact_owner,不可用同意字樣補成執行批准"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"artifact_binary",
|
||
"repo_archive",
|
||
"tag_push_command",
|
||
"tag_rewrite_command",
|
||
"delete_tag_command",
|
||
"secret_value"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"example_id": "redaction-ref-truth-quarantine-pointer",
|
||
"display_order": 5,
|
||
"example_status": "template_example_only",
|
||
"category": "uncertain_sensitive_ref_truth_payload",
|
||
"safe_response_shape": [
|
||
"collection_status=quarantine_sensitive_payload",
|
||
"quarantine_reason=疑似含 token、private clone URL credential、git object pack、repo archive、API raw body 或未脫敏截圖",
|
||
"raw_payload_stored_in_repo=false",
|
||
"next_owner_action=request_redacted_metadata_pointer"
|
||
],
|
||
"required_redactions": [
|
||
"不確定是否含敏感值時先產生 quarantine pointer",
|
||
"只留下原因、來源類型、責任 owner 與下一步,不留下原文",
|
||
"解除 quarantine 前不得更新 received / accepted count、classification wording 或 reconcile plan wording"
|
||
],
|
||
"forbidden_raw_values": [
|
||
"owner_response_raw_body",
|
||
"token_value",
|
||
"secret_value",
|
||
"private_clone_url_credential",
|
||
"credential_file",
|
||
"git_object_pack",
|
||
"repo_archive",
|
||
"execution_request_payload"
|
||
],
|
||
"stored_raw_payload_allowed": false,
|
||
"awooop_display_mode": "display_redaction_example_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"owner_response_collection_checks": [
|
||
{
|
||
"check_id": "collection-ref-truth-request-packet-displayed",
|
||
"display_order": 1,
|
||
"title": "已顯示 refs truth owner response request packet",
|
||
"required": true,
|
||
"pass_condition": "AwoooP 必須只顯示 `owner_response_request_packet` 的 5 個 refs truth templates、允許欄位、脫敏 evidence 規則與禁止 payload,不得附加 fetch、push、delete、force push、tag rewrite、backfill 或 primary switch 要求。",
|
||
"failure_lane": "keep_waiting_owner_response",
|
||
"awooop_display": "display_request_packet_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-ref-truth-read-only-submission-mode",
|
||
"display_order": 2,
|
||
"title": "refs truth 收件模式維持 read-only",
|
||
"required": true,
|
||
"pass_condition": "owner 只能用 read-only markdown response、redacted metadata pointer、existing repo doc reference 或 AwoooP manual review note;不得提交 token、repo archive、git object pack、API raw body 或 execution request。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "display_read_only_submission_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-five-ref-truth-template-tracking",
|
||
"display_order": 3,
|
||
"title": "五個 refs truth templates 分開追蹤",
|
||
"required": true,
|
||
"pass_condition": "S4.11 五個 requested_template_ids 必須逐 lane 追蹤 received / accepted / rejected 狀態;不可用單一整體同意取代 main/dev truth、deprecated batch、release tag retention 或 GitHub-only refs disposition。",
|
||
"failure_lane": "request_more_evidence",
|
||
"awooop_display": "display_per_ref_truth_lane_tracking",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-ref-truth-redacted-evidence-only",
|
||
"display_order": 4,
|
||
"title": "只收 refs truth 脫敏 evidence refs",
|
||
"required": true,
|
||
"pass_condition": "收件內容只能包含 repo 內路徑、snapshot path、短 SHA 或已脫敏 metadata pointer;任何不確定是否含 token、private URL credential、secret、repo archive、git object、API raw body 或未脫敏截圖的資料都先進 quarantine。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "display_redacted_evidence_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-ref-truth-no-approval-language",
|
||
"display_order": 5,
|
||
"title": "不得把 refs truth 回覆語意升級成批准",
|
||
"required": true,
|
||
"pass_condition": "即使 owner response 文字包含同意、OK、可進行或批准,也只能視為 truth source、retention 或 disposition response;不得視為 refs sync、delete refs、force push、tag rewrite、backfill 或 GitHub primary approval。",
|
||
"failure_lane": "reject_execution_request",
|
||
"awooop_display": "display_scope_response_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
},
|
||
{
|
||
"check_id": "collection-ref-truth-audit-metadata-only",
|
||
"display_order": 6,
|
||
"title": "只記錄 refs truth audit metadata",
|
||
"required": true,
|
||
"pass_condition": "AwoooP 只能記錄 request shown、response received metadata、template id、lane、repo、ref name 或 pattern、owner role/team、redacted evidence refs 與 outcome lane;不得保存 token value、secret value、private clone URL credential、repo archive、git object pack、API raw body 或可執行 payload。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "display_audit_metadata_only",
|
||
"execution_authorized": false,
|
||
"not_approval": true
|
||
}
|
||
],
|
||
"intake_preflight_checks": [
|
||
{
|
||
"check_id": "preflight-known-ref-truth-lane",
|
||
"display_order": 1,
|
||
"title": "回覆必須對應已知 refs truth lane",
|
||
"required": true,
|
||
"pass_condition": "`template_id` 或 `lane` 必須對應 S4.11 五個 refs truth templates 之一,不得新增未盤點 repo/ref、未分類 branch/tag 或把 GitHub-only/backfill candidate 自動視為可執行。",
|
||
"failure_lane": "request_owner_correction",
|
||
"awooop_display": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-required-ref-truth-owner-fields",
|
||
"display_order": 2,
|
||
"title": "refs truth 必填欄位完整",
|
||
"required": true,
|
||
"pass_condition": "每筆 response 必須有 owner role/team、decision、decision_reason、repo、ref scope、truth source 或 disposition、必要的 deploy/artifact/rollback/workflow owner 與 evidence_refs;批次回覆必須有可重現範圍。",
|
||
"failure_lane": "request_more_evidence",
|
||
"awooop_display": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-allowed-ref-truth-decision",
|
||
"display_order": 3,
|
||
"title": "refs truth decision 在模板允許值內",
|
||
"required": true,
|
||
"pass_condition": "`decision` 必須落在對應 response template 的 acceptable_decisions;口頭同意、整體 OK、可進行或未列出的執行語句都不得進入 accepted。",
|
||
"failure_lane": "request_owner_correction",
|
||
"awooop_display": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-ref-truth-redacted-evidence-only",
|
||
"display_order": 4,
|
||
"title": "只接受 refs truth 脫敏 evidence refs",
|
||
"required": true,
|
||
"pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot、短 SHA 或 owner 提供的脫敏 metadata pointer,不得含 token、secret、cookie、session、private key、private clone URL credential、repo archive、git object pack、API raw body 或未脫敏截圖。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"awooop_display": "quarantine_sensitive_payload",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-no-refs-execution-request",
|
||
"display_order": 5,
|
||
"title": "不得夾帶 refs 執行要求",
|
||
"required": true,
|
||
"pass_condition": "response 不得要求 fetch、push refs、delete refs、force push、mirror sync、tag rewrite、branch rewrite、backfill、GitHub primary switch、repo creation、visibility change、workflow/secret/runner 變更、Kali scan 或任何 runtime action。",
|
||
"failure_lane": "reject_execution_request",
|
||
"awooop_display": "reject_execution_request",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "preflight-all-five-ref-truth-lanes-before-accepted",
|
||
"display_order": 6,
|
||
"title": "接受前需覆蓋五個 refs truth templates",
|
||
"required": true,
|
||
"pass_condition": "S4.11 要被標示 accepted 前,五個 response templates 都必須收到可驗收的 owner response;部分回覆只能維持 waiting、ready_for_owner_review、request_more_evidence 或 quarantine。",
|
||
"failure_lane": "keep_waiting_owner_response",
|
||
"awooop_display": "ready_for_owner_review",
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"response_templates": [
|
||
{
|
||
"template_id": "response-main-branch-truth-source",
|
||
"lane": "main_truth_required",
|
||
"affected_repos": [
|
||
"wooo/awoooi -> owenhytsai/awoooi",
|
||
"wooo/clawbot-v5 -> owenhytsai/clawbot-v5",
|
||
"wooo/wooo-aiops -> owenhytsai/wooo-aiops"
|
||
],
|
||
"risk": "HIGH",
|
||
"covered_item_count": 3,
|
||
"requested_owner_decision": "判定三個 main branch 的真相來源、deploy marker owner、production source owner 與 rollback point owner;維持 refs action disabled。",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo",
|
||
"ref_name",
|
||
"truth_source_or_sha",
|
||
"deploy_marker_owner",
|
||
"production_source_owner",
|
||
"rollback_point_owner",
|
||
"evidence_refs"
|
||
],
|
||
"acceptable_decisions": [
|
||
"choose_gitea_as_truth_candidate",
|
||
"choose_github_as_truth_candidate",
|
||
"choose_specific_sha_as_truth_candidate",
|
||
"hold_pending_deploy_marker",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/source-control-ref-truth-classification.snapshot.json",
|
||
"docs/security/source-control-ref-detail-diff.snapshot.json",
|
||
"docs/security/source-control-primary-readiness-gate.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須逐 repo 標示 main branch 的候選真相來源,不可只寫全域結論。",
|
||
"必須說明 deploy marker、production source 與 rollback point 的 owner 或補證 owner。",
|
||
"必須承認通過收件後只更新 read-only classification / reconcile / readiness wording,不授權 refs sync。"
|
||
],
|
||
"rejection_conditions": [
|
||
"把 main branch truth response 當成可直接 push refs 或切 primary。",
|
||
"沒有 repo、ref_name、truth_source_or_sha 或 deploy evidence owner。",
|
||
"含有 token、credential、private URL 憑證或未脫敏截圖。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 `source-control-ref-truth-classification.snapshot.json` 的 read-only owner response 欄位。",
|
||
"更新 `SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md` 的 owner response 摘要。",
|
||
"更新 `source-control-primary-readiness-gate.snapshot.json` 的 blocker wording,且 primary_ready_count 維持 0。"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-active-dev-branch-truth-source",
|
||
"lane": "active_branch_truth_required",
|
||
"affected_repos": [
|
||
"wooo/awoooi -> owenhytsai/awoooi"
|
||
],
|
||
"risk": "HIGH",
|
||
"covered_item_count": 1,
|
||
"requested_owner_decision": "判定 `wooo/awoooi` 的 `dev` branch 是否仍是 active workflow、legacy branch 或需補證;維持 refs action disabled。",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo",
|
||
"ref_name",
|
||
"workflow_owner",
|
||
"branch_disposition",
|
||
"evidence_refs"
|
||
],
|
||
"acceptable_decisions": [
|
||
"keep_active_branch_candidate",
|
||
"mark_branch_legacy_candidate",
|
||
"hold_pending_workflow_owner",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/source-control-ref-truth-classification.snapshot.json",
|
||
"docs/security/source-control-reconcile-plan.snapshot.json",
|
||
"docs/security/security-approval-review-packet.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須指出 `dev` 是否仍有開發、部署、CI 或 release workflow 用途。",
|
||
"若標為 legacy,只能標記 candidate,不代表刪除或封存批准。",
|
||
"必須提供 workflow owner 或 request_more_evidence owner。"
|
||
],
|
||
"rejection_conditions": [
|
||
"要求立即刪除或同步 `dev` branch。",
|
||
"沒有 workflow owner 或 branch disposition。",
|
||
"把 legacy candidate 當成 delete approval。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 `dev` branch 的 read-only disposition 欄位。",
|
||
"更新 draft reconcile plan 的 blocked reason。",
|
||
"建立 request_more_evidence lane。"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-drift-deprecated-candidate-batch",
|
||
"lane": "archive_or_deprecate_candidate",
|
||
"affected_repos": [
|
||
"wooo/awoooi drift/adopt-*"
|
||
],
|
||
"risk": "LOW",
|
||
"covered_item_count": 142,
|
||
"requested_owner_decision": "批次判定 `drift/adopt-*` refs 是否可列為 deprecated candidate、audit retention candidate 或需拆批補證;標記 deprecated candidate 不等於 delete approval。",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo",
|
||
"ref_pattern_or_ref_list",
|
||
"retention_owner",
|
||
"audit_or_rollback_use",
|
||
"evidence_refs"
|
||
],
|
||
"acceptable_decisions": [
|
||
"mark_deprecated_candidate",
|
||
"keep_audit_retention_candidate",
|
||
"split_batch_requires_more_evidence",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/source-control-ref-truth-classification.snapshot.json",
|
||
"docs/security/source-control-ref-detail-diff.snapshot.json",
|
||
"docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須明確說明這是批次 owner disposition,不是刪除批准。",
|
||
"必須提供 retention owner 或補證 owner。",
|
||
"若需要拆批,必須說明拆分準則與下一個 evidence owner。"
|
||
],
|
||
"rejection_conditions": [
|
||
"把 deprecated candidate 當成 delete approval。",
|
||
"要求刪除、rewrite、force push 或 prune refs。",
|
||
"未說明 audit / rollback / retention 用途是否仍存在。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 classification 的 deprecated candidate owner response 欄位。",
|
||
"更新人工 review checklist。",
|
||
"維持 refs delete / push / force push 禁用。"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-release-tag-retention",
|
||
"lane": "release_tag_missing_on_github",
|
||
"affected_repos": [
|
||
"wooo/awoooi v7.2.0",
|
||
"wooo/awoooi v7.3.0",
|
||
"wooo/clawbot-v5 v5.5-sprint1"
|
||
],
|
||
"risk": "MEDIUM",
|
||
"covered_item_count": 3,
|
||
"requested_owner_decision": "判定 release tags 是否需要保留、是否為 legacy candidate,或是否等待 artifact / deploy owner 補證;維持 tag action disabled。",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo",
|
||
"tag_name",
|
||
"artifact_owner",
|
||
"deploy_marker_owner",
|
||
"retention_disposition",
|
||
"evidence_refs"
|
||
],
|
||
"acceptable_decisions": [
|
||
"keep_release_tag_candidate",
|
||
"mark_tag_legacy_candidate",
|
||
"hold_pending_artifact_owner",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/source-control-ref-truth-classification.snapshot.json",
|
||
"docs/security/source-control-ref-detail-diff.snapshot.json",
|
||
"docs/security/source-control-primary-rollback-adr.snapshot.json"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須逐 tag 指定 artifact owner、deploy marker owner 或補證 owner。",
|
||
"必須說明保留或 legacy candidate 的依據。",
|
||
"必須明確不授權 tag push、tag rewrite 或 tag delete。"
|
||
],
|
||
"rejection_conditions": [
|
||
"要求立即同步、重寫或刪除 tag。",
|
||
"缺 artifact owner 或 deploy marker owner。",
|
||
"把 tag retention response 當成 release approval。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 release tag review lane。",
|
||
"更新 rollback ADR 的 evidence gap wording。",
|
||
"維持 tag action disabled。"
|
||
],
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"template_id": "response-github-only-ref-review",
|
||
"lane": "github_only_manual_review",
|
||
"affected_repos": [
|
||
"wooo/wooo-aiops refactor/phase-9.3",
|
||
"wooo/wooo-aiops 19 UAT tags"
|
||
],
|
||
"risk": "MEDIUM",
|
||
"covered_item_count": 20,
|
||
"requested_owner_decision": "判定 GitHub-only branch / UAT tags 是否保留、回補候選、legacy candidate 或需稽核 owner 補證;backfill 只能是 candidate,不代表 push。",
|
||
"required_owner_fields": [
|
||
"owner_role_or_team",
|
||
"decision",
|
||
"decision_reason",
|
||
"repo",
|
||
"ref_name_or_pattern",
|
||
"github_only_owner",
|
||
"audit_owner",
|
||
"backfill_candidate_reason",
|
||
"evidence_refs"
|
||
],
|
||
"acceptable_decisions": [
|
||
"keep_github_only_candidate",
|
||
"backfill_to_gitea_candidate",
|
||
"mark_legacy_github_only_candidate",
|
||
"hold_pending_audit_owner",
|
||
"unknown_requires_more_evidence"
|
||
],
|
||
"minimum_evidence_refs": [
|
||
"docs/security/source-control-ref-truth-classification.snapshot.json",
|
||
"docs/security/source-control-ref-detail-diff.snapshot.json",
|
||
"docs/security/SOURCE-CONTROL-WOOO-AIOPS-SNAPSHOT.md"
|
||
],
|
||
"acceptance_criteria": [
|
||
"必須說明 GitHub-only refs 的用途、owner 或補證 owner。",
|
||
"若選 backfill_to_gitea_candidate,必須明確標示只是候選,不授權 push。",
|
||
"必須維持 GitHub primary readiness blocked。"
|
||
],
|
||
"rejection_conditions": [
|
||
"把 backfill candidate 當成 push approval。",
|
||
"要求刪除 GitHub-only refs 或直接同步到 Gitea。",
|
||
"缺 GitHub-only owner 或 audit owner。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 GitHub-only review lane。",
|
||
"更新 draft reconcile plan 的 candidate wording。",
|
||
"維持 refs action disabled。"
|
||
],
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"acceptance_checks": [
|
||
{
|
||
"check_id": "maps_to_known_ref_truth_lane",
|
||
"title": "回覆對應既有 refs truth lane",
|
||
"required": true,
|
||
"pass_condition": "`lane` 必須對應 source_control_ref_truth_classification_v1 既有 lane:main_truth_required、active_branch_truth_required、archive_or_deprecate_candidate、release_tag_missing_on_github 或 github_only_manual_review。",
|
||
"failure_lane": "reject_unknown_ref_truth_lane",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "decision_value_allowed",
|
||
"title": "決策值在允許範圍內",
|
||
"required": true,
|
||
"pass_condition": "`decision` 必須是該 response template 的 acceptable_decisions 之一。",
|
||
"failure_lane": "request_owner_correction",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "repo_and_ref_scope_present",
|
||
"title": "repo 與 ref scope 已標示",
|
||
"required": true,
|
||
"pass_condition": "每筆回覆必須有 repo 與 ref_name、tag_name、ref_pattern 或 ref_list;批次回覆必須有可重現範圍。",
|
||
"failure_lane": "request_more_evidence",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "truth_source_or_disposition_present",
|
||
"title": "真相來源或 disposition 已說明",
|
||
"required": true,
|
||
"pass_condition": "main/dev lane 必須有 truth source 或 workflow disposition;deprecated/release/GitHub-only lane 必須有 retention、legacy、backfill candidate 或補證 disposition。",
|
||
"failure_lane": "keep_ref_truth_blocked",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "deploy_or_artifact_evidence_present_for_high_risk",
|
||
"title": "高風險 ref 有 deploy 或 artifact owner",
|
||
"required": true,
|
||
"pass_condition": "main branch 與 release tag response 必須提供 deploy marker、production source、rollback point 或 artifact owner;未知時必須選 hold/unknown。",
|
||
"failure_lane": "request_deploy_or_artifact_owner",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_refs_action_requested",
|
||
"title": "不含 refs 執行要求",
|
||
"required": true,
|
||
"pass_condition": "回覆不得要求 fetch、push refs、delete refs、force push、mirror sync、tag rewrite、branch rewrite 或 prune refs。",
|
||
"failure_lane": "reject_refs_action",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "no_primary_or_repo_change_requested",
|
||
"title": "不含 primary 或 repo 變更要求",
|
||
"required": true,
|
||
"pass_condition": "回覆不得要求切 GitHub primary、建立 repo、修改 visibility、停用 Gitea、刪除 Gitea 或封存 Gitea。",
|
||
"failure_lane": "reject_primary_or_repo_action",
|
||
"execution_authorized": false
|
||
},
|
||
{
|
||
"check_id": "secret_values_absent",
|
||
"title": "未包含 secret value",
|
||
"required": true,
|
||
"pass_condition": "`evidence_refs` 只能指向 repo 內文件、snapshot 或已脫敏 owner metadata,不得含 token、credential、secret value、private key、deploy key value、cookie 或 session。",
|
||
"failure_lane": "quarantine_sensitive_payload",
|
||
"execution_authorized": false
|
||
}
|
||
],
|
||
"rejection_rules": [
|
||
"回覆含 token value、PAT、cookie、session、CSRF token、private key、deploy key value 或 partial credential 時必須拒收。",
|
||
"回覆要求 fetch、push refs、delete refs、force push、mirror sync、tag rewrite、branch rewrite 或 prune refs 時必須拒收。",
|
||
"回覆要求切 GitHub primary 或把 GitHub primary readiness 視為已完成時必須拒收。",
|
||
"回覆要求建立 repo、修改 repo visibility 或改 remote URL 時必須拒收。",
|
||
"回覆把 deprecated_candidate 當成 delete approval 時必須拒收。",
|
||
"回覆把 backfill_to_gitea_candidate 當成 push approval 時必須拒收。",
|
||
"回覆缺 repo/ref/lane 或批次範圍無法重現時不得標記 accepted。",
|
||
"main / release high-risk 回覆缺 deploy marker、artifact、rollback 或補證 owner 時不得標記 accepted。",
|
||
"回覆要求停用、刪除、封存或降級 Gitea 時必須拒收。",
|
||
"任何不確定是否含敏感值、私有 URL 憑證或未脫敏截圖的回覆必須先進 mirror quarantine。"
|
||
],
|
||
"allowed_outputs": [
|
||
"更新 `source-control-ref-truth-classification.snapshot.json` 的 read-only owner response 欄位。",
|
||
"更新 `SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md` 的 owner response 摘要。",
|
||
"更新 `source-control-reconcile-plan.snapshot.json` 的 draft wording。",
|
||
"更新 `source-control-primary-readiness-gate.snapshot.json` 的 blocker wording。",
|
||
"建立 request_more_evidence / quarantine lane。",
|
||
"維持 `github_primary_ready_count=0` 與所有 refs / repo / primary execution flags false。"
|
||
],
|
||
"forbidden_actions": [
|
||
"fetch refs。",
|
||
"push refs。",
|
||
"delete refs。",
|
||
"force push。",
|
||
"rewrite branch 或 tag。",
|
||
"切 GitHub primary。",
|
||
"建立 GitHub repo 或修改 visibility。",
|
||
"停用、刪除、封存或降級 Gitea repo。",
|
||
"保存 secret value、token value、private key、cookie、session 或 deploy key value。",
|
||
"新增 AwoooP execution action button。"
|
||
]
|
||
}
|