diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index d18f55839..e7b846941 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -1011,7 +1011,7 @@ "detail": "docs / schema / read-only evidence" }, "runtimeGates": { - "label": "Runtime gates", + "label": "Runtime 閘門", "detail": "未開啟" }, "actions": { @@ -1022,55 +1022,55 @@ } }, "iwooos": { - "eyebrow": "Information Security Mesh", + "eyebrow": "資訊安全網", "title": "IwoooS", - "subtitle": "資安網的態勢入口。把 Kali、source-control、owner response、approval gate、AwoooP mirror-only evidence 收成一個可讀的資安態勢,不啟動掃描、不修復、不阻擋產品流程。", + "subtitle": "資安網的態勢入口。把 Kali、原始碼管控、負責人回覆、審批閘門、AwoooP 只讀鏡像證據收成一個可讀的資安態勢,不啟動掃描、不修復、不阻擋產品流程。", "boundary": { "label": "目前邊界", - "state": "Mirror-only / Observe-first", + "state": "只讀鏡像 / 先觀測", "detail": "所有數字來自已驗證 snapshot 與 guard。此頁只顯示態勢、缺口、下一個 gate 與非阻擋分流。" }, "metrics": { "overall": { "label": "整體資安網", - "detail": "headline progress,不是授權" + "detail": "headline 進度,不是授權" }, "framework": { "label": "框架成熟度", - "detail": "文件、schema、read-only evidence" + "detail": "文件、schema、只讀 evidence" }, "runtime": { "label": "落地執行", - "detail": "runtime gate 尚未啟用" + "detail": "runtime 閘門尚未啟用" }, "contracts": { "label": "主要契約", "detail": "33 ready / 2 partial / 1 contract-only" }, "activeGates": { - "label": "Active runtime gates", + "label": "主動執行閘門", "detail": "人工批准前維持 0" } }, "pillars": { "exposure": { - "title": "Exposure Posture", - "state": "Waiting evidence", + "title": "暴露面態勢", + "state": "等待證據", "body": "主流資安管理會把資產、暴露面、弱點與 owner gate 放在同一張圖。IwoooS 先顯示覆蓋缺口,不把缺口變成阻擋。" }, "sourceControl": { - "title": "Source-control Supply Chain", - "state": "Draft gated", - "body": "Gitea 到 GitHub 的長期方向已確認,但 refs、workflow、secret name 與 rollback ADR 仍需 owner response。" + "title": "原始碼供應鏈", + "state": "草案受閘門控管", + "body": "Gitea 到 GitHub 的長期方向已確認,但 refs、workflow、secret name 與 rollback ADR 仍需負責人回覆。" }, "kali": { - "title": "Kali 112 Mesh", - "state": "Observe-only", + "title": "Kali 112 網格", + "state": "只觀測", "body": "Kali 112 已在資安網範圍中,111 / 168 也納入 observe-only。active scan 與 /execute 仍維持封鎖候選。" }, "governance": { - "title": "Approval Boundary", - "state": "Locked", + "title": "審批邊界", + "state": "已鎖定", "body": "7 個 pending approval、1 個 block candidate、0 active runtime gates。任何執行都必須先留下人工決策與後續 runtime gate。" } }, @@ -1078,19 +1078,19 @@ "title": "非阻擋分流", "subtitle": "初期只 observe / warn,避免資安框架拖慢產品與部署節奏。", "lowMedium": { - "title": "LOW / MEDIUM observation", + "title": "低 / 中風險觀測", "body": "標風險、建 follow-up、補 evidence_ref,不阻擋 deploy。" }, "ownerMissing": { - "title": "Owner response missing", + "title": "負責人回覆缺口", "body": "顯示缺口與下一個收件候選,不把未回覆當拒絕。" }, "mirrorIncomplete": { - "title": "Mirror data incomplete", + "title": "鏡像資料不完整", "body": "顯示 partial / quarantine reason,等待新的 redacted snapshot。" }, "sourceDrift": { - "title": "Source-control drift draft", + "title": "原始碼漂移草案", "body": "維持 draft reconcile plan,不 sync refs、不 force push。" }, "kaliObserve": { @@ -2801,34 +2801,34 @@ }, "progressHoldMovementGates": { "title": "為什麼 58% 還不動", - "subtitle": "S2.50 把 headline progress 的移動門檻直接顯示出來:目前不是沒有推進,而是五個會讓 58% 進入下一輪重估的 gate 都還沒有實質 evidence。框架、文件、前端可見性會累積在 80-85% 框架進度,但不會灌水成落地百分比。", + "subtitle": "S2.50 把 headline 進度的移動門檻直接顯示出來:目前不是沒有推進,而是五個會讓 58% 進入下一輪重估的閘門都還沒有實質 evidence。框架、文件、前端可見性會累積在 80-85% 框架進度,但不會灌水成落地百分比。", "gateLabel": "移動門檻", "moveLabel": "什麼時候會動", "guardLabel": "不灌水原則", "items": { "ownerResponseAccepted": { - "title": "Owner response accepted 仍是 0", - "body": "S4.9-S4.12 都還沒有 owner response received / accepted,S4.9 目前只是 request-ready。", - "move": "第一批脫敏 owner response 通過 S4.9 preflight 與 S4.13 rollup 後,headline 才有重估依據。", - "guard": "不把 request-ready、template、preflight 或 focus 當成 received / accepted。" + "title": "負責人回覆 accepted 仍是 0", + "body": "S4.9-S4.12 都還沒有負責人回覆 received / accepted,S4.9 目前只是 request-ready。", + "move": "第一批脫敏負責人回覆通過 S4.9 preflight 與 S4.13 rollup 後,headline 才有重估依據。", + "guard": "不把 request-ready、範本、preflight 或焦點當成 received / accepted。" }, "redactedPayloadIngested": { - "title": "Redacted payload ingestion 仍未啟用", + "title": "脫敏 payload 匯入仍未啟用", "body": "目前只定義 evidence refs、redaction examples、quarantine 與 preflight,尚未有 accepted payload ingestion。", "move": "脫敏 payload 經人工批准、通過 preflight、進入只讀 ingestion 後,runtime landing 才能重估。", "guard": "不收 raw payload、不收 credential plaintext、不把文件範例當 ingestion。" }, "activeRuntimeGate": { - "title": "Active runtime gate 仍是 0", + "title": "主動 runtime gate 仍是 0", "body": "Kali `/execute`、SSH、主機更新、blocking control、repo / refs / workflow 動作都仍在獨立 gate 之外。", "move": "人工批准、scope、rollback、post-check metrics 完整,並另開 active runtime gate 後才會動。", "guard": "不從 IwoooS 前端、progress 數字或 checklist 開 runtime gate。" }, "githubPrimaryReady": { - "title": "GitHub primary ready 仍是 0", - "body": "GitHub target、refs truth、workflow / secret name parity、rollback ADR 都還在 owner response / readiness 階段。", + "title": "GitHub 主要來源就緒數仍是 0", + "body": "GitHub target、refs truth、workflow / secret name parity、rollback ADR 都還在負責人回覆 / 就緒度階段。", "move": "至少一批 repo 通過 target、refs、workflow / secret name 與 rollback readiness,primary_ready_count 才可大於 0。", - "guard": "不建 repo、不 sync refs、不切 primary、不把 candidate 當 readiness。" + "guard": "不建 repo、不 sync refs、不切主要來源、不把候選項當就緒。" }, "awooopReadOnlyLanding": { "title": "AwoooP landing 仍未進 production 消費", @@ -2839,24 +2839,24 @@ } }, "sourceControlReadiness": { - "title": "GitHub Primary Readiness", - "subtitle": "把 Gitea 轉 GitHub 的長期方向拆成只讀 readiness:候選 repo、owner response、refs truth、workflow / secret 名稱與 rollback ADR 都要到齊,才會重估 primary_ready_count。", - "gateLabel": "Readiness gate", + "title": "GitHub 主要來源就緒度", + "subtitle": "把 Gitea 轉 GitHub 的長期方向拆成只讀就緒度:候選 repo、負責人回覆、refs truth、workflow / secret 名稱與 rollback ADR 都要到齊,才會重估 primary_ready_count。", + "gateLabel": "就緒度閘門", "guardLabel": "仍禁止", "items": { "candidateRepos": { "title": "候選 repo 清冊", - "body": "8 個 candidate repos、7 個 in-scope,目前只做清冊與 owner evidence 對齊。", - "guard": "不建立 GitHub repo、不改 visibility。" + "body": "8 個候選 repo、7 個範圍內 repo,目前只做清冊與負責人 evidence 對齊。", + "guard": "不建立 GitHub repo、不改可見性。" }, "primaryReady": { "title": "primary_ready_count 仍為 0", "body": "尚無 repo 通過 target、refs、workflow / secret 名稱與 rollback readiness。", - "guard": "不切 GitHub primary、不停用 Gitea。" + "guard": "不切 GitHub 主要來源、不停用 Gitea。" }, "ownerResponses": { - "title": "Owner response 仍等待", - "body": "S4.9-S4.12 共 22 個 templates,目前 received=0、accepted=0。", + "title": "負責人回覆仍等待", + "body": "S4.9-S4.12 共 22 個範本,目前 received=0、accepted=0。", "guard": "不把 request-ready 當 response accepted。" }, "refsTruth": { @@ -2866,55 +2866,55 @@ }, "workflowSecrets": { "title": "Workflow / secret 名稱未完成", - "body": "7 個 in-scope repos 的 workflow、runner、webhook、secret name parity 還缺 evidence。", + "body": "7 個範圍內 repo 的 workflow、runner、webhook、secret name parity 還缺 evidence。", "guard": "只收名稱與 owner,不收 secret value。" }, "rollbackAdr": { "title": "Rollback ADR 未批准", - "body": "7 個 in-scope repos 的 rollback owner、驗證窗口與 trigger 尚待人工審查。", + "body": "7 個範圍內 repo 的 rollback 負責人、驗證窗口與 trigger 尚待人工審查。", "guard": "不 dry-run cutover、不切 primary。" } } }, "awooopReadOnlyLandingReadiness": { - "title": "AwoooP 只讀 Landing Readiness", - "subtitle": "S2.51 把 AwoooP 主線要如何只讀消費 IwoooS / security mirror 狀態整理成接入準備面板。這是 landing readiness,不是 production landing enabled,也不接 execution router。", + "title": "AwoooP 只讀接入就緒度", + "subtitle": "S2.51 把 AwoooP 主線要如何只讀消費 IwoooS / 資安鏡像狀態整理成接入準備面板。這是接入就緒度,不是 production landing enabled,也不接 execution router。", "readinessLabel": "只讀接入", "requirementLabel": "接入要求", "guardLabel": "仍鎖住", "items": { "rollupSnapshotReadable": { - "title": "Rollup snapshot 可讀", + "title": "彙總快照可讀", "body": "`security-mirror-status-rollup.snapshot.json` 與 `iwooos-posture-projection.snapshot.json` 已可作為 AwoooP 只讀入口的主要來源。", - "requirement": "AwoooP 只讀消費 committed snapshot 與 guard output,不直接呼叫 Kali、Gitea、GitHub 或 runtime API。", + "requirement": "AwoooP 只讀消費已提交快照與 guard output,不直接呼叫 Kali、Gitea、GitHub 或 runtime API。", "guard": "production_landing_enabled=false;execution router linked=false" }, "evidenceRefsReadable": { "title": "Evidence refs 可追溯", - "body": "IwoooS 已列出 security rollout、owner response validation、Kali status、rollup 與 projection 的 evidence refs。", + "body": "IwoooS 已列出資安 rollout、負責人回覆驗證、Kali 狀態、彙總與投影的 evidence refs。", "requirement": "AwoooP landing 只能顯示 evidence refs 與狀態摘要,不保存 raw payload、credential plaintext 或 token value。", "guard": "payloads_ingested=false;secret value collection=false" }, "guardChecksKnown": { - "title": "Guard checks 已知", + "title": "Guard 檢查已知", "body": "`security-mirror-progress-guard.py` 與 `source-control-owner-response-guard.py` 是接入前必跑的只讀檢查。", - "requirement": "AwoooP 主線接入前必須保留 progress、owner response、runtime flags、action button 與 forbidden output 檢查。", + "requirement": "AwoooP 主線接入前必須保留進度、負責人回覆、runtime flags、action button 與 forbidden output 檢查。", "guard": "不跳過 guard;不把 guard pass 當 runtime approval" }, "routeGroupsKnown": { - "title": "Mirror route groups 已知", - "body": "`security_mirror_route_v1` 已定義 Operator Console、runtime state、channel event、audit evidence、approval queue 的只讀目的地。", - "requirement": "AwoooP 只能依 route group 顯示與分類,不新增 scan、execute、repair、repo、refs 或 deploy action。", + "title": "鏡像路由群組已知", + "body": "`security_mirror_route_v1` 已定義操作控制台、runtime state、channel event、audit evidence、approval queue 的只讀目的地。", + "requirement": "AwoooP 只能依 route group 顯示與分類,不新增掃描、執行、修復、repo、refs 或部署動作。", "guard": "action_buttons_allowed=false;runtime_execution_authorized=false" }, "forbiddenOutputsLocked": { - "title": "Forbidden outputs 鎖住", - "body": "IwoooS / rollup 已明確列出不得從 landing readiness 產生 action button、runtime gate、GitHub primary 或 production execution。", + "title": "禁止輸出已鎖住", + "body": "IwoooS / rollup 已明確列出不得從接入就緒度產生 action button、runtime gate、GitHub 主要來源或 production execution。", "requirement": "AwoooP 接入時必須保留禁止輸出清單,並把所有寫入、執行、切換與收 secret value 的入口維持關閉。", - "guard": "不把 landing readiness 當 production consumption" + "guard": "不把接入就緒度當 production consumption" }, "productionHandoffPending": { - "title": "Production handoff 仍待接入", + "title": "Production 交接仍待接入", "body": "目前只是 AwoooP 只讀 landing 的接入準備,尚未證明 AwoooP production 主線已消費這組狀態。", "requirement": "需要後續 PR / deployment evidence 證明 AwoooP 主線只讀顯示 rollup、evidence refs 與 guard result。", "guard": "progress_change_applied=false;headline percent delta=0" @@ -2923,20 +2923,20 @@ }, "progressAcceleration": { "title": "進度加速與真正解鎖點", - "subtitle": "目前不是沒有推進,而是 58% headline 只在 owner response、runtime gate、GitHub primary readiness 或 AwoooP production landing 有實質 evidence 時才會重估。這裡把下一批有感推進點集中顯示。", + "subtitle": "目前不是沒有推進,而是 58% headline 只在負責人回覆、runtime gate、GitHub 主要來源就緒度或 AwoooP production landing 有實質 evidence 時才會重估。這裡把下一批有感推進點集中顯示。", "laneLabel": "加速路線", "unlockLabel": "解鎖訊號", "guardLabel": "仍維持低摩擦邊界", "items": { "ownerResponses": { - "title": "Owner responses 先收斂", - "body": "S4.9-S4.12 的 Gitea、GitHub target、refs truth、workflow / secret name owner response 是目前 58% 最主要的卡點。", - "unlock": "收到並驗收第一批脫敏 owner response 後,headline 才有重估依據。", + "title": "負責人回覆先收斂", + "body": "S4.9-S4.12 的 Gitea、GitHub target、refs truth、workflow / secret name 負責人回覆是目前 58% 最主要的卡點。", + "unlock": "收到並驗收第一批脫敏負責人回覆後,headline 才有重估依據。", "guard": "只收脫敏 evidence;不建立 repo、不同步 refs、不修改 workflow、不收 secret value。" }, "redactedIngestion": { - "title": "Redacted ingestion 接上可見證據", - "body": "資安 finding、Kali observe 訊號與 owner evidence 需要先以 redacted metadata 進入只讀收件面,再談 runtime。", + "title": "脫敏匯入接上可見證據", + "body": "資安 finding、Kali observe 訊號與負責人 evidence 需要先以 redacted metadata 進入只讀收件面,再談 runtime。", "unlock": "redacted payload ingestion adapter 經人工批准並通過 preflight 後,runtime landing 會有實質訊號。", "guard": "不收 raw payload、不收 credential plaintext、不啟動 active scan。" }, @@ -2947,10 +2947,10 @@ "guard": "active runtime gate=0;action button=false;Kali /execute 仍是 block candidate。" }, "githubReadiness": { - "title": "GitHub primary readiness 要拆關鍵缺口", + "title": "GitHub 主要來源就緒度要拆關鍵缺口", "body": "Gitea 轉 GitHub 的大方向已確認,但 target、refs、workflow / secret name、rollback ADR 還沒全量驗證。", - "unlock": "owner response、refs truth、workflow parity 與 rollback ADR 都可驗證後,primary_ready_count 才能往上。", - "guard": "不切 primary、不 force push、不刪 refs、不建立未批准 target repo。" + "unlock": "負責人回覆、refs truth、workflow parity 與 rollback ADR 都可驗證後,primary_ready_count 才能往上。", + "guard": "不切主要來源、不 force push、不刪 refs、不建立未批准 target repo。" }, "awooopLanding": { "title": "AwoooP / IwoooS 主線可見", @@ -3076,8 +3076,8 @@ "guard": "不寫 Gitea、不建 GitHub repo、不同步 refs、不開 runtime gate。" }, "allFiveItemsBeforeAccepted": { - "title": "五個 items 到齊前不得 Accepted", - "body": "S4.9 要被標示 accepted 前,五個 response templates 都必須收到可驗收的 owner response。", + "title": "五個項目到齊前不得 Accepted", + "body": "S4.9 要被標示 accepted 前,五個回覆範本都必須收到可驗收的負責人回覆。", "failure": "部分回覆只能維持 waiting 或 request more evidence。", "guard": "preflight 可見不代表 request sent、received、accepted 或 audit emitted。" } @@ -3317,11 +3317,11 @@ "refresh": "重新整理", "totalEvents24h": "24h 總事件", "allEventTypes": "全部事件類型", - "incidentIdFilter": "Incident ID 篩選...", + "incidentIdFilter": "事件 ID 篩選...", "totalCount": "共 {count} 筆", "colTime": "時間", "colEventType": "事件類型", - "colIncident": "Incident", + "colIncident": "事件", "colActor": "操作者", "colDetail": "說明", "colResult": "結果", @@ -3735,86 +3735,86 @@ "degraded": "降級", "securityMirror": { "title": "IwoooS 資安鏡像", - "subtitle": "AwoooP 首頁以只讀候選方式顯示 IwoooS / security mirror 狀態,讓使用者理解資安網進度與邊界;這不是 production landing enabled,也不接 execution router。", + "subtitle": "AwoooP 首頁以只讀候選方式顯示 IwoooS / 資安鏡像狀態,讓使用者理解資安網進度與邊界;這不是 production landing enabled,也不接執行路由器。", "badge": "只讀候選", "openIwooos": "開啟 IwoooS", "checkpointsTitle": "接入檢查", "boundaryLabel": "安全邊界", "boundaryTitle": "仍維持低摩擦框架期", - "boundaryDetail": "這個面板只顯示 committed snapshot 與 guard 口徑,不呼叫 Kali、GitHub、Gitea 或 runtime API,也不提供 scan、execute、repair、deploy、primary switch 或 refs action。", + "boundaryDetail": "這個面板只顯示已提交快照與 guard 口徑,不呼叫 Kali、GitHub、Gitea 或 runtime API,也不提供掃描、執行、修復、部署、主要來源切換或 refs 動作。", "metrics": { "headline": { "label": "整體資安網", - "detail": "headline 仍等 owner response、redacted ingestion、runtime gate、GitHub primary 或 AwoooP production landing evidence。" + "detail": "headline 仍等負責人回覆、脫敏匯入、runtime gate、GitHub 主要來源或 AwoooP production landing evidence。" }, "framework": { "label": "框架成熟度", - "detail": "治理、文件、schema、read-only evidence 與 IwoooS projection 已接近完整。" + "detail": "治理、文件、schema、只讀 evidence 與 IwoooS 投影已接近完整。" }, "runtime": { "label": "落地執行", - "detail": "runtime ingestion、GitHub primary 與 AwoooP production landing 仍需後續 evidence。" + "detail": "runtime ingestion、GitHub 主要來源與 AwoooP production landing 仍需後續 evidence。" }, "activeGates": { - "label": "Active runtime gates", + "label": "主動執行閘門", "detail": "目前維持 0,任何主機或 blocking control 都仍需獨立批准。" } }, "checkpoints": { "iwooosProjection": { - "title": "IwoooS projection 可讀", - "detail": "AwoooP 只顯示 IwoooS posture、progress、evidence refs 與 forbidden actions。" + "title": "IwoooS 投影可讀", + "detail": "AwoooP 只顯示 IwoooS 態勢、進度、evidence refs 與禁止動作。" }, "rollupGuard": { "title": "Guard 口徑一致", "detail": "接手前維持 security-mirror-progress-guard.py 與 source-control-owner-response-guard.py 綠燈。" }, "ownerResponse": { - "title": "Owner response 仍等待", + "title": "負責人回覆仍等待", "detail": "S4.9 到 S4.12 received / accepted 都仍為 0,不把顯示狀態當驗收完成。" }, "productionLanding": { "title": "Production landing 尚未完成", - "detail": "AwoooP 主線仍需 deployment proof 與 read-only consumption evidence 才能進入 headline 重估。" + "detail": "AwoooP 主線仍需 deployment proof 與只讀消費 evidence 才能進入 headline 重估。" } } }, "githubPrimaryReadiness": { - "title": "GitHub Primary Readiness", - "subtitle": "AwoooP 首頁同步顯示 Gitea 轉 GitHub 的 source-control readiness 缺口;目前只做框架期可視化,不建立 repo、不改 refs、不收 secret value,也不切換 primary。", + "title": "GitHub 主要來源就緒度", + "subtitle": "AwoooP 首頁同步顯示 Gitea 轉 GitHub 的原始碼管控就緒度缺口;目前只做框架期可視化,不建立 repo、不改 refs、不收 secret value,也不切換主要來源。", "badge": "只讀摘要", "openIwooos": "開啟 IwoooS", - "readinessRefsTitle": "Readiness evidence refs", - "boundaryLabel": "GitHub primary 邊界", - "boundaryTitle": "目前仍不可推進 primary 切換", - "boundaryDetail": "這個摘要只顯示 committed snapshot 與 owner response 缺口,不能被解讀成 GitHub primary approval、repo 建立授權、refs mutation、secret 收集、Gitea 停用或 runtime execution。", + "readinessRefsTitle": "就緒度 evidence refs", + "boundaryLabel": "GitHub 主要來源邊界", + "boundaryTitle": "目前仍不可推進主要來源切換", + "boundaryDetail": "這個摘要只顯示已提交快照與負責人回覆缺口,不能被解讀成 GitHub 主要來源批准、repo 建立授權、refs 變更、secret 收集、Gitea 停用或 runtime execution。", "metrics": { "candidateRepos": { - "label": "Candidate repos", + "label": "候選 repo", "detail": "S2.63 起已盤點 8 個候選 repo;這不是建立 GitHub repo 的授權。" }, "inScopeRepos": { - "label": "In-scope repos", - "detail": "目前 7 個 repo 進入 primary readiness 範圍,仍等待 owner response。" + "label": "範圍內 repo", + "detail": "目前 7 個 repo 進入主要來源就緒度範圍,仍等待負責人回覆。" }, "primaryReady": { - "label": "Primary ready", - "detail": "ready count 維持 0,不能切換 GitHub primary 或停用 Gitea。" + "label": "主要來源就緒數", + "detail": "ready count 維持 0,不能切換 GitHub 主要來源或停用 Gitea。" }, "ownerResponses": { - "label": "Owner responses", - "detail": "22 個 response templates 仍為 0 received / 0 accepted。" + "label": "負責人回覆", + "detail": "22 個回覆範本仍為 0 received / 0 accepted。" }, "workflowInventory": { - "label": "Workflow inventory", - "detail": "7 個 repo 的 workflow / secret name inventory 尚未完成。" + "label": "工作流程清冊", + "detail": "7 個 repo 的 workflow / secret 名稱清冊尚未完成。" } }, "readinessRefs": { - "primaryReadiness": "GitHub primary readiness gate 仍是候選狀態,不能觸發 repo creation 或 visibility change。", - "ownerValidation": "Owner response validation rollup 顯示四包 response packets 都仍等待人工回覆與驗收。", - "rollbackAdr": "Rollback ADR 尚未完成 owner approved dry-run,因此不能把 GitHub 切為 primary。", - "workflowInventory": "Workflow / secret name inventory 只收集名稱與路由,不收 secret value、不改 GitHub secrets。" + "primaryReadiness": "GitHub 主要來源就緒度閘門仍是候選狀態,不能觸發 repo 建立或可見性變更。", + "ownerValidation": "負責人回覆驗證彙總顯示四包回覆資料都仍等待人工回覆與驗收。", + "rollbackAdr": "Rollback ADR 尚未完成 owner approved dry-run,因此不能把 GitHub 切為主要來源。", + "workflowInventory": "Workflow / secret 名稱清冊只收集名稱與路由,不收 secret value、不改 GitHub secrets。" } }, "quality": { @@ -3875,12 +3875,12 @@ "metrics": { "tenants": "租戶", "tenantsDetail": "{active} 個啟用,{shadow} 個 shadow", - "runs": "Operator Runs", - "runsDetail": "Run state 是非同步任務的唯一觀測入口", + "runs": "操作執行", + "runsDetail": "執行狀態是非同步任務的唯一觀測入口", "approvals": "待審批", "approvalsDetail": "所有高風險動作都必須停在人工閘門", "contracts": "合約", - "contractsDetail": "Project / Agent / Policy contract 發布狀態" + "contractsDetail": "專案 / 代理 / 政策合約發布狀態" }, "disposition": { "title": "處置語義", @@ -3888,7 +3888,7 @@ "title": "只讀診斷", "signal": "AI 已收集證據", "owner": "負責:AI 先整理,SRE 判讀", - "route": "流向:Run 監控 / 事件詳情" + "route": "流向:執行監控 / 事件詳情" }, "approval": { "title": "人工閘門", @@ -3900,7 +3900,7 @@ "title": "自動執行", "signal": "低風險可閉環", "owner": "負責:MCP Gateway 執行並稽核", - "route": "流向:Run State / Audit" + "route": "流向:執行狀態 / 稽核" }, "manual": { "title": "人工升級", @@ -3920,11 +3920,11 @@ "channelName": "Channel Hub", "channelDetail": "Telegram / LINE / Slack 先進 Channel Event,再逐步切換發送責任", "approvalName": "Approval Plane", - "approvalDetail": "Run state 與 Approval plane 共享同一條審批語義" + "approvalDetail": "執行狀態與審批平面共享同一條審批語義" }, "next": { "title": "下一步操作", - "item1": "查看 Run 監控與 provider fallback", + "item1": "查看執行監控與 provider fallback", "item2": "處理等待審批的高風險操作", "item3": "審查 Contract lifecycle", "item4": "查看 AwoooP 工作鏈路地圖" @@ -3958,239 +3958,239 @@ } }, "githubTenantReadinessScope": { - "title": "GitHub Primary Readiness 租戶範圍", - "subtitle": "租戶管理同步顯示 AWOOOI first tenant 與 Gitea 轉 GitHub 的 source-control owner scope 缺口;這不是租戶 policy、repo 建立或 primary 切換授權。", - "badge": "只讀 scope", + "title": "GitHub 主要來源就緒度租戶範圍", + "subtitle": "租戶管理同步顯示 AWOOOI 第一租戶與 Gitea 轉 GitHub 的原始碼管控負責人範圍缺口;這不是租戶 policy、repo 建立或主要來源切換授權。", + "badge": "只讀範圍", "openIwooos": "開啟 IwoooS", - "scopeRefsTitle": "Owner scope refs", + "scopeRefsTitle": "負責人範圍參照", "boundaryLabel": "租戶 / GitHub 邊界", - "boundaryTitle": "租戶範圍仍等待 owner response", - "boundaryDetail": "這個面板只呈現租戶與 source-control readiness 的對應關係;不變更 tenant migration mode、不改 tenant policy、不建立 GitHub repo、不改 refs、不收 secret value、不切 primary,也不停用 Gitea。", + "boundaryTitle": "租戶範圍仍等待負責人回覆", + "boundaryDetail": "這個面板只呈現租戶與原始碼管控就緒度的對應關係;不變更租戶遷移模式、不改 tenant policy、不建立 GitHub repo、不改 refs、不收 secret value、不切主要來源,也不停用 Gitea。", "metrics": { "candidateRepos": { - "label": "Candidate repos", - "detail": "8 個候選 repo 只作為 scope visibility,不代表可建立 GitHub repo。" + "label": "候選 repo", + "detail": "8 個候選 repo 只作為範圍可見性,不代表可建立 GitHub repo。" }, "inScopeRepos": { - "label": "In-scope repos", - "detail": "7 個 repo 仍需 owner scope decision 與 source-control response。" + "label": "範圍內 repo", + "detail": "7 個 repo 仍需負責人範圍決策與原始碼管控回覆。" }, "ownerResponses": { - "label": "Owner responses", - "detail": "22 個 response templates 仍為 0 received / 0 accepted。" + "label": "負責人回覆", + "detail": "22 個回覆範本仍為 0 received / 0 accepted。" }, "tenantScopeChanges": { - "label": "Tenant scope changes", - "detail": "目前為 0;不得因顯示 readiness 而改 tenant policy 或 migration mode。" + "label": "租戶範圍變更", + "detail": "目前為 0;不得因顯示就緒度而改 tenant policy 或 migration mode。" } }, "scopeRefs": { - "tenantSourceScope": "AWOOOI first tenant 只對應 source-control readiness 範圍,不代表全平台或 GitHub primary 已接受。", - "giteaInventoryOwner": "S4.9 仍等待 Gitea inventory owner attestation;coverage accepted 前不得補寫 repo scope。", - "githubTargetOwner": "S4.10 仍等待 GitHub target owner decision;target owner 未接受前不得建立 repo 或改 visibility。", - "workflowSecretOwner": "S4.12 只等待 workflow / secret name owner response;仍不得收 secret value 或修改 GitHub secrets。" + "tenantSourceScope": "AWOOOI 第一租戶只對應原始碼管控就緒範圍,不代表全平台或 GitHub 主要來源已接受。", + "giteaInventoryOwner": "S4.9 仍等待 Gitea 清冊負責人證明;覆蓋範圍接受前不得補寫 repo 範圍。", + "githubTargetOwner": "S4.10 仍等待 GitHub 目標負責人決策;目標負責人未接受前不得建立 repo 或改可見性。", + "workflowSecretOwner": "S4.12 只等待工作流程 / secret 名稱負責人回覆;仍不得收 secret value 或修改 GitHub secrets。" } } }, "runs": { "securityRunStateCandidate": { - "title": "IwoooS Run State 只讀候選", - "subtitle": "Run 監控只顯示 security mirror 可以被 AwoooP Run 視角理解;這不是 run created,也不會接 execution router。", - "badge": "Run State 候選", - "runRefsTitle": "只讀 run refs", - "boundaryLabel": "Run 邊界", - "boundaryTitle": "目前沒有資安 Run 可執行", - "boundaryDetail": "這個面板不建立 platform run、不接 execution router、不呼叫 GitHub / Gitea / Kali,也不新增 scan、execute、repair、deploy、primary switch 或 refs action。", + "title": "IwoooS 執行狀態只讀候選", + "subtitle": "執行監控只顯示資安鏡像可以被 AwoooP 執行視角理解;這不是已建立執行紀錄,也不會接上執行路由器。", + "badge": "執行狀態候選", + "runRefsTitle": "只讀執行參照", + "boundaryLabel": "執行邊界", + "boundaryTitle": "目前沒有資安執行可啟動", + "boundaryDetail": "這個面板不建立平台執行紀錄、不接執行路由器、不呼叫 GitHub / Gitea / Kali,也不新增掃描、執行、修復、部署、主要來源切換或 refs 動作。", "openIwooos": "開啟 IwoooS", "metrics": { - "visibility": "Run visibility", - "visibilityValue": "read-only", - "visibilityDetail": "只把 security mirror 投影到 Run 監控語境,不建立真正 runtime run。", - "runtimeRuns": "Security runs", - "runtimeRunsDetail": "目前為 0;S2.58 只做顯示候選,不建立 run record。", - "activeGates": "Active runtime gates", + "visibility": "執行可見性", + "visibilityValue": "只讀", + "visibilityDetail": "只把資安鏡像投影到執行監控語境,不建立真正 runtime 執行。", + "runtimeRuns": "資安執行數", + "runtimeRunsDetail": "目前為 0;S2.58 只做顯示候選,不建立執行紀錄。", + "activeGates": "主動執行閘門", "activeGatesDetail": "仍為 0;runtime gate 需獨立批准、rollback 與 post-check evidence。", - "ownerResponse": "Owner accepted", - "ownerResponseDetail": "S4.9-S4.12 owner response accepted 仍為 0,Run 顯示不等於收件完成。" + "ownerResponse": "負責人已接受", + "ownerResponseDetail": "S4.9-S4.12 負責人回覆 accepted 仍為 0,執行顯示不等於收件完成。" }, "runRefs": { - "mirrorRunState": "AwoooP Run 監控可以理解 security mirror,但只能當 read-only candidate。", - "readOnlyDryRun": "若未來產生 dry-run evidence,也必須維持 read-only 與 human gate 語義。", - "ownerResponse": "owner response received / accepted 仍為 0,任何 Run 進一步行動都要等待人工收件。", - "activeGates": "active runtime gates 仍為 0,不從 Run 監控頁開 gate 或建立 action button。" + "mirrorRunState": "AwoooP 執行監控可以理解資安鏡像,但只能當只讀候選。", + "readOnlyDryRun": "若未來產生 dry-run evidence,也必須維持只讀與人工閘門語義。", + "ownerResponse": "負責人回覆 received / accepted 仍為 0,任何執行進一步行動都要等待人工收件。", + "activeGates": "主動 runtime gate 仍為 0,不從執行監控頁開 gate 或建立 action button。" } }, "githubRunReadinessBoundary": { - "title": "GitHub Primary Readiness Run 邊界", - "subtitle": "Run 監控同步顯示 GitHub primary readiness 仍不可產生 security run;這不是 platform run、execution router、repo 建立或 primary 切換授權。", - "badge": "Run 邊界", + "title": "GitHub 主要來源就緒度執行邊界", + "subtitle": "執行監控同步顯示 GitHub 主要來源就緒度仍不可產生資安執行;這不是平台執行、執行路由器、repo 建立或主要來源切換授權。", + "badge": "執行邊界", "openIwooos": "開啟 IwoooS", - "runRefsTitle": "GitHub readiness run refs", - "boundaryLabel": "GitHub / Run 邊界", - "boundaryTitle": "目前沒有 GitHub primary run 可執行", - "boundaryDetail": "這個面板只把 source-control readiness 投影到 Run 監控語境;不建立 platform run、不接 execution router、不建立 GitHub repo、不改 refs、不改 workflow / secrets、不收 secret value、不切 primary,也不停用 Gitea。", + "runRefsTitle": "GitHub 就緒度執行參照", + "boundaryLabel": "GitHub / 執行邊界", + "boundaryTitle": "目前沒有 GitHub 主要來源執行可啟動", + "boundaryDetail": "這個面板只把原始碼管控就緒度投影到執行監控語境;不建立平台執行、不接執行路由器、不建立 GitHub repo、不改 refs、不改工作流程 / secrets、不收 secret value、不切主要來源,也不停用 Gitea。", "metrics": { "candidateRepos": { - "label": "Candidate repos", - "detail": "8 個候選 repo 只顯示 readiness,不會產生 GitHub repo creation run。" + "label": "候選 repo", + "detail": "8 個候選 repo 只顯示就緒度,不會產生 GitHub repo 建立執行。" }, "inScopeRepos": { - "label": "In-scope repos", - "detail": "7 個 repo 仍等待 owner response;Run 監控不得替它們開任務。" + "label": "範圍內 repo", + "detail": "7 個 repo 仍等待負責人回覆;執行監控不得替它們開任務。" }, "securityRuns": { - "label": "GitHub security runs", - "detail": "目前為 0;readiness visibility 不等於 platform run created。" + "label": "GitHub 資安執行數", + "detail": "目前為 0;就緒度可見不等於已建立平台執行。" }, "ownerResponses": { - "label": "Owner responses", - "detail": "22 個 response templates 仍為 0 received / 0 accepted。" + "label": "負責人回覆", + "detail": "22 個回覆範本仍為 0 received / 0 accepted。" }, "workflowInventory": { - "label": "Workflow inventory", - "detail": "7 個 repo 的 workflow / secret name inventory 仍未完成。" + "label": "工作流程清冊", + "detail": "7 個 repo 的 workflow / secret 名稱清冊仍未完成。" } }, "runRefs": { - "primaryReadiness": "Primary readiness gate 仍顯示 ready=0,不能轉成 GitHub primary run。", - "ownerValidation": "Owner response validation rollup 仍是 0/22,不能被 Run 監控自動補成 accepted。", - "workflowInventory": "Workflow / secret name inventory 仍只收集名稱與路由,不收 secret value、不修改 GitHub secrets。", - "rollbackAdr": "Rollback ADR 尚未完成 owner-approved dry-run,因此不能啟動 primary switch run。" + "primaryReadiness": "主要來源就緒度閘門仍顯示 ready=0,不能轉成 GitHub 主要來源執行。", + "ownerValidation": "負責人回覆驗證彙總仍是 0/22,不能被執行監控自動補成 accepted。", + "workflowInventory": "Workflow / secret 名稱清冊仍只收集名稱與路由,不收 secret value、不修改 GitHub secrets。", + "rollbackAdr": "Rollback ADR 尚未完成 owner-approved dry-run,因此不能啟動主要來源切換執行。" } } }, "contracts": { "securityContractCandidate": { "title": "IwoooS 資安契約只讀候選", - "subtitle": "合約儀表板只顯示 IwoooS / security mirror 目前依賴的 schema、snapshot 與 guard 口徑;這不是 contract publish,也不會觸發 runtime gate。", + "subtitle": "合約儀表板只顯示 IwoooS / 資安鏡像目前依賴的 schema、snapshot 與 guard 口徑;這不是合約發布,也不會觸發 runtime gate。", "badge": "契約候選", - "contractRefsTitle": "只讀 contract refs", + "contractRefsTitle": "只讀合約參照", "boundaryLabel": "合約邊界", "boundaryTitle": "目前沒有可發布的資安合約", - "boundaryDetail": "這個面板不發布 contract revision、不改合約生命週期、不寫入 platform contracts API、不呼叫 GitHub / Gitea / Kali,也不新增 scan、execute、deploy、primary switch 或 refs action。", + "boundaryDetail": "這個面板不發布合約版次、不改合約生命週期、不寫入平台合約 API、不呼叫 GitHub / Gitea / Kali,也不新增掃描、執行、部署、主要來源切換或 refs 動作。", "openIwooos": "開啟 IwoooS", "metrics": { - "totalContracts": "總 contracts", - "totalContractsDetail": "security mirror 目前彙整 36 個主要 contract。", - "readyForMirror": "Ready for mirror", + "totalContracts": "合約總數", + "totalContractsDetail": "資安鏡像目前彙整 36 個主要合約。", + "readyForMirror": "鏡像就緒", "readyForMirrorDetail": "33 個 ready、2 個 partial、1 個 contract-only、0 blocked。", - "partialReady": "Partial", - "partialReadyDetail": "缺口仍集中在 owner response、payload ingestion 與 source-control owner evidence。", - "activeRuntimeGates": "Active runtime gates", + "partialReady": "部分就緒", + "partialReadyDetail": "缺口仍集中在負責人回覆、payload ingestion 與原始碼管控負責人 evidence。", + "activeRuntimeGates": "主動執行閘門", "activeRuntimeGatesDetail": "仍為 0;合約可見性不等於 runtime enforcement。" }, "contractRefs": { "statusRollup": "AwoooP / Security Session 的共同狀態入口,只彙整進度與安全 gate。", - "postureProjection": "IwoooS 前端態勢、主機覆蓋、owner response focus 與禁止動作的投影契約。", - "ownerValidation": "S4.9-S4.12 owner response received / accepted 分離與 reviewer 檢查口徑。", - "rolloutPolicy": "低摩擦、observe-first、owner review before blocking 的 rollout policy。" + "postureProjection": "IwoooS 前端態勢、主機覆蓋、負責人回覆焦點與禁止動作的投影契約。", + "ownerValidation": "S4.9-S4.12 負責人回覆 received / accepted 分離與 reviewer 檢查口徑。", + "rolloutPolicy": "低摩擦、先觀測、封鎖前先由負責人審查的 rollout policy。" } }, "githubPrimaryReadinessCandidate": { - "title": "GitHub Primary Readiness 合約只讀候選", - "subtitle": "合約儀表板同步顯示 Gitea 轉 GitHub 的 readiness contract refs、owner response 缺口與不可執行邊界;這不是 repo creation、refs mutation、secret collection 或 primary switch 授權。", - "badge": "GitHub readiness", - "contractRefsTitle": "Primary readiness contract refs", - "boundaryLabel": "Source-control 邊界", - "boundaryTitle": "目前沒有可切換的 GitHub primary", - "boundaryDetail": "這個面板只顯示 candidate repos、in-scope repos、primary ready、owner response 與 workflow / secret 名稱清冊缺口;不建立 GitHub repo、不改 visibility、不 sync / delete / force push refs、不收 secret value、不切 primary、不停用 Gitea,也不觸發 runtime gate。", + "title": "GitHub 主要來源就緒度合約只讀候選", + "subtitle": "合約儀表板同步顯示 Gitea 轉 GitHub 的就緒度合約參照、負責人回覆缺口與不可執行邊界;這不是 repo 建立、refs 變更、secret 收集或主要來源切換授權。", + "badge": "GitHub 就緒度", + "contractRefsTitle": "主要來源就緒度合約參照", + "boundaryLabel": "原始碼管控邊界", + "boundaryTitle": "目前沒有可切換的 GitHub 主要來源", + "boundaryDetail": "這個面板只顯示候選 repo、範圍內 repo、主要來源就緒數、負責人回覆與 workflow / secret 名稱清冊缺口;不建立 GitHub repo、不改可見性、不 sync / delete / force push refs、不收 secret value、不切主要來源、不停用 Gitea,也不觸發 runtime gate。", "openIwooos": "開啟 IwoooS", "metrics": { - "candidateRepos": "候選 repos", - "candidateReposDetail": "S4.0 目前追蹤 8 個 GitHub primary readiness 候選。", - "inScopeRepos": "In-scope", - "inScopeReposDetail": "7 個仍需 owner / visibility / canonical / rollback evidence。", - "primaryReady": "Primary ready", - "primaryReadyDetail": "仍為 0;readiness 可見不等於已可切 primary。", - "ownerResponses": "Owner response", - "ownerResponsesDetail": "S4.9-S4.12 共 22 個 response templates 仍為 0 received / accepted。", - "workflowInventory": "Workflow inventory", - "workflowInventoryDetail": "7 個 in-scope repos 的 workflow / secret 名稱清冊仍未 complete。" + "candidateRepos": "候選 repo", + "candidateReposDetail": "S4.0 目前追蹤 8 個 GitHub 主要來源就緒度候選。", + "inScopeRepos": "範圍內 repo", + "inScopeReposDetail": "7 個仍需負責人 / 可見性 / canonical / rollback evidence。", + "primaryReady": "主要來源就緒數", + "primaryReadyDetail": "仍為 0;就緒度可見不等於已可切主要來源。", + "ownerResponses": "負責人回覆", + "ownerResponsesDetail": "S4.9-S4.12 共 22 個回覆範本仍為 0 received / accepted。", + "workflowInventory": "工作流程清冊", + "workflowInventoryDetail": "7 個範圍內 repo 的 workflow / secret 名稱清冊仍未 complete。" }, "contractRefs": { - "primaryReadiness": "GitHub primary parity、owner、refs、workflow 與 rollback 前置缺口的主 readiness gate。", - "ownerValidation": "四包 owner response 的 received / accepted / rejected 分離與 reviewer 檢查口徑。", + "primaryReadiness": "GitHub 主要來源 parity、owner、refs、workflow 與 rollback 前置缺口的主就緒度閘門。", + "ownerValidation": "四包負責人回覆的 received / accepted / rejected 分離與 reviewer 檢查口徑。", "rollbackAdr": "7 個 in-scope repos 的 rollback ADR 草案、owner review 與 validation window。", "workflowInventory": "workflow、runner、deploy key、branch protection、CODEOWNERS 與 secret 名稱清冊;只收名稱不收 value。", - "postureProjection": "IwoooS 用來呈現 GitHub readiness board 與禁止動作的前端投影。" + "postureProjection": "IwoooS 用來呈現 GitHub 就緒度狀態板與禁止動作的前端投影。" } } }, "approvals": { "securityOwnerResponseGate": { - "title": "IwoooS Owner Response 只讀審查焦點", - "subtitle": "AwoooP 審批佇列只顯示 S4.9-S4.12 owner response 的下一個人工收件焦點;這不是 approval record,也不會開 runtime gate。", + "title": "IwoooS 負責人回覆只讀審查焦點", + "subtitle": "AwoooP 審批佇列只顯示 S4.9-S4.12 負責人回覆的下一個人工收件焦點;這不是 approval record,也不會開 runtime gate。", "badge": "只讀焦點", - "ownerChecksTitle": "Owner response 收件順序", + "ownerChecksTitle": "負責人回覆收件順序", "boundaryLabel": "審批邊界", "boundaryTitle": "目前仍沒有可核准項目", - "boundaryDetail": "這個面板不送出 request、不標記 received / accepted、不建立 approval record、不呼叫 GitHub / Gitea / Kali,也不新增 approve、execute、deploy、primary switch 或 refs action。", + "boundaryDetail": "這個面板不送出 request、不標記 received / accepted、不建立 approval record、不呼叫 GitHub / Gitea / Kali,也不新增批准、執行、部署、主要來源切換或 refs 動作。", "openIwooos": "開啟 IwoooS", "metrics": { - "received": "Received", - "receivedDetail": "S4.9-S4.12 owner response received 仍為 0。", - "accepted": "Accepted", - "acceptedDetail": "尚未有可接受的脫敏 owner evidence。", - "activeRuntimeGates": "Active runtime gates", + "received": "已收到", + "receivedDetail": "S4.9-S4.12 負責人回覆 received 仍為 0。", + "accepted": "已接受", + "acceptedDetail": "尚未有可接受的脫敏負責人 evidence。", + "activeRuntimeGates": "主動執行閘門", "activeRuntimeGatesDetail": "任何 runtime gate 仍需獨立批准與 rollback / post-check evidence。", "headline": "整體資安網", - "headlineDetail": "58% 只在 owner response、runtime gate、GitHub primary 或 production landing 有 evidence 時重估。" + "headlineDetail": "58% 只在負責人回覆、runtime gate、GitHub 主要來源或 production landing 有 evidence 時重估。" }, "checks": { "s49OwnerAttestation": { - "title": "S4.9 Gitea owner attestation", + "title": "S4.9 Gitea 負責人證明", "detail": "下一個建議先收;需要回覆 public-only / local gap、org / user endpoint、110 adjacent source、canonical owner 與 legacy disposition。" }, "s410GithubTarget": { - "title": "S4.10 GitHub target owner", - "detail": "等待 S4.9 之後收斂 7 個 GitHub target 的 owner / visibility / canonical decision。" + "title": "S4.10 GitHub 目標負責人", + "detail": "等待 S4.9 之後收斂 7 個 GitHub target 的負責人 / 可見性 / canonical decision。" }, "s411RefsTruth": { - "title": "S4.11 refs truth owner response", - "detail": "等待 owner 對 main / dev truth、deprecated drift、release tags 與 GitHub-only refs 做脫敏判定。" + "title": "S4.11 refs 真相負責人回覆", + "detail": "等待負責人對 main / dev truth、deprecated drift、release tags 與 GitHub-only refs 做脫敏判定。" }, "s412WorkflowSecret": { "title": "S4.12 workflow / secret 名稱", - "detail": "等待 owner 對 webhook、runner、deploy key、branch protection / CODEOWNERS、secret name parity 做脫敏判定。" + "detail": "等待負責人對 webhook、runner、deploy key、branch protection / CODEOWNERS、secret name parity 做脫敏判定。" } } }, "githubPrimaryReadinessGate": { - "title": "GitHub Primary Readiness 審批邊界", - "subtitle": "審批佇列只顯示 GitHub primary 前置 owner response 缺口;這不是 GitHub primary approval,也不會建立 repo、改 refs、收 secret value 或停用 Gitea。", + "title": "GitHub 主要來源就緒度審批邊界", + "subtitle": "審批佇列只顯示 GitHub 主要來源前置負責人回覆缺口;這不是 GitHub 主要來源批准,也不會建立 repo、改 refs、收 secret value 或停用 Gitea。", "badge": "只讀審批邊界", - "responseLanesTitle": "Owner response lanes", - "boundaryLabel": "GitHub primary 邊界", - "boundaryTitle": "目前沒有可批准的 primary switch", - "boundaryDetail": "這個面板只把 S4.9-S4.12 的收件順序放到 approvals 視野;所有 response 仍為 received=0 / accepted=0,不建立 approval record、不切 GitHub primary、不改 Gitea primary,也不觸發 runtime gate。", + "responseLanesTitle": "負責人回覆路線", + "boundaryLabel": "GitHub 主要來源邊界", + "boundaryTitle": "目前沒有可批准的主要來源切換", + "boundaryDetail": "這個面板只把 S4.9-S4.12 的收件順序放到審批視野;所有回覆仍為 received=0 / accepted=0,不建立 approval record、不切 GitHub 主要來源、不改 Gitea 主要來源,也不觸發 runtime gate。", "openIwooos": "開啟 IwoooS", "metrics": { - "giteaOwner": "Gitea owner", - "giteaOwnerDetail": "S4.9 的 5 個 owner attestation items 仍未 received / accepted。", - "githubTargetOwner": "GitHub target owner", - "githubTargetOwnerDetail": "S4.10 的 7 個 target owner / visibility / canonical responses 仍未 accepted。", - "refsTruth": "Refs truth", - "refsTruthDetail": "S4.11 的 5 類 refs truth owner responses 仍未 accepted。", - "workflowSecretNames": "Workflow / secret names", - "workflowSecretNamesDetail": "S4.12 的 5 類 workflow / secret 名稱 owner responses 仍未 accepted。", - "primaryReady": "Primary ready", - "primaryReadyDetail": "仍為 0;approvals 可見不等於可切 primary。" + "giteaOwner": "Gitea 負責人", + "giteaOwnerDetail": "S4.9 的 5 個負責人證明項目仍未 received / accepted。", + "githubTargetOwner": "GitHub 目標負責人", + "githubTargetOwnerDetail": "S4.10 的 7 個目標負責人 / 可見性 / canonical 回覆仍未 accepted。", + "refsTruth": "Refs 真相", + "refsTruthDetail": "S4.11 的 5 類 refs 真相負責人回覆仍未 accepted。", + "workflowSecretNames": "工作流程 / secret 名稱", + "workflowSecretNamesDetail": "S4.12 的 5 類 workflow / secret 名稱負責人回覆仍未 accepted。", + "primaryReady": "主要來源就緒數", + "primaryReadyDetail": "仍為 0;審批可見不等於可切主要來源。" }, "responseLanes": { "giteaOwnerAttestation": { - "title": "Gitea inventory owner attestation", + "title": "Gitea 清冊負責人證明", "detail": "先確認 public-only / local gap、org / user endpoint、110 adjacent source、canonical owner 與 legacy disposition。" }, "githubTargetOwner": { - "title": "GitHub target owner decision", - "detail": "再確認 7 個 in-scope targets 的 owner、visibility 與 canonical target,不自動建立 repo。" + "title": "GitHub 目標負責人決策", + "detail": "再確認 7 個範圍內目標的負責人、可見性與 canonical target,不自動建立 repo。" }, "refsTruthOwner": { - "title": "Refs truth owner response", + "title": "Refs 真相負責人回覆", "detail": "接著確認 main / dev truth、deprecated drift、release tags 與 GitHub-only refs,不 sync / delete / force push。" }, "workflowSecretOwner": { - "title": "Workflow / secret name owner response", + "title": "工作流程 / secret 名稱負責人回覆", "detail": "最後確認 workflow、runner、deploy key、branch protection、CODEOWNERS 與 secret 名稱;只收名稱,不收 value。" } } @@ -4226,7 +4226,7 @@ "link": "Link" }, "surfaces": { - "runs": "Run 監控 / Run Detail", + "runs": "執行監控 / 執行詳情", "governance": "治理事件 / SLO", "workItems": "工作鏈路", "iwooos": "IwoooS / 資安鏡像" @@ -4248,13 +4248,13 @@ "title": "治理告警 dispatch 與去重" }, "frontendConsole": { - "title": "AwoooP Operator Console 產品化" + "title": "AwoooP 操作控制台產品化" }, "iwooosSecurityMirror": { "title": "IwoooS 資安鏡像只讀工作項" }, "githubPrimaryReadiness": { - "title": "GitHub Primary Readiness 只讀工作項" + "title": "GitHub 主要來源就緒度只讀工作項" }, "mcpGateway": { "title": "MCP Gateway 使用證據總覽" @@ -4270,8 +4270,8 @@ "telegramCallbacks": "按下詳情與歷史不能再只依賴 Redis TTL 或舊快照", "governanceDispatch": "治理告警必須進 dispatch,並標示 skipped / pending / repaired", "frontendConsole": "已完成與推進中的工作必須能從前端直接追蹤", - "iwooosSecurityMirror": "只讀追蹤資安網進度與邊界;不得建立 scan、execute、repair、deploy、primary switch 或 runtime gate", - "githubPrimaryReadiness": "只讀追蹤 Gitea 轉 GitHub 的 readiness 缺口;不得建立 repo、改 visibility、sync refs、收 secret value、切 primary 或停用 Gitea", + "iwooosSecurityMirror": "只讀追蹤資安網進度與邊界;不得建立掃描、執行、修復、部署、主要來源切換或 runtime gate", + "githubPrimaryReadiness": "只讀追蹤 Gitea 轉 GitHub 的就緒度缺口;不得建立 repo、改可見性、sync refs、收 secret value、切主要來源或停用 Gitea", "mcpGateway": "MCP 使用必須看得到 agent、tool、scope 與 blocked 原因", "timelineContract": "Incident、Approval、Evidence、KM、Timeline 不得互相矛盾" }, @@ -4285,11 +4285,11 @@ "governanceQueueMissing": "治理 dispatch 表尚未就緒;未解治理告警:{unresolved}", "frontendConsole": "本頁已改讀 production API,而非靜態清單", "iwooosSecurityMirror": "整體 {headline};框架 {framework};落地 {runtime};active runtime gates={gates}", - "iwooosSecurityMirrorOwner": "Owner response 仍等待;production_landing_enabled=false", + "iwooosSecurityMirrorOwner": "負責人回覆仍等待;production_landing_enabled=false", "iwooosSecurityMirrorBoundary": "execution_router_linked=false;runtime_execution_authorized=false;action_buttons_allowed=false", - "githubPrimaryReadiness": "候選 repo={candidates};in-scope={inScope};primary ready={ready}", - "githubPrimaryOwnerResponses": "Owner response 仍為 0/22;request-ready 不是 accepted", - "githubPrimaryWorkflowNames": "Workflow / secret name inventory complete=0/7;只收名稱不收 secret value", + "githubPrimaryReadiness": "候選 repo={candidates};範圍內={inScope};主要來源就緒={ready}", + "githubPrimaryOwnerResponses": "負責人回覆仍為 0/22;request-ready 不是 accepted", + "githubPrimaryWorkflowNames": "Workflow / secret 名稱清冊 complete=0/7;只收名稱不收 secret value", "githubPrimaryBoundary": "repo_creation=false;refs_mutation=false;github_primary_switch=false;disable_gitea=false", "mcpReady": "MCP Gateway gate 目前未列為主要缺口", "mcpMissing": "品質總覽仍指出 MCP Gateway 觀測缺口", @@ -4310,11 +4310,11 @@ "filters": { "label": "AI 證據篩選", "all": "所有 AI 證據", - "incidentLabel": "Incident ID 篩選", - "incidentPlaceholder": "輸入 Incident ID" + "incidentLabel": "事件 ID 篩選", + "incidentPlaceholder": "輸入事件 ID" }, "incident": { - "column": "Incident", + "column": "事件", "empty": "尚未關聯", "filterTitle": "只看 {incidentId}", "more": "+{count} 筆" @@ -4331,7 +4331,7 @@ "readOnlyDryRun": "AI 已走補救試跑,且最新紀錄沒有寫入 incident 或 auto-repair 狀態。", "writeObserved": "最新補救紀錄含寫入旗標,審批前需確認狀態變更來源。", "blocked": "補救試跑未通過或被 gate 阻擋,需人工確認卡點。", - "observed": "此列已連到補救歷史,請進入 Run Timeline 查看完整證據。" + "observed": "此列已連到補救歷史,請進入執行時間線查看完整證據。" }, "summary": { "readOnly": "只讀試跑", @@ -4343,51 +4343,51 @@ "noEvidence": "缺補救證據", "noEvidenceDetail": "列表尚未連到 ADR-100 dry-run history", "approvalReadOnlyDetail": "審批前已有只讀補救證據可回看", - "approvalNoEvidenceDetail": "審批前仍缺補救試跑證據,需進 Run Timeline 檢查" + "approvalNoEvidenceDetail": "審批前仍缺補救試跑證據,需進執行時間線檢查" } }, "incidentEvidence": { - "title": "Incident Evidence", - "subtitle": "Telegram、Run、Approval 與 Work Item 共用同一組補救證據", + "title": "事件證據", + "subtitle": "Telegram、執行、審批與工作項目共用同一組補救證據", "empty": "--", - "incidentLabel": "Incident", - "notLinked": "尚未關聯 Incident", + "incidentLabel": "事件", + "notLinked": "尚未關聯事件", "filterTitle": "只看 {incidentId}", "more": "+{count} 筆", "dryRuns": "Dry-run", "route": "MCP 路由", "writes": "寫入旗標", "writeFlags": "incident={incident} / autoRepair={autoRepair}", - "runLink": "Run Timeline" + "runLink": "執行時間線" }, "runDetail": { - "back": "返回 Run 監控", - "title": "Run 處置脈絡", + "back": "返回執行監控", + "title": "執行處置脈絡", "refresh": "重新整理", "empty": "--", "durationSeconds": "{seconds}s", "errors": { - "title": "無法載入 Run 詳情", + "title": "無法載入執行詳情", "loadFailed": "載入失敗" }, "stats": { "state": "目前狀態", - "timeline": "Timeline", - "mcpSteps": "MCP / Steps", + "timeline": "時間線", + "mcpSteps": "MCP / 步驟", "duration": "執行時間" }, "summary": { - "title": "Run 摘要", - "project": "Project", - "agent": "Agent", + "title": "執行摘要", + "project": "專案", + "agent": "代理", "traceId": "Trace ID", "trigger": "Trigger", "triggerRef": "Trigger Ref", - "cost": "Cost", - "attempts": "Attempts", - "created": "Created", - "completed": "Completed", - "error": "Error" + "cost": "成本", + "attempts": "嘗試次數", + "created": "建立時間", + "completed": "完成時間", + "error": "錯誤" }, "timeline": { "title": "處置時間線", @@ -4398,7 +4398,7 @@ "gateway": { "title": "MCP Gateway", "emptyState": "尚無紀錄", - "agent": "Agent", + "agent": "代理", "tool": "Tool", "scope": "Scope", "blockers": "卡點", @@ -4421,7 +4421,7 @@ "empty": "尚無補救歷史" }, "metrics": { - "incidents": "Incident", + "incidents": "事件", "dryRuns": "Dry-run", "tools": "Tools", "writes": "寫入旗標" @@ -4456,7 +4456,7 @@ "approvalIds": "Approval", "eventIds": "Event", "fingerprints": "Fingerprint", - "incidentIds": "Incident", + "incidentIds": "事件", "sentryIssueIds": "Sentry", "signozAlerts": "SignOz" } @@ -4465,34 +4465,34 @@ "eyebrow": "下一步判斷", "approval": { "title": "等待人工審批", - "detail": "AI 已停在人工閘門,尚未 resume。請從審批頁 approve 或 reject,所有決策都會回寫 Run state 與 audit。", + "detail": "AI 已停在人工閘門,尚未 resume。請從審批頁 approve 或 reject,所有決策都會回寫執行狀態與 audit。", "primary": "前往審批決策" }, "manual": { "title": "需人工接手", - "detail": "AI 無法安全閉環,或執行已失敗 / 超時。請回 Run 監控比對同專案任務,必要時交由 SRE 戰情室處置。", - "primary": "回 Run 監控" + "detail": "AI 無法安全閉環,或執行已失敗 / 超時。請回執行監控比對同專案任務,必要時交由 SRE 戰情室處置。", + "primary": "回執行監控" }, "completed": { "title": "已完成,等待稽核回看", - "detail": "Run 已收斂。請以時間線檢查 MCP、出站訊息與成本紀錄是否完整,必要時再回寫 KM / Playbook。", - "primary": "回 Run 監控" + "detail": "執行已收斂。請以時間線檢查 MCP、出站訊息與成本紀錄是否完整,必要時再回寫 KM / Playbook。", + "primary": "回執行監控" }, "running": { "title": "AI 正在處理", - "detail": "Run 尚未結束,頁面會定期刷新。若長時間停留在 running,請檢查 heartbeat、MCP latency 與 worker 狀態。", - "primary": "回 Run 監控" + "detail": "執行尚未結束,頁面會定期刷新。若長時間停留在 running,請檢查 heartbeat、MCP latency 與 worker 狀態。", + "primary": "回執行監控" }, "observe": { "title": "觀察中", "detail": "目前尚未進入人工閘門或終止狀態。請沿時間線確認入站事件、工具呼叫與出站訊息是否有缺口。", - "primary": "回 Run 監控" + "primary": "回執行監控" }, "evidence": { "inbound": "入站事件", "outbound": "出站訊息", "mcp": "MCP 呼叫", - "steps": "Steps" + "steps": "步驟" } }, "statuses": { @@ -4505,7 +4505,7 @@ "received": "已接收", "running": "執行中", "sent": "已送出", - "shadow": "Shadow", + "shadow": "影子", "success": "成功", "timeout": "已超時", "warning": "警告", @@ -4514,28 +4514,28 @@ }, "approvalDecision": { "back": "返回審批佇列", - "viewTimeline": "查看 Run Timeline", + "viewTimeline": "查看執行時間線", "eyebrow": "人工審批閘門", "title": "審批決策", "timeout": "審批期限", "empty": "--", "errors": { - "title": "無法載入 Run 資料", + "title": "無法載入執行資料", "loadFailed": "載入失敗", "missingProject": "缺少 project_id,無法送出審批決策", "actionFailed": "操作失敗" }, "success": { - "approve": "Run 已核准,正在回到 Timeline", - "reject": "Run 已拒絕,正在回到 Timeline" + "approve": "執行已核准,正在回到時間線", + "reject": "執行已拒絕,正在回到時間線" }, "notWaiting": { - "title": "此 Run 目前不在人工審批狀態", - "detail": "目前狀態為 {state}。此頁不會顯示 approve / reject,請回 Run Timeline 檢查最新狀態。" + "title": "此執行目前不在人工審批狀態", + "detail": "目前狀態為 {state}。此頁不會顯示 approve / reject,請回執行時間線檢查最新狀態。" }, "remediation": { "title": "補救試跑證據", - "empty": "此 Run 尚未連到補救試跑歷史;核准前仍需回 Run Timeline 檢查來源卷宗與 MCP Gateway。", + "empty": "此執行尚未連到補救試跑歷史;核准前仍需回執行時間線檢查來源卷宗與 MCP Gateway。", "latest": "最新試跑", "preview": "模式 {mode};預覽 {preview}", "writes": "寫入:incident={incident};autoRepair={autoRepair}", @@ -4544,26 +4544,26 @@ "empty": "尚無補救歷史" }, "metrics": { - "incidents": "Incident", + "incidents": "事件", "dryRuns": "Dry-run", "tools": "Tools" } }, "details": { - "title": "Run 詳情", - "runId": "Run ID", - "project": "Project", - "agent": "Agent", + "title": "執行詳情", + "runId": "執行 ID", + "project": "專案", + "agent": "代理", "state": "狀態", "traceId": "Trace ID", "trigger": "Trigger", "triggerRef": "Trigger Ref", - "cost": "Cost", - "attempts": "Attempts", - "created": "Created", - "timeout": "Timeout", - "error": "Error", - "empty": "找不到 Run 資料。" + "cost": "成本", + "attempts": "嘗試次數", + "created": "建立時間", + "timeout": "逾時", + "error": "錯誤", + "empty": "找不到執行資料。" }, "actions": { "approve": "核准", @@ -4572,11 +4572,11 @@ "dialog": { "close": "關閉", "cancel": "取消", - "runId": "Run ID:", + "runId": "執行 ID:", "approve": { "title": "確認核准", - "body": "核准後,Run 會從人工閘門 resume,繼續交由 Runtime / MCP Gateway 執行。", - "warning": "此決策會寫入 Run state、approval token 與 audit trail。", + "body": "核准後,執行會從人工閘門 resume,繼續交由 Runtime / MCP Gateway 執行。", + "warning": "此決策會寫入執行狀態、approval token 與 audit trail。", "confirm": "確認核准" }, "reject": { @@ -4584,7 +4584,7 @@ "body": "拒絕後,Run 會被取消,不會繼續自動執行。", "reason": "拒絕原因", "placeholder": "請輸入拒絕原因...", - "warning": "拒絕原因會寫入 audit trail,供後續稽核與 Run Timeline 回看。", + "warning": "拒絕原因會寫入 audit trail,供後續稽核與執行時間線回看。", "confirm": "確認拒絕" } } diff --git a/apps/web/src/app/[locale]/awooop/layout.tsx b/apps/web/src/app/[locale]/awooop/layout.tsx index cffff0f43..bd387e57e 100644 --- a/apps/web/src/app/[locale]/awooop/layout.tsx +++ b/apps/web/src/app/[locale]/awooop/layout.tsx @@ -32,7 +32,7 @@ const navItems = [ icon: FileText, }, { - label: "Run 監控", + label: "執行監控", href: "/awooop/runs" as const, icon: Activity, }, @@ -67,18 +67,18 @@ export default function AwoooPLayout({

- AwoooP Operator Console + AwoooP 操作控制台

- Control Plane + 控制平面 - Shadow First + 影子模式優先
- OPERATOR + 操作員 diff --git a/apps/web/src/app/[locale]/awooop/runs/page.tsx b/apps/web/src/app/[locale]/awooop/runs/page.tsx index b862901e8..fc59825fd 100644 --- a/apps/web/src/app/[locale]/awooop/runs/page.tsx +++ b/apps/web/src/app/[locale]/awooop/runs/page.tsx @@ -365,7 +365,7 @@ function ShadowBadge({ isShadow }: { isShadow: boolean }) { if (!isShadow) return --; return ( - Shadow + 影子 ); } @@ -1006,7 +1006,7 @@ export default function RunsPage() {