diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json
index 570df6bc5..ce2382824 100644
--- a/apps/web/messages/en.json
+++ b/apps/web/messages/en.json
@@ -3585,7 +3585,7 @@
"title": "證據版本確認",
"body": "檢查交接包引用的證據是否已脫敏、可追溯,並標示版本或文件路徑。",
"review": "只確認證據指標是否可追溯。",
- "guard": "不讀取機密明文、不保存原始 payload、不抓外部系統。"
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNoteConfirm": {
"title": "審查備註確認",
@@ -3655,7 +3655,7 @@
"title": "要求證據版本更新",
"body": "若證據版本、文件路徑、脫敏狀態或引用位置不清,必須回到證據補正。",
"result": "只標記需要更新的證據指標。",
- "guard": "不讀取機密明文、不保存原始 payload、不抓外部系統。"
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"readyForRecordOwnerReview": {
"title": "可進負責人檢查",
@@ -3737,7 +3737,7 @@
"title": "證據追溯包",
"body": "整理已脫敏、可追溯的證據版本、文件路徑、引用位置與補證狀態。",
"prepare": "只引用安全證據指標與文件路徑。",
- "guard": "不讀取機密明文、不保存原始 payload、不抓外部系統。"
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNotePacket": {
"title": "審查備註包",
@@ -3759,6 +3759,82 @@
}
}
},
+ "ownerResponseFormalRecordOwnerReviewChecklistBoard": {
+ "title": "人工決策正式紀錄負責人檢查清單",
+ "subtitle": "準備包若進入人工負責人檢查,仍只能逐項確認八個檢查點;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已指派=0、執行期閘門=0。",
+ "checkLabel": "檢查項",
+ "reviewLabel": "檢查方式",
+ "guardLabel": "仍不會做",
+ "boundaryTitle": "負責人檢查清單維持的保護線",
+ "summary": {
+ "checks": {
+ "label": "檢查項",
+ "detail": "八個檢查項先可見,避免準備包被直接視為已通過。"
+ },
+ "passed": {
+ "label": "通過",
+ "detail": "目前為 0;沒有任何負責人檢查被標記通過。"
+ },
+ "assigned": {
+ "label": "已指派",
+ "detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
+ },
+ "runtime": {
+ "label": "執行期閘門",
+ "detail": "目前為 0;檢查清單不會啟動執行期。"
+ }
+ },
+ "items": {
+ "identityTraceCheck": {
+ "title": "身分追溯檢查",
+ "body": "確認交接驗收結果、候選紀錄、草稿、準備包與來源階段是否能互相追溯。",
+ "review": "只標記追溯鏈是否足夠清楚。",
+ "guard": "不建立正式紀錄、不產生新的審批編號。"
+ },
+ "handoffOutcomeCheck": {
+ "title": "交接結果檢查",
+ "body": "確認可進檢查理由、仍待人工確認與不得升格的限制是否完整。",
+ "review": "只確認結果摘要與限制是否可讀。",
+ "guard": "不把可進檢查升格成已指派或已批准。"
+ },
+ "ownerScopeCheck": {
+ "title": "負責人範圍檢查",
+ "body": "確認未來紀錄負責人的角色範圍、責任邊界與聯絡依據是否足夠人工判讀。",
+ "review": "只標記範圍欄位是否足夠。",
+ "guard": "不代填姓名、不查外部帳號、不自動指派。"
+ },
+ "authorityBoundaryCheck": {
+ "title": "權責邊界檢查",
+ "body": "確認可閱讀、可檢查、可審查、可批准與可執行的邊界是否分離。",
+ "review": "只標記權責語義是否清楚。",
+ "guard": "不把檢查當審批,不把批准當執行。"
+ },
+ "evidenceTraceCheck": {
+ "title": "證據追溯檢查",
+ "body": "確認證據版本、文件路徑、引用位置、脫敏狀態與補證狀態是否足夠。",
+ "review": "只確認安全證據指標是否可追溯。",
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
+ },
+ "reviewerNoteCheck": {
+ "title": "審查備註檢查",
+ "body": "確認退回理由、補件結果、人工備註、未決事項與下一步說明是否完整。",
+ "review": "只標記備註與未決事項是否足夠。",
+ "guard": "不建立外部任務、不自動通知、不改審查結論。"
+ },
+ "mutationRejectionCheck": {
+ "title": "變更拒收檢查",
+ "body": "確認專案庫、refs、workflow、secrets、部署或主機變更要求是否已被拒收或隔離。",
+ "review": "只標記拒收狀態與需要重送只讀版本的項目。",
+ "guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
+ },
+ "runtimeCutoverSeparationCheck": {
+ "title": "執行切換分離檢查",
+ "body": "確認掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否留在獨立人工閘門。",
+ "review": "只標記後續是否需要獨立閘門。",
+ "guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
+ }
+ }
+ },
"awooopReadOnlyLandingReadiness": {
"title": "AwoooP Read-Only Landing Readiness",
"subtitle": "S2.51 turns the AwoooP main-line read-only consumption path for IwoooS / security mirror state into an intake readiness board. This is landing readiness, not production_landing_enabled, and it does not connect an execution router.",
diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json
index cc42b2801..584a1a3d9 100644
--- a/apps/web/messages/zh-TW.json
+++ b/apps/web/messages/zh-TW.json
@@ -1446,7 +1446,7 @@
},
"redactedIngestion": {
"title": "Redacted ingestion",
- "body": "主機 finding 或掃描結果只能以脫敏摘要進入 mirror,不能直接把 raw payload 當 runtime input。",
+ "body": "主機 finding 或掃描結果只能以脫敏摘要進入 mirror,不能直接把原始載荷當 runtime input。",
"evidence": "需要 redacted payload acceptance;payloads_ingested=false"
}
}
@@ -1489,14 +1489,14 @@
},
"redactedSeventh": {
"title": "最後才收 redacted ingestion",
- "body": "finding / scan result 只用脫敏摘要進 mirror,不吃 raw payload。",
+ "body": "finding / scan result 只用脫敏摘要進 mirror,不吃原始載荷。",
"dependency": "需要 validation metrics;payloads_ingested=false"
}
}
},
"hostEvidenceIntake": {
"title": "主機 Evidence Intake Preflight",
- "subtitle": "未來收到主機 evidence 前,先用這組只讀預檢規則判斷能否進人工 review。預檢不會收 raw payload、憑證明文,也不會改 received / accepted。",
+ "subtitle": "未來收到主機 evidence 前,先用這組只讀預檢規則判斷能否進人工 review。預檢不會收原始載荷、憑證明文,也不會改 received / accepted。",
"checkLabel": "預檢",
"rejectLabel": "拒收 / 隔離條件",
"items": {
@@ -1526,9 +1526,9 @@
"reject": "偵測到憑證明文就拒收並隔離"
},
"rawPayload": {
- "title": "Raw payload blocked",
+ "title": "原始載荷已阻擋",
"body": "完整掃描 raw output、未脫敏 finding、主機 dump 或 log bundle 不進 projection。",
- "reject": "raw payload 一律拒收"
+ "reject": "原始載荷一律拒收"
},
"counterFreeze": {
"title": "Frontend counters frozen",
@@ -1564,7 +1564,7 @@
"next": "隔離原因可見,不推 counter"
},
"rejectRawPayload": {
- "title": "Reject raw payload",
+ "title": "拒收原始載荷",
"body": "完整掃描輸出、未脫敏 finding、host dump 或 log bundle 不進 IwoooS。",
"next": "要求改交脫敏摘要"
},
@@ -1600,7 +1600,7 @@
"scopeSummaryPacket": {
"title": "Scope 摘要包",
"body": "描述主機、服務、網段、掃描邊界與排除範圍,只允許指標與摘要,不保存原始掃描輸出。",
- "required": "redacted scope pointer;不含 raw payload"
+ "required": "redacted scope pointer;不含原始載荷"
},
"ownerDecisionPacket": {
"title": "Owner Decision 包",
@@ -1658,7 +1658,7 @@
"redactionAttestationPass": {
"title": "Redaction attestation pass",
"body": "確認 raw log、host dump、未脫敏截圖、private URL credential 與敏感 payload 都已排除。",
- "verify": "raw payload allowed=false"
+ "verify": "原始載荷 allowed=false"
},
"maintenanceRollbackComplete": {
"title": "Maintenance / rollback complete",
@@ -1706,7 +1706,7 @@
"redactionFailed": {
"title": "Redaction failed",
"body": "redaction attestation 無法證明 raw logs、host dump、未脫敏截圖或 sensitive payload 已排除時,拒收。",
- "next": "要求重新脫敏;不保存 raw payload"
+ "next": "要求重新脫敏;不保存原始載荷"
},
"rollbackMissing": {
"title": "Rollback missing",
@@ -1808,7 +1808,7 @@
},
"hostOwnerDecisionReviewOutcomes": {
"title": "主機 Owner Decision Review Outcome Lanes",
- "subtitle": "Owner review checklist 後只能進入這些只讀結果分流。這裡顯示下一步判讀,不會建立 decision record、不會標示 approved、不會開 runtime gate。",
+ "subtitle": "負責人審查清單後只能進入這些只讀結果分流。這裡顯示下一步判讀,不會建立 decision record、不會標示 approved、不會開 runtime gate。",
"laneLabel": "Review 結果",
"nextLabel": "下一步",
"items": {
@@ -2568,7 +2568,7 @@
"reviewCredentialBoundary": {
"title": "Review credential boundary packet",
"body": "整理 credential owner、retention、masking 與 forbidden collection,只允許 metadata,不收 plaintext、token value 或 raw secret。",
- "guard": "secret collection=false;raw payload=false"
+ "guard": "secret collection=false;原始載荷=false"
},
"reviewMaintenanceRollback": {
"title": "Review maintenance and rollback packet",
@@ -2621,7 +2621,7 @@
"candidateCredentialBoundaryMetadataOnly": {
"title": "Candidate credential boundary metadata-only",
"body": "確認 credential owner、retention、masking 與 forbidden collection 仍是 metadata-only。",
- "guard": "secret collection=false;raw payload=false"
+ "guard": "secret collection=false;原始載荷=false"
},
"candidateMaintenanceRollbackTraceable": {
"title": "Candidate maintenance and rollback traceable",
@@ -2727,7 +2727,7 @@
"preparationCredentialBoundary": {
"title": "Preparation credential boundary packet",
"body": "整理 credential owner、retention、masking、forbidden collection 與隔離規則,只允許 metadata-only。",
- "guard": "secret collection=false;raw payload=false"
+ "guard": "secret collection=false;原始載荷=false"
},
"preparationMaintenanceRollback": {
"title": "Preparation maintenance and rollback packet",
@@ -2780,7 +2780,7 @@
"preparationCredentialBoundaryMetadataOnly": {
"title": "Preparation credential boundary metadata-only",
"body": "確認 credential owner、retention、masking、forbidden collection 與隔離規則仍是 metadata-only。",
- "guard": "secret collection=false;raw payload=false"
+ "guard": "secret collection=false;原始載荷=false"
},
"preparationMaintenanceRollbackTraceable": {
"title": "Preparation maintenance and rollback traceable",
@@ -2816,7 +2816,7 @@
"title": "脫敏 payload 匯入仍未啟用",
"body": "目前只定義 evidence refs、redaction examples、quarantine 與 preflight,尚未有 accepted payload ingestion。",
"move": "脫敏 payload 經人工批准、通過 preflight、進入只讀 ingestion 後,runtime landing 才能重估。",
- "guard": "不收 raw payload、不收 credential plaintext、不把文件範例當 ingestion。"
+ "guard": "不收原始載荷、不收 credential plaintext、不把文件範例當 ingestion。"
},
"activeRuntimeGate": {
"title": "主動 runtime gate 仍是 0",
@@ -3586,7 +3586,7 @@
"title": "證據版本確認",
"body": "檢查交接包引用的證據是否已脫敏、可追溯,並標示版本或文件路徑。",
"review": "只確認證據指標是否可追溯。",
- "guard": "不讀取機密明文、不保存原始 payload、不抓外部系統。"
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNoteConfirm": {
"title": "審查備註確認",
@@ -3656,7 +3656,7 @@
"title": "要求證據版本更新",
"body": "若證據版本、文件路徑、脫敏狀態或引用位置不清,必須回到證據補正。",
"result": "只標記需要更新的證據指標。",
- "guard": "不讀取機密明文、不保存原始 payload、不抓外部系統。"
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"readyForRecordOwnerReview": {
"title": "可進負責人檢查",
@@ -3738,7 +3738,7 @@
"title": "證據追溯包",
"body": "整理已脫敏、可追溯的證據版本、文件路徑、引用位置與補證狀態。",
"prepare": "只引用安全證據指標與文件路徑。",
- "guard": "不讀取機密明文、不保存原始 payload、不抓外部系統。"
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
},
"reviewerNotePacket": {
"title": "審查備註包",
@@ -3760,6 +3760,82 @@
}
}
},
+ "ownerResponseFormalRecordOwnerReviewChecklistBoard": {
+ "title": "人工決策正式紀錄負責人檢查清單",
+ "subtitle": "準備包若進入人工負責人檢查,仍只能逐項確認八個檢查點;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已指派=0、執行期閘門=0。",
+ "checkLabel": "檢查項",
+ "reviewLabel": "檢查方式",
+ "guardLabel": "仍不會做",
+ "boundaryTitle": "負責人檢查清單維持的保護線",
+ "summary": {
+ "checks": {
+ "label": "檢查項",
+ "detail": "八個檢查項先可見,避免準備包被直接視為已通過。"
+ },
+ "passed": {
+ "label": "通過",
+ "detail": "目前為 0;沒有任何負責人檢查被標記通過。"
+ },
+ "assigned": {
+ "label": "已指派",
+ "detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
+ },
+ "runtime": {
+ "label": "執行期閘門",
+ "detail": "目前為 0;檢查清單不會啟動執行期。"
+ }
+ },
+ "items": {
+ "identityTraceCheck": {
+ "title": "身分追溯檢查",
+ "body": "確認交接驗收結果、候選紀錄、草稿、準備包與來源階段是否能互相追溯。",
+ "review": "只標記追溯鏈是否足夠清楚。",
+ "guard": "不建立正式紀錄、不產生新的審批編號。"
+ },
+ "handoffOutcomeCheck": {
+ "title": "交接結果檢查",
+ "body": "確認可進檢查理由、仍待人工確認與不得升格的限制是否完整。",
+ "review": "只確認結果摘要與限制是否可讀。",
+ "guard": "不把可進檢查升格成已指派或已批准。"
+ },
+ "ownerScopeCheck": {
+ "title": "負責人範圍檢查",
+ "body": "確認未來紀錄負責人的角色範圍、責任邊界與聯絡依據是否足夠人工判讀。",
+ "review": "只標記範圍欄位是否足夠。",
+ "guard": "不代填姓名、不查外部帳號、不自動指派。"
+ },
+ "authorityBoundaryCheck": {
+ "title": "權責邊界檢查",
+ "body": "確認可閱讀、可檢查、可審查、可批准與可執行的邊界是否分離。",
+ "review": "只標記權責語義是否清楚。",
+ "guard": "不把檢查當審批,不把批准當執行。"
+ },
+ "evidenceTraceCheck": {
+ "title": "證據追溯檢查",
+ "body": "確認證據版本、文件路徑、引用位置、脫敏狀態與補證狀態是否足夠。",
+ "review": "只確認安全證據指標是否可追溯。",
+ "guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
+ },
+ "reviewerNoteCheck": {
+ "title": "審查備註檢查",
+ "body": "確認退回理由、補件結果、人工備註、未決事項與下一步說明是否完整。",
+ "review": "只標記備註與未決事項是否足夠。",
+ "guard": "不建立外部任務、不自動通知、不改審查結論。"
+ },
+ "mutationRejectionCheck": {
+ "title": "變更拒收檢查",
+ "body": "確認專案庫、refs、workflow、secrets、部署或主機變更要求是否已被拒收或隔離。",
+ "review": "只標記拒收狀態與需要重送只讀版本的項目。",
+ "guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
+ },
+ "runtimeCutoverSeparationCheck": {
+ "title": "執行切換分離檢查",
+ "body": "確認掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否留在獨立人工閘門。",
+ "review": "只標記後續是否需要獨立閘門。",
+ "guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
+ }
+ }
+ },
"awooopReadOnlyLandingReadiness": {
"title": "AwoooP 只讀接入就緒度",
"subtitle": "S2.51 把 AwoooP 主線要如何只讀消費 IwoooS / 資安鏡像狀態整理成接入準備面板。這是接入就緒度,不是 production landing enabled,也不接 execution router。",
@@ -3776,7 +3852,7 @@
"evidenceRefsReadable": {
"title": "Evidence refs 可追溯",
"body": "IwoooS 已列出資安 rollout、負責人回覆驗證、Kali 狀態、彙總與投影的 evidence refs。",
- "requirement": "AwoooP landing 只能顯示 evidence refs 與狀態摘要,不保存 raw payload、credential plaintext 或 token value。",
+ "requirement": "AwoooP landing 只能顯示 evidence refs 與狀態摘要,不保存原始載荷、credential plaintext 或 token value。",
"guard": "payloads_ingested=false;secret value collection=false"
},
"guardChecksKnown": {
@@ -3822,7 +3898,7 @@
"title": "脫敏匯入接上可見證據",
"body": "資安 finding、Kali observe 訊號與負責人 evidence 需要先以 redacted metadata 進入只讀收件面,再談 runtime。",
"unlock": "redacted payload ingestion adapter 經人工批准並通過 preflight 後,runtime landing 會有實質訊號。",
- "guard": "不收 raw payload、不收 credential plaintext、不啟動 active scan。"
+ "guard": "不收原始載荷、不收 credential plaintext、不啟動 active scan。"
},
"runtimeGate": {
"title": "Runtime gate 必須獨立批准",
@@ -4002,7 +4078,7 @@
"title": "AwoooP 只讀輸入",
"body": "可消費 rollup snapshot、IwoooS projection、owner response validation rollup、Kali status 與 rollout policy。",
"handoff": "AwoooP 主線接入時只顯示狀態、evidence refs、route group 與 forbidden actions。",
- "guard": "不保存 raw payload、credential plaintext、token value 或 execution payload。"
+ "guard": "不保存原始載荷、credential plaintext、token value 或 execution payload。"
},
"nextCoordinationGate": {
"title": "下一個協調 Gate",
diff --git a/apps/web/src/app/[locale]/iwooos/page.tsx b/apps/web/src/app/[locale]/iwooos/page.tsx
index fb91db069..16c47528d 100644
--- a/apps/web/src/app/[locale]/iwooos/page.tsx
+++ b/apps/web/src/app/[locale]/iwooos/page.tsx
@@ -219,6 +219,14 @@ type OwnerResponseFormalRecordOwnerReviewPreparationPacket = {
tone: 'steady' | 'warn' | 'locked'
}
+type OwnerResponseFormalRecordOwnerReviewChecklistItem = {
+ key: string
+ check: string
+ value: string
+ icon: typeof ShieldCheck
+ tone: 'steady' | 'warn' | 'locked'
+}
+
type CoverageGroup = {
key: string
count: string
@@ -983,6 +991,41 @@ const ownerResponseFormalRecordOwnerReviewPreparationBoundaries = [
'gitea_disablement_authorized=false',
]
+const ownerResponseFormalRecordOwnerReviewChecklistItems: OwnerResponseFormalRecordOwnerReviewChecklistItem[] = [
+ { key: 'identityTraceCheck', check: 'C1', value: '0', icon: FileText, tone: 'warn' },
+ { key: 'handoffOutcomeCheck', check: 'C2', value: '0', icon: ListChecks, tone: 'warn' },
+ { key: 'ownerScopeCheck', check: 'C3', value: '0', icon: ClipboardCheck, tone: 'warn' },
+ { key: 'authorityBoundaryCheck', check: 'C4', value: '0', icon: ShieldCheck, tone: 'warn' },
+ { key: 'evidenceTraceCheck', check: 'C5', value: '0', icon: SearchCheck, tone: 'warn' },
+ { key: 'reviewerNoteCheck', check: 'C6', value: '0', icon: FileWarning, tone: 'warn' },
+ { key: 'mutationRejectionCheck', check: 'C7', value: '0', icon: AlertTriangle, tone: 'locked' },
+ { key: 'runtimeCutoverSeparationCheck', check: 'C8', value: '0', icon: GitBranch, tone: 'locked' },
+]
+
+const ownerResponseFormalRecordOwnerReviewChecklistBoundaries = [
+ 'owner_response_formal_record_owner_review_check_count=8',
+ 'owner_response_formal_record_owner_review_passed_count=0',
+ 'owner_response_formal_record_owner_assigned_count=0',
+ 'owner_response_formal_record_created_count=0',
+ 'owner_response_formal_record_approved_count=0',
+ 'owner_response_formal_record_runtime_gate_count=0',
+ 'owner_response_formal_record_owner_review_checklist_only=true',
+ 'owner_response_formal_record_owner_assignment_authorized=false',
+ 'owner_response_formal_record_write_authorized=false',
+ 'owner_response_formal_record_approval_authorized=false',
+ 'owner_response_formal_record_execution_authorized=false',
+ 'runtime_execution_authorized=false',
+ 'active_runtime_gate_count=0',
+ 'action_buttons_allowed=false',
+ 'not_authorization=true',
+ 'secret_value_collection_allowed=false',
+ 'repo_creation_authorized=false',
+ 'refs_sync_authorized=false',
+ 'workflow_modification_authorized=false',
+ 'github_primary_switch_authorized=false',
+ 'gitea_disablement_authorized=false',
+]
+
const coverageGroups: CoverageGroup[] = [
{
key: 'signals',
@@ -3432,6 +3475,130 @@ function OwnerResponseFormalRecordOwnerReviewPreparationBoard() {
)
}
+function OwnerResponseFormalRecordOwnerReviewChecklistCard({
+ item,
+}: {
+ item: OwnerResponseFormalRecordOwnerReviewChecklistItem
+}) {
+ const t = useTranslations('iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard')
+ const Icon = item.icon
+ const textWrap = { overflowWrap: 'anywhere' as const, wordBreak: 'break-word' as const }
+ return (
+
+
+
+
+ {t('checkLabel')}
+
+
{item.check}
+
+
+ {item.value}
+
+
+ {t(`items.${item.key}.title` as never)}
+
+
+ {t(`items.${item.key}.body` as never)}
+
+
+ {t('reviewLabel')}
+
+ {t(`items.${item.key}.review` as never)}
+
+ {t('guardLabel')}
+
+ {t(`items.${item.key}.guard` as never)}
+
+
+
+ )
+}
+
+function OwnerResponseFormalRecordOwnerReviewChecklistBoard() {
+ const t = useTranslations('iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard')
+ const summaryItems = [
+ { key: 'checks', value: '8', tone: 'warn' as const },
+ { key: 'passed', value: '0', tone: 'warn' as const },
+ { key: 'assigned', value: '0', tone: 'locked' as const },
+ { key: 'runtime', value: '0', tone: 'locked' as const },
+ ]
+ return (
+
+
+
{t('title')}
+
+ {t('subtitle')}
+
+
+
+ {summaryItems.map(item => (
+
+
+ {t(`summary.${item.key}.label` as never)}
+
+
+
+ {item.value}
+
+
+ {t(`summary.${item.key}.detail` as never)}
+
+
+ ))}
+
+
+ {ownerResponseFormalRecordOwnerReviewChecklistItems.map(item => (
+
+ ))}
+
+
+
+
+
{t('boundaryTitle')}
+
+
+ {ownerResponseFormalRecordOwnerReviewChecklistBoundaries.map(item => (
+
+ {item}
+
+ ))}
+
+
+
+ )
+}
+
function CoverageCard({ item }: { item: CoverageGroup }) {
const t = useTranslations('iwooos.coverage')
const Icon = item.icon
@@ -4587,6 +4754,8 @@ export default function IwoooSPage({ params }: { params: { locale: string } }) {
+
+
{t('awooopReadOnlyLandingReadiness.title')}
diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md
index 033e28ce2..b8d18f1d3 100644
--- a/docs/LOGBOOK.md
+++ b/docs/LOGBOOK.md
@@ -1,3 +1,17 @@
+## 2026-05-21 | 資安供應鏈 S2.93:IwoooS 人工決策正式紀錄負責人檢查清單
+
+**背景**:S2.92 已把正式紀錄負責人檢查準備包放進 IwoooS;本輪補上「負責人檢查時要逐項確認哪些條件」的只讀檢查清單,避免使用者或 AwoooP 平行 Session 把準備包誤認成已通過、已指派紀錄負責人、已建立正式紀錄、人工批准或執行命令。
+
+**完成**:
+- `/iwooos` 新增「人工決策正式紀錄負責人檢查清單」,顯示身分追溯檢查、交接結果檢查、負責人範圍檢查、權責邊界檢查、證據追溯檢查、審查備註檢查、變更拒收檢查、執行切換分離檢查八個檢查項。
+- 看板固定顯示檢查項=8、通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0,並標示 `owner_response_formal_record_owner_review_checklist_only=true`、`owner_response_formal_record_owner_assignment_authorized=false`、`owner_response_formal_record_write_authorized=false`、`owner_response_formal_record_approval_authorized=false`、`owner_response_formal_record_execution_authorized=false`。
+- `security_mirror_status_rollup_v1` 新增 `s2_93_iwooos_owner_response_formal_record_owner_review_checklist_board` 與 `show_iwooos_owner_response_formal_record_owner_review_checklist_board`。
+- `security-mirror-progress-guard.py` 已納入人工決策正式紀錄負責人檢查清單看板、i18n 鍵、八個檢查項與 `false` 邊界檢查。
+
+**仍禁止**:
+- S2.93 是 IwoooS 只讀正式紀錄負責人檢查清單,不代表人工回覆已收到 / 已接受 / 已匯入、紀錄負責人已指派、人工批准、正式決策、正式審批紀錄建立、資安審批、機密明文值收集、Kali `/execute`、SSH 登入、主機更新、掃描 / 執行 / 修復、專案庫建立、分支 / 標籤參照同步、工作流程 / 機密設定修改、GitHub 主要來源切換、Gitea 停用或執行期閘門。
+- 整體資安網百分比仍是 58%;框架 / 治理 / 文件 / 結構定義 / 只讀證據仍約 80-85%;真正落地執行 / 執行期匯入 / GitHub 主要來源 / AwoooP 正式入口仍約 35-40%。
+
## 2026-05-21 | 資安供應鏈 S2.92:IwoooS 人工決策正式紀錄負責人檢查準備包
**背景**:S2.91 已把正式紀錄負責人交接驗收結果分流放進 IwoooS;本輪補上「可進負責人檢查前,要整理哪些準備包」的只讀準備層,避免使用者或 AwoooP 平行 Session 把可進檢查誤認成已指派紀錄負責人、已建立正式紀錄、人工批准或執行命令。
diff --git a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
index ecd9cfbeb..e87f8485d 100644
--- a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
+++ b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
@@ -36,6 +36,7 @@
| Low-friction rollout policy | S1.3 已補 7 條 non-blocking escalation lanes;LOW / MEDIUM、缺 owner response、partial mirror、source-control drift、Kali observe finding、workflow / secret name gap 與 headline holding 初期只能 observe / warn;`owner_review_required_before_blocking=true`、`runtime_blocking_allowed=false` |
| IwoooS frontend posture | S2.8 已新增 `/iwooos` read-only Information Security 入口;顯示 Security Posture / Exposure、source-control supply chain、Kali 112 Mesh、approval boundary、non-blocking lanes 與 evidence refs;不新增執行按鈕 |
| IwoooS posture projection | S2.9 已新增 `iwooos_posture_projection_v1`;S2.10 已把 10 個既有前端資安相關頁面納入 projection;S2.11 已補 4 個 coverage groups 與 5 個 conflict controls;S2.12 已補 6 個只讀 operator journey steps;S2.13 已補 7 個 owner evidence readiness items;S2.14 已補 3 個 host coverage items:Kali 112、開發主機 168、開發主機 111;S2.15 已補 6 個 host action gate items;S2.16 已補 7 個 host evidence readiness items;S2.17 已補 7 個 host evidence collection order steps;S2.18 已補 7 個 host evidence intake preflight checks;S2.19 已補 7 個 host evidence review outcome lanes;S2.20 已補 7 個 host evidence review handoff packets;S2.21 已補 7 個 host evidence reviewer checklist items;S2.22 已補 7 個 host evidence reviewer outcome lanes;S2.23 已補 7 個 host owner decision candidate packets;S2.24 已補 7 個 host owner decision review checklist items;S2.25 已補 7 個 host owner decision review outcome lanes;S2.26 已補 7 個 host owner decision record draft packets;S2.27 已補 7 個 host owner decision record draft review checklist items;S2.28 已補 7 個 host owner decision record draft review outcome lanes;S2.29 已補 7 個 host owner decision record write-up packets;S2.30 已補 7 個 host owner decision record write-up review checklist items;S2.31 已補 7 個 host owner decision record write-up review outcome lanes;S2.32 已補 7 個 host owner decision record formal candidate packets;S2.33 已補 7 個 host owner decision record formal candidate review checklist items;S2.34 已補 8 個 host owner decision record formal candidate review outcome lanes;S2.35 已補 8 個 host owner decision record formal record queue packets;S2.36 已補 8 個 host owner decision record formal record queue review checklist items;S2.37 已補 8 個 host owner decision record formal record queue review outcome lanes;S2.38 已補 8 個 host owner decision record human handoff readiness packets;S2.39 已補 8 個 host owner decision record human handoff readiness review checklist items;S2.40 已補 9 個 host owner decision record human handoff readiness review outcome lanes;S2.41 已補 9 個 host owner decision record human record owner review candidate packets;S2.42 已補 9 個 host owner decision record human record owner review candidate checklist items;S2.43 已補 9 個 host owner decision record human record owner review candidate outcome lanes;S2.44 已補 9 個 host owner decision record human record owner review preparation packets;S2.45 已補 9 個 host owner decision record human record owner review preparation checklist items;S2.46 已補 6 條 progress acceleration lanes,顯示 58% holding 原因與下一個高層解鎖 gate;S2.47 已補 4 個 owner response next-action focus items,顯示 S4.9 為下一個收件焦點且 S4.10-S4.12 依序排隊;S2.48 已補 6 個 S4.9 owner response preflight checks,讓下一個 P0 owner response 的可收件條件可見;S2.49 已補 5 個 S4.9 owner response request templates,讓 owner 要逐項回覆的五題可見;S2.50 已補 5 個 progress hold movement gates,解釋為什麼 58% 仍維持且五個真實 movement signal 都是 0 / false;S2.51 已補 6 個 AwoooP read-only landing readiness items,讓另一個 AwoooP Session 可照 snapshot / evidence / guard / route / forbidden outputs 接入;S2.52 已補 6 個 AwoooP cross-session handoff packets,固定 PR / branch anchor、progress semantics、guard commands、forbidden runtime actions、read-only inputs 與 next coordination gate;S2.53 已把 IwoooS / security mirror 狀態放進 AwoooP 首頁只讀候選面板,顯示 58%、80-85%、35-40%、active gates 0 與四個接入檢查;S2.54 已把 IwoooS / security mirror 狀態放進 AwoooP 工作鏈路觀察項;仍不新增 action button |
+| IwoooS 正式紀錄負責人檢查清單 | S2.93 已在 `/iwooos` 顯示人工決策正式紀錄負責人檢查清單;檢查項=8、通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;`owner_response_formal_record_owner_review_checklist_only=true`、`runtime_execution_authorized=false`、`active_runtime_gate_count=0`、`action_buttons_allowed=false`、`not_authorization=true`,仍不代表紀錄負責人指派、正式紀錄、人工批准、GitHub 主要來源切換、Gitea 停用、Kali / SSH / 主機更新或執行期授權 |
| AwoooP approvals IwoooS owner response focus | S2.55 已把 S4.9-S4.12 owner response 下一個人工收件焦點放進 `/awooop/approvals` 只讀面板;received=0、accepted=0、active runtime gates=0、headline=58%、approval_record_created=false;仍不新增 approve、execute、deploy、primary switch、refs action 或 runtime gate |
| AwoooP contracts IwoooS security contract candidate | S2.56 已把四個 security mirror contract refs 放進 `/awooop/contracts` 只讀面板;total contracts=36、ready=33、partial=2、active runtime gates=0、contract_publish_authorized=false;仍不發布 contract revision、不改 lifecycle、不寫 platform contracts API、不新增 action button |
| AwoooP tenants IwoooS tenant scope candidate | S2.57 已把 AWOOOI first tenant、IwoooS security mirror、Kali 112 / Dev 168 / Dev 111 與 S4.9-S4.12 owner response waiting 放進 `/awooop/tenants` 只讀面板;host coverage=3、tenant policy changes=0、tenant_migration_mode_changed=false;仍不改 migration mode、不改 tenant policy、不寫 platform tenants API、不新增 action button |
@@ -213,6 +214,7 @@
| S2.90 IwoooS 人工決策正式紀錄負責人交接驗收清單 | framework detail | 0 | 只在 `/iwooos` 顯示人工決策正式紀錄負責人交接驗收清單,呈現驗收項=7、通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;owner_response_formal_record_owner_handoff_review_only=true、owner_response_formal_record_owner_assignment_authorized=false、owner_response_formal_record_write_authorized=false、owner_response_formal_record_approval_authorized=false、owner_response_formal_record_execution_authorized=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不把交接驗收清單當紀錄負責人指派、正式紀錄、人工批准、審批紀錄、執行期閘門、專案庫建立、分支 / 標籤參照同步、工作流程 / 機密設定修改、主要來源切換、Gitea 停用、Kali / SSH / 主機更新或執行期授權 |
| S2.91 IwoooS 人工決策正式紀錄負責人交接驗收結果分流 | framework detail | 0 | 只在 `/iwooos` 顯示人工決策正式紀錄負責人交接驗收結果分流,呈現分流=8、可進檢查=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;owner_response_formal_record_owner_handoff_review_outcome_only=true、owner_response_formal_record_owner_assignment_authorized=false、owner_response_formal_record_write_authorized=false、owner_response_formal_record_approval_authorized=false、owner_response_formal_record_execution_authorized=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不把交接驗收結果分流當紀錄負責人指派、正式紀錄、人工批准、審批紀錄、執行期閘門、專案庫建立、分支 / 標籤參照同步、工作流程 / 機密設定修改、主要來源切換、Gitea 停用、Kali / SSH / 主機更新或執行期授權 |
| S2.92 IwoooS 人工決策正式紀錄負責人檢查準備包 | framework detail | 0 | 只在 `/iwooos` 顯示人工決策正式紀錄負責人檢查準備包,呈現準備包=8、可檢查=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;owner_response_formal_record_owner_review_preparation_only=true、owner_response_formal_record_owner_assignment_authorized=false、owner_response_formal_record_write_authorized=false、owner_response_formal_record_approval_authorized=false、owner_response_formal_record_execution_authorized=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不把負責人檢查準備包當紀錄負責人指派、正式紀錄、人工批准、審批紀錄、執行期閘門、專案庫建立、分支 / 標籤參照同步、工作流程 / 機密設定修改、主要來源切換、Gitea 停用、Kali / SSH / 主機更新或執行期授權 |
+| S2.93 IwoooS 人工決策正式紀錄負責人檢查清單 | framework detail | 0 | 只在 `/iwooos` 顯示人工決策正式紀錄負責人檢查清單,呈現檢查項=8、通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;owner_response_formal_record_owner_review_checklist_only=true、owner_response_formal_record_owner_assignment_authorized=false、owner_response_formal_record_write_authorized=false、owner_response_formal_record_approval_authorized=false、owner_response_formal_record_execution_authorized=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不把負責人檢查清單當紀錄負責人指派、正式紀錄、人工批准、審批紀錄、執行期閘門、專案庫建立、分支 / 標籤參照同步、工作流程 / 機密設定修改、主要來源切換、Gitea 停用、Kali / SSH / 主機更新或執行期授權 |
headline 進度要再往上,至少需要下列任一高層 gate 有實質 evidence:
diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
index 942954819..226f4fe16 100644
--- a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
+++ b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
@@ -28,7 +28,7 @@ python3 scripts/security/security-mirror-progress-guard.py
### 0.2 Headline 58% 不代表停滯
-近期 S4.10 請求包、範本狀態台帳、稽核事件範本、脫敏範例、收件檢查、收件預檢,S4.11 請求包 / 範本狀態台帳 / 稽核事件範本 / 脫敏範例 / 收件檢查 / 收件預檢,S4.12 請求包 / 範本狀態台帳 / 稽核事件範本 / 脫敏範例 / 收件檢查 / 收件預檢,S4.13 證據路由規則 / 顯示區塊 / 狀態轉移規則 / 審查清單 / 審查結果分流 / 審查稽核事件範本 / 審查稽核顯示區塊 / 審查稽核收件檢查 / 審查稽核脫敏範例 / 審查稽核保留規則 / 審查稽核保留檢查 / 審查稽核交接包 / 交接檢查 / 平行 Session 同步檢查 / 衝突分流 / 復原檢查 / 復原結果分流,S1.3 低摩擦非阻擋升級分流、S2.8 IwoooS 前端態勢入口,以及 S2.9-S2.92 IwoooS / AwoooP 資安投影契約都是有效進展,但它們是框架細節,不是負責人回覆、執行期閘門、生產匯入或 GitHub 主要來源就緒。因此整體百分比仍維持 58%,避免把只讀框架誤算成已落地執行。
+近期 S4.10 請求包、範本狀態台帳、稽核事件範本、脫敏範例、收件檢查、收件預檢,S4.11 請求包 / 範本狀態台帳 / 稽核事件範本 / 脫敏範例 / 收件檢查 / 收件預檢,S4.12 請求包 / 範本狀態台帳 / 稽核事件範本 / 脫敏範例 / 收件檢查 / 收件預檢,S4.13 證據路由規則 / 顯示區塊 / 狀態轉移規則 / 審查清單 / 審查結果分流 / 審查稽核事件範本 / 審查稽核顯示區塊 / 審查稽核收件檢查 / 審查稽核脫敏範例 / 審查稽核保留規則 / 審查稽核保留檢查 / 審查稽核交接包 / 交接檢查 / 平行 Session 同步檢查 / 衝突分流 / 復原檢查 / 復原結果分流,S1.3 低摩擦非阻擋升級分流、S2.8 IwoooS 前端態勢入口,以及 S2.9-S2.93 IwoooS / AwoooP 資安投影契約都是有效進展,但它們是框架細節,不是負責人回覆、執行期閘門、生產匯入或 GitHub 主要來源就緒。因此整體百分比仍維持 58%,避免把只讀框架誤算成已落地執行。
S2.50 也把「為什麼 58% 還不動」拆成五個可見 gate:owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing。這五個 gate 目前仍全部是 0 / false,所以 headline 不應被灌水提高。
@@ -155,6 +155,7 @@ S2.50 也把「為什麼 58% 還不動」拆成五個可見 gate:owner respons
| S2.90 IwoooS 人工決策正式紀錄負責人交接驗收清單 | 已完成草案,在 `/iwooos` 顯示七個人工決策正式紀錄負責人交接驗收項、通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;仍不把交接驗收清單當成紀錄負責人指派、正式紀錄、人工批准、主要來源切換或執行期閘門 | 0 |
| S2.91 IwoooS 人工決策正式紀錄負責人交接驗收結果分流 | 已完成草案,在 `/iwooos` 顯示八條人工決策正式紀錄負責人交接驗收結果分流、可進檢查=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;仍不把交接驗收結果分流當成紀錄負責人指派、正式紀錄、人工批准、主要來源切換或執行期閘門 | 0 |
| S2.92 IwoooS 人工決策正式紀錄負責人檢查準備包 | 已完成草案,在 `/iwooos` 顯示八個人工決策正式紀錄負責人檢查準備包、可檢查=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;仍不把負責人檢查準備包當成紀錄負責人指派、正式紀錄、人工批准、主要來源切換或執行期閘門 | 0 |
+| S2.93 IwoooS 人工決策正式紀錄負責人檢查清單 | 已完成草案,在 `/iwooos` 顯示八個人工決策正式紀錄負責人檢查項、通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;仍不把負責人檢查清單當成紀錄負責人指派、正式紀錄、人工批准、主要來源切換或執行期閘門 | 0 |
headline 要再往上,需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner response 收到並通過脫敏驗收,或人工批准後出現 active runtime gate、redacted payload ingestion、GitHub primary readiness 這類落地 evidence。
@@ -266,6 +267,7 @@ headline 要再往上,需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner respons
| S2.90 IwoooS 人工決策正式紀錄負責人交接驗收清單 | 完成草案 | `/iwooos` 新增正式紀錄負責人交接驗收清單,顯示交接包完整性、負責人身分範圍、權責邊界比對、證據版本確認、審查備註確認、變更要求拒收檢查、執行與切換分離七個驗收項 | 使用者與另一個 AwoooP Session 能理解交接包進入負責人檢查前仍只是只讀驗收;交接驗收仍不是紀錄負責人指派、人工批准、正式審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 |
| S2.91 IwoooS 人工決策正式紀錄負責人交接驗收結果分流 | 完成草案 | `/iwooos` 新增正式紀錄負責人交接驗收結果分流看板,顯示維持驗收等待、要求補齊交接包、要求負責人範圍說明、要求證據版本更新、可進負責人檢查、隔離敏感載荷、拒收變更要求、另開執行或切換閘門八條結果分流 | 使用者與另一個 AwoooP Session 能理解交接驗收後仍只是只讀分流;結果分流仍不是紀錄負責人指派、人工批准、正式審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 |
| S2.92 IwoooS 人工決策正式紀錄負責人檢查準備包 | 完成草案 | `/iwooos` 新增正式紀錄負責人檢查準備包看板,顯示檢查身分包、交接結果快照、負責人範圍包、權責邊界包、證據追溯包、審查備註包、變更拒收包、執行切換指標包八個準備包 | 使用者與另一個 AwoooP Session 能理解可進負責人檢查仍只是資料準備;準備包仍不是紀錄負責人指派、人工批准、正式審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 |
+| S2.93 IwoooS 人工決策正式紀錄負責人檢查清單 | 完成草案 | `/iwooos` 新增正式紀錄負責人檢查清單看板,顯示身分追溯檢查、交接結果檢查、負責人範圍檢查、權責邊界檢查、證據追溯檢查、審查備註檢查、變更拒收檢查、執行切換分離檢查八個檢查項 | 使用者與另一個 AwoooP Session 能理解負責人檢查仍只是逐項人工確認;檢查清單仍不是紀錄負責人指派、人工批准、正式審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 |
| S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items:7 pending、1 block candidate、0 approved | 不得繞過人工批准;批准後仍需 follow-up runtime gate |
| S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item |
| S3.1 人工決策紀錄契約 | 完成草案 | `security_approval_decision_record_v1` 已建立;目前 0 筆 decision records、0 個 runtime action 授權 | AwoooP 可稽核決策,不可把決策當執行 |
diff --git a/docs/security/security-mirror-status-rollup.snapshot.json b/docs/security/security-mirror-status-rollup.snapshot.json
index c9fe45ed6..f4a2a7188 100644
--- a/docs/security/security-mirror-status-rollup.snapshot.json
+++ b/docs/security/security-mirror-status-rollup.snapshot.json
@@ -1574,6 +1574,18 @@
"runtime_delta": false,
"execution_authorized": false,
"not_authorization": true
+ },
+ {
+ "delta_id": "s2_93_iwooos_owner_response_formal_record_owner_review_checklist_board",
+ "display_order": 122,
+ "completed_stage": "S2.93 IwoooS 人工決策正式紀錄負責人檢查清單",
+ "progress_axis": "framework_detail",
+ "headline_percent_delta": 0,
+ "framework_delta_visible": true,
+ "why_headline_unchanged": "IwoooS 只新增人工決策正式紀錄負責人檢查清單看板,顯示 8 個只讀檢查項:身分追溯檢查、交接結果檢查、負責人範圍檢查、權責邊界檢查、證據追溯檢查、審查備註檢查、變更拒收檢查、執行切換分離檢查,並固定通過=0、已指派=0、正式紀錄=0、已批准=0、執行期閘門=0;owner_response_formal_record_owner_review_checklist_only=true、owner_response_formal_record_owner_assignment_authorized=false、owner_response_formal_record_write_authorized=false、owner_response_formal_record_approval_authorized=false、owner_response_formal_record_execution_authorized=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false,不把負責人檢查清單當紀錄負責人指派、正式紀錄、人工批准、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定、主要來源切換或執行期授權。",
+ "runtime_delta": false,
+ "execution_authorized": false,
+ "not_authorization": true
}
],
"next_safe_actions": [
@@ -2202,6 +2214,22 @@
"從正式紀錄負責人檢查準備包呼叫 Kali、開 SSH、更新主機、切 GitHub 主要來源、停用 Gitea、收機密明文值或開執行期閘門"
]
},
+ {
+ "action_id": "show_iwooos_owner_response_formal_record_owner_review_checklist_board",
+ "title": "IwoooS 顯示人工決策正式紀錄負責人檢查清單",
+ "mode": "observe",
+ "source_contract": "source_control_owner_response_validation_rollup_v1",
+ "allowed_processing": [
+ "在 /iwooos 顯示 S2.93 人工決策正式紀錄負責人檢查清單",
+ "顯示身分追溯檢查、交接結果檢查、負責人範圍檢查、權責邊界檢查、證據追溯檢查、審查備註檢查、變更拒收檢查、執行切換分離檢查八個檢查項",
+ "只讓人工知道負責人檢查時要逐項確認哪些條件,不自動指派紀錄負責人、不建立正式紀錄、不批准、不建立執行期閘門"
+ ],
+ "blocked_processing": [
+ "把正式紀錄負責人檢查清單當成人工批准、正式決策、審批紀錄、紀錄負責人指派或已接受回覆",
+ "從正式紀錄負責人檢查清單建立專案庫、改可見性、同步 / 刪除 / 強制推送分支或標籤參照,或修改工作流程 / 機密設定",
+ "從正式紀錄負責人檢查清單呼叫 Kali、開 SSH、更新主機、切 GitHub 主要來源、停用 Gitea、收機密明文值或開執行期閘門"
+ ]
+ },
{
"action_id": "enforce_traditional_chinese_security_surface_wording",
"title": "IwoooS / AwoooP 資安可視區塊維持繁體中文呈現",
diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py
index e110cbfd2..7dfa0c9b9 100755
--- a/scripts/security/security-mirror-progress-guard.py
+++ b/scripts/security/security-mirror-progress-guard.py
@@ -341,6 +341,7 @@ def validate(root: Path) -> None:
"s2_90_iwooos_owner_response_formal_record_owner_handoff_review_board",
"s2_91_iwooos_owner_response_formal_record_owner_handoff_review_outcome_board",
"s2_92_iwooos_owner_response_formal_record_owner_review_preparation_board",
+ "s2_93_iwooos_owner_response_formal_record_owner_review_checklist_board",
]
assert_equal(
"progress_delta_ledger.delta_ids",
@@ -560,6 +561,11 @@ def validate(root: Path) -> None:
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_review_preparation_board",
)
+ assert_contains(
+ "rollup.next_safe_actions.action_ids",
+ [item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
+ "show_iwooos_owner_response_formal_record_owner_review_checklist_board",
+ )
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
@@ -7046,6 +7052,49 @@ def validate(root: Path) -> None:
iwooos_projection_page,
text,
)
+ assert_text_contains(
+ "iwooos_page.owner_response_formal_record_owner_review_checklist_items",
+ iwooos_projection_page,
+ "ownerResponseFormalRecordOwnerReviewChecklistItems",
+ )
+ assert_text_contains(
+ "iwooos_page.owner_response_formal_record_owner_review_checklist_testid",
+ iwooos_projection_page,
+ 'data-testid="iwooos-owner-response-formal-record-owner-review-checklist-board"',
+ )
+ assert_text_contains(
+ "iwooos_page.owner_response_formal_record_owner_review_checklist_component",
+ iwooos_projection_page,
+ "OwnerResponseFormalRecordOwnerReviewChecklistBoard",
+ )
+ for text in [
+ "owner_response_formal_record_owner_review_check_count=8",
+ "owner_response_formal_record_owner_review_passed_count=0",
+ "owner_response_formal_record_owner_assigned_count=0",
+ "owner_response_formal_record_created_count=0",
+ "owner_response_formal_record_approved_count=0",
+ "owner_response_formal_record_runtime_gate_count=0",
+ "owner_response_formal_record_owner_review_checklist_only=true",
+ "owner_response_formal_record_owner_assignment_authorized=false",
+ "owner_response_formal_record_write_authorized=false",
+ "owner_response_formal_record_approval_authorized=false",
+ "owner_response_formal_record_execution_authorized=false",
+ "runtime_execution_authorized=false",
+ "active_runtime_gate_count=0",
+ "action_buttons_allowed=false",
+ "not_authorization=true",
+ "secret_value_collection_allowed=false",
+ "repo_creation_authorized=false",
+ "refs_sync_authorized=false",
+ "workflow_modification_authorized=false",
+ "github_primary_switch_authorized=false",
+ "gitea_disablement_authorized=false",
+ ]:
+ assert_text_contains(
+ "iwooos_page.owner_response_formal_record_owner_review_checklist_boundary",
+ iwooos_projection_page,
+ text,
+ )
for key in [
"title",
"subtitle",
@@ -7730,6 +7779,57 @@ def validate(root: Path) -> None:
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"]["items"].keys()),
key,
)
+ for key in [
+ "title",
+ "subtitle",
+ "checkLabel",
+ "reviewLabel",
+ "guardLabel",
+ "boundaryTitle",
+ "summary",
+ "items",
+ ]:
+ assert_contains(
+ "web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard",
+ list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"].keys()),
+ key,
+ )
+ assert_contains(
+ "web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard",
+ list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"].keys()),
+ key,
+ )
+ for key in ["checks", "passed", "assigned", "runtime"]:
+ assert_contains(
+ "web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.summary",
+ list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["summary"].keys()),
+ key,
+ )
+ assert_contains(
+ "web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.summary",
+ list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["summary"].keys()),
+ key,
+ )
+ for key in [
+ "identityTraceCheck",
+ "handoffOutcomeCheck",
+ "ownerScopeCheck",
+ "authorityBoundaryCheck",
+ "evidenceTraceCheck",
+ "reviewerNoteCheck",
+ "mutationRejectionCheck",
+ "runtimeCutoverSeparationCheck",
+ ]:
+ assert_contains(
+ "web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.items",
+ list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["items"].keys()),
+ key,
+ )
+ assert_contains(
+ "web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.items",
+ list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["items"].keys()),
+ key,
+ )
owner_summary = owner_rollup["summary"]
assert_equal("owner_rollup.total_received_response_count", owner_summary["total_received_response_count"], 0)