fix(governance): 同步服務健康通知紅線契約
All checks were successful
CD Pipeline / tests (push) Successful in 1m33s
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / build-and-deploy (push) Successful in 4m0s
CD Pipeline / post-deploy-checks (push) Successful in 1m44s

This commit is contained in:
Your Name
2026-06-05 15:50:55 +08:00
parent d2963c16f5
commit d66effe62e
4 changed files with 26 additions and 26 deletions

View File

@@ -6,7 +6,7 @@ policy defines success-noise suppression, failure/action-required escalation,
message redaction, and frontend display limits. It never sends Telegram or
AwoooP notifications, writes operator events, probes live systems, restarts
services, changes endpoints, triggers workflows, reads secrets, or displays
work-window conversation transcripts.
internal conversation transcripts.
"""
from __future__ import annotations
@@ -220,17 +220,17 @@ def _require_frontend_redaction_contract(payload: dict[str, Any], label: str) ->
forbidden = set(contract.get("forbidden_frontend_content") or [])
required_forbidden = {
"工作視窗對話內容",
"Codex / user 訊息逐字稿",
"prompt / chain-of-thought",
"session id / browser context",
"secret / token / authorization header",
"內部對話內容",
"Codex / 使用者訊息逐字稿",
"提示詞 / 思考鏈",
"工作階段識別碼 / 瀏覽器脈絡",
"機密 / 權杖 / 授權標頭",
}
if not required_forbidden.issubset(forbidden):
raise ValueError(f"{label}: display_redaction_contract is missing required forbidden content")
allowed_fields = set(contract.get("allowed_frontend_fields") or [])
if "committed evidence ref" not in allowed_fields or "policy rule summary" not in allowed_fields:
if "已提交證據參照" not in allowed_fields or "政策規則摘要" not in allowed_fields:
raise ValueError(f"{label}: display_redaction_contract must limit frontend to committed policy evidence")