diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json index fc9e5faf4..90932d31d 100644 --- a/apps/web/messages/en.json +++ b/apps/web/messages/en.json @@ -1077,6 +1077,64 @@ "body": "58% means high-level gates are pending; it is neither stuck nor runtime approval." } }, + "existingSurfaces": { + "title": "Existing Security Surfaces", + "subtitle": "Collects the frontend routes that already carry security, compliance, alert, authorization, governance, audit, and code review signals into one read-only index.", + "sourceLabel": "Original source", + "mode": "read-only link / no execution button", + "items": { + "securityCompliance": { + "title": "Security Compliance Hub", + "body": "The existing integrated page for SecurityPanel and CompliancePanel, covering errors, incidents, repair, and compliance stats.", + "source": "SecurityPanel / CompliancePanel; errors, incident summary, auto-repair stats" + }, + "legacySecurity": { + "title": "Legacy Security Monitor", + "body": "Keeps the earlier standalone security route visible so existing error stats and Sentry issue entrypoints do not disappear behind IwoooS.", + "source": "apps/web/src/app/[locale]/security/page.tsx; errors stats / issues" + }, + "legacyCompliance": { + "title": "Legacy Compliance Page", + "body": "Keeps the earlier standalone compliance route visible for incident, playbook, and auto-repair effectiveness data.", + "source": "apps/web/src/app/[locale]/compliance/page.tsx; incident summary / auto-repair stats" + }, + "alerts": { + "title": "Alert Management", + "body": "The active incident surface sorted from P0 to P3, feeding near-real-time security posture signals.", + "source": "useIncidents; incidents / pending approvals" + }, + "errors": { + "title": "Errors and UX Audit", + "body": "The existing error tracking and UX audit entrypoint for issues, trends, session replay, and user friction.", + "source": "ErrorsPanel; error stats / trends / ux-audit" + }, + "authorizations": { + "title": "Authorization Center", + "body": "The existing HITL and multi-sig entrypoint, preserving the human control boundary before future security runtime gates.", + "source": "LiveApprovalPanel; pending approvals / SSE" + }, + "governance": { + "title": "AI Governance Hub", + "body": "The existing governance events, SLO, remediation queue, and dry-run history surface for automation evidence.", + "source": "governance tabs; AI SLO / governance events / queue" + }, + "alertOperationLogs": { + "title": "Alert Operation Logs", + "body": "The full alert operation log surface for guardrails, preflight, approval escalation, and handling results.", + "source": "alert-operation-logs; events / stats" + }, + "awooopApprovals": { + "title": "AwoooP Approval Queue", + "body": "The existing AwoooP approvals page showing read-only dry-run, write observed, blocked, and human gate status.", + "source": "AwoooP approvals; platform approvals" + }, + "codeReview": { + "title": "AI Code Review Control Plane", + "body": "The existing Code Review page showing Hermes, OpenClaw, Elephant Alpha, NemoTron, and the non-blocking review pipeline.", + "source": "code-review page; review pipeline / agent assignment" + } + } + }, "nextGate": { "title": "Next High-level Gate", "body": "S4.9 Gitea owner attestation response is the recommended next owner evidence. Headline progress should only increase after owner responses, redacted payload ingestion, active runtime gates, or GitHub primary readiness actually change." diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index 967caa25b..1404e62eb 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -1078,6 +1078,64 @@ "body": "58% 代表等待高層 gate,不代表卡住,也不是 runtime approval。" } }, + "existingSurfaces": { + "title": "既有資安頁面整合", + "subtitle": "把前端原本已存在的安全、合規、告警、授權、治理、稽核與 Code Review 入口收成一張只讀索引,讓使用者知道資安能力已經散在哪裡。", + "sourceLabel": "原始來源", + "mode": "只讀連結 / 不新增執行按鈕", + "items": { + "securityCompliance": { + "title": "安全合規整合頁", + "body": "SecurityPanel 與 CompliancePanel 的既有整合頁,集中顯示錯誤、事件、修復與合規統計。", + "source": "SecurityPanel / CompliancePanel;errors、incident summary、auto-repair stats" + }, + "legacySecurity": { + "title": "既有安全監控頁", + "body": "保留早期 standalone security route 的可見性,避免既有錯誤統計與 Sentry issue 入口被 IwoooS 吃掉。", + "source": "apps/web/src/app/[locale]/security/page.tsx;errors stats / issues" + }, + "legacyCompliance": { + "title": "既有合規頁", + "body": "保留早期 standalone compliance route 的可見性,顯示 incident、playbook 與 auto-repair 成效資料。", + "source": "apps/web/src/app/[locale]/compliance/page.tsx;incident summary / auto-repair stats" + }, + "alerts": { + "title": "告警管理", + "body": "現有 active incident 入口,依 P0 到 P3 顯示告警與處理狀態,作為資安態勢的即時訊號。", + "source": "useIncidents;incidents / pending approvals" + }, + "errors": { + "title": "錯誤與 UX 稽核", + "body": "現有錯誤追蹤與 UX audit 入口,可回看 issue、趨勢、session replay 與使用者痛點。", + "source": "ErrorsPanel;error stats / trends / ux-audit" + }, + "authorizations": { + "title": "授權中心", + "body": "HITL 與 multi-sig 的既有入口,是未來資安 runtime gate 前必須保留的人控邊界。", + "source": "LiveApprovalPanel;pending approvals / SSE" + }, + "governance": { + "title": "AI 治理中樞", + "body": "現有治理事件、SLO、補救佇列與 dry-run history 入口,適合作為自動化前的治理證據面。", + "source": "governance tabs;AI SLO / governance events / queue" + }, + "alertOperationLogs": { + "title": "告警操作日誌", + "body": "完整 alert operation log 入口,能看見 guardrail、preflight、approval escalation 與處理結果。", + "source": "alert-operation-logs;events / stats" + }, + "awooopApprovals": { + "title": "AwoooP 審批佇列", + "body": "AwoooP approvals 既有頁面,顯示 read-only dry-run、write observed、blocked 等人控狀態。", + "source": "AwoooP approvals;platform approvals" + }, + "codeReview": { + "title": "AI Code Review 控制面", + "body": "既有 Code Review 頁面顯示 Hermes、OpenClaw、Elephant Alpha、NemoTron 與 non-blocking review pipeline。", + "source": "code-review page;review pipeline / agent assignment" + } + } + }, "nextGate": { "title": "下一個高層 Gate", "body": "S4.9 Gitea owner attestation response 是目前建議先收的 owner evidence。任何 headline 提升都要等 owner response、redacted payload ingestion、active runtime gate 或 GitHub primary readiness 有真實變化。" diff --git a/apps/web/src/app/[locale]/iwooos/page.tsx b/apps/web/src/app/[locale]/iwooos/page.tsx index 5db7ca6a1..e135ecf8d 100644 --- a/apps/web/src/app/[locale]/iwooos/page.tsx +++ b/apps/web/src/app/[locale]/iwooos/page.tsx @@ -8,13 +8,19 @@ import { Activity, AlertTriangle, + Bell, CheckCircle2, + ClipboardCheck, Clock3, + FileWarning, GitBranch, + ListChecks, Lock, Radar, + SearchCheck, ShieldCheck, } from 'lucide-react' +import Link from 'next/link' import { useTranslations } from 'next-intl' import { AppLayout } from '@/components/layout' @@ -35,6 +41,13 @@ type Lane = { mode: 'observe' | 'warn' } +type SecuritySurface = { + key: string + href: string + icon: typeof ShieldCheck + tone: 'steady' | 'warn' | 'locked' +} + const postureMetrics: PostureMetric[] = [ { key: 'overall', value: '58%', tone: 'warn' }, { key: 'framework', value: '80-85%', tone: 'steady' }, @@ -60,6 +73,19 @@ const nonBlockingLanes: Lane[] = [ { key: 'progressHolding', mode: 'observe' }, ] +const existingSecuritySurfaces: SecuritySurface[] = [ + { key: 'securityCompliance', href: '/security-compliance', icon: ShieldCheck, tone: 'steady' }, + { key: 'legacySecurity', href: '/security', icon: Radar, tone: 'warn' }, + { key: 'legacyCompliance', href: '/compliance', icon: ClipboardCheck, tone: 'warn' }, + { key: 'alerts', href: '/alerts', icon: Bell, tone: 'warn' }, + { key: 'errors', href: '/errors', icon: FileWarning, tone: 'warn' }, + { key: 'authorizations', href: '/authorizations', icon: Lock, tone: 'locked' }, + { key: 'governance', href: '/governance', icon: ShieldCheck, tone: 'locked' }, + { key: 'alertOperationLogs', href: '/alert-operation-logs', icon: ListChecks, tone: 'steady' }, + { key: 'awooopApprovals', href: '/awooop/approvals', icon: ClipboardCheck, tone: 'locked' }, + { key: 'codeReview', href: '/code-review', icon: SearchCheck, tone: 'warn' }, +] + const evidenceItems = [ 'iwooos-posture-projection.snapshot.json', 'security-rollout-policy.snapshot.json', @@ -170,6 +196,49 @@ function LaneRow({ item, index }: { item: Lane; index: number }) { ) } +function SurfaceCard({ item, locale }: { item: SecuritySurface; locale: string }) { + const t = useTranslations('iwooos.existingSurfaces') + const Icon = item.icon + return ( + +
+ {t(`items.${item.key}.body` as never)} +
++ {t('existingSurfaces.subtitle')} +
+