7381 lines
365 KiB
JSON
7381 lines
365 KiB
JSON
{
|
||
"metadata": {
|
||
"title": "AWOOOI - 零干預維運,以人為本的決策",
|
||
"description": "AI 驅動的智能維運平台"
|
||
},
|
||
"common": {
|
||
"loading": "載入中...",
|
||
"error": "發生錯誤",
|
||
"success": "成功",
|
||
"cancel": "取消",
|
||
"confirm": "確認",
|
||
"close": "關閉",
|
||
"closeEsc": "關閉 (ESC)",
|
||
"previous": "上一個 (←)",
|
||
"next": "下一個 (→)",
|
||
"save": "儲存",
|
||
"delete": "刪除",
|
||
"edit": "編輯",
|
||
"back": "返回",
|
||
"clear": "清除",
|
||
"refresh": "重新整理",
|
||
"viewDetails": "檢視詳情",
|
||
"later": "稍後",
|
||
"keyboardShortcuts": "鍵盤快捷鍵",
|
||
"showShortcuts": "顯示快捷鍵"
|
||
},
|
||
"brand": {
|
||
"name": "AWOOOI",
|
||
"slogan": "零干預維運,以人為本的決策。",
|
||
"sloganAlt": "Zero-Touch Ops. Human-Centric Decisions.",
|
||
"tagline": "AI 指揮操作介面",
|
||
"aiTagline": "AI 觀察。AI 行動。您簽核。",
|
||
"version": "v1.0.0",
|
||
"environment": "正式環境"
|
||
},
|
||
"nav": {
|
||
"home": "首頁",
|
||
"dashboard": "儀表板",
|
||
"approvals": "授權中心",
|
||
"errors": "錯誤追蹤",
|
||
"actions": "行動日誌",
|
||
"knowledge": "知識殿堂",
|
||
"settings": "設定",
|
||
"alerts": "告警",
|
||
"monitoring": "服務監控",
|
||
"apm": "APM",
|
||
"topology": "拓撲圖",
|
||
"security": "安全",
|
||
"compliance": "合規",
|
||
"autoRepair": "自動修復",
|
||
"deployments": "部署管理",
|
||
"tickets": "工單",
|
||
"cost": "成本分析",
|
||
"reports": "報表",
|
||
"terminal": "終端",
|
||
"apps": "應用",
|
||
"services": "服務目錄",
|
||
"users": "使用者",
|
||
"notifications": "通知",
|
||
"billing": "帳單",
|
||
"help": "說明",
|
||
"drift": "漂移偵測",
|
||
"neuralCommand": "神經指揮中心",
|
||
"commandCenter": "指令中心",
|
||
"observability": "可觀測性",
|
||
"automation": "自動化",
|
||
"operations": "營運",
|
||
"securityCompliance": "安全合規",
|
||
"classicAICenter": "經典 AI 中心",
|
||
"governance": "AI 治理",
|
||
"awooop": "AwoooP",
|
||
"iwooos": "IwoooS"
|
||
},
|
||
"locale": {
|
||
"switch": "切換語系",
|
||
"zhTW": "繁",
|
||
"en": "EN"
|
||
},
|
||
"demo": {
|
||
"title": "AWOOOI 展示",
|
||
"subtitle": "視覺驗收測試",
|
||
"mockMode": "模擬模式",
|
||
"spikeControls": "CPU 飆高模擬控制台",
|
||
"spikeActive": "飆高進行中",
|
||
"triggerSpike": "觸發 {host}",
|
||
"clearSpike": "清除飆高",
|
||
"approvalCards": "HITL 授權卡片 (CPO-107)",
|
||
"statusShowcase": "狀態指示燈展示",
|
||
"lowRiskDemo": "低風險 - 1 秒長按",
|
||
"highRiskDemo": "高風險 - 1 秒長按",
|
||
"criticalDemo": "危急 + 毀滅性 - 2 秒長按 + 紅色光暈",
|
||
"hitlRealApi": "HITL Multi-Sig (真實 API)",
|
||
"addCritical": "+ 嚴重",
|
||
"addMedium": "+ 中度",
|
||
"creating": "建立中..."
|
||
},
|
||
"host": {
|
||
"devops": {
|
||
"name": "DevOps 金庫",
|
||
"shortName": "DevOps"
|
||
},
|
||
"security": {
|
||
"name": "Kali 安全中心",
|
||
"shortName": "Kali"
|
||
},
|
||
"k3s": {
|
||
"name": "K3s 主控節點",
|
||
"shortName": "K3s"
|
||
},
|
||
"aiWeb": {
|
||
"name": "AI+Web 中心",
|
||
"shortName": "AI+Web"
|
||
}
|
||
},
|
||
"dashboard": {
|
||
"title": "AI中心",
|
||
"tagline": "AI 指揮操作介面",
|
||
"subtitle": "AI 驅動的統一運維視圖",
|
||
"liveStats": "即時統計",
|
||
"activeNodes": "活躍節點",
|
||
"pendingAlerts": "待處理告警",
|
||
"pendingApprovals": "待處理授權",
|
||
"overallStatus": "整體狀態",
|
||
"waitingData": "等待資料中...",
|
||
"cpu": "CPU",
|
||
"memory": "記憶體",
|
||
"baseline": "基準線",
|
||
"baselineFormat": "(基準線: {value}%)",
|
||
"criticality": "重備性",
|
||
"systemStatus": "系統狀態",
|
||
"eventStream": "事件流",
|
||
"aiAgent": "AI 代理",
|
||
"globalPulse": "全局脈搏",
|
||
"liveUpdates": "即時更新",
|
||
"liveDashboard": "即時事件流 (SSE)",
|
||
"loadingMetrics": "載入指標中...",
|
||
"metricsError": "指標載入失敗",
|
||
"flow": {
|
||
"alert": "告警",
|
||
"detection": "AI偵測",
|
||
"analysis": "AI分析",
|
||
"proposal": "提案生成",
|
||
"approval": "等待授權",
|
||
"execution": "執行",
|
||
"resolved": "完成"
|
||
},
|
||
"activeIncidents": "活躍事件",
|
||
"serviceHealth": "服務健康",
|
||
"todayIncidents": "今日事件",
|
||
"autoRemediationRate": "自動處置率",
|
||
"mttrAvg": "MTTR 均值",
|
||
"stable": "穩定",
|
||
"normal": "正常",
|
||
"openclawEngine": "OPENCLAW 認知引擎",
|
||
"infrastructure": "基礎架構",
|
||
"podHealth": "POD 健康",
|
||
"allRunning": "全部運行中",
|
||
"servicesUp": "服務上線",
|
||
"monitoringTools": "監控工具",
|
||
"monitoringStatus": {
|
||
"up": "正常",
|
||
"down": "離線",
|
||
"unknown": "未知",
|
||
"firing": "觸發",
|
||
"alert": "告警"
|
||
},
|
||
"connectionError": "無法連線",
|
||
"metaVersion": "版本",
|
||
"metaStats": "統計",
|
||
"metaUpdatedAt": "更新",
|
||
"tabs": {
|
||
"overview": "戰情總覽",
|
||
"alerts": "告警 & 授權",
|
||
"stream": "活動串流",
|
||
"disposition": "處置統計"
|
||
},
|
||
"alertEvents": "告警事件",
|
||
"noActiveAlerts": "目前無活躍告警",
|
||
"pendingApprovalsTitle": "待批准授權",
|
||
"noPendingApprovals": "無待批准項目",
|
||
"approve": "批准",
|
||
"reject": "拒絕",
|
||
"activityStream": "系統活動串流",
|
||
"sseConnected": "SSE 連線中",
|
||
"sseDisconnected": "連線中斷",
|
||
"waitingEvents": "等待即時事件...",
|
||
"statusLabel": "狀態",
|
||
"hostsLabel": "主機",
|
||
"eventsCount": "{count} 筆",
|
||
"noDispositionData": "目前無處置統計資料",
|
||
"totalDispositions": "處置總次數",
|
||
"autoRate": "自動化率",
|
||
"humanRate": "人工介入率",
|
||
"autoRepairLabel": "自動修復",
|
||
"humanApprovedLabel": "人工審核",
|
||
"manualResolvedLabel": "手動處理",
|
||
"coldStartLabel": "冷啟動",
|
||
"dispositionBreakdown": "處置方式分佈",
|
||
"hostView": "主機",
|
||
"topoView": "拓撲",
|
||
"waitingHostData": "等待主機資料...",
|
||
"dashboardConnecting": "Dashboard API 連線中",
|
||
"alertBadge": "{count} 告警",
|
||
"alertBadgeZero": "0 告警",
|
||
"awaitingConfirm": "等待確認",
|
||
"viewAllAlerts": "查看全部告警",
|
||
"viewAllAuth": "查看全部授權",
|
||
"viewAllReport": "查看完整報表",
|
||
"aiModelStatus": "AI 模型狀態",
|
||
"loading": "載入中...",
|
||
"trendUp": "↑{pct}%",
|
||
"searchPlaceholderShort": "搜尋...",
|
||
"cotTitle": "推理時間軸",
|
||
"cotNoEvents": "等待事件推理資料...",
|
||
"cotReasoning": "推理",
|
||
"cotConfidence": "信心",
|
||
"cotProvider": "模型",
|
||
"cotLatency": "耗時",
|
||
"cotTools": "工具呼叫",
|
||
"cotClickHint": "點擊事件查看推理細節",
|
||
"byAnomalyTitle": "異常類型分佈 Top 5",
|
||
"byAnomalyAutoRate": "自動修復率 {pct}%",
|
||
"mttrTitle": "MTTR 概覽",
|
||
"mttrUnit": "分鐘",
|
||
"mttrNoData": "尚無 MTTR 資料"
|
||
},
|
||
"openclaw": {
|
||
"name": "OpenClaw",
|
||
"monitoring": "即時監控中",
|
||
"statusOk": "正常",
|
||
"statusWarning": "警告",
|
||
"messageOk": "所有系統運作正常,無需處理。",
|
||
"messageWarning": "{host} 狀態異常,建議檢查相關服務。"
|
||
},
|
||
"ai": {
|
||
"title": "AI 決策引擎",
|
||
"intercepting": "[SYS] 攔截異常訊號...",
|
||
"analyzing": "OpenClaw 正在分析爆炸半徑...",
|
||
"calculating": "計算風險矩陣與簽核門檻...",
|
||
"generating": "生成修復腳本建議...",
|
||
"complete": "分析完成,待簽核卡片已建立",
|
||
"processingAlert": "正在處理告警...",
|
||
"analysisComplete": "分析完成",
|
||
"patrolling": "巡邏中...",
|
||
"standby": "待命",
|
||
"processFlow": "AI 決策流程",
|
||
"processing": "處理中"
|
||
},
|
||
"agent": {
|
||
"title": "AI 代理",
|
||
"state": "狀態",
|
||
"idle": "待命",
|
||
"standby": "待命中",
|
||
"patrolling": "巡邏中",
|
||
"intercepting": "攔截異常中",
|
||
"analyzing": "分析中",
|
||
"generating": "生成提案中",
|
||
"complete": "分析完成",
|
||
"executing": "執行中",
|
||
"waitingApproval": "等待授權",
|
||
"error": "錯誤",
|
||
"lastCheck": "最後檢查"
|
||
},
|
||
"metrics": {
|
||
"title": "全局脈搏",
|
||
"realtime": "即時更新",
|
||
"rps": "每秒請求",
|
||
"errorRate": "錯誤率",
|
||
"p99Latency": "P99 延遲",
|
||
"aiSuccess": "AI 成功率"
|
||
},
|
||
"connection": {
|
||
"disconnected": "已斷線",
|
||
"connecting": "連線中...",
|
||
"subscribing": "訂閱中...",
|
||
"connected": "即時",
|
||
"streaming": "串流中",
|
||
"reconnecting": "重新連線...",
|
||
"error": "連線錯誤",
|
||
"mockMode": "模擬"
|
||
},
|
||
"terminal": {
|
||
"title": "AWOOOI 終端機",
|
||
"version": "版本",
|
||
"waiting": "> 等待指令...",
|
||
"initiate": "啟動同步",
|
||
"executing": ">_ 執行中...",
|
||
"events": "{count} 事件",
|
||
"stream": "串流: /agent/thinking",
|
||
"waitingForData": "等待決策鏈資料...",
|
||
"steps": "步驟",
|
||
"streaming": "串流中",
|
||
"paused": "已暫停",
|
||
"blastRadius": "[ 爆炸半徑 ]",
|
||
"rootCauseChain": "[ 根因分析鏈 ]",
|
||
"upstreamImpact": "[ 上游影響 ]",
|
||
"downstreamDependencies": "[ 下游依賴 ]",
|
||
"dependsOn": "依賴",
|
||
"calls": "呼叫",
|
||
"finopsAnalysis": "[ FINOPS 分析 ]",
|
||
"wastedPerMonth": "每月浪費",
|
||
"realizable": "可實現",
|
||
"freed": "已釋放",
|
||
"connecting": "連線中...",
|
||
"connected": "已連線",
|
||
"streamComplete": "串流完成",
|
||
"streamAborted": "串流已中斷",
|
||
"stop": "停止",
|
||
"clear": "清除"
|
||
},
|
||
"omniTerminal": {
|
||
"title": "OMNI-TERMINAL",
|
||
"fullTitle": "AWOOOI // OMNI-TERMINAL",
|
||
"shortcut": "⌘J",
|
||
"open": "開啟終端機",
|
||
"close": "關閉終端機",
|
||
"inputPlaceholder": "輸入指令...",
|
||
"inputPlaceholderFull": "輸入指令或詢問 AI... (例如: /approval list)",
|
||
"sseLive": "SSE 即時連線",
|
||
"offline": "離線",
|
||
"system": "[SYS]",
|
||
"agent": "[AI]",
|
||
"user": "$",
|
||
"unknownComponent": "未知組件",
|
||
"executing": "執行中",
|
||
"completed": "已完成",
|
||
"failed": "失敗"
|
||
},
|
||
"nuclearKey": {
|
||
"authorize": "授權執行",
|
||
"authorized": "已授權",
|
||
"authorizing": "授權中...",
|
||
"holdToAuthorize": "長按以授權...",
|
||
"holdHintMobile": "按住以授權",
|
||
"holdHintDesktop": "按住 Y 鍵或點擊長按以授權",
|
||
"keepHolding": "繼續按住以授權...",
|
||
"highBlastRadius": "此操作具有高影響範圍",
|
||
"executionAuthorized": "執行已授權並完成",
|
||
"executionFailed": "執行失敗",
|
||
"riskLevel": {
|
||
"low": "低風險",
|
||
"medium": "中風險",
|
||
"high": "高風險",
|
||
"critical": "危急"
|
||
}
|
||
},
|
||
"incident": {
|
||
"title": "事件管理",
|
||
"activeIncidents": "活躍事件",
|
||
"noActiveIncidents": "目前無活躍事件",
|
||
"systemStable": "系統穩定",
|
||
"activeAlerts": "筆活躍告警",
|
||
"signals": "筆告警",
|
||
"proposals": "筆提案",
|
||
"affectedServices": "受影響服務",
|
||
"emptyState": "目前沒有活躍事件",
|
||
"emptyStateDescription": "系統運作正常,無需處理",
|
||
"status": {
|
||
"investigating": "調查中",
|
||
"mitigating": "緩解中",
|
||
"resolved": "已解決",
|
||
"closed": "已關閉"
|
||
},
|
||
"severity": {
|
||
"P0": "P0 (危急)",
|
||
"P1": "P1 (嚴重)",
|
||
"P2": "P2 (警告)",
|
||
"P3": "P3 (資訊)"
|
||
},
|
||
"generateProposal": "生成提案",
|
||
"viewDetails": "查看詳情",
|
||
"card": {
|
||
"executing": "執行中...",
|
||
"approved": "[ 已授權 ]",
|
||
"rejected": "[ 已拒絕 ]",
|
||
"error": "錯誤",
|
||
"timeout": "超時",
|
||
"retry": "重試",
|
||
"timeoutMessage": "執行超時,請檢查 API 日誌",
|
||
"checkApiLogs": "請檢查 API 日誌",
|
||
"analyzing": "大腦分析中...",
|
||
"waitingDecision": "等待決策",
|
||
"authorizeExecution": "授權執行",
|
||
"rejectProposal": "拒絕提案",
|
||
"aiExecuting": ">_ AI 執行中 (Tier 1)",
|
||
"brainAnalyzing": ">_ 大腦分析中...",
|
||
"decisionReady": ">_ 決策就緒 (Tier {tier})",
|
||
"waitingCommander": ">_ 等待統帥親核 (Tier {tier})",
|
||
"suggestedAction": "> 建議行動:",
|
||
"authorize": "授權",
|
||
"reject": "拒絕",
|
||
"anomaly": "異常",
|
||
"affectedServices": "影響服務",
|
||
"signalCount": "信號數",
|
||
"statusLabel": "狀態",
|
||
"aiProposal": "AI 提案",
|
||
"processingTimeline": "處理歷程",
|
||
"timelineLoading": "載入處理歷程...",
|
||
"timelineEvents": "事件明細",
|
||
"timelineSource": "來源",
|
||
"timelineRoute": "MCP",
|
||
"timelineWrites": "寫入"
|
||
}
|
||
},
|
||
"status": {
|
||
"idle": "待命",
|
||
"thinking": "思考中",
|
||
"syncing": "同步中",
|
||
"executing": "執行中",
|
||
"waitingApproval": "等待授權",
|
||
"error": "錯誤",
|
||
"healthy": "健康",
|
||
"warning": "警告",
|
||
"critical": "危急",
|
||
"degraded": "降級",
|
||
"unhealthy": "異常"
|
||
},
|
||
"approval": {
|
||
"title": "授權請求",
|
||
"card": "授權卡片",
|
||
"approve": "批准",
|
||
"reject": "拒絕",
|
||
"holdToApprove": "長按以批准",
|
||
"holdToConfirm": "長按以確認",
|
||
"holdToSign": "長按以簽核",
|
||
"confirming": "確認中...",
|
||
"signing": "簽核中...",
|
||
"needMore": "還需 {count} 人簽核",
|
||
"confirmDestructive": "確認毀滅性操作",
|
||
"approveDestructive": "批准 (毀滅性)",
|
||
"pendingApprovals": "待授權項目",
|
||
"riskLevel": "風險等級",
|
||
"signatures": "簽核",
|
||
"requiredSignatures": "所需簽核數",
|
||
"currentSignatures": "已簽核數",
|
||
"requestedBy": "申請者",
|
||
"expiresAt": "到期時間",
|
||
"holdHint": "長按按鈕 {seconds} 秒以{action}",
|
||
"actionApprove": "批准",
|
||
"actionConfirm": "確認毀滅性操作",
|
||
"actionSign": "簽核",
|
||
"waitingSecondSig": "等待第二位主管簽核",
|
||
"signedBy": "已由 {name} 簽核",
|
||
"signedAt": "於 {time}",
|
||
"signSuccess": "簽核成功",
|
||
"executionTriggered": "已觸發執行",
|
||
"rejectSuccess": "已拒絕",
|
||
"rejectReason": "拒絕原因",
|
||
"enterReason": "請輸入拒絕原因...",
|
||
"signComment": "簽核備註 (選填)",
|
||
"enterComment": "輸入備註...",
|
||
"noApprovals": "目前沒有待簽核項目",
|
||
"fetchError": "無法取得授權清單",
|
||
"noPendingApprovals": "目前無待授權項目",
|
||
"selectApproval": "請選擇一個待授權項目",
|
||
"backToList": "返回列表",
|
||
"previousApproval": "上一個項目",
|
||
"nextApproval": "下一個項目",
|
||
"holdToApproveHint": "長按按鈕以批准或拒絕",
|
||
"swipeHint": "向左滑動查看詳情,向右滑動返回列表",
|
||
"holdYToApprove": "長按 Y 鍵核准 (2秒)",
|
||
"pressNToReject": "按 N 鍵拒絕",
|
||
"justNow": "剛剛",
|
||
"minutesAgo": "{count} 分鐘前",
|
||
"hoursAgo": "{count} 小時前",
|
||
"daysAgo": "{count} 天前",
|
||
"batch": {
|
||
"title": "批次處理模式",
|
||
"bulkApprove": "全部接受",
|
||
"sequential": "逐一審核",
|
||
"criticalOnly": "僅顯示 CRITICAL",
|
||
"eligible": "項可批次",
|
||
"items": "項",
|
||
"securityNote": "CRITICAL 風險與 DESTRUCTIVE 資料影響的項目需單獨審核,無法批次核准。"
|
||
}
|
||
},
|
||
"risk": {
|
||
"low": "低風險",
|
||
"medium": "中風險",
|
||
"high": "高風險",
|
||
"critical": "危急"
|
||
},
|
||
"dryRun": {
|
||
"title": "預演檢查",
|
||
"validation": "DRY-RUN 驗證",
|
||
"passed": "通過",
|
||
"failed": "失敗",
|
||
"checks": "檢查項目",
|
||
"rbac": "權限驗證",
|
||
"syntax": "語法驗證",
|
||
"resource": "資源檢查",
|
||
"replicaCount": "副本數量",
|
||
"backupAvailable": "備份可用",
|
||
"clusterAdmin": "叢集管理員",
|
||
"dbAdmin": "資料庫管理員",
|
||
"deploymentAdmin": "部署管理員",
|
||
"noRecentBackup": "無近期備份!",
|
||
"ok": "正常"
|
||
},
|
||
"blastRadius": {
|
||
"title": "爆炸半徑",
|
||
"affectedPods": "受影響 Pod",
|
||
"estimatedDowntime": "預估停機時間",
|
||
"relatedServices": "相關服務",
|
||
"dataImpact": "資料影響",
|
||
"none": "無",
|
||
"readOnly": "唯讀",
|
||
"write": "可寫",
|
||
"destructive": "毀滅性"
|
||
},
|
||
"graphRag": {
|
||
"title": "拓撲分析",
|
||
"blastRadius": "爆炸半徑",
|
||
"rootCause": "根本原因",
|
||
"upstreamImpact": "上游影響",
|
||
"downstreamChain": "下游依賴鏈",
|
||
"dependsOn": "依賴於",
|
||
"calls": "呼叫",
|
||
"affectedCount": "受影響數量",
|
||
"probableRootCauses": "可能的根本原因"
|
||
},
|
||
"finops": {
|
||
"title": "成本分析",
|
||
"totalWasted": "每月浪費",
|
||
"realizableSavings": "可實現節省",
|
||
"freedResources": "釋放資源",
|
||
"annualProjection": "年度預估",
|
||
"topActions": "主要建議",
|
||
"orphanedPvc": "孤兒儲存卷",
|
||
"zombiePod": "殭屍容器",
|
||
"overProvisioned": "過度配置"
|
||
},
|
||
"trustEngine": {
|
||
"title": "信任引擎",
|
||
"trustScore": "信任分數",
|
||
"progressive": "漸進自治",
|
||
"approved": "已批准",
|
||
"rejected": "已拒絕",
|
||
"neverDowngrade": "永不降級"
|
||
},
|
||
"multiSig": {
|
||
"title": "多重簽核",
|
||
"signature": "簽章",
|
||
"signedBy": "簽署人",
|
||
"signedAt": "簽署時間",
|
||
"voided": "已作廢",
|
||
"toctouWarning": "狀態變更警告"
|
||
},
|
||
"privacy": {
|
||
"title": "隱私防護",
|
||
"redacted": "已脫敏",
|
||
"piiDetected": "偵測到個資"
|
||
},
|
||
"mockData": {
|
||
"deletePod": "刪除 Pod: nginx-frontend-7d4b8c9f5-xk2m3",
|
||
"deletePodDesc": "清理無回應的前端 Pod,將觸發 ReplicaSet 自動重建",
|
||
"dropTable": "刪除資料表: user_sessions",
|
||
"dropTableDesc": "清除所有使用者 Session,將強制登出所有用戶",
|
||
"scaleDeployment": "擴展部署: api-backend",
|
||
"scaleDeploymentDesc": "從 3 個副本擴展至 5 個以應對流量增加",
|
||
"testActions": {
|
||
"lowAction": "擴展部署 api-backend 至 5 副本",
|
||
"lowDesc": "增加後端服務副本數以應對流量增長",
|
||
"mediumAction": "刪除 Pod nginx-ingress-7d6f8c9b5-abc12",
|
||
"mediumDesc": "清理無回應的前端 Pod,ReplicaSet 將自動重建",
|
||
"criticalAction": "刪除資料表 user_sessions",
|
||
"criticalDesc": "清除所有用戶 session 以強制重新登入。此操作將影響所有線上用戶。"
|
||
}
|
||
},
|
||
"actionLog": {
|
||
"title": "行動日誌",
|
||
"subtitle": "K8s 操作執行稽核軌跡",
|
||
"noLogs": "目前沒有執行紀錄",
|
||
"loading": "載入中...",
|
||
"fetchError": "無法取得稽核日誌",
|
||
"columns": {
|
||
"time": "執行時間",
|
||
"operation": "操作類型",
|
||
"target": "目標資源",
|
||
"namespace": "命名空間",
|
||
"status": "狀態",
|
||
"duration": "耗時",
|
||
"executor": "執行者"
|
||
},
|
||
"operations": {
|
||
"DELETE_POD": "刪除 Pod",
|
||
"RESTART_DEPLOYMENT": "重啟部署",
|
||
"SCALE_DEPLOYMENT": "擴展部署"
|
||
},
|
||
"status": {
|
||
"success": "成功",
|
||
"failure": "失敗"
|
||
},
|
||
"stats": {
|
||
"title": "統計概覽",
|
||
"total": "總執行數",
|
||
"successRate": "成功率",
|
||
"avgDuration": "平均耗時",
|
||
"last24h": "過去 24 小時"
|
||
},
|
||
"dryRun": {
|
||
"passed": "Dry-Run 通過",
|
||
"failed": "Dry-Run 失敗"
|
||
},
|
||
"pagination": {
|
||
"page": "第 {current} 頁,共 {total} 頁",
|
||
"prev": "上一頁",
|
||
"next": "下一頁"
|
||
}
|
||
},
|
||
"placeholder": {
|
||
"underConstruction": "建置中",
|
||
"authorizations": "[ 授權中心建置中 ]",
|
||
"knowledgeBase": "[ 知識殿堂建置中 ]",
|
||
"settings": "[ 系統設定建置中 ]"
|
||
},
|
||
"footer": {
|
||
"copyright": "© 2026 岑洋國際行銷有限公司",
|
||
"poweredBy": "由 leWOOOgo 引擎驅動"
|
||
},
|
||
"errorBoundary": {
|
||
"systemFailure": "[系統故障]",
|
||
"criticalError": "偵測到嚴重的 UI 渲染錯誤。自動修復嘗試已耗盡。",
|
||
"escalating": "正在升級至 OpenClaw AIOps 代理...",
|
||
"forceRestart": "強制手動重啟",
|
||
"detectingAnomaly": "[ 偵測異常中 ]",
|
||
"autoHealingAttempt": "啟動自動修復協議 (嘗試 {attempt}/3)"
|
||
},
|
||
"errors": {
|
||
"title": "錯誤追蹤",
|
||
"subtitle": "Sentry 錯誤追蹤 + OpenClaw AI 分析",
|
||
"overview": "錯誤概覽",
|
||
"recentIssues": "近期問題",
|
||
"errorTrend": "錯誤趨勢",
|
||
"noData": "無錯誤數據",
|
||
"noIssues": "目前沒有錯誤",
|
||
"noTrendData": "無趨勢數據",
|
||
"unresolvedIssues": "未解決問題",
|
||
"errors24h": "24 小時內錯誤",
|
||
"criticalErrors": "嚴重錯誤",
|
||
"totalIssues": "總問題數",
|
||
"totalErrors": "錯誤總數 ({period})",
|
||
"projects": "專案",
|
||
"aiAnalyze": "AI 分析",
|
||
"aiAnalysis": "AI 分析結果",
|
||
"analyzing": "分析中...",
|
||
"rootCause": "根因",
|
||
"fixSummary": "修復建議",
|
||
"category": "類別",
|
||
"confidence": "信心度",
|
||
"loading": "載入中...",
|
||
"refresh": "重新整理",
|
||
"sentryDashboard": "Sentry 儀表板",
|
||
"footerInfo": "資料來源: Sentry Self-Hosted | AI 分析: OpenClaw | 自動刷新: 60 秒",
|
||
"timeAgo": {
|
||
"minutes": "{count} 分鐘前",
|
||
"hours": "{count} 小時前",
|
||
"days": "{count} 天前"
|
||
},
|
||
"uxAudit": {
|
||
"title": "UX 審計",
|
||
"noData": "無 Session Replay 數據",
|
||
"replaysWithErrors": "有錯誤的 Replay",
|
||
"uiErrors": "UI 錯誤",
|
||
"rageClicks": "憤怒點擊",
|
||
"deadClicks": "死亡點擊",
|
||
"recentReplays": "近期 Replay",
|
||
"recentUIErrors": "近期 UI 錯誤",
|
||
"replayWithErrors": "Replay 包含 {count} 個錯誤",
|
||
"occurrences": "{count} 次發生",
|
||
"viewDashboard": "查看 Replay Dashboard",
|
||
"health": {
|
||
"good": "良好",
|
||
"moderate": "中等",
|
||
"poor": "不佳"
|
||
}
|
||
}
|
||
},
|
||
"alerts": {
|
||
"autoRefresh": "每 {seconds} 秒自動刷新",
|
||
"incidentCount": "{count, plural, one {# 個事件} other {# 個事件}}"
|
||
},
|
||
"navSection": {
|
||
"aiCore": "AI 核心",
|
||
"monitoring": "監控與安全",
|
||
"ops": "運維管理",
|
||
"knowledge": "知識與工具"
|
||
},
|
||
"sidebar": {
|
||
"expand": "展開側欄",
|
||
"collapse": "收合側欄"
|
||
},
|
||
"settings": {
|
||
"title": "系統設定",
|
||
"appearance": "外觀",
|
||
"appearanceDesc": "主題、字體、密度",
|
||
"appearanceSettings": "外觀設定",
|
||
"language": "語言",
|
||
"languageDesc": "介面語言設定",
|
||
"languageSettings": "語言設定",
|
||
"notify": "通知",
|
||
"notifyDesc": "Telegram / 瀏覽器通知偏好",
|
||
"notifySettings": "通知設定",
|
||
"system": "系統資訊",
|
||
"systemDesc": "版本與 API 端點",
|
||
"systemSettings": "系統資訊",
|
||
"compactMode": "緊湊模式",
|
||
"compactModeDesc": "減少各元件間距,顯示更多資訊",
|
||
"designSystem": "設計系統",
|
||
"designSystemValue": "Nothing.tech 純白工業風(固定)",
|
||
"themeColor": "主題色",
|
||
"themeColorValue": "OpenClaw Blue + 橘紅 Accent(固定)",
|
||
"browserNotify": "瀏覽器推播通知",
|
||
"browserNotifyDesc": "新 Incident 時顯示系統通知",
|
||
"p0Only": "僅 P0 CRITICAL 通知",
|
||
"p0OnlyDesc": "過濾低嚴重度告警,減少噪音",
|
||
"telegramNotify": "Telegram 通知",
|
||
"telegramNotifyDesc": "由 OpenClaw Bot 推送(需後端設定)",
|
||
"backendConfig": "後端設定",
|
||
"frontendVersion": "前端版本",
|
||
"apiEndpoint": "API 端點",
|
||
"notConfigured": "(未設定)",
|
||
"phase": "Phase",
|
||
"save": "儲存設定",
|
||
"saved": "已儲存",
|
||
"zhTW": "繁",
|
||
"zhTWSub": "Traditional Chinese",
|
||
"en": "EN",
|
||
"enSub": "English (US)"
|
||
},
|
||
"autoRepair": {
|
||
"subtitle": "高品質 Playbook 自動執行 · 風險 ≤ MEDIUM · 成功率 ≥ 95%",
|
||
"approvedPlaybooks": "已批准 Playbooks",
|
||
"highQualityPlaybooks": "高品質 Playbooks",
|
||
"highQualitySub": "成功率 ≥ 95% · 執行 ≥ 10 次",
|
||
"totalExecutions": "總執行次數",
|
||
"overallSuccessRate": "整體成功率",
|
||
"eligible": "✓ 可啟用自動修復",
|
||
"notEligible": "尚無高品質 Playbook",
|
||
"ready": "自動修復已就緒",
|
||
"notReady": "自動修復未就緒",
|
||
"readyDesc": "{count} 個高品質 Playbook 可用",
|
||
"notReadyDesc": "需要至少 1 個高品質 Playbook(成功率 ≥ 95%、執行 ≥ 10 次)",
|
||
"incidentEval": "活躍 Incident 評估(P1/P2)",
|
||
"canAutoRepair": "可自動修復",
|
||
"notEligibleShort": "不符合條件",
|
||
"riskLevel": "風險等級",
|
||
"successRate": "成功率",
|
||
"execCount": "執行次數",
|
||
"decisionReason": "決策原因",
|
||
"execSuccess": "執行成功 ({ms}ms)",
|
||
"execFailed": "執行失敗: {error}",
|
||
"executing": "執行中...",
|
||
"execute": "執行修復",
|
||
"noEligible": "目前無符合自動修復條件的 Incident",
|
||
"dispositionAuto": "自動修復",
|
||
"dispositionHuman": "人工審核",
|
||
"dispositionManual": "手動處理",
|
||
"dispositionCold": "冷啟動信任"
|
||
},
|
||
"openclawPanel": {
|
||
"patrolling": "[AGENT] patrolling...",
|
||
"intercepting": "[SYS] Intercepting anomaly...",
|
||
"analyzing": "[SYS] Analyzing blast radius...",
|
||
"generating": "[SYS] Generating proposed action...",
|
||
"complete": "[SYS] Analysis complete"
|
||
},
|
||
"knowledgeBase": {
|
||
"title": "知識殿堂",
|
||
"searchPlaceholder": "搜尋知識條目...",
|
||
"allCategories": "全部",
|
||
"noResults": "找不到相關知識條目",
|
||
"createEntry": "新增條目",
|
||
"viewCount": "瀏覽",
|
||
"relatedPlaybook": "相關 Playbook",
|
||
"relatedIncident": "相關事件",
|
||
"approve": "審核通過",
|
||
"approving": "審核中...",
|
||
"archive": "封存",
|
||
"archiving": "封存中...",
|
||
"status": {
|
||
"draft": "草稿",
|
||
"review": "審核中",
|
||
"approved": "已批准",
|
||
"archived": "已封存",
|
||
"published": "已發布"
|
||
},
|
||
"type": {
|
||
"incident_case": "案例分析",
|
||
"runbook": "操作手冊",
|
||
"best_practice": "最佳實踐",
|
||
"postmortem": "事後分析",
|
||
"auto_runbook": "AI 自動 Runbook",
|
||
"anti_pattern": "失敗案例"
|
||
},
|
||
"source": {
|
||
"ai_extracted": "AI 萃取",
|
||
"human": "人工建立"
|
||
},
|
||
"category": {
|
||
"infrastructure": "基礎設施",
|
||
"application": "應用層",
|
||
"ai_system": "AI 系統",
|
||
"security": "安全 / 合規"
|
||
},
|
||
"filterByType": "篩選類型",
|
||
"filterByStatus": "篩選狀態",
|
||
"entries": "筆",
|
||
"empty": "尚未建立任何知識條目",
|
||
"emptyDescription": "知識庫將自動從 Incident 中萃取案例,你也可以手動新增",
|
||
"semanticSearchPlaceholder": "輸入語意搜尋查詢...",
|
||
"semanticOn": "語意",
|
||
"semanticOff": "語意",
|
||
"switchToSemantic": "切換至語意搜尋 (pgvector)",
|
||
"switchToKeyword": "切換至關鍵字搜尋",
|
||
"semanticSearchHint": "輸入查詢內容,使用 AI 向量搜尋相關知識"
|
||
},
|
||
"monitoring": {
|
||
"healthy": "正常",
|
||
"warning": "警告",
|
||
"critical": "異常",
|
||
"goldMetrics": "黃金指標 (GOLD METRICS)",
|
||
"hostStatus": "主機狀態 (FOUR-HOST ARCHITECTURE)",
|
||
"serviceList": "服務清單",
|
||
"serviceName": "服務名稱",
|
||
"status": "狀態",
|
||
"latency": "延遲",
|
||
"uptime": "可用率",
|
||
"lastCheck": "最後檢查"
|
||
},
|
||
"services": {
|
||
"title": "服務目錄",
|
||
"subtitle": "所有主機上的服務清單",
|
||
"name": "服務名稱",
|
||
"host": "主機",
|
||
"status": "狀態",
|
||
"cpu": "CPU%",
|
||
"ram": "RAM%",
|
||
"noServices": "目前無服務資料",
|
||
"fetchError": "無法取得服務清單"
|
||
},
|
||
"topology": {
|
||
"title": "拓撲圖",
|
||
"subtitle": "服務依賴與健康狀態",
|
||
"noHosts": "目前無主機資料",
|
||
"fetchError": "無法取得主機資料",
|
||
"services": "服務",
|
||
"cpu": "CPU",
|
||
"ram": "RAM",
|
||
"groupInfra": "基礎設施",
|
||
"groupSecurity": "安全中心",
|
||
"groupK3s": "K3s 叢集",
|
||
"groupAiData": "AI/數據中心",
|
||
"allHealthy": "全部健康",
|
||
"allReachable": "全部可達",
|
||
"warning": "異常",
|
||
"healthy": "健康",
|
||
"investigating": "調查中",
|
||
"groupExternal": "外部服務",
|
||
"hostDevops": "DevOps 金庫",
|
||
"hostAiData": "AI+Web 中心",
|
||
"hostK3sMaster": "K3s Master",
|
||
"hostK3sWorker": "K3s Worker"
|
||
},
|
||
"notifications": {
|
||
"title": "通知",
|
||
"subtitle": "通知頻道設定",
|
||
"channel": "頻道",
|
||
"type": "類型",
|
||
"status": "狀態",
|
||
"noChannels": "目前無通知頻道",
|
||
"fetchError": "無法取得通知頻道"
|
||
},
|
||
"reports": {
|
||
"title": "報表",
|
||
"subtitle": "事件統計摘要",
|
||
"incidentSummary": "事件摘要",
|
||
"resolutionStats": "解決率統計",
|
||
"total": "總計",
|
||
"resolved": "已解決",
|
||
"unresolved": "未解決",
|
||
"avgResolutionTime": "平均解決時間",
|
||
"resolutionRate": "解決率",
|
||
"fetchError": "無法取得報表資料",
|
||
"noData": "目前無統計資料",
|
||
"totalDispositions": "處置總次數",
|
||
"autoRate": "自動化率",
|
||
"humanRate": "人工介入率",
|
||
"autoRepair": "自動修復",
|
||
"humanApproved": "人工審核",
|
||
"manualResolved": "手動處理",
|
||
"coldStartTrust": "冷啟動信任",
|
||
"dispositionBreakdown": "處置方式分佈",
|
||
"byAnomalyType": "按異常類型明細",
|
||
"anomalyKey": "異常類型"
|
||
},
|
||
"apm": {
|
||
"title": "APM",
|
||
"subtitle": "應用性能監控 — 黃金指標",
|
||
"loading": "載入中...",
|
||
"metric": "指標",
|
||
"value": "數值",
|
||
"status": "狀態",
|
||
"openSignoz": "開啟 SigNoz",
|
||
"noData": "暫無 APM 數據",
|
||
"noDataDescription": "APM 整合尚未啟用,待 SignOz 連線後自動顯示"
|
||
},
|
||
"apps": {
|
||
"title": "應用",
|
||
"subtitle": "所有主機服務狀態",
|
||
"loading": "載入中...",
|
||
"host": "主機",
|
||
"service": "服務",
|
||
"port": "Port",
|
||
"latency": "延遲",
|
||
"status": "狀態",
|
||
"error": "載入失敗",
|
||
"noApps": "無服務資料"
|
||
},
|
||
"billing": {
|
||
"title": "使用量",
|
||
"subtitle": "系統操作使用量統計",
|
||
"loading": "載入中...",
|
||
"totalExecutions": "總執行數",
|
||
"last24h": "近 24 小時",
|
||
"successRate": "成功率",
|
||
"avgDuration": "平均耗時",
|
||
"currentMonth": "本月執行數",
|
||
"totalUsage": "總用量",
|
||
"error": "載入失敗",
|
||
"noData": "無使用量資料"
|
||
},
|
||
"compliance": {
|
||
"title": "合規",
|
||
"subtitle": "系統治理合規狀態",
|
||
"loading": "載入中...",
|
||
"totalIncidents": "事件總數",
|
||
"resolvedRate": "解決率",
|
||
"approvedPlaybooks": "Playbook 數",
|
||
"highQualityPlaybooks": "高品質 Playbook",
|
||
"executionSuccessRate": "執行成功率",
|
||
"autoRepairEligible": "可自動修復",
|
||
"yes": "是",
|
||
"no": "否",
|
||
"error": "載入失敗",
|
||
"noData": "無合規資料"
|
||
},
|
||
"cost": {
|
||
"title": "成本分析",
|
||
"subtitle": "AI 執行效能統計",
|
||
"loading": "載入中...",
|
||
"totalProposals": "提案總數",
|
||
"executionRate": "執行率",
|
||
"successRate": "成功率",
|
||
"avgEffectiveness": "平均有效性",
|
||
"error": "載入失敗",
|
||
"noData": "無成本資料"
|
||
},
|
||
"deployments": {
|
||
"title": "部署管理",
|
||
"subtitle": "K3s 服務部署狀態",
|
||
"loading": "載入中...",
|
||
"service": "服務",
|
||
"port": "Port",
|
||
"latency": "延遲",
|
||
"status": "狀態",
|
||
"host": "主機",
|
||
"error": "載入失敗",
|
||
"noDeployments": "無部署資料",
|
||
"name": "服務名稱",
|
||
"version": "版本",
|
||
"time": "時間"
|
||
},
|
||
"help": {
|
||
"title": "說明",
|
||
"subtitle": "系統資訊與說明",
|
||
"version": "版本資訊",
|
||
"appVersion": "應用程式版本",
|
||
"platform": "平台",
|
||
"docs": "文件",
|
||
"docsDescription": "查閱完整說明文件請造訪 AWOOOI Docs"
|
||
},
|
||
"securityCompliance": {
|
||
"frontStage": {
|
||
"eyebrow": "前台資安入口",
|
||
"title": "安全合規保留,並整合到 IwoooS",
|
||
"subtitle": "專業建議是不移除。這個頁面保留既有安全監控與合規統計,作為前台使用者熟悉的入口;IwoooS 則成為資安網的總覽與唯一姿態來源,避免安全合規與 IwoooS 變成兩套敘事。",
|
||
"openIwooos": "查看 IwoooS 總覽",
|
||
"boundaryTitle": "低摩擦整合邊界",
|
||
"boundaryIntro": "這裡只做前台整合與導流,不新增掃描、修復、批准、部署或硬性阻擋控制。",
|
||
"routeRoleTitle": "前台入口角色對照",
|
||
"routeRoleSubtitle": "從安全合規進來時,也能直接看懂每個資安入口該負責什麼;這些入口只導覽與說明,不提供執行按鈕。",
|
||
"routeLabel": "入口",
|
||
"rolloutTitle": "低摩擦分階段收斂",
|
||
"rolloutSubtitle": "初期先建立框架、可視化與證據鏈;等負責人回覆、人工審查與執行期閘門都完成後,再逐步收嚴,不讓資安一開始拖慢產品流程。",
|
||
"phaseLabel": "階段",
|
||
"items": {
|
||
"routePreserved": {
|
||
"label": "路由策略",
|
||
"detail": "既有書籤、導覽與頁籤維持可用。"
|
||
},
|
||
"iwooosBridge": {
|
||
"label": "資安總覽",
|
||
"detail": "IwoooS 承接總覽與跨頁姿態。"
|
||
},
|
||
"dedupeNarrative": {
|
||
"label": "敘事收斂",
|
||
"detail": "安全合規不再另開一套資安來源。"
|
||
},
|
||
"noRuntimeControl": {
|
||
"label": "執行控制",
|
||
"detail": "不新增掃描、修復、批准或部署按鈕。"
|
||
}
|
||
},
|
||
"routeRoles": {
|
||
"iwooosOverview": {
|
||
"title": "IwoooS 看總覽",
|
||
"body": "閱讀資安網進度、主機範圍、版本來源、負責人回覆與執行期邊界。"
|
||
},
|
||
"securityComplianceHub": {
|
||
"title": "安全合規看熟悉入口",
|
||
"body": "保留既有安全監控與合規統計,讓前台使用者不用改變原本路徑。"
|
||
},
|
||
"securityMonitor": {
|
||
"title": "安全看事件訊號",
|
||
"body": "查看錯誤、議題與安全事件類訊號;仍只做資料呈現。"
|
||
},
|
||
"complianceStats": {
|
||
"title": "合規看統計",
|
||
"body": "查看事件摘要、處置劇本與自動修復統計,不把統計視為批准。"
|
||
},
|
||
"awooopApprovals": {
|
||
"title": "AwoooP 看人控等待",
|
||
"body": "查看審批與負責人回覆等待狀態;仍不代表資安執行期閘門已開。"
|
||
}
|
||
},
|
||
"rolloutPhases": {
|
||
"observe": {
|
||
"title": "觀測與盤點",
|
||
"body": "目前只整理入口、主機、專案、網站、監控與工具姿態,不阻擋使用者流程。"
|
||
},
|
||
"evidence": {
|
||
"title": "補齊證據",
|
||
"body": "收斂脫敏證據、版本來源、負責人回覆與 AwoooP 只讀消費證明。"
|
||
},
|
||
"humanReview": {
|
||
"title": "人工審查",
|
||
"body": "由負責人確認例外、風險接受、修復順序與是否進入執行期閘門。"
|
||
},
|
||
"runtimeGate": {
|
||
"title": "批准後開閘",
|
||
"body": "只有明確批准後才允許掃描、修復、部署或主機變更的執行期流程。"
|
||
},
|
||
"tightening": {
|
||
"title": "逐步收嚴",
|
||
"body": "依證據與影響範圍分批提高管控,不一次把整個產品流程鎖死。"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"security": {
|
||
"title": "安全",
|
||
"subtitle": "錯誤與安全事件監控",
|
||
"loading": "載入中...",
|
||
"totalIssues": "問題總數",
|
||
"criticalIssues": "嚴重問題",
|
||
"errorRate": "錯誤率",
|
||
"recentIssues": "最近問題",
|
||
"issue": "問題",
|
||
"count": "次數",
|
||
"error": "載入失敗",
|
||
"noData": "無安全事件",
|
||
"iwooosBridge": {
|
||
"title": "已納入 IwoooS 只讀資安鏡像",
|
||
"subtitle": "這個既有安全 / 合規頁面現在會反向標示 IwoooS 納管狀態;只顯示整體進度、框架成熟度與 runtime 邊界,不新增掃描、修復、批准或部署按鈕。",
|
||
"compactTitle": "IwoooS",
|
||
"compactDetail": "58% / gate 0",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"sourceLabel": "整合來源",
|
||
"sourceDetail": "SecurityPanel、CompliancePanel、standalone /security 與 /compliance 仍保留原本資料來源;IwoooS 只做資安網索引與 mirror-only 姿態彙整。",
|
||
"boundaryLabel": "執行邊界",
|
||
"metrics": {
|
||
"overall": {
|
||
"label": "整體資安網",
|
||
"detail": "headline progress"
|
||
},
|
||
"framework": {
|
||
"label": "框架成熟度",
|
||
"detail": "docs / schema / read-only evidence"
|
||
},
|
||
"runtimeGates": {
|
||
"label": "Runtime 閘門",
|
||
"detail": "未開啟"
|
||
},
|
||
"actions": {
|
||
"label": "執行按鈕",
|
||
"detail": "未提供"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"iwooos": {
|
||
"eyebrow": "資訊安全網",
|
||
"title": "IwoooS",
|
||
"subtitle": "資安網的態勢入口。把 Kali、原始碼管控、負責人回覆、審批閘門、AwoooP 只讀鏡像證據收成一個可讀的資安態勢,不啟動掃描、不修復、不阻擋產品流程。",
|
||
"boundary": {
|
||
"label": "目前邊界",
|
||
"state": "只讀鏡像 / 先觀測",
|
||
"detail": "所有數字來自已驗證 snapshot 與 guard。此頁只顯示態勢、缺口、下一個 gate 與非阻擋分流。"
|
||
},
|
||
"metrics": {
|
||
"overall": {
|
||
"label": "整體資安網",
|
||
"detail": "headline 進度,不是授權"
|
||
},
|
||
"framework": {
|
||
"label": "框架成熟度",
|
||
"detail": "文件、schema、只讀 evidence"
|
||
},
|
||
"runtime": {
|
||
"label": "落地執行",
|
||
"detail": "runtime 閘門尚未啟用"
|
||
},
|
||
"contracts": {
|
||
"label": "主要契約",
|
||
"detail": "33 ready / 2 partial / 1 contract-only"
|
||
},
|
||
"activeGates": {
|
||
"label": "主動執行閘門",
|
||
"detail": "人工批准前維持 0"
|
||
}
|
||
},
|
||
"pillars": {
|
||
"exposure": {
|
||
"title": "暴露面態勢",
|
||
"state": "等待證據",
|
||
"body": "主流資安管理會把資產、暴露面、弱點與 owner gate 放在同一張圖。IwoooS 先顯示覆蓋缺口,不把缺口變成阻擋。"
|
||
},
|
||
"sourceControl": {
|
||
"title": "原始碼供應鏈",
|
||
"state": "草案受閘門控管",
|
||
"body": "Gitea 到 GitHub 的長期方向已確認,但 refs、workflow、secret name 與 rollback ADR 仍需負責人回覆。"
|
||
},
|
||
"kali": {
|
||
"title": "Kali 112 網格",
|
||
"state": "只觀測",
|
||
"body": "Kali 112 已在資安網範圍中,111 / 168 也納入 observe-only。active scan 與 /execute 仍維持封鎖候選。"
|
||
},
|
||
"governance": {
|
||
"title": "審批邊界",
|
||
"state": "已鎖定",
|
||
"body": "7 個 pending approval、1 個 block candidate、0 active runtime gates。任何執行都必須先留下人工決策與後續 runtime gate。"
|
||
}
|
||
},
|
||
"lanes": {
|
||
"title": "非阻擋分流",
|
||
"subtitle": "初期只 observe / warn,避免資安框架拖慢產品與部署節奏。",
|
||
"lowMedium": {
|
||
"title": "低 / 中風險觀測",
|
||
"body": "標風險、建 follow-up、補 evidence_ref,不阻擋 deploy。"
|
||
},
|
||
"ownerMissing": {
|
||
"title": "負責人回覆缺口",
|
||
"body": "顯示缺口與下一個收件候選,不把未回覆當拒絕。"
|
||
},
|
||
"mirrorIncomplete": {
|
||
"title": "鏡像資料不完整",
|
||
"body": "顯示 partial / quarantine reason,等待新的 redacted snapshot。"
|
||
},
|
||
"sourceDrift": {
|
||
"title": "原始碼漂移草案",
|
||
"body": "維持 draft reconcile plan,不 sync refs、不 force push。"
|
||
},
|
||
"kaliObserve": {
|
||
"title": "Kali observe finding",
|
||
"body": "只顯示 redacted finding summary,不啟動 active scan。"
|
||
},
|
||
"workflowGap": {
|
||
"title": "Workflow / secret name gap",
|
||
"body": "要求 redacted export,不收集 secret value、不啟用 runner。"
|
||
},
|
||
"progressHolding": {
|
||
"title": "Progress display holding",
|
||
"body": "58% 代表等待高層 gate,不代表卡住,也不是 runtime approval。"
|
||
}
|
||
},
|
||
"existingSurfaces": {
|
||
"title": "既有資安頁面整合",
|
||
"subtitle": "把前端原本已存在的安全、合規、告警、授權、治理、稽核與 Code Review 入口收成一張只讀索引,讓使用者知道資安能力已經散在哪裡。",
|
||
"sourceLabel": "原始來源",
|
||
"mode": "只讀連結 / 不新增執行按鈕",
|
||
"items": {
|
||
"securityCompliance": {
|
||
"title": "安全合規整合頁",
|
||
"body": "SecurityPanel 與 CompliancePanel 的既有整合頁,集中顯示錯誤、事件、修復與合規統計。",
|
||
"source": "SecurityPanel / CompliancePanel;errors、incident summary、auto-repair stats"
|
||
},
|
||
"legacySecurity": {
|
||
"title": "既有安全監控頁",
|
||
"body": "保留早期 standalone security route 的可見性,避免既有錯誤統計與 Sentry issue 入口被 IwoooS 吃掉。",
|
||
"source": "apps/web/src/app/[locale]/security/page.tsx;errors stats / issues"
|
||
},
|
||
"legacyCompliance": {
|
||
"title": "既有合規頁",
|
||
"body": "保留早期 standalone compliance route 的可見性,顯示 incident、playbook 與 auto-repair 成效資料。",
|
||
"source": "apps/web/src/app/[locale]/compliance/page.tsx;incident summary / auto-repair stats"
|
||
},
|
||
"alerts": {
|
||
"title": "告警管理",
|
||
"body": "現有 active incident 入口,依 P0 到 P3 顯示告警與處理狀態,作為資安態勢的即時訊號。",
|
||
"source": "useIncidents;incidents / pending approvals"
|
||
},
|
||
"errors": {
|
||
"title": "錯誤與 UX 稽核",
|
||
"body": "現有錯誤追蹤與 UX audit 入口,可回看 issue、趨勢、session replay 與使用者痛點。",
|
||
"source": "ErrorsPanel;error stats / trends / ux-audit"
|
||
},
|
||
"authorizations": {
|
||
"title": "授權中心",
|
||
"body": "HITL 與 multi-sig 的既有入口,是未來資安 runtime gate 前必須保留的人控邊界。",
|
||
"source": "LiveApprovalPanel;pending approvals / SSE"
|
||
},
|
||
"governance": {
|
||
"title": "AI 治理中樞",
|
||
"body": "現有治理事件、SLO、補救佇列與 dry-run history 入口,適合作為自動化前的治理證據面。",
|
||
"source": "governance tabs;AI SLO / governance events / queue"
|
||
},
|
||
"alertOperationLogs": {
|
||
"title": "告警操作日誌",
|
||
"body": "完整 alert operation log 入口,能看見 guardrail、preflight、approval escalation 與處理結果。",
|
||
"source": "alert-operation-logs;events / stats"
|
||
},
|
||
"awooopApprovals": {
|
||
"title": "AwoooP 審批佇列",
|
||
"body": "AwoooP approvals 既有頁面,顯示 read-only dry-run、write observed、blocked 等人控狀態。",
|
||
"source": "AwoooP approvals;platform approvals"
|
||
},
|
||
"codeReview": {
|
||
"title": "AI Code Review 控制面",
|
||
"body": "既有 Code Review 頁面顯示 Hermes、OpenClaw、Elephant Alpha、NemoTron 與 non-blocking review pipeline。",
|
||
"source": "code-review page;review pipeline / agent assignment"
|
||
}
|
||
}
|
||
},
|
||
"surfaceConnections": {
|
||
"title": "資安頁面連接狀態",
|
||
"subtitle": "把 10 個既有入口目前如何接回 IwoooS 說清楚:有些是直接橋接,有些是嵌入原本面板,有些是 AwoooP 只讀候選。這只是可見覆蓋,不代表授權或阻擋。",
|
||
"states": {
|
||
"embeddedBridge": "嵌入橋接可見",
|
||
"directBridge": "直接橋接可見",
|
||
"awooopCandidate": "AwoooP 只讀候選"
|
||
},
|
||
"items": {
|
||
"securityCompliance": {
|
||
"title": "安全合規整合頁",
|
||
"body": "透過 SecurityPanel 與 CompliancePanel 的內嵌橋接顯示 IwoooS 納管狀態。",
|
||
"boundary": "只顯示整合狀態,不新增修復、批准、部署或 blocking control。"
|
||
},
|
||
"legacySecurity": {
|
||
"title": "既有安全監控頁",
|
||
"body": "standalone 安全頁已直接顯示 IwoooS 只讀橋接與 58% / gate 0 邊界。",
|
||
"boundary": "只保留錯誤與安全訊號可見,不把頁面升級成掃描入口。"
|
||
},
|
||
"legacyCompliance": {
|
||
"title": "既有合規頁",
|
||
"body": "standalone 合規頁已直接顯示 IwoooS 只讀橋接與 runtime false 邊界。",
|
||
"boundary": "只顯示合規狀態,不建立 owner response、approval 或 runtime gate。"
|
||
},
|
||
"alerts": {
|
||
"title": "告警管理",
|
||
"body": "active incident 頁已直接顯示 IwoooS 只讀橋接,讓告警訊號回到資安網。",
|
||
"boundary": "只顯示告警納管狀態,不新增 alert blocker、scan 或 repair。"
|
||
},
|
||
"errors": {
|
||
"title": "錯誤與 UX 稽核",
|
||
"body": "ErrorsPanel 已直接顯示 IwoooS 只讀橋接,讓錯誤與 UX audit 被納入觀察。",
|
||
"boundary": "只保留問題追蹤與使用者痛點可見,不新增執行控制。"
|
||
},
|
||
"authorizations": {
|
||
"title": "授權中心",
|
||
"body": "授權頁已直接顯示 IwoooS 只讀橋接,維持 HITL / multi-sig 人控邊界。",
|
||
"boundary": "橋接不是 approval record,也不能標記 owner response accepted。"
|
||
},
|
||
"governance": {
|
||
"title": "AI 治理中樞",
|
||
"body": "治理頁已直接顯示 IwoooS 只讀橋接,讓 SLO、events 與 queue 成為證據面。",
|
||
"boundary": "只顯示治理證據,不把治理可見性升成 runtime authorization。"
|
||
},
|
||
"alertOperationLogs": {
|
||
"title": "告警操作日誌",
|
||
"body": "告警操作日誌已直接顯示深色 IwoooS 只讀橋接,保留稽核鏈路可見。",
|
||
"boundary": "只顯示事件流,不新增 preflight bypass、repair 或 deploy。"
|
||
},
|
||
"awooopApprovals": {
|
||
"title": "AwoooP 審批佇列",
|
||
"body": "AwoooP approvals 以 owner response 只讀候選方式接回 IwoooS。",
|
||
"boundary": "AwoooP 人控狀態不是資安批准,也不能開 runtime gate。"
|
||
},
|
||
"codeReview": {
|
||
"title": "AI Code Review 控制面",
|
||
"body": "Code Review 頁已直接顯示深色 IwoooS 只讀橋接,保留非阻擋審查語境。",
|
||
"boundary": "Code Review 不是部署批准,也不新增 Gitea/GitHub action。"
|
||
}
|
||
}
|
||
},
|
||
"coverage": {
|
||
"title": "覆蓋與邊界矩陣",
|
||
"subtitle": "把 10 個既有資安頁面分成四個責任面,讓 IwoooS 能說清楚哪裡看訊號、哪裡做人工控制、哪裡看治理稽核、哪裡看工程審查。",
|
||
"groups": {
|
||
"signals": {
|
||
"title": "訊號與暴露面",
|
||
"body": "集中安全、合規、告警、錯誤與 UX 稽核訊號;只顯示風險,不把觀察結果直接升成阻擋。"
|
||
},
|
||
"humanControl": {
|
||
"title": "人工控制邊界",
|
||
"body": "保留 HITL、multi-sig 與 AwoooP approvals 的人控位置;沒有人工決策就不啟動 runtime gate。"
|
||
},
|
||
"governanceAudit": {
|
||
"title": "治理與稽核",
|
||
"body": "治理事件、SLO、補救佇列與操作日誌用來看流程證據,不把 audit event 當執行授權。"
|
||
},
|
||
"engineeringReview": {
|
||
"title": "工程審查",
|
||
"body": "Code Review 維持 non-blocking review pipeline,用於風險分級與後續修復建議,不直接等同 deploy approval。"
|
||
}
|
||
},
|
||
"conflicts": {
|
||
"title": "重疊與衝突控制",
|
||
"subtitle": "同一個資安訊號可能在多個頁面出現,IwoooS 只做入口整理,不改變原始頁面的責任與權限。",
|
||
"preserveOwnership": {
|
||
"title": "保留原頁 owner",
|
||
"body": "每個 route 繼續由原本頁面與 API contract 負責,IwoooS 不搬移資料寫入權。"
|
||
},
|
||
"noRuntimeLift": {
|
||
"title": "不把只讀索引升成 runtime",
|
||
"body": "coverage matrix 只能顯示覆蓋與缺口,不建立 scan、execute、repair 或 blocking gate。"
|
||
},
|
||
"codeReviewNotDeployGate": {
|
||
"title": "Code Review 不等於部署批准",
|
||
"body": "AI Code Review 可以提供風險分級與 coding follow-up,但不能直接變成 deploy approval。"
|
||
},
|
||
"awooopNotSecurityApproval": {
|
||
"title": "AwoooP approvals 不等於資安批准",
|
||
"body": "AwoooP 審批佇列可顯示人控狀態,但資安 gate 仍需對應決策紀錄與 follow-up runtime gate。"
|
||
},
|
||
"kaliNotCalled": {
|
||
"title": "前端索引不呼叫 Kali",
|
||
"body": "Kali 112 維持 observe-only;任何 active scan 或 /execute 都必須走人工批准與後續 gate。"
|
||
}
|
||
}
|
||
},
|
||
"journey": {
|
||
"title": "資安處理旅程",
|
||
"subtitle": "把目前資安網的可見流程固定成只讀狀態圖:先看態勢,再查既有頁面,最後才進入 owner evidence、人工決策與後續 gate。",
|
||
"outputLabel": "輸出",
|
||
"steps": {
|
||
"readPosture": {
|
||
"title": "讀取目前態勢",
|
||
"body": "先看 58% headline、framework / runtime landing、active gates 與下一個高層 gate。",
|
||
"output": "只讀 posture,不代表授權"
|
||
},
|
||
"openSurface": {
|
||
"title": "開啟既有頁面",
|
||
"body": "依照 security、alert、authorization、governance、audit、code review 的責任面進入原頁。",
|
||
"output": "保留原頁 owner 與資料邊界"
|
||
},
|
||
"triageLane": {
|
||
"title": "判讀非阻擋分流",
|
||
"body": "LOW / MEDIUM、缺 owner response、partial mirror 與 Kali observe finding 先維持 observe / warn。",
|
||
"output": "follow-up,不升 blocking"
|
||
},
|
||
"collectEvidence": {
|
||
"title": "收 owner evidence",
|
||
"body": "下一個建議收件仍是 S4.9 Gitea owner attestation response,且只接受脫敏 evidence。",
|
||
"output": "更新 received / accepted 狀態,不執行"
|
||
},
|
||
"humanDecision": {
|
||
"title": "等待人工決策",
|
||
"body": "資安 gate 需要 decision record;AwoooP approval、Code Review 或進度數字都不能自動替代。",
|
||
"output": "人控決策,不是 runtime"
|
||
},
|
||
"runtimeGate": {
|
||
"title": "後續 runtime gate",
|
||
"body": "只有人工批准後,才進入 follow-up runtime gate template;目前 active runtime gates 仍為 0。",
|
||
"output": "待批准後另開 gate"
|
||
}
|
||
}
|
||
},
|
||
"evidenceReadiness": {
|
||
"title": "Owner Evidence Readiness",
|
||
"subtitle": "這裡顯示 headline 進度下一步真正需要的 evidence。每一項都是等待收件或人工決策,不會從前端直接觸發任何執行。",
|
||
"unlockLabel": "解除條件",
|
||
"items": {
|
||
"giteaOwnerAttestation": {
|
||
"title": "Gitea owner attestation",
|
||
"body": "目前建議先收 S4.9,補齊 Gitea 清冊覆蓋與 owner 判定。",
|
||
"unlock": "收到並接受脫敏 owner response"
|
||
},
|
||
"githubTargetOwner": {
|
||
"title": "GitHub target owner",
|
||
"body": "確認 GitHub target、visibility、canonical owner 與 repo 是否可進 primary readiness。",
|
||
"unlock": "S4.10 owner response accepted"
|
||
},
|
||
"refsTruthOwner": {
|
||
"title": "Refs truth owner",
|
||
"body": "確認 main/dev truth、deprecated drift、release tags 與 GitHub-only refs 的真相來源。",
|
||
"unlock": "S4.11 refs truth response accepted"
|
||
},
|
||
"workflowSecretOwner": {
|
||
"title": "Workflow / secret name owner",
|
||
"body": "確認 workflow、webhook、runner、deploy key、branch protection、secret name parity。",
|
||
"unlock": "S4.12 workflow / secret response accepted"
|
||
},
|
||
"redactedFindingIngestion": {
|
||
"title": "Redacted finding ingestion",
|
||
"body": "Kali finding 與安全發現需要先以脫敏 payload 進入 mirror,不能直接進 runtime。",
|
||
"unlock": "人工批准後接收脫敏 finding"
|
||
},
|
||
"kaliScanScope": {
|
||
"title": "Kali scan scope",
|
||
"body": "Kali 112、111、168 目前仍是 observe-only;active scan 與 /execute 仍需獨立批准。",
|
||
"unlock": "scan scope approval + follow-up gate"
|
||
},
|
||
"followupRuntimeGate": {
|
||
"title": "Follow-up runtime gate",
|
||
"body": "所有實際執行都要等人工 decision record 後,另開 follow-up runtime gate。",
|
||
"unlock": "decision record accepted,active gate 仍為 0"
|
||
}
|
||
}
|
||
},
|
||
"hostCoverage": {
|
||
"title": "主機覆蓋視圖",
|
||
"subtitle": "把 Kali 與兩台開發主機放進 IwoooS 的可見資安範圍。這裡只顯示納管與 gate 狀態,不建立 SSH、掃描、更新或阻擋控制。",
|
||
"stateLabel": "目前狀態",
|
||
"items": {
|
||
"kali112": {
|
||
"title": "Kali 資安主機",
|
||
"body": "192.168.0.112 是資安網的 Kali 節點,已在 posture 與 evidence refs 中作為 observe-only 整合面。",
|
||
"state": "已納入視野;active scan、/execute、主機更新仍需獨立批准"
|
||
},
|
||
"dev168": {
|
||
"title": "開發主機 168",
|
||
"body": "192.168.0.168 納入 IwoooS 的 observe-only 開發主機覆蓋,用於後續 scope approval 與 finding 關聯。",
|
||
"state": "scope declared;尚未批准 credentialed scan 或 runtime control"
|
||
},
|
||
"dev111": {
|
||
"title": "開發主機 111",
|
||
"body": "192.168.0.111 納入 IwoooS 的 observe-only 開發主機覆蓋,與 168 一起維持低摩擦分階段收斂。",
|
||
"state": "scope declared;尚未批准 credentialed scan 或 runtime control"
|
||
}
|
||
}
|
||
},
|
||
"hostActionGates": {
|
||
"title": "主機動作 Gate 矩陣",
|
||
"subtitle": "把主機相關高風險動作拆成只讀 gate。這裡只說明哪些動作仍被鎖住,以及需要哪一類人工決策;不提供任何執行入口。",
|
||
"gateLabel": "需要 Gate",
|
||
"items": {
|
||
"activeScan": {
|
||
"title": "Active scan",
|
||
"body": "對 Kali 112、開發主機 168 / 111 的主動掃描仍未批准,不能由 IwoooS 直接觸發。",
|
||
"gate": "需要 S1.6 scan scope approval 與後續 runtime gate"
|
||
},
|
||
"credentialedScan": {
|
||
"title": "Credentialed scan",
|
||
"body": "任何帶憑證的掃描都必須先有 scope、credential handling 與脫敏 evidence 規範。",
|
||
"gate": "需要 S1.6 scope approval;目前 credentialed scan=false"
|
||
},
|
||
"kaliExecute": {
|
||
"title": "Kali /execute",
|
||
"body": "Kali 執行端點仍是 block candidate,不能因主機已納入視野就開放。",
|
||
"gate": "需要人工 decision record 與 S3.4 follow-up runtime gate"
|
||
},
|
||
"sshChange": {
|
||
"title": "SSH / host change",
|
||
"body": "登入主機、改設定、套用調校、重啟服務或變更 SSH 設定都不屬於目前前端權限。",
|
||
"gate": "需要明確人工批准、變更計畫與 rollback evidence"
|
||
},
|
||
"kaliUpdate": {
|
||
"title": "Kali host update",
|
||
"body": "Kali 更新與主機調校會影響掃描結果與工具鏈穩定性,必須和資安 gate 分開批准。",
|
||
"gate": "需要維護窗口、更新清單、驗證指標與 rollback 計畫"
|
||
},
|
||
"runtimeBlocking": {
|
||
"title": "Runtime blocking control",
|
||
"body": "把 finding 變成產品阻擋或 runtime enforcement 仍要等 owner evidence 與人工決策。",
|
||
"gate": "需要 accepted decision record;active runtime gates 仍為 0"
|
||
}
|
||
}
|
||
},
|
||
"hostEvidenceReadiness": {
|
||
"title": "主機 Evidence Readiness",
|
||
"subtitle": "列出主機掃描、更新、SSH 變更或 runtime blocking 前必須補齊的 evidence。這些項目目前都只是待收件,不代表已批准。",
|
||
"evidenceLabel": "需要 Evidence",
|
||
"items": {
|
||
"scopeBoundary": {
|
||
"title": "Scope boundary",
|
||
"body": "確認 112、168、111 的允許目標、排除範圍、掃描深度與速率限制。",
|
||
"evidence": "需要脫敏 scan scope approval;received=0、accepted=0"
|
||
},
|
||
"ownerDecision": {
|
||
"title": "Owner decision record",
|
||
"body": "每個主機動作都需要人控決策,不能用 IwoooS 可見狀態或 AwoooP queue 取代。",
|
||
"evidence": "需要 accepted decision record;目前 active runtime gates=0"
|
||
},
|
||
"credentialHandling": {
|
||
"title": "Credential handling",
|
||
"body": "帶憑證掃描前要先定義憑證來源、保存邊界、遮蔽方式與拒收規則。",
|
||
"evidence": "禁止收集憑證明文;目前 credentialed scan=false"
|
||
},
|
||
"maintenanceWindow": {
|
||
"title": "Maintenance window",
|
||
"body": "Kali 更新、主機調校或 SSH 變更都需要維護窗口,避免影響開發與產品流程。",
|
||
"evidence": "需要窗口、影響範圍、通知與回復標準"
|
||
},
|
||
"rollbackPlan": {
|
||
"title": "Rollback plan",
|
||
"body": "任何主機變更都要能回復,包含套件、設定、服務與工具鏈版本。",
|
||
"evidence": "需要 rollback owner、步驟與驗證方式"
|
||
},
|
||
"validationMetrics": {
|
||
"title": "Validation metrics",
|
||
"body": "主機動作後要有驗證指標,確認掃描器、監控、服務與使用者流程沒有退化。",
|
||
"evidence": "需要 post-check 指標與失敗處理 lane"
|
||
},
|
||
"redactedIngestion": {
|
||
"title": "Redacted ingestion",
|
||
"body": "主機 finding 或掃描結果只能以脫敏摘要進入 mirror,不能直接把原始載荷當 runtime input。",
|
||
"evidence": "需要 redacted payload acceptance;payloads_ingested=false"
|
||
}
|
||
}
|
||
},
|
||
"hostEvidenceCollection": {
|
||
"title": "主機 Evidence 收件順序",
|
||
"subtitle": "把七個主機 evidence 排成建議收件順序。每一步都只代表下一個可審項目,不會把 received / accepted 從 0 改掉。",
|
||
"stepLabel": "收件步驟",
|
||
"dependencyLabel": "前置依賴",
|
||
"items": {
|
||
"scopeFirst": {
|
||
"title": "先定義 scope boundary",
|
||
"body": "先確認允許目標、排除範圍、深度與速率。沒有 scope,不進 scan。",
|
||
"dependency": "無;這是主機收件第一步"
|
||
},
|
||
"ownerSecond": {
|
||
"title": "再收 owner decision",
|
||
"body": "確認誰批准、批准範圍與決策紀錄,不用 queue 狀態替代人控決策。",
|
||
"dependency": "需要 scope boundary 可讀"
|
||
},
|
||
"credentialThird": {
|
||
"title": "隔離 credential handling",
|
||
"body": "若未來要帶憑證掃描,先定義憑證來源、保存邊界、遮蔽與拒收。",
|
||
"dependency": "需要 owner decision;仍禁止收集憑證明文"
|
||
},
|
||
"maintenanceFourth": {
|
||
"title": "安排 maintenance window",
|
||
"body": "更新、調校或 SSH 變更前先確認窗口、影響範圍與通知。",
|
||
"dependency": "需要 owner decision 與變更範圍"
|
||
},
|
||
"rollbackFifth": {
|
||
"title": "補 rollback plan",
|
||
"body": "每個主機動作都要能回復套件、設定、服務與工具鏈版本。",
|
||
"dependency": "需要 maintenance window 與變更清單"
|
||
},
|
||
"validationSixth": {
|
||
"title": "定義 validation metrics",
|
||
"body": "先定義 post-check 指標與失敗處理 lane,再談執行。",
|
||
"dependency": "需要 rollback plan"
|
||
},
|
||
"redactedSeventh": {
|
||
"title": "最後才收 redacted ingestion",
|
||
"body": "finding / scan result 只用脫敏摘要進 mirror,不吃原始載荷。",
|
||
"dependency": "需要 validation metrics;payloads_ingested=false"
|
||
}
|
||
}
|
||
},
|
||
"hostEvidenceIntake": {
|
||
"title": "主機 Evidence Intake Preflight",
|
||
"subtitle": "未來收到主機 evidence 前,先用這組只讀預檢規則判斷能否進人工 review。預檢不會收原始載荷、憑證明文,也不會改 received / accepted。",
|
||
"checkLabel": "預檢",
|
||
"rejectLabel": "拒收 / 隔離條件",
|
||
"items": {
|
||
"metadataPointer": {
|
||
"title": "Metadata pointer only",
|
||
"body": "主機 evidence 只接受脫敏 metadata pointer、來源步驟與摘要,不直接吃完整掃描輸出。",
|
||
"reject": "缺 redacted metadata pointer 就拒收"
|
||
},
|
||
"dependencyOrder": {
|
||
"title": "Collection order match",
|
||
"body": "提交的 evidence 必須符合 S2.17 收件順序,不能跳過 scope 或 owner decision。",
|
||
"reject": "跳過前置依賴就隔離"
|
||
},
|
||
"scopeBeforeScan": {
|
||
"title": "Scope before scan",
|
||
"body": "任何 scan 相關 evidence 都要先能對到 scope boundary;沒有 scope 不進人工審。",
|
||
"reject": "scan evidence 沒有 scope 就拒收"
|
||
},
|
||
"ownerBeforeChange": {
|
||
"title": "Owner before host change",
|
||
"body": "SSH、更新、調校或 blocking control 的 evidence 需要 owner decision pointer。",
|
||
"reject": "主機變更缺 decision record 就拒收"
|
||
},
|
||
"credentialPlaintext": {
|
||
"title": "Credential plaintext blocked",
|
||
"body": "任何帳密、token、private key、session 或憑證明文都不能進 IwoooS mirror。",
|
||
"reject": "偵測到憑證明文就拒收並隔離"
|
||
},
|
||
"rawPayload": {
|
||
"title": "原始載荷已阻擋",
|
||
"body": "完整掃描 raw output、未脫敏 finding、主機 dump 或 log bundle 不進 projection。",
|
||
"reject": "原始載荷一律拒收"
|
||
},
|
||
"counterFreeze": {
|
||
"title": "Frontend counters frozen",
|
||
"body": "前端只能顯示預檢狀態,不能把 received / accepted 從 0 推進。",
|
||
"reject": "前端嘗試推 counter 就阻擋"
|
||
}
|
||
}
|
||
},
|
||
"hostEvidenceReviewOutcomes": {
|
||
"title": "主機 Evidence Review Outcome Lanes",
|
||
"subtitle": "預檢後的 evidence 只能進這些只讀分流。這裡顯示人工審查可能結果,不會建立 approval record、runtime gate 或主機動作。",
|
||
"laneLabel": "結果分流",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForHumanReview": {
|
||
"title": "Ready for human review",
|
||
"body": "metadata pointer、依賴順序、scope 與 owner pointer 都可讀時,才可標示為人工審查候選。",
|
||
"next": "只顯示候選;received=0、accepted=0"
|
||
},
|
||
"needsScopeEvidence": {
|
||
"title": "Needs scope evidence",
|
||
"body": "scan 或 finding evidence 無法對到 scope boundary 時,回到補 scope lane。",
|
||
"next": "補 scope,不進 scan"
|
||
},
|
||
"needsOwnerDecision": {
|
||
"title": "Needs owner decision",
|
||
"body": "主機變更、更新、SSH 或 blocking 類 evidence 缺 decision pointer 時,回到 owner decision lane。",
|
||
"next": "補 decision record,不啟動主機動作"
|
||
},
|
||
"quarantineDependencySkip": {
|
||
"title": "Quarantine dependency skip",
|
||
"body": "跳過 S2.17 收件順序或前置依賴不完整時,先隔離再人工判讀。",
|
||
"next": "隔離原因可見,不推 counter"
|
||
},
|
||
"rejectRawPayload": {
|
||
"title": "拒收原始載荷",
|
||
"body": "完整掃描輸出、未脫敏 finding、host dump 或 log bundle 不進 IwoooS。",
|
||
"next": "要求改交脫敏摘要"
|
||
},
|
||
"rejectCredentialPlaintext": {
|
||
"title": "Reject credential plaintext",
|
||
"body": "任何帳密、token、private key、session 或憑證明文都直接拒收並隔離。",
|
||
"next": "不保存、不轉送、不顯示明文"
|
||
},
|
||
"waitingRuntimeGate": {
|
||
"title": "Waiting runtime gate",
|
||
"body": "即使人工審查後可採取行動,也只能等待後續 runtime gate,不由 outcome lane 執行。",
|
||
"next": "active runtime gates 仍為 0"
|
||
}
|
||
}
|
||
},
|
||
"nextGate": {
|
||
"title": "下一個高層 Gate",
|
||
"body": "S4.9 Gitea owner attestation response 是目前建議先收的 owner evidence。任何 headline 提升都要等 owner response、redacted payload ingestion、active runtime gate 或 GitHub primary readiness 有真實變化。"
|
||
},
|
||
"evidence": {
|
||
"title": "目前 Evidence"
|
||
},
|
||
"blocked": {
|
||
"title": "禁止動作",
|
||
"body": "此頁不提供 scan、execute、repo、refs、workflow、secret、runner、primary switch 或 deploy action button。"
|
||
},
|
||
"hostEvidenceReviewHandoff": {
|
||
"title": "主機 Evidence 人工審查交接包",
|
||
"subtitle": "人工 reviewer 只能依這些脫敏交接包判讀 evidence。這裡顯示送審必備資料,不會標示 received / accepted、建立 approval record 或啟動 runtime gate。",
|
||
"packetLabel": "交接包",
|
||
"requiredLabel": "必備內容",
|
||
"items": {
|
||
"scopeSummaryPacket": {
|
||
"title": "Scope 摘要包",
|
||
"body": "描述主機、服務、網段、掃描邊界與排除範圍,只允許指標與摘要,不保存原始掃描輸出。",
|
||
"required": "redacted scope pointer;不含原始載荷"
|
||
},
|
||
"ownerDecisionPacket": {
|
||
"title": "Owner Decision 包",
|
||
"body": "提供誰批准審查、批准範圍、限制條件與到期時間,避免 reviewer 自行擴權。",
|
||
"required": "owner decision record pointer;不等於主機動作批准"
|
||
},
|
||
"credentialHandlingPacket": {
|
||
"title": "Credential Handling 包",
|
||
"body": "只顯示憑證處理方式與保管責任,不顯示帳密、token、private key 或 session value。",
|
||
"required": "metadata-only handling statement;secret value=blocked"
|
||
},
|
||
"maintenanceRollbackPacket": {
|
||
"title": "Maintenance / Rollback 包",
|
||
"body": "若後續需要變更,先提供維護窗口、影響範圍、rollback owner 與復原驗證方法。",
|
||
"required": "maintenance window + rollback pointer;不啟動變更"
|
||
},
|
||
"validationMetricsPacket": {
|
||
"title": "Validation Metrics 包",
|
||
"body": "定義 reviewer 檢查後要看哪些 metrics、logs、baseline 或 follow-up evidence。",
|
||
"required": "post-check metrics pointer;不代表 runtime gate opened"
|
||
},
|
||
"redactionAttestationPacket": {
|
||
"title": "Redaction Attestation 包",
|
||
"body": "確認 evidence 已移除 raw log、host dump、credential、private URL credential 與未脫敏截圖。",
|
||
"required": "redaction attestation only;不保存敏感 payload"
|
||
},
|
||
"runtimeGatePacket": {
|
||
"title": "Runtime Gate Pointer 包",
|
||
"body": "把可能的後續行動導回獨立 runtime gate,避免 reviewer outcome lane 直接變成執行。",
|
||
"required": "follow-up gate pointer;active runtime gates=0"
|
||
}
|
||
}
|
||
},
|
||
"hostEvidenceReviewerChecklist": {
|
||
"title": "主機 Evidence Reviewer Checklist",
|
||
"subtitle": "Reviewer 在看 handoff packets 後,只能依這些只讀檢查判斷是否可進下一個人工決策。檢查清單不會標示 passed、received / accepted、approval 或 runtime gate。",
|
||
"checkLabel": "審查檢查",
|
||
"verifyLabel": "確認項目",
|
||
"items": {
|
||
"scopeBoundaryMatch": {
|
||
"title": "Scope boundary match",
|
||
"body": "確認 handoff scope 與 host coverage、網段、服務、排除範圍一致,沒有自行擴大掃描邊界。",
|
||
"verify": "只核對 redacted pointer;不啟動 scan"
|
||
},
|
||
"ownerDecisionScopeExpiry": {
|
||
"title": "Owner decision scope / expiry",
|
||
"body": "確認 owner decision record 有批准人、範圍、限制條件與到期時間,且仍在有效期內。",
|
||
"verify": "只判讀 decision pointer;不建立 approval record"
|
||
},
|
||
"credentialHandlingMetadataOnly": {
|
||
"title": "Credential handling metadata only",
|
||
"body": "確認 reviewer 只看到處理方式與責任人,不接觸任何明文驗證素材。",
|
||
"verify": "secret value collection=false"
|
||
},
|
||
"redactionAttestationPass": {
|
||
"title": "Redaction attestation pass",
|
||
"body": "確認 raw log、host dump、未脫敏截圖、private URL credential 與敏感 payload 都已排除。",
|
||
"verify": "原始載荷 allowed=false"
|
||
},
|
||
"maintenanceRollbackComplete": {
|
||
"title": "Maintenance / rollback complete",
|
||
"body": "若 evidence 暗示後續變更,確認已存在維護窗口、rollback owner 與復原驗證指標。",
|
||
"verify": "只顯示未來變更條件;不執行 change"
|
||
},
|
||
"validationMetricsLinked": {
|
||
"title": "Validation metrics linked",
|
||
"body": "確認 post-check metrics、baseline、logs 或 follow-up evidence 已連到可讀的脫敏 pointer。",
|
||
"verify": "只顯示 validation pointer;不開 runtime gate"
|
||
},
|
||
"runtimeGateSeparated": {
|
||
"title": "Runtime gate separated",
|
||
"body": "確認 reviewer checklist 的任何結果都不能直接變成 runtime action,必須回到獨立 runtime gate。",
|
||
"verify": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostEvidenceReviewerOutcomes": {
|
||
"title": "主機 Evidence Reviewer Outcome Lanes",
|
||
"subtitle": "Reviewer checklist 後只能進入這些只讀結果分流。這裡顯示下一步判讀,不會標示 passed、accepted、approval 或 runtime gate。",
|
||
"laneLabel": "Reviewer 結果",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForOwnerDecision": {
|
||
"title": "Ready for owner decision",
|
||
"body": "scope、owner、redaction、rollback、validation 與 runtime separation 都可讀時,只能標示為 owner decision 候選。",
|
||
"next": "顯示候選;received=0、accepted=0"
|
||
},
|
||
"scopeMismatch": {
|
||
"title": "Scope mismatch",
|
||
"body": "handoff scope 與主機覆蓋、網段、服務或排除範圍不一致時,回到補 scope lane。",
|
||
"next": "補 scope pointer;不啟動 scan"
|
||
},
|
||
"ownerExpired": {
|
||
"title": "Owner decision expired",
|
||
"body": "owner decision 缺 scope、限制條件或已過期時,回到 owner decision lane。",
|
||
"next": "補 decision record;不建立 approval"
|
||
},
|
||
"credentialMetadataFailed": {
|
||
"title": "Credential metadata failed",
|
||
"body": "credential handling 不是 metadata-only 或責任邊界不可讀時,先隔離 reviewer outcome。",
|
||
"next": "只要求 metadata-only 說明;不收敏感素材"
|
||
},
|
||
"redactionFailed": {
|
||
"title": "Redaction failed",
|
||
"body": "redaction attestation 無法證明 raw logs、host dump、未脫敏截圖或 sensitive payload 已排除時,拒收。",
|
||
"next": "要求重新脫敏;不保存原始載荷"
|
||
},
|
||
"rollbackMissing": {
|
||
"title": "Rollback missing",
|
||
"body": "maintenance window、rollback owner 或復原驗證指標缺漏時,不能進入後續決策。",
|
||
"next": "補 rollback pointer;不執行 change"
|
||
},
|
||
"runtimeGateRequired": {
|
||
"title": "Runtime gate required",
|
||
"body": "任何可能的後續主機行動都必須導回獨立 runtime gate,不能由 reviewer outcome 執行。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionCandidates": {
|
||
"title": "主機 Owner Decision Candidate Packets",
|
||
"subtitle": "Reviewer outcome 進到 owner decision 候選後,IwoooS 只顯示需要人工判讀的決策包。不建立 decision record、不標示 approved、不開 runtime gate。",
|
||
"packetLabel": "候選包",
|
||
"decisionLabel": "人工決策範圍",
|
||
"items": {
|
||
"scopeApprovalCandidate": {
|
||
"title": "Scope approval candidate",
|
||
"body": "確認主機、網段、服務、排除範圍與觀察目的都能被 owner 讀懂。",
|
||
"decision": "只顯示 scope 候選;owner decision received=0"
|
||
},
|
||
"scanModeCandidate": {
|
||
"title": "Scan mode candidate",
|
||
"body": "把 observe-only、未來 active scan 或 credentialed scan 的差異拆清楚,避免候選包被誤認為掃描授權。",
|
||
"decision": "只顯示模式選項;active scan=false"
|
||
},
|
||
"credentialHandlingCandidate": {
|
||
"title": "Credential handling candidate",
|
||
"body": "只描述 metadata-only handling、責任人與保存邊界,不要求或保存敏感素材。",
|
||
"decision": "只顯示處理原則;collection=false"
|
||
},
|
||
"maintenanceWindowCandidate": {
|
||
"title": "Maintenance window candidate",
|
||
"body": "若未來涉及主機更新或調校,先顯示候選維護窗口與限制條件。",
|
||
"decision": "只顯示時間範圍;host update=false"
|
||
},
|
||
"rollbackOwnerCandidate": {
|
||
"title": "Rollback owner candidate",
|
||
"body": "顯示未來 rollback owner、復原路徑與人工聯絡點,避免變更前缺少責任邊界。",
|
||
"decision": "只顯示 owner pointer;change=false"
|
||
},
|
||
"validationMetricsCandidate": {
|
||
"title": "Validation metrics candidate",
|
||
"body": "列出未來 post-check metrics、baseline 與回看 evidence pointer,作為後續 gate 的人工判讀素材。",
|
||
"decision": "只顯示驗證項目;runtime gate=false"
|
||
},
|
||
"runtimeGateCandidate": {
|
||
"title": "Runtime gate candidate",
|
||
"body": "任何後續主機動作仍需獨立 runtime gate,不能由 owner decision candidate 直接執行。",
|
||
"decision": "只顯示 gate 候選;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionReviewChecklist": {
|
||
"title": "主機 Owner Decision Review Checklist",
|
||
"subtitle": "Owner decision candidate packets 之後仍需人工逐項核對。這裡只顯示核對項,不建立決策紀錄、不標示 approved、不開 runtime gate。",
|
||
"checkLabel": "Owner 核對",
|
||
"guardLabel": "安全邊界",
|
||
"items": {
|
||
"scopeBoundaryReadable": {
|
||
"title": "Scope boundary readable",
|
||
"body": "確認 owner 能讀懂主機、網段、服務、排除範圍與觀察目的,且沒有超出原始 scope。",
|
||
"guard": "只核對 scope;owner decision received=0"
|
||
},
|
||
"scanModeNotAuthorization": {
|
||
"title": "Scan mode not authorization",
|
||
"body": "確認 observe-only、future active scan、credentialed scan 都只是選項說明,不是掃描授權。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"credentialBoundaryMetadataOnly": {
|
||
"title": "Credential boundary metadata only",
|
||
"body": "確認 credential handling 只保留 metadata、owner 與保存邊界,不要求敏感素材。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"maintenanceWindowNotChange": {
|
||
"title": "Maintenance window not change",
|
||
"body": "確認維護窗口只是未來候選條件,不代表可以進行 Kali 主機套件變更或主機調校。",
|
||
"guard": "host update=false"
|
||
},
|
||
"rollbackOwnerReadable": {
|
||
"title": "Rollback owner readable",
|
||
"body": "確認 rollback owner、復原路徑與人工聯絡點可讀,但尚未批准任何 change。",
|
||
"guard": "approval record=false"
|
||
},
|
||
"validationMetricsPredefined": {
|
||
"title": "Validation metrics predefined",
|
||
"body": "確認 post-check metrics、baseline 與 evidence pointer 已先定義,供未來 gate 判讀。",
|
||
"guard": "runtime gate opened=false"
|
||
},
|
||
"runtimeGateStillSeparate": {
|
||
"title": "Runtime gate still separate",
|
||
"body": "確認 owner decision checklist 不能直接執行任何後續主機動作,仍需獨立 runtime gate。",
|
||
"guard": "action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionReviewOutcomes": {
|
||
"title": "主機 Owner Decision Review Outcome Lanes",
|
||
"subtitle": "負責人審查清單後只能進入這些只讀結果分流。這裡顯示下一步判讀,不會建立 decision record、不會標示 approved、不會開 runtime gate。",
|
||
"laneLabel": "Review 結果",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForDecisionRecord": {
|
||
"title": "Ready for decision record",
|
||
"body": "scope、scan mode、credential boundary、maintenance、rollback、validation 與 runtime separation 都可讀時,只能顯示 formal decision record 候選。",
|
||
"next": "顯示決策紀錄候選;received=0、accepted=0"
|
||
},
|
||
"scopeNeedsRefresh": {
|
||
"title": "Scope needs refresh",
|
||
"body": "scope boundary 不可讀、過期或超出主機覆蓋時,回到補 scope lane。",
|
||
"next": "補 scope pointer;不啟動 scan"
|
||
},
|
||
"scanModeNeedsScope": {
|
||
"title": "Scan mode needs scope",
|
||
"body": "scan mode 尚未對齊 scope 或被誤讀成授權時,必須回到 scope / mode 說明。",
|
||
"next": "補 scan mode 說明;scan authorized=false"
|
||
},
|
||
"credentialBoundaryFailed": {
|
||
"title": "Credential boundary failed",
|
||
"body": "credential handling 若無法保持 metadata-only 或責任邊界不可讀,先隔離 decision outcome。",
|
||
"next": "補 metadata-only 邊界;secret collection=false"
|
||
},
|
||
"maintenanceWindowMissing": {
|
||
"title": "Maintenance window missing",
|
||
"body": "未來可能涉及更新或調校時,若缺維護窗口與限制條件,不能進入決策紀錄。",
|
||
"next": "補 window pointer;host update=false"
|
||
},
|
||
"rollbackOwnerMissing": {
|
||
"title": "Rollback owner missing",
|
||
"body": "rollback owner 或復原路徑不可讀時,不能進入後續批准語義。",
|
||
"next": "補 rollback owner;approval record=false"
|
||
},
|
||
"runtimeGateRequired": {
|
||
"title": "Runtime gate required",
|
||
"body": "任何後續主機動作都必須導回獨立 runtime gate,不能由 owner review outcome 執行。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordDrafts": {
|
||
"title": "主機 Owner Decision Record Draft Packets",
|
||
"subtitle": "負責人審查結果若進入 ready lane,IwoooS 也只能顯示 decision record 草稿欄位。不建立 record、不標示 accepted、不開 runtime gate。",
|
||
"packetLabel": "Draft packet",
|
||
"metadataLabel": "必要 metadata",
|
||
"items": {
|
||
"scopeStatementDraft": {
|
||
"title": "Scope statement draft",
|
||
"body": "草稿只整理主機、網段、服務、排除範圍與觀察目的,避免 owner decision 模糊。",
|
||
"metadata": "host / network / service / exclusion;record created=false"
|
||
},
|
||
"scanModeDraft": {
|
||
"title": "Scan mode draft",
|
||
"body": "草稿只描述 observe-only、future active scan 或 credentialed scan 的候選模式,不代表掃描批准。",
|
||
"metadata": "mode candidate;active scan=false"
|
||
},
|
||
"credentialBoundaryDraft": {
|
||
"title": "Credential boundary draft",
|
||
"body": "草稿只保留 credential handling 的 metadata、owner 與保存邊界,不收集敏感素材。",
|
||
"metadata": "metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceConstraintsDraft": {
|
||
"title": "Maintenance constraints draft",
|
||
"body": "草稿只記錄未來可能維護窗口、限制條件與不可影響範圍,不代表可以更新主機。",
|
||
"metadata": "window / constraint;host update=false"
|
||
},
|
||
"rollbackOwnerDraft": {
|
||
"title": "Rollback owner draft",
|
||
"body": "草稿只整理 rollback owner、復原路徑與人工聯絡點,讓後續 gate 不缺責任人。",
|
||
"metadata": "owner / recovery pointer;approval record=false"
|
||
},
|
||
"validationMetricsDraft": {
|
||
"title": "Validation metrics draft",
|
||
"body": "草稿只列出 post-check metrics、baseline 與 evidence pointer,供未來人工判讀。",
|
||
"metadata": "metrics / baseline;accepted=0"
|
||
},
|
||
"runtimeGateDraft": {
|
||
"title": "Runtime gate draft",
|
||
"body": "草稿只標示若未來批准,仍需另開 follow-up runtime gate,不能由草稿直接執行。",
|
||
"metadata": "runtime gate pointer;active gates=0"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordDraftReview": {
|
||
"title": "主機 Owner Decision Record Draft Review Checklist",
|
||
"subtitle": "Decision record 草稿包後仍需只讀核對。這裡只顯示草稿是否具備人工決策所需 metadata,不會建立正式 decision record。",
|
||
"checkLabel": "Draft review",
|
||
"guardLabel": "不可升級",
|
||
"items": {
|
||
"scopeStatementComplete": {
|
||
"title": "Scope statement complete",
|
||
"body": "確認 scope 草稿已包含主機、網段、服務、排除範圍與觀察目的,避免決策紀錄範圍不清。",
|
||
"guard": "只核對草稿;record created=false"
|
||
},
|
||
"scanModeStillNotApproval": {
|
||
"title": "Scan mode still not approval",
|
||
"body": "確認 scan mode 仍只是候選描述,不被解讀成 active scan 或 credentialed scan 授權。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"credentialBoundaryMetadataOnly": {
|
||
"title": "Credential boundary metadata only",
|
||
"body": "確認 credential boundary 仍維持 metadata-only,沒有要求或保存敏感素材。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"maintenanceConstraintsReadable": {
|
||
"title": "Maintenance constraints readable",
|
||
"body": "確認維護窗口、限制條件與不可影響範圍可讀,但不代表可以更新或調校主機。",
|
||
"guard": "host update=false"
|
||
},
|
||
"rollbackOwnerReadable": {
|
||
"title": "Rollback owner readable",
|
||
"body": "確認 rollback owner、復原路徑與人工聯絡點可讀,但尚未建立 approval record。",
|
||
"guard": "approval record=false"
|
||
},
|
||
"validationMetricsLinked": {
|
||
"title": "Validation metrics linked",
|
||
"body": "確認 post-check metrics、baseline 與 evidence pointer 已連到草稿,供後續人審使用。",
|
||
"guard": "accepted=0"
|
||
},
|
||
"runtimeGateStillClosed": {
|
||
"title": "Runtime gate still closed",
|
||
"body": "確認 decision record 草稿審查不會開 runtime gate,後續執行仍需獨立 gate。",
|
||
"guard": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordDraftReviewOutcomes": {
|
||
"title": "主機 Owner Decision Record Draft Review Outcome Lanes",
|
||
"subtitle": "Draft review checklist 後只能進入這些只讀結果分流。這裡顯示下一步,不會標記 review passed、不會建立 decision record、不會開 runtime gate。",
|
||
"laneLabel": "Review outcome",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForDecisionRecordWriteup": {
|
||
"title": "Ready for decision record write-up",
|
||
"body": "scope、scan mode、credential boundary、maintenance、rollback、validation 與 runtime separation 都可讀時,只能進入正式 decision record 撰寫候選。",
|
||
"next": "顯示 write-up candidate;record created=false"
|
||
},
|
||
"scopeDraftIncomplete": {
|
||
"title": "Scope draft incomplete",
|
||
"body": "scope 草稿缺主機、網段、服務、排除範圍或觀察目的時,回到 scope 草稿補件。",
|
||
"next": "補 scope statement;不建立 record"
|
||
},
|
||
"scanModeAmbiguous": {
|
||
"title": "Scan mode ambiguous",
|
||
"body": "scan mode 仍可能被誤讀成授權時,回到 scan mode 草稿與 scope 說明。",
|
||
"next": "補 scan mode wording;scan authorized=false"
|
||
},
|
||
"credentialBoundaryIncomplete": {
|
||
"title": "Credential boundary incomplete",
|
||
"body": "credential boundary 若不清楚 metadata-only、owner 或保存邊界,必須回到 credential 草稿補件。",
|
||
"next": "補 metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceConstraintsIncomplete": {
|
||
"title": "Maintenance constraints incomplete",
|
||
"body": "維護窗口、限制條件或不可影響範圍不可讀時,不能進入正式決策紀錄撰寫。",
|
||
"next": "補 constraints;host update=false"
|
||
},
|
||
"rollbackOwnerIncomplete": {
|
||
"title": "Rollback owner incomplete",
|
||
"body": "rollback owner、復原路徑或人工聯絡點不可讀時,不能建立後續批准語義。",
|
||
"next": "補 rollback owner;approval record=false"
|
||
},
|
||
"runtimeGateStillRequired": {
|
||
"title": "Runtime gate still required",
|
||
"body": "任何後續主機動作仍要等待獨立 runtime gate,不能由 draft review outcome 執行。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordWriteups": {
|
||
"title": "主機 Owner Decision Record Write-Up Packets",
|
||
"subtitle": "Draft review outcome 若進入 ready for write-up,IwoooS 也只能顯示正式 decision record 撰寫欄位。不建立 record、不標示 completed / accepted、不開 runtime gate。",
|
||
"packetLabel": "Write-up packet",
|
||
"fieldLabel": "必要欄位",
|
||
"items": {
|
||
"decisionSummaryWriteup": {
|
||
"title": "Decision summary write-up",
|
||
"body": "只整理 owner 要做的人工作業判斷、風險接受邊界與不執行聲明。",
|
||
"field": "decision summary;write-up completed=0"
|
||
},
|
||
"approvedScopeWriteup": {
|
||
"title": "Approved scope write-up",
|
||
"body": "只整理主機、網段、服務、排除範圍、觀察目的與到期時間。",
|
||
"field": "scope / expiry;record created=false"
|
||
},
|
||
"scanModeLimitsWriteup": {
|
||
"title": "Scan mode limits write-up",
|
||
"body": "只整理 observe-only、future active scan 或 credentialed scan 的限制條件,不代表掃描批准。",
|
||
"field": "mode limits;scan authorized=false"
|
||
},
|
||
"credentialBoundaryWriteup": {
|
||
"title": "Credential boundary write-up",
|
||
"body": "只整理 credential handling metadata、owner、保存邊界與不可收集內容。",
|
||
"field": "metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackWriteup": {
|
||
"title": "Maintenance and rollback write-up",
|
||
"body": "只整理維護窗口候選、限制條件、rollback owner、復原路徑與人工聯絡點。",
|
||
"field": "window / rollback;host update=false"
|
||
},
|
||
"validationEvidenceWriteup": {
|
||
"title": "Validation evidence write-up",
|
||
"body": "只整理 post-check metrics、baseline、evidence pointer 與人工驗收條件。",
|
||
"field": "metrics / evidence;accepted=0"
|
||
},
|
||
"runtimeGatePointerWriteup": {
|
||
"title": "Runtime gate pointer write-up",
|
||
"body": "只標示若未來批准,仍要另開 follow-up runtime gate,不能由 write-up 執行。",
|
||
"field": "runtime gate pointer;active gates=0"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordWriteupReview": {
|
||
"title": "主機 Owner Decision Record Write-Up Review Checklist",
|
||
"subtitle": "Write-up packets 後仍需要只讀核對。這裡只顯示正式 decision record 撰寫欄位是否可讀,不會標記 write-up completed、不會建立或接受 decision record、不會開 runtime gate。",
|
||
"checkLabel": "Write-up review",
|
||
"guardLabel": "不可升級",
|
||
"items": {
|
||
"decisionSummaryReadable": {
|
||
"title": "Decision summary readable",
|
||
"body": "確認 write-up 只整理 owner 人工判斷、風險接受邊界與不執行聲明,不新增批准語義。",
|
||
"guard": "write-up review only;completed=0"
|
||
},
|
||
"scopeExpiryComplete": {
|
||
"title": "Scope and expiry complete",
|
||
"body": "確認 scope、排除範圍、觀察目的與到期時間可讀,避免正式紀錄範圍不清。",
|
||
"guard": "record created=false"
|
||
},
|
||
"scanModeLimitsExplicit": {
|
||
"title": "Scan mode limits explicit",
|
||
"body": "確認 observe-only、future active scan 與 credentialed scan 的限制條件明確,且不代表掃描授權。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"credentialBoundaryMetadataOnly": {
|
||
"title": "Credential boundary metadata only",
|
||
"body": "確認 credential handling 仍只保留 metadata、owner 與保存邊界,不要求或保存敏感素材。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"maintenanceRollbackLinked": {
|
||
"title": "Maintenance and rollback linked",
|
||
"body": "確認維護窗口候選、限制條件、rollback owner、復原路徑與人工聯絡點都可追。",
|
||
"guard": "host update=false"
|
||
},
|
||
"validationEvidenceLinked": {
|
||
"title": "Validation evidence linked",
|
||
"body": "確認 post-check metrics、baseline、evidence pointer 與人工驗收條件已連到 write-up。",
|
||
"guard": "accepted=0"
|
||
},
|
||
"runtimeGateStillSeparate": {
|
||
"title": "Runtime gate still separate",
|
||
"body": "確認 runtime gate pointer 仍指向獨立 follow-up gate,write-up review 不會開 gate。",
|
||
"guard": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordWriteupReviewOutcomes": {
|
||
"title": "主機 Owner Decision Record Write-Up Review Outcome Lanes",
|
||
"subtitle": "Write-up review checklist 後只能進入這些只讀結果分流。這裡顯示下一步,不會標記 review passed、不會建立或接受 decision record、不會開 runtime gate。",
|
||
"laneLabel": "Review outcome",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForFormalRecordCandidate": {
|
||
"title": "Ready for formal record candidate",
|
||
"body": "summary、scope、scan limits、credential boundary、maintenance、rollback、validation 與 runtime separation 都可讀時,只能顯示正式紀錄候選。",
|
||
"next": "顯示 formal record candidate;record created=false"
|
||
},
|
||
"decisionSummaryNeedsClarification": {
|
||
"title": "Decision summary needs clarification",
|
||
"body": "decision summary、風險接受邊界或不執行聲明不可讀時,回到 write-up 補件。",
|
||
"next": "補 decision summary;completed=0"
|
||
},
|
||
"scopeExpiryNeedsRefresh": {
|
||
"title": "Scope and expiry needs refresh",
|
||
"body": "scope、排除範圍、觀察目的或到期時間不完整時,不能進入正式紀錄候選。",
|
||
"next": "補 scope / expiry;record created=false"
|
||
},
|
||
"scanModeLimitsAmbiguous": {
|
||
"title": "Scan mode limits ambiguous",
|
||
"body": "scan mode limits 仍可能被誤讀成 active scan 或 credentialed scan 授權時,必須回到 write-up 修正。",
|
||
"next": "補 scan wording;scan authorized=false"
|
||
},
|
||
"credentialBoundaryFailed": {
|
||
"title": "Credential boundary failed",
|
||
"body": "credential boundary 若不清楚 metadata-only、owner、保存邊界或不可收集內容,必須回到 credential write-up。",
|
||
"next": "補 metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackIncomplete": {
|
||
"title": "Maintenance and rollback incomplete",
|
||
"body": "維護窗口、限制條件、rollback owner、復原路徑或人工聯絡點不可讀時,不能建立批准語義。",
|
||
"next": "補 maintenance / rollback;host update=false"
|
||
},
|
||
"runtimeGateStillRequired": {
|
||
"title": "Runtime gate still required",
|
||
"body": "validation evidence 或 runtime gate pointer 仍需要獨立 follow-up gate,不能由 review outcome 執行。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordFormalCandidates": {
|
||
"title": "主機 Owner Decision Record Formal Candidate Packets",
|
||
"subtitle": "Formal record candidate 只把未來可能寫入正式紀錄的欄位整理出來。這裡不建立 decision record、不標記 finalized / accepted、不產生 approval record、不開 runtime gate。",
|
||
"packetLabel": "Candidate packet",
|
||
"fieldLabel": "候選欄位",
|
||
"items": {
|
||
"recordIdentityCandidate": {
|
||
"title": "Record identity candidate",
|
||
"body": "整理候選 record id、版本、owner、review scope 與追蹤來源,避免正式紀錄沒有可追溯身份。",
|
||
"field": "identity / version;record created=false"
|
||
},
|
||
"decisionSummaryCandidate": {
|
||
"title": "Decision summary candidate",
|
||
"body": "整理人工 owner decision summary、風險接受邊界與不執行聲明,但不把它寫成已接受決策。",
|
||
"field": "decision summary;finalized=0"
|
||
},
|
||
"approvedScopeCandidate": {
|
||
"title": "Approved scope candidate",
|
||
"body": "整理 host、network、service、exclusion、觀察目的與到期時間,保留 scope 可讀性。",
|
||
"field": "scope / expiry;accepted=0"
|
||
},
|
||
"scanModeLimitsCandidate": {
|
||
"title": "Scan mode limits candidate",
|
||
"body": "整理 observe-only、未來 active scan 與 credentialed scan 的限制,避免被誤讀成掃描授權。",
|
||
"field": "scan limits;scan authorized=false"
|
||
},
|
||
"credentialBoundaryCandidate": {
|
||
"title": "Credential boundary candidate",
|
||
"body": "整理 metadata-only credential owner、保存邊界、遮蔽要求與不可收集內容。",
|
||
"field": "metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackCandidate": {
|
||
"title": "Maintenance and rollback candidate",
|
||
"body": "整理維護窗口、限制條件、rollback owner、復原路徑與人工聯絡點。",
|
||
"field": "window / rollback;host update=false"
|
||
},
|
||
"validationRuntimeGateCandidate": {
|
||
"title": "Validation and runtime gate candidate",
|
||
"body": "整理 validation evidence、post-check metrics、baseline pointer 與仍需獨立 follow-up runtime gate 的聲明。",
|
||
"field": "validation / runtime pointer;active gates=0"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordFormalCandidateReview": {
|
||
"title": "主機 Owner Decision Record Formal Candidate Review Checklist",
|
||
"subtitle": "Formal candidate packets 進入後續人工紀錄前仍只能做只讀核對。這裡不標記 review passed、不建立 decision record、不標記 accepted、不建立 approval record、不開 runtime gate。",
|
||
"checkLabel": "Candidate review",
|
||
"guardLabel": "仍鎖住",
|
||
"items": {
|
||
"identityTraceable": {
|
||
"title": "Record identity traceable",
|
||
"body": "確認 candidate record id、版本、owner、review scope 與 trace source 可讀,且沒有建立正式紀錄。",
|
||
"guard": "record created=false"
|
||
},
|
||
"decisionSummaryReadable": {
|
||
"title": "Decision summary readable",
|
||
"body": "確認 decision summary、風險接受邊界與不執行聲明可讀,但仍不代表 decision accepted。",
|
||
"guard": "accepted=0"
|
||
},
|
||
"scopeExpiryConsistent": {
|
||
"title": "Scope and expiry consistent",
|
||
"body": "確認 host、network、service、exclusion、觀察目的與到期時間一致,仍只作為候選欄位。",
|
||
"guard": "finalized=0"
|
||
},
|
||
"scanLimitsStillNotAuthorization": {
|
||
"title": "Scan limits still not authorization",
|
||
"body": "確認 observe-only、future active scan 與 credentialed scan limits 沒有被誤讀成 active scan 或 credentialed scan 授權。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"credentialBoundaryStillMetadataOnly": {
|
||
"title": "Credential boundary still metadata-only",
|
||
"body": "確認 credential boundary 只保留 metadata、owner、retention、masking 與不可收集內容。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"maintenanceRollbackTraceable": {
|
||
"title": "Maintenance and rollback traceable",
|
||
"body": "確認維護窗口、限制條件、rollback owner、復原路徑與人工聯絡點可追。",
|
||
"guard": "host update=false"
|
||
},
|
||
"runtimeGateStillClosed": {
|
||
"title": "Runtime gate still closed",
|
||
"body": "確認 validation evidence 與 runtime gate pointer 仍只指向獨立 follow-up gate,candidate review 不會開 gate。",
|
||
"guard": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordFormalCandidateReviewOutcomes": {
|
||
"title": "主機 Owner Decision Record Formal Candidate Review Outcome Lanes",
|
||
"subtitle": "Formal candidate review outcome 只呈現候選核對後的下一步分流。這裡不標記 review passed、不標記 finalized、不建立 decision record、不標記 accepted、不建立 approval record、不開 runtime gate。",
|
||
"laneLabel": "Outcome lane",
|
||
"nextLabel": "下一步仍只讀",
|
||
"items": {
|
||
"readyForHumanRecordQueue": {
|
||
"title": "Ready for human record queue",
|
||
"body": "候選欄位可讀時,只能顯示可送人工正式紀錄佇列,不會建立 decision record。",
|
||
"next": "queue visible only;record created=false"
|
||
},
|
||
"identityNeedsTrace": {
|
||
"title": "Record identity needs trace",
|
||
"body": "candidate record id、版本、owner、review scope 或 trace source 不足時,回到身份追蹤補件。",
|
||
"next": "補 identity trace;review passed=0"
|
||
},
|
||
"decisionSummaryNeedsClarification": {
|
||
"title": "Decision summary needs clarification",
|
||
"body": "decision summary、風險接受邊界或不執行聲明不清楚時,維持候選狀態。",
|
||
"next": "補 decision summary;accepted=0"
|
||
},
|
||
"scopeExpiryNeedsRefresh": {
|
||
"title": "Scope and expiry need refresh",
|
||
"body": "host、network、service、exclusion、觀察目的或到期時間不一致時,不進入正式紀錄。",
|
||
"next": "補 scope / expiry;finalized=0"
|
||
},
|
||
"scanLimitsAmbiguous": {
|
||
"title": "Scan limits remain ambiguous",
|
||
"body": "active scan 或 credentialed scan limits 可能被誤讀時,仍鎖在不授權狀態。",
|
||
"next": "補 scan limits;scan authorized=false"
|
||
},
|
||
"credentialBoundaryFailed": {
|
||
"title": "Credential boundary failed",
|
||
"body": "credential metadata、retention、masking 或 forbidden collection 邊界不清楚時,直接隔離。",
|
||
"next": "補 metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackIncomplete": {
|
||
"title": "Maintenance and rollback incomplete",
|
||
"body": "維護窗口、限制條件、rollback owner、復原路徑或人工聯絡點不可追時,不能建立批准語義。",
|
||
"next": "補 maintenance / rollback;host update=false"
|
||
},
|
||
"runtimeGateStillRequired": {
|
||
"title": "Runtime gate still required",
|
||
"body": "validation evidence 或 runtime gate pointer 仍需要獨立 follow-up gate,不能由 outcome 開 gate。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordFormalRecordQueue": {
|
||
"title": "主機 Owner Decision Record Formal Record Queue Packets",
|
||
"subtitle": "Formal record queue packets 只整理未來人工正式紀錄佇列需要看到的資料包。這裡不 enqueue、不建立 decision record、不標記 accepted、不建立 approval record、不開 runtime gate。",
|
||
"packetLabel": "Queue packet",
|
||
"fieldLabel": "佇列欄位",
|
||
"items": {
|
||
"queueIdentityPacket": {
|
||
"title": "Queue identity packet",
|
||
"body": "整理 candidate record id、版本、owner、review scope 與 trace source,讓人工佇列能追蹤身份。",
|
||
"field": "identity trace;queue enqueued=0"
|
||
},
|
||
"queueDecisionSummaryPacket": {
|
||
"title": "Queue decision summary packet",
|
||
"body": "整理 decision summary、風險接受邊界與不執行聲明,但不建立正式 decision record。",
|
||
"field": "decision summary;record created=false"
|
||
},
|
||
"queueScopeExpiryPacket": {
|
||
"title": "Queue scope and expiry packet",
|
||
"body": "整理 host、network、service、exclusion、觀察目的與到期時間,仍只作為人工佇列可讀資訊。",
|
||
"field": "scope / expiry;finalized=0"
|
||
},
|
||
"queueScanLimitsPacket": {
|
||
"title": "Queue scan limits packet",
|
||
"body": "整理 observe-only、future active scan 與 credentialed scan limits,避免被誤讀成掃描授權。",
|
||
"field": "scan limits;scan authorized=false"
|
||
},
|
||
"queueCredentialBoundaryPacket": {
|
||
"title": "Queue credential boundary packet",
|
||
"body": "整理 metadata-only credential owner、retention、masking 與 forbidden collection 邊界。",
|
||
"field": "metadata-only boundary;secret collection=false"
|
||
},
|
||
"queueMaintenanceRollbackPacket": {
|
||
"title": "Queue maintenance and rollback packet",
|
||
"body": "整理維護窗口、限制條件、rollback owner、復原路徑與人工聯絡點。",
|
||
"field": "window / rollback;host update=false"
|
||
},
|
||
"queueValidationRuntimeGatePacket": {
|
||
"title": "Queue validation and runtime gate packet",
|
||
"body": "整理 validation evidence、post-check metrics、baseline pointer 與獨立 runtime gate 需求。",
|
||
"field": "validation / runtime pointer;active gates=0"
|
||
},
|
||
"queueNoExecutionAttestationPacket": {
|
||
"title": "Queue no-execution attestation packet",
|
||
"body": "整理仍不執行、不批准、不開 gate 的聲明,避免佇列資料包被當成授權。",
|
||
"field": "not authorization;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordFormalRecordQueueReview": {
|
||
"title": "主機 Owner Decision Record Formal Record Queue Review Checklist",
|
||
"subtitle": "Formal record queue review checklist 只確認佇列資料包是否可供未來人工正式紀錄審查。不標記 review passed、不 enqueue、不建立 decision record、不建立 approval record、不開 runtime gate。",
|
||
"checkLabel": "Queue review",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"queueIdentityTraceable": {
|
||
"title": "Queue identity traceable",
|
||
"body": "確認 queue identity 能回溯 candidate record、版本、owner、review scope 與來源,不把可追蹤性當成正式入列。",
|
||
"guard": "trace only;queue enqueued=0"
|
||
},
|
||
"queueDecisionSummaryReadable": {
|
||
"title": "Queue decision summary readable",
|
||
"body": "確認 decision summary 與 no-execution statement 可讀,但不產生正式 decision record。",
|
||
"guard": "summary only;record created=false"
|
||
},
|
||
"queueScopeExpiryFresh": {
|
||
"title": "Queue scope and expiry fresh",
|
||
"body": "確認 host、network、service、exclusion、觀察目的與 expiry 沒有過期或超出原始 scope。",
|
||
"guard": "scope check only;finalized=0"
|
||
},
|
||
"queueScanLimitsNotAuthorization": {
|
||
"title": "Queue scan limits not authorization",
|
||
"body": "確認 observe-only、future active scan 與 credentialed scan limits 仍只是限制描述,不是掃描批准。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"queueCredentialBoundaryMetadataOnly": {
|
||
"title": "Queue credential boundary metadata-only",
|
||
"body": "確認 credential boundary 只保留 metadata、owner、retention 與 masking 邊界,不要求敏感素材。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"queueMaintenanceRollbackLinked": {
|
||
"title": "Queue maintenance and rollback linked",
|
||
"body": "確認維護窗口、限制條件、rollback owner、復原路徑與人工聯絡點都有 pointer,但不代表可以做主機套件變更或調校。",
|
||
"guard": "host change=false"
|
||
},
|
||
"queueValidationGateSeparate": {
|
||
"title": "Queue validation gate separate",
|
||
"body": "確認 validation evidence、post-check metrics 與 baseline pointer 仍導向獨立 runtime gate。",
|
||
"guard": "active gates=0"
|
||
},
|
||
"queueNoExecutionAttestationPresent": {
|
||
"title": "Queue no-execution attestation present",
|
||
"body": "確認 no-execution / no-approval / no-runtime-gate 聲明仍在,避免 checklist 被當成 action entry。",
|
||
"guard": "action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordFormalRecordQueueReviewOutcomes": {
|
||
"title": "主機 Owner Decision Record Formal Record Queue Review Outcome Lanes",
|
||
"subtitle": "Formal record queue review outcome lanes 只顯示 checklist 後的下一步分流。不代表 review passed、不 enqueue、不建立 decision record、不接受 owner decision、不建立 approval record、不開 runtime gate。",
|
||
"laneLabel": "Queue review outcome",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForHumanRecordOwnerHandoff": {
|
||
"title": "Ready for human record owner handoff",
|
||
"body": "所有 queue review 條件都可讀時,只能顯示未來交給人工 record owner 的候選狀態。",
|
||
"next": "顯示 handoff 候選;review passed=0、queue enqueued=0"
|
||
},
|
||
"identityNeedsTraceRefresh": {
|
||
"title": "Identity needs trace refresh",
|
||
"body": "candidate record id、版本、owner、review scope 或 trace source 不清楚時,回到 identity packet 補證。",
|
||
"next": "補 identity trace;record created=false"
|
||
},
|
||
"decisionSummaryNeedsClarification": {
|
||
"title": "Decision summary needs clarification",
|
||
"body": "decision summary 或 no-execution statement 不可讀時,回到 summary packet 補文字。",
|
||
"next": "補 decision summary;accepted=0"
|
||
},
|
||
"scopeExpiryNeedsRefresh": {
|
||
"title": "Scope and expiry need refresh",
|
||
"body": "host、network、service、exclusion、觀察目的或 expiry 過期或超出原始 scope 時,回到 scope packet。",
|
||
"next": "補 scope / expiry;finalized=0"
|
||
},
|
||
"scanLimitsRemainAmbiguous": {
|
||
"title": "Scan limits remain ambiguous",
|
||
"body": "observe-only、future active scan 或 credentialed scan limits 若仍可能被誤讀成授權,必須回到 scan limits packet。",
|
||
"next": "補 scan limits;scan authorized=false"
|
||
},
|
||
"credentialBoundaryFailed": {
|
||
"title": "Credential boundary failed",
|
||
"body": "credential boundary 若無法保持 metadata-only 或責任邊界不可讀,必須隔離補證。",
|
||
"next": "補 metadata-only boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackIncomplete": {
|
||
"title": "Maintenance and rollback incomplete",
|
||
"body": "維護窗口、限制條件、rollback owner、復原路徑或人工聯絡點缺漏時,不能進入正式紀錄語義。",
|
||
"next": "補 maintenance / rollback;host change=false"
|
||
},
|
||
"runtimeGateStillRequired": {
|
||
"title": "Runtime gate still required",
|
||
"body": "validation evidence 或 runtime gate pointer 仍需要獨立 follow-up gate,不能由 queue review outcome 開 gate。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanHandoffReadiness": {
|
||
"title": "主機 Owner Decision Record Human Record Owner Handoff Readiness Packets",
|
||
"subtitle": "Human record owner handoff readiness packets 只顯示未來交給人工 record owner 前要準備的 metadata。不代表 handoff started、不代表 handoff ready、不代表 review passed、不建立 decision record、不接受 owner decision、不開 runtime gate。",
|
||
"packetLabel": "Handoff readiness packet",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"handoffIdentityTrace": {
|
||
"title": "Handoff identity and trace",
|
||
"body": "顯示 candidate record id、版本、來源 outcome lane、source queue review 與 trace pointer 是否足夠供未來人工 record owner 辨識。",
|
||
"guard": "handoff started=0;ready=0"
|
||
},
|
||
"handoffOwnerBoundary": {
|
||
"title": "Human record owner boundary",
|
||
"body": "顯示未來 record owner、backup owner、聯絡窗口與責任邊界,但不自動通知、不收 decision、不建立 approval record。",
|
||
"guard": "owner decision received=0"
|
||
},
|
||
"handoffDecisionSummary": {
|
||
"title": "Decision summary packet",
|
||
"body": "顯示 decision summary、no-execution statement 與候選結論是否可讀,避免 handoff 時把摘要當成批准。",
|
||
"guard": "decision record created=false"
|
||
},
|
||
"handoffScopeExpiry": {
|
||
"title": "Scope and expiry packet",
|
||
"body": "顯示 host、network、service、exclusion、觀察目的與 expiry 的 handoff 摘要,過期或越界時仍只能回補 scope。",
|
||
"guard": "review passed=0"
|
||
},
|
||
"handoffScanLimits": {
|
||
"title": "Scan limits packet",
|
||
"body": "顯示 observe-only、future active scan 與 credentialed scan limits 的限制文字,讓人工 record owner 清楚這不是掃描授權。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"handoffCredentialBoundary": {
|
||
"title": "Credential boundary packet",
|
||
"body": "顯示 credential boundary metadata、retention 與 masking 責任,不收 plaintext、不收 token value、不收 raw secret。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"handoffMaintenanceRollback": {
|
||
"title": "Maintenance and rollback packet",
|
||
"body": "顯示維護窗口、限制條件、rollback owner、復原路徑與人工聯絡點,仍不允許 SSH、package update 或主機調校。",
|
||
"guard": "host change=false"
|
||
},
|
||
"handoffRuntimeGate": {
|
||
"title": "Runtime gate separation packet",
|
||
"body": "顯示 validation evidence 與 follow-up runtime gate pointer 仍是獨立 gate,不能由 handoff readiness 開啟。",
|
||
"guard": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanHandoffReadinessReview": {
|
||
"title": "主機 Owner Decision Record Human Handoff Readiness Review Checklist",
|
||
"subtitle": "Human handoff readiness review checklist 只顯示 handoff readiness packets 進人工 record owner 前的只讀核對條件。不代表 review passed、不開始 handoff、不標記 handoff ready、不建立 decision record、不接受 owner decision、不開 runtime gate。",
|
||
"checkLabel": "Handoff readiness check",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"identityTraceReadable": {
|
||
"title": "Identity trace readable",
|
||
"body": "確認 candidate record id、版本、來源 outcome lane、source queue review 與 trace pointer 可讀;缺漏時只能回補 identity trace。",
|
||
"guard": "handoff started=0;ready=0"
|
||
},
|
||
"ownerBoundaryReadable": {
|
||
"title": "Owner boundary readable",
|
||
"body": "確認 future record owner、backup owner、聯絡窗口與責任邊界可讀;不能自動通知或收 owner decision。",
|
||
"guard": "owner decision received=0"
|
||
},
|
||
"decisionSummaryReadable": {
|
||
"title": "Decision summary readable",
|
||
"body": "確認 decision summary、候選結論與 no-execution statement 可讀,避免 handoff readiness 被誤讀成批准。",
|
||
"guard": "decision record created=false"
|
||
},
|
||
"scopeExpiryCurrent": {
|
||
"title": "Scope and expiry current",
|
||
"body": "確認 host、network、service、exclusion、觀察目的與 expiry 沒有過期或越界;過期時只能回補 scope。",
|
||
"guard": "review passed=0"
|
||
},
|
||
"scanLimitsNotAuthorization": {
|
||
"title": "Scan limits not authorization",
|
||
"body": "確認 observe-only、future active scan 與 credentialed scan limits 仍只是限制文字,不是掃描批准。",
|
||
"guard": "scan authorized=false"
|
||
},
|
||
"credentialBoundaryMetadataOnly": {
|
||
"title": "Credential boundary metadata-only",
|
||
"body": "確認 credential boundary 只含 metadata、retention 與 masking 責任;不得收 plaintext、token value 或 raw secret。",
|
||
"guard": "secret collection=false"
|
||
},
|
||
"maintenanceRollbackTraceable": {
|
||
"title": "Maintenance and rollback traceable",
|
||
"body": "確認維護窗口、限制條件、rollback owner、復原路徑與人工聯絡點可追溯,但仍不能 SSH、更新套件或調校主機。",
|
||
"guard": "host change=false"
|
||
},
|
||
"runtimeGateSeparate": {
|
||
"title": "Runtime gate separate",
|
||
"body": "確認 validation evidence 與 follow-up runtime gate 仍維持獨立,不由 readiness review 開啟。",
|
||
"guard": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanHandoffReadinessReviewOutcomes": {
|
||
"title": "主機 Owner Decision Record Human Handoff Readiness Review Outcome Lanes",
|
||
"subtitle": "Human handoff readiness review outcome lanes 只顯示 checklist 後的下一步分流。不代表 review passed、不開始 handoff、不標記 handoff ready、不建立 decision record、不接受 owner decision、不建立 approval record、不開 runtime gate。",
|
||
"laneLabel": "Handoff review outcome",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForHumanRecordOwnerReviewCandidate": {
|
||
"title": "Ready for human record owner review candidate",
|
||
"body": "所有 readiness review 條件都可讀時,只能顯示未來交給人工 record owner 看看的候選狀態。",
|
||
"next": "顯示 review candidate;review passed=0、handoff started=0"
|
||
},
|
||
"identityTraceNeedsRefresh": {
|
||
"title": "Identity trace needs refresh",
|
||
"body": "candidate record id、版本、來源 outcome lane、source queue review 或 trace pointer 不清楚時,回到 identity packet 補證。",
|
||
"next": "補 identity trace;handoff ready=0"
|
||
},
|
||
"ownerBoundaryNeedsClarification": {
|
||
"title": "Owner boundary needs clarification",
|
||
"body": "record owner、backup owner、聯絡窗口或責任邊界不可讀時,回到 owner boundary packet 補文字。",
|
||
"next": "補 owner boundary;decision received=0"
|
||
},
|
||
"decisionSummaryNeedsClarification": {
|
||
"title": "Decision summary needs clarification",
|
||
"body": "decision summary、候選結論或 no-execution statement 不可讀時,回到 decision summary packet。",
|
||
"next": "補 decision summary;record created=false"
|
||
},
|
||
"scopeExpiryNeedsRefresh": {
|
||
"title": "Scope and expiry need refresh",
|
||
"body": "host、network、service、exclusion、觀察目的或 expiry 過期或越界時,回到 scope packet。",
|
||
"next": "補 scope / expiry;review passed=0"
|
||
},
|
||
"scanLimitsRemainAmbiguous": {
|
||
"title": "Scan limits remain ambiguous",
|
||
"body": "observe-only、future active scan 或 credentialed scan limits 仍可能被誤讀成授權時,回到 scan limits packet。",
|
||
"next": "補 scan limits;scan authorized=false"
|
||
},
|
||
"credentialBoundaryFailed": {
|
||
"title": "Credential boundary failed",
|
||
"body": "credential boundary 若不是 metadata-only,或 plaintext、token value、raw secret 邊界不清楚,必須隔離補證。",
|
||
"next": "補 credential boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackIncomplete": {
|
||
"title": "Maintenance and rollback incomplete",
|
||
"body": "維護窗口、限制條件、rollback owner、復原路徑或人工聯絡點缺漏時,不能進入人工 record owner review 語義。",
|
||
"next": "補 maintenance / rollback;host change=false"
|
||
},
|
||
"runtimeGateStillRequired": {
|
||
"title": "Runtime gate still required",
|
||
"body": "validation evidence 或 follow-up runtime gate pointer 仍需要獨立 gate,不能由 readiness review outcome 開 gate。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanRecordOwnerReviewCandidatePackets": {
|
||
"title": "主機 Owner Decision Record Human Record Owner Review Candidate Packets",
|
||
"subtitle": "Human record owner review candidate packets 只整理未來人工 record owner 可能需要看的 metadata。它不開始 handoff、不標記 review ready、不收 owner decision、不建立 decision record、不建立 approval record、不開 runtime gate。",
|
||
"packetLabel": "Review candidate packet",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"reviewCandidateIdentity": {
|
||
"title": "Review candidate identity packet",
|
||
"body": "整理 candidate id、來源 readiness outcome、版本、trace pointer 與來源 queue review 連結,讓人工 record owner 未來能看懂來源。",
|
||
"guard": "review started=0;decision record created=false"
|
||
},
|
||
"reviewOwnerBoundary": {
|
||
"title": "Review owner boundary packet",
|
||
"body": "整理 human record owner、backup owner、聯絡窗口與責任邊界,但不把 owner contact 視為已接案或已決策。",
|
||
"guard": "owner decision received=0;handoff started=0"
|
||
},
|
||
"reviewDecisionSummary": {
|
||
"title": "Review decision summary packet",
|
||
"body": "整理候選決策摘要、風險接受邊界與 no-execution statement,避免人工 review 候選被誤讀成正式紀錄。",
|
||
"guard": "review ready=0;record accepted=0"
|
||
},
|
||
"reviewScopeExpiry": {
|
||
"title": "Review scope and expiry packet",
|
||
"body": "整理 host、network、service、exclusion、observation intent 與 expiry,讓 review candidate 的範圍維持可讀。",
|
||
"guard": "scope review only;runtime gate opened=false"
|
||
},
|
||
"reviewScanLimits": {
|
||
"title": "Review scan limits packet",
|
||
"body": "整理 observe-only、future active scan 與 credentialed scan limits,明確保留 active scan 仍需獨立批准。",
|
||
"guard": "scan authorized=false;action buttons=false"
|
||
},
|
||
"reviewCredentialBoundary": {
|
||
"title": "Review credential boundary packet",
|
||
"body": "整理 credential owner、retention、masking 與 forbidden collection,只允許 metadata,不收 plaintext、token value 或 raw secret。",
|
||
"guard": "secret collection=false;原始載荷=false"
|
||
},
|
||
"reviewMaintenanceRollback": {
|
||
"title": "Review maintenance and rollback packet",
|
||
"body": "整理 maintenance window、constraints、rollback owner、recovery path 與人工聯絡點,但不代表可以變更主機。",
|
||
"guard": "host change=false;Kali update=false"
|
||
},
|
||
"reviewValidationRuntimeGate": {
|
||
"title": "Review validation and runtime gate packet",
|
||
"body": "整理 validation evidence pointer、post-check metrics 與獨立 runtime gate requirement,仍不能由 candidate packet 開 gate。",
|
||
"guard": "runtime gate opened=false;runtime execution=false"
|
||
},
|
||
"reviewNoExecutionAttestation": {
|
||
"title": "Review no-execution attestation packet",
|
||
"body": "固定 not authorization、no execution、no approval、no runtime gate statement,避免人工 review candidate 被誤解成批准。",
|
||
"guard": "not_authorization=true;approval record=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanRecordOwnerReviewCandidateChecklist": {
|
||
"title": "主機 Owner Decision Record Human Record Owner Review Candidate Checklist",
|
||
"subtitle": "Human record owner review candidate checklist 只核對 candidate packets 是否可讀。不代表 checklist passed、不開始 review、不標記 review ready、不收 owner decision、不建立 decision record、不建立 approval record、不開 runtime gate。",
|
||
"checkLabel": "Review candidate check",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"candidateIdentityTraceable": {
|
||
"title": "Candidate identity traceable",
|
||
"body": "確認 candidate id、來源 outcome、版本、trace pointer 與 queue review link 可追溯。",
|
||
"guard": "check passed=0;review started=0"
|
||
},
|
||
"candidateOwnerBoundaryReadable": {
|
||
"title": "Candidate owner boundary readable",
|
||
"body": "確認 human record owner、backup owner、聯絡窗口與責任邊界可讀,但不代表 owner 已接案。",
|
||
"guard": "owner decision received=0;review ready=0"
|
||
},
|
||
"candidateDecisionSummaryReadable": {
|
||
"title": "Candidate decision summary readable",
|
||
"body": "確認候選決策摘要、風險接受邊界與 no-execution statement 可讀,仍不是正式 decision record。",
|
||
"guard": "decision record created=false;accepted=0"
|
||
},
|
||
"candidateScopeExpiryCurrent": {
|
||
"title": "Candidate scope and expiry current",
|
||
"body": "確認 host、network、service、exclusion、observation intent 與 expiry 仍在候選範圍內。",
|
||
"guard": "scope check only;runtime gate opened=false"
|
||
},
|
||
"candidateScanLimitsNotAuthorization": {
|
||
"title": "Candidate scan limits not authorization",
|
||
"body": "確認 observe-only、future active scan 與 credentialed scan limits 沒有被寫成掃描授權。",
|
||
"guard": "scan authorized=false;action buttons=false"
|
||
},
|
||
"candidateCredentialBoundaryMetadataOnly": {
|
||
"title": "Candidate credential boundary metadata-only",
|
||
"body": "確認 credential owner、retention、masking 與 forbidden collection 仍是 metadata-only。",
|
||
"guard": "secret collection=false;原始載荷=false"
|
||
},
|
||
"candidateMaintenanceRollbackTraceable": {
|
||
"title": "Candidate maintenance and rollback traceable",
|
||
"body": "確認 maintenance window、constraints、rollback owner、recovery path 與人工聯絡點可追溯。",
|
||
"guard": "host change=false;Kali update=false"
|
||
},
|
||
"candidateValidationRuntimeGateSeparate": {
|
||
"title": "Candidate validation and runtime gate separate",
|
||
"body": "確認 validation evidence pointer、post-check metrics 與 runtime gate requirement 仍維持獨立。",
|
||
"guard": "runtime gate opened=false;runtime execution=false"
|
||
},
|
||
"candidateNoExecutionAttestationPresent": {
|
||
"title": "Candidate no-execution attestation present",
|
||
"body": "確認 not authorization、no execution、no approval、no runtime gate statement 都可見。",
|
||
"guard": "not_authorization=true;approval record=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanRecordOwnerReviewCandidateOutcomes": {
|
||
"title": "主機 Owner Decision Record Human Record Owner Review Candidate Outcome Lanes",
|
||
"subtitle": "Human record owner review candidate outcome lanes 只顯示 candidate checklist 後下一步分流。不代表 checklist passed、不開始 review、不標記 review ready、不收 owner decision、不建立 decision record、不建立 approval record、不開 runtime gate。",
|
||
"laneLabel": "Review candidate outcome",
|
||
"nextLabel": "下一步",
|
||
"items": {
|
||
"readyForHumanRecordOwnerReviewPreparation": {
|
||
"title": "Ready for human record owner review preparation candidate",
|
||
"body": "所有 candidate checklist 只讀條件都可被準備成未來人工 record owner review 畫面,但目前仍只是 preparation candidate。",
|
||
"next": "display only;review started=0"
|
||
},
|
||
"identityTraceNeedsRefresh": {
|
||
"title": "Identity trace needs refresh",
|
||
"body": "candidate identity、source outcome、version、trace pointer 或 queue review link 需要補齊或刷新。",
|
||
"next": "refresh identity trace;check passed=0"
|
||
},
|
||
"ownerBoundaryNeedsClarification": {
|
||
"title": "Owner boundary needs clarification",
|
||
"body": "human record owner、backup owner、contact channel 或責任邊界仍需釐清,不能視為 owner 已接案。",
|
||
"next": "clarify owner boundary;decision received=0"
|
||
},
|
||
"decisionSummaryNeedsClarification": {
|
||
"title": "Decision summary needs clarification",
|
||
"body": "候選決策摘要、風險接受邊界或 no-execution statement 仍不夠清楚,不能建立正式紀錄。",
|
||
"next": "clarify summary;record created=false"
|
||
},
|
||
"scopeExpiryNeedsRefresh": {
|
||
"title": "Scope and expiry need refresh",
|
||
"body": "host、network、service、exclusion、observation intent 或 expiry 需要刷新後才能進下一層人工準備。",
|
||
"next": "refresh scope;review ready=0"
|
||
},
|
||
"scanLimitsRemainAmbiguous": {
|
||
"title": "Scan limits remain ambiguous",
|
||
"body": "observe-only、future active scan 或 credentialed scan limits 仍可能被誤讀成授權,需要保留為阻擋分流。",
|
||
"next": "clarify limits;scan authorized=false"
|
||
},
|
||
"credentialBoundaryFailed": {
|
||
"title": "Credential boundary failed",
|
||
"body": "credential owner、retention、masking 或 forbidden collection 沒有維持 metadata-only 時必須隔離。",
|
||
"next": "quarantine credential boundary;secret collection=false"
|
||
},
|
||
"maintenanceRollbackIncomplete": {
|
||
"title": "Maintenance and rollback incomplete",
|
||
"body": "maintenance window、constraints、rollback owner、recovery path 或人工聯絡點仍缺漏,不能導向主機變更。",
|
||
"next": "complete maintenance data;host change=false"
|
||
},
|
||
"runtimeGateStillRequired": {
|
||
"title": "Runtime gate still required",
|
||
"body": "validation evidence、post-check metrics 或 follow-up runtime gate pointer 仍需獨立 gate,不可由 candidate outcome 開啟。",
|
||
"next": "active runtime gates=0;action buttons=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanRecordOwnerReviewPreparationPackets": {
|
||
"title": "主機 Owner Decision Record Human Record Owner Review Preparation Packets",
|
||
"subtitle": "Human record owner review preparation packets 只整理未來人工 record owner review 畫面需要的 metadata。它不代表 preparation completed、不開始 review、不標記 review ready、不收 owner decision、不建立 decision record、不建立 approval record、不開 runtime gate。",
|
||
"packetLabel": "Review preparation packet",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"preparationIdentityTrace": {
|
||
"title": "Preparation identity trace packet",
|
||
"body": "整理 preparation id、來源 candidate outcome、版本、trace pointer 與 candidate checklist link,讓未來 review 畫面能追溯來源。",
|
||
"guard": "prepared=0;review started=0"
|
||
},
|
||
"preparationOwnerBoundary": {
|
||
"title": "Preparation owner boundary packet",
|
||
"body": "整理 human record owner、backup owner、聯絡窗口、責任邊界與待確認項目,但不代表 owner 已接案或已決策。",
|
||
"guard": "owner decision received=0;review ready=0"
|
||
},
|
||
"preparationDecisionSummary": {
|
||
"title": "Preparation decision summary packet",
|
||
"body": "整理候選決策摘要、風險接受邊界、no-execution statement 與正式紀錄前置說明,仍不是 decision record。",
|
||
"guard": "decision record created=false;accepted=0"
|
||
},
|
||
"preparationScopeExpiry": {
|
||
"title": "Preparation scope and expiry packet",
|
||
"body": "整理 host、network、service、exclusion、observation intent、expiry 與刷新需求,讓準備層保持只讀可見。",
|
||
"guard": "scope preparation only;runtime gate opened=false"
|
||
},
|
||
"preparationScanLimits": {
|
||
"title": "Preparation scan limits packet",
|
||
"body": "整理 observe-only、future active scan、credentialed scan limits 與仍需獨立批准的掃描邊界。",
|
||
"guard": "scan authorized=false;action buttons=false"
|
||
},
|
||
"preparationCredentialBoundary": {
|
||
"title": "Preparation credential boundary packet",
|
||
"body": "整理 credential owner、retention、masking、forbidden collection 與隔離規則,只允許 metadata-only。",
|
||
"guard": "secret collection=false;原始載荷=false"
|
||
},
|
||
"preparationMaintenanceRollback": {
|
||
"title": "Preparation maintenance and rollback packet",
|
||
"body": "整理 maintenance window、constraints、rollback owner、recovery path 與人工聯絡點,但不代表可以變更主機。",
|
||
"guard": "host change=false;Kali update=false"
|
||
},
|
||
"preparationValidationRuntimeGate": {
|
||
"title": "Preparation validation and runtime gate packet",
|
||
"body": "整理 validation evidence pointer、post-check metrics 與獨立 runtime gate requirement,仍不能由 preparation packet 開 gate。",
|
||
"guard": "runtime gate opened=false;runtime execution=false"
|
||
},
|
||
"preparationNoExecutionAttestation": {
|
||
"title": "Preparation no-execution attestation packet",
|
||
"body": "固定 not authorization、no execution、no approval、no runtime gate statement,避免 preparation packet 被誤解成批准。",
|
||
"guard": "not_authorization=true;approval record=false"
|
||
}
|
||
}
|
||
},
|
||
"hostOwnerDecisionRecordHumanRecordOwnerReviewPreparationChecklist": {
|
||
"title": "主機 Owner Decision Record Human Record Owner Review Preparation Checklist",
|
||
"subtitle": "Human record owner review preparation checklist 只核對 preparation packets 是否可讀。不代表 preparation completed、不代表 checklist passed、不開始 review、不標記 review ready、不收 owner decision、不建立 decision record、不建立 approval record、不開 runtime gate。",
|
||
"checkLabel": "Review preparation check",
|
||
"guardLabel": "保護邊界",
|
||
"items": {
|
||
"preparationIdentityTraceReadable": {
|
||
"title": "Preparation identity trace readable",
|
||
"body": "確認 preparation id、來源 candidate outcome、版本、trace pointer 與 candidate checklist link 可追溯。",
|
||
"guard": "prepared=0;check passed=0"
|
||
},
|
||
"preparationOwnerBoundaryReadable": {
|
||
"title": "Preparation owner boundary readable",
|
||
"body": "確認 human record owner、backup owner、聯絡窗口、責任邊界與待確認項目可讀,但不代表 owner 已接案。",
|
||
"guard": "owner decision received=0;review ready=0"
|
||
},
|
||
"preparationDecisionSummaryReadable": {
|
||
"title": "Preparation decision summary readable",
|
||
"body": "確認候選決策摘要、風險接受邊界、no-execution statement 與正式紀錄前置說明可讀,仍不是 decision record。",
|
||
"guard": "decision record created=false;accepted=0"
|
||
},
|
||
"preparationScopeExpiryCurrent": {
|
||
"title": "Preparation scope and expiry current",
|
||
"body": "確認 host、network、service、exclusion、observation intent、expiry 與刷新需求仍在準備層可讀範圍內。",
|
||
"guard": "scope check only;runtime gate opened=false"
|
||
},
|
||
"preparationScanLimitsNotAuthorization": {
|
||
"title": "Preparation scan limits not authorization",
|
||
"body": "確認 observe-only、future active scan 與 credentialed scan limits 沒有被寫成掃描授權。",
|
||
"guard": "scan authorized=false;action buttons=false"
|
||
},
|
||
"preparationCredentialBoundaryMetadataOnly": {
|
||
"title": "Preparation credential boundary metadata-only",
|
||
"body": "確認 credential owner、retention、masking、forbidden collection 與隔離規則仍是 metadata-only。",
|
||
"guard": "secret collection=false;原始載荷=false"
|
||
},
|
||
"preparationMaintenanceRollbackTraceable": {
|
||
"title": "Preparation maintenance and rollback traceable",
|
||
"body": "確認 maintenance window、constraints、rollback owner、recovery path 與人工聯絡點可追溯。",
|
||
"guard": "host change=false;Kali update=false"
|
||
},
|
||
"preparationValidationRuntimeGateSeparate": {
|
||
"title": "Preparation validation and runtime gate separate",
|
||
"body": "確認 validation evidence pointer、post-check metrics 與獨立 runtime gate requirement 仍維持分離。",
|
||
"guard": "runtime gate opened=false;runtime execution=false"
|
||
},
|
||
"preparationNoExecutionAttestationPresent": {
|
||
"title": "Preparation no-execution attestation present",
|
||
"body": "確認 not authorization、no execution、no approval、no runtime gate statement 都可見,避免 checklist 被誤解成批准。",
|
||
"guard": "not_authorization=true;approval record=false"
|
||
}
|
||
}
|
||
},
|
||
"progressHoldMovementGates": {
|
||
"title": "為什麼 58% 還不動",
|
||
"subtitle": "S2.50 把 headline 進度的移動門檻直接顯示出來:目前不是沒有推進,而是五個會讓 58% 進入下一輪重估的閘門都還沒有實質 evidence。框架、文件、前端可見性會累積在 80-85% 框架進度,但不會灌水成落地百分比。",
|
||
"gateLabel": "移動門檻",
|
||
"moveLabel": "什麼時候會動",
|
||
"guardLabel": "不灌水原則",
|
||
"items": {
|
||
"ownerResponseAccepted": {
|
||
"title": "負責人回覆 accepted 仍是 0",
|
||
"body": "S4.9-S4.12 都還沒有負責人回覆 received / accepted,S4.9 目前只是 request-ready。",
|
||
"move": "第一批脫敏負責人回覆通過 S4.9 preflight 與 S4.13 rollup 後,headline 才有重估依據。",
|
||
"guard": "不把 request-ready、範本、preflight 或焦點當成 received / accepted。"
|
||
},
|
||
"redactedPayloadIngested": {
|
||
"title": "脫敏 payload 匯入仍未啟用",
|
||
"body": "目前只定義 evidence refs、redaction examples、quarantine 與 preflight,尚未有 accepted payload ingestion。",
|
||
"move": "脫敏 payload 經人工批准、通過 preflight、進入只讀 ingestion 後,runtime landing 才能重估。",
|
||
"guard": "不收原始載荷、不收 credential plaintext、不把文件範例當 ingestion。"
|
||
},
|
||
"activeRuntimeGate": {
|
||
"title": "主動 runtime gate 仍是 0",
|
||
"body": "Kali `/execute`、SSH、主機更新、blocking control、repo / refs / workflow 動作都仍在獨立 gate 之外。",
|
||
"move": "人工批准、scope、rollback、post-check metrics 完整,並另開 active runtime gate 後才會動。",
|
||
"guard": "不從 IwoooS 前端、progress 數字或 checklist 開 runtime gate。"
|
||
},
|
||
"githubPrimaryReady": {
|
||
"title": "GitHub 主要來源就緒數仍是 0",
|
||
"body": "GitHub target、refs truth、workflow / secret name parity、rollback ADR 都還在負責人回覆 / 就緒度階段。",
|
||
"move": "至少一批 repo 通過 target、refs、workflow / secret name 與 rollback readiness,primary_ready_count 才可大於 0。",
|
||
"guard": "不建 repo、不 sync refs、不切主要來源、不把候選項當就緒。"
|
||
},
|
||
"awooopReadOnlyLanding": {
|
||
"title": "AwoooP landing 仍未進 production 消費",
|
||
"body": "IwoooS 已可見,但 AwoooP 主線仍需只讀消費 rollup、evidence refs 與 guard result,且不得接 execution router。",
|
||
"move": "AwoooP 以只讀模式消費這組狀態並通過 guard 後,使用者體感會提升,但仍不代表 production execution。",
|
||
"guard": "read-only landing 不是 action button、approval、runtime execution 或 blocking control。"
|
||
}
|
||
}
|
||
},
|
||
"headlineMovementAcceptanceGate": {
|
||
"title": "58% 重估驗收閘門",
|
||
"subtitle": "S2.100 把下一次 headline 能不能從 58% 往前推的判定規則固定下來:只有真正收到並驗收脫敏負責人回覆、脫敏匯入、人工 runtime gate、GitHub 主要來源就緒或 AwoooP production landing evidence,才會開啟重估;目前五個移動訊號仍都是 0 / false。",
|
||
"gateLabel": "重估 gate",
|
||
"acceptanceLabel": "驗收條件",
|
||
"guardLabel": "仍禁止",
|
||
"boundaryTitle": "進度重估邊界",
|
||
"summary": {
|
||
"headline": {
|
||
"label": "目前 headline",
|
||
"detail": "仍維持 58%,不把框架層堆疊灌水成落地執行。"
|
||
},
|
||
"signals": {
|
||
"label": "移動訊號",
|
||
"detail": "五個高層 gate 目前全部未滿足。"
|
||
},
|
||
"s49Accepted": {
|
||
"label": "S4.9 accepted",
|
||
"detail": "五個 owner response template 尚未收到可接受 evidence。"
|
||
},
|
||
"review": {
|
||
"label": "重估紀錄",
|
||
"detail": "尚未開啟 headline review record。"
|
||
}
|
||
},
|
||
"items": {
|
||
"s49OwnerResponseAccepted": {
|
||
"title": "S4.9 負責人回覆驗收",
|
||
"body": "下一個真正會推動 58% 的 P0 是 Gitea owner attestation:public-only / local gap、org/user endpoint、110 adjacent scope、repo owner canonical scope、legacy / inaccessible disposition 五項要收到脫敏 evidence。",
|
||
"acceptance": "五項都通過 preflight 與 S4.13 validation rollup,才可記錄 owner_response_accepted_count > 0。",
|
||
"guard": "不代填、不催收、不標記 received / accepted、不建立審批紀錄。"
|
||
},
|
||
"redactedPayloadAccepted": {
|
||
"title": "脫敏 payload 匯入驗收",
|
||
"body": "只有 redacted metadata pointer 可以進入只讀收件與驗收;原始 dump、git object、token、cookie、private key 或 credential plaintext 都要隔離。",
|
||
"acceptance": "人工批准 ingestion path、preflight 通過、quarantine 結果可追溯後,payloads_ingested 才可改變。",
|
||
"guard": "不收明文機密、不保存原始載荷、不把文件範例當匯入完成。"
|
||
},
|
||
"runtimeGateApproved": {
|
||
"title": "執行期閘門人工批准",
|
||
"body": "Kali `/execute`、SSH、主機更新、掃描、修復、blocking control 與部署都必須另開人工 runtime gate。",
|
||
"acceptance": "scope、rollback、maintenance window、post-check metrics 與人工批准都到齊後,active_runtime_gate_count 才能大於 0。",
|
||
"guard": "IwoooS 沒有執行按鈕;進度看板不能啟動 runtime。"
|
||
},
|
||
"githubPrimaryEvidenceReady": {
|
||
"title": "GitHub 主要來源就緒證據",
|
||
"body": "Gitea 轉 GitHub 的長期方向需要 target owner、visibility、refs truth、workflow / secret name parity 與 rollback ADR 都能驗證。",
|
||
"acceptance": "至少一批 repo 有完整負責人回覆與 rollback readiness,primary_ready_count 才能從 0 往上。",
|
||
"guard": "不建立 repo、不同步 refs、不改 workflow / secret、不切主要來源、不停用 Gitea。"
|
||
},
|
||
"awooopProductionLandingProof": {
|
||
"title": "AwoooP 正式只讀消費證據",
|
||
"body": "使用者要有感,AwoooP 主線必須能只讀消費 rollup、evidence refs、guard result 與 forbidden actions。",
|
||
"acceptance": "有 PR / deployment proof 證明 production 主線只讀顯示,且沒有接 execution router,才可視為 landing evidence。",
|
||
"guard": "只讀 landing 不是 approval、action button、execution router 或 blocking control。"
|
||
},
|
||
"nextHeadlineReviewRecord": {
|
||
"title": "下一次 headline review record",
|
||
"body": "等任一高層 gate 真的有 evidence 後,才建立重估紀錄,說明為何從 58% 調整或為何仍維持。",
|
||
"acceptance": "review record 必須引用具體 evidence refs、guard output、風險邊界與禁止動作清單。",
|
||
"guard": "不因為新增看板、文件或清單就調整 headline。"
|
||
}
|
||
}
|
||
},
|
||
"sourceControlReadiness": {
|
||
"title": "GitHub 主要來源就緒度",
|
||
"subtitle": "把 Gitea 轉 GitHub 的長期方向拆成只讀就緒度:候選 repo、負責人回覆、refs truth、workflow / secret 名稱與 rollback ADR 都要到齊,才會重估 primary_ready_count。",
|
||
"gateLabel": "就緒度閘門",
|
||
"guardLabel": "仍禁止",
|
||
"items": {
|
||
"candidateRepos": {
|
||
"title": "候選 repo 清冊",
|
||
"body": "8 個候選 repo、7 個範圍內 repo,目前只做清冊與負責人 evidence 對齊。",
|
||
"guard": "不建立 GitHub repo、不改可見性。"
|
||
},
|
||
"primaryReady": {
|
||
"title": "primary_ready_count 仍為 0",
|
||
"body": "尚無 repo 通過 target、refs、workflow / secret 名稱與 rollback readiness。",
|
||
"guard": "不切 GitHub 主要來源、不停用 Gitea。"
|
||
},
|
||
"ownerResponses": {
|
||
"title": "負責人回覆仍等待",
|
||
"body": "S4.9-S4.12 共 22 個範本,目前 received=0、accepted=0。",
|
||
"guard": "不把 request-ready 當 response accepted。"
|
||
},
|
||
"refsTruth": {
|
||
"title": "Refs truth 尚未接受",
|
||
"body": "main / dev truth、release tags、deprecated refs 仍需 owner 判定。",
|
||
"guard": "不 push、delete、force push refs。"
|
||
},
|
||
"workflowSecrets": {
|
||
"title": "Workflow / secret 名稱未完成",
|
||
"body": "7 個範圍內 repo 的 workflow、runner、webhook、secret name parity 還缺 evidence。",
|
||
"guard": "只收名稱與 owner,不收 secret value。"
|
||
},
|
||
"rollbackAdr": {
|
||
"title": "Rollback ADR 未批准",
|
||
"body": "7 個範圍內 repo 的 rollback 負責人、驗證窗口與 trigger 尚待人工審查。",
|
||
"guard": "不 dry-run cutover、不切 primary。"
|
||
}
|
||
}
|
||
},
|
||
"awooopCoverage": {
|
||
"title": "AwoooP 資安入口覆蓋狀態",
|
||
"subtitle": "把 AwoooP 8 個實際入口目前已接上的 IwoooS / 負責人回覆驗收邊界集中顯示。這只是入口覆蓋,不代表審批、執行、專案庫、分支 / 標籤參照、工作流程 / 機密設定、主要來源切換或 Gitea 停用授權。",
|
||
"routeLabel": "入口路徑",
|
||
"stageLabel": "完成階段",
|
||
"boundaryLabel": "仍維持",
|
||
"guardTitle": "覆蓋狀態不會打開的邊界",
|
||
"summary": {
|
||
"routes": {
|
||
"label": "AwoooP 入口",
|
||
"detail": "8 個實際頁面已列入資安邊界地圖。"
|
||
},
|
||
"covered": {
|
||
"label": "已可見覆蓋",
|
||
"detail": "首頁、工作鏈路、合約、租戶、執行監控、執行詳情、審批佇列與審批決策。"
|
||
},
|
||
"runtimeGates": {
|
||
"label": "執行期閘門",
|
||
"detail": "仍為 0;入口覆蓋不會開閘門。"
|
||
},
|
||
"actions": {
|
||
"label": "執行按鈕",
|
||
"detail": "仍為 0;不新增掃描、執行或修復。"
|
||
}
|
||
},
|
||
"items": {
|
||
"home": {
|
||
"title": "AwoooP 首頁",
|
||
"body": "S2.72 顯示負責人回覆驗收總覽,讓首頁可以理解整體資安網進度。",
|
||
"boundary": "只讀總覽,不建立審批紀錄或執行期閘門。"
|
||
},
|
||
"workItems": {
|
||
"title": "工作鏈路",
|
||
"body": "S2.73 把負責人回覆驗收候選放進工作項語境,方便追蹤但不推動執行。",
|
||
"boundary": "只建立可見工作項,不建立平台執行或修復動作。"
|
||
},
|
||
"contracts": {
|
||
"title": "合約儀表板",
|
||
"body": "S2.74 顯示資安合約與負責人回覆驗收候選,讓契約來源可追溯。",
|
||
"boundary": "不發布合約修訂、不改生命週期、不開主要來源切換。"
|
||
},
|
||
"approvals": {
|
||
"title": "審批佇列",
|
||
"body": "S2.75 顯示審批佇列的負責人回覆驗收邊界,避免把可見焦點誤當批准。",
|
||
"boundary": "不建立批准紀錄、不標記負責人回覆已收到或已接受。"
|
||
},
|
||
"tenants": {
|
||
"title": "租戶範圍",
|
||
"body": "S2.76 顯示租戶如何理解負責人回覆驗收範圍,但不修改租戶政策。",
|
||
"boundary": "不改租戶設定、不建立專案庫、不改分支或標籤參照。"
|
||
},
|
||
"runs": {
|
||
"title": "執行監控",
|
||
"body": "S2.77 顯示執行監控的負責人回覆驗收邊界,避免把監控可見性誤當執行。",
|
||
"boundary": "不建立平台執行、不接執行路由器、不呼叫外部工具。"
|
||
},
|
||
"runDetail": {
|
||
"title": "執行詳情",
|
||
"body": "S2.78 在單一執行詳情顯示驗收邊界與來源回覆包,讓檢視時仍保留只讀語義。",
|
||
"boundary": "不啟動工具、不補救、不建立執行期閘門。"
|
||
},
|
||
"approvalDecision": {
|
||
"title": "審批決策",
|
||
"body": "S2.79 在真正核准 / 拒絕前顯示審批決策與負責人回覆驗收分離。",
|
||
"boundary": "核准執行不等於負責人回覆已接受,也不等於資安落地執行。"
|
||
}
|
||
}
|
||
},
|
||
"securityConvergenceRoadmap": {
|
||
"title": "階段式資安收斂節奏",
|
||
"subtitle": "把目前的收斂策略明確寫在 IwoooS:初期先做可視化與提醒,不直接阻擋;等負責人回覆、脫敏證據、人工審查、回滾條件與後驗證都齊全,再分階段收緊。",
|
||
"movementLabel": "推進條件",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "逐步收緊仍維持的保護線",
|
||
"summary": {
|
||
"mode": {
|
||
"label": "目前節奏",
|
||
"value": "先可視",
|
||
"detail": "初期只做觀察與提醒,不直接阻擋產品流程。"
|
||
},
|
||
"coverage": {
|
||
"label": "入口覆蓋",
|
||
"detail": "AwoooP 8 個實際入口已可見資安邊界。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受回覆",
|
||
"detail": "S4.9-S4.12 仍是 0;不能把看板當收件完成。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "仍為 0;所有執行仍要獨立人工批准。"
|
||
}
|
||
},
|
||
"items": {
|
||
"visibilityFirst": {
|
||
"title": "先建立可視框架",
|
||
"body": "AwoooP 8 個入口已能看到 IwoooS 邊界與目前狀態,讓使用者知道資安網正在形成。",
|
||
"movement": "下一步是把覆蓋狀態與負責人回覆缺口保持同步,不急著阻擋。",
|
||
"guard": "不把入口覆蓋當成審批、執行、阻擋或落地授權。"
|
||
},
|
||
"ownerResponse": {
|
||
"title": "等待負責人回覆",
|
||
"body": "22 個回覆範本仍等待脫敏回覆;這是後續真正收緊前的第一個高層門檻。",
|
||
"movement": "收到並通過驗收後,才重新評估下一輪收斂幅度。",
|
||
"guard": "不把請求已準備好當成已收到或已接受。"
|
||
},
|
||
"redactedEvidence": {
|
||
"title": "收脫敏證據",
|
||
"body": "目前沒有匯入 payload;後續只能先收可驗證、可隔離、可回溯的脫敏證據。",
|
||
"movement": "schema、遮罩、來源、隔離與拒收規則都通過後,才進入下一步。",
|
||
"guard": "不收機密明文值、不保存 token value、不直接改外部系統。"
|
||
},
|
||
"humanDecision": {
|
||
"title": "人工審查後再升級",
|
||
"body": "資安收斂要經過人工審查與風險分級,避免初期把 LOW / MEDIUM 訊號直接變成阻擋。",
|
||
"movement": "人工決策、範圍、維護窗口、回滾與後驗證條件齊全才升級。",
|
||
"guard": "不讓單一看板或進度數字自動提高限制。"
|
||
},
|
||
"runtimeGate": {
|
||
"title": "最後才開執行期閘門",
|
||
"body": "目前主動執行期閘門仍為 0;任何 Kali、SSH、主機更新或修復都還在獨立批准之外。",
|
||
"movement": "只有人工批准、範圍、回滾與後驗證完整時,才另開執行期閘門。",
|
||
"guard": "不從 IwoooS 前端建立掃描、執行、修復或主機更新動作。"
|
||
},
|
||
"sourceControlCutover": {
|
||
"title": "主要來源切換排最後",
|
||
"body": "GitHub 主要來源、Gitea 停用、分支 / 標籤參照與工作流程 / 機密設定仍全部等待負責人證據。",
|
||
"movement": "至少一批專案庫完成目標、分支 / 標籤、工作流程 / 機密名稱與回滾就緒後才重估。",
|
||
"guard": "不建立專案庫、不改可見性、不同步參照、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseCollectionBoard": {
|
||
"title": "下一步人工收件作戰板",
|
||
"subtitle": "把真正能推動 58% 的下一步集中顯示:S4.9-S4.12 四包負責人回覆都還是 0 已收到 / 0 已接受。本看板只讓人知道要收什麼,不會寄送、建立、接受或執行任何動作。",
|
||
"packetLabel": "收件包",
|
||
"movementLabel": "收件條件",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "收件作戰板維持的保護線",
|
||
"summary": {
|
||
"packets": {
|
||
"label": "收件包",
|
||
"detail": "S4.9-S4.12 四包都已可見,但還沒收到。"
|
||
},
|
||
"templates": {
|
||
"label": "必備回覆",
|
||
"detail": "22 個負責人回覆範本仍需人工提供。"
|
||
},
|
||
"received": {
|
||
"label": "已收到",
|
||
"detail": "目前為 0;不能把可見請求當成回覆。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前為 0;不能把收件作戰板當審批。"
|
||
}
|
||
},
|
||
"items": {
|
||
"giteaAttestation": {
|
||
"title": "Gitea 清冊負責人證明",
|
||
"body": "需要每個範圍內專案庫的負責人、目前用途、是否保留、是否轉 GitHub 與脫敏證據。",
|
||
"movement": "五項證明都齊全後,才允許進入負責人回覆驗收。",
|
||
"guard": "不建立、不刪除、不停用 Gitea 專案庫,也不改可見性。"
|
||
},
|
||
"githubTarget": {
|
||
"title": "GitHub 目標負責人決策",
|
||
"body": "需要確認目標 org / repo、可見性、分支保護、CODEOWNERS、CI 計費與回滾窗口。",
|
||
"movement": "七項目標決策都齊全後,才重新評估 GitHub 主要來源路線。",
|
||
"guard": "不建立 GitHub repo、不切主要來源、不啟用額外計費流程。"
|
||
},
|
||
"refsTruth": {
|
||
"title": "分支 / 標籤真相回覆",
|
||
"body": "需要 main、dev、release tag、deprecated refs 與保留策略的負責人判定。",
|
||
"movement": "五項 refs 真相都齊全後,才允許規劃同步或清理方案。",
|
||
"guard": "不同步、不刪除、不 force push 任何分支或標籤參照。"
|
||
},
|
||
"workflowSecretNames": {
|
||
"title": "工作流程 / 機密名稱回覆",
|
||
"body": "需要 workflow、runner、webhook、secret name parity 與部署責任人的脫敏回覆。",
|
||
"movement": "五項名稱與責任範圍齊全後,才允許進入設定差異審查。",
|
||
"guard": "不收機密明文值、不修改工作流程、不注入或旋轉 secret。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseIntakeSafetyBoard": {
|
||
"title": "人工回覆安全驗收閘道",
|
||
"subtitle": "把收件後怎麼判定可收、補證、隔離或拒收先攤開。現在匯入=0、隔離=0、拒收=0;這只是驗收規則可見,不會自動匯入、通知、修復或升高限制。",
|
||
"laneLabel": "驗收分流",
|
||
"ruleLabel": "判定方式",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "驗收閘道維持的保護線",
|
||
"summary": {
|
||
"rules": {
|
||
"label": "安全規則",
|
||
"detail": "六條驗收分流先可見,避免收件後臨時判斷。"
|
||
},
|
||
"ingested": {
|
||
"label": "已匯入",
|
||
"detail": "目前為 0;還沒有任何人工回覆進入正式匯入。"
|
||
},
|
||
"quarantined": {
|
||
"label": "已隔離",
|
||
"detail": "目前為 0;若含機密明文值才會進隔離。"
|
||
},
|
||
"rejected": {
|
||
"label": "已拒收",
|
||
"detail": "目前為 0;拒收規則只是先讓邊界透明。"
|
||
}
|
||
},
|
||
"items": {
|
||
"redactedEvidenceOnly": {
|
||
"title": "只接受脫敏證據",
|
||
"body": "人工回覆必須能對照來源、負責人、範圍與遮罩後證據,才能進入驗收。",
|
||
"rule": "缺少可驗證脫敏證據時,只能標記補證,不得匯入正式狀態。",
|
||
"guard": "不把自由文字、截圖或未遮罩內容當成已接受回覆。"
|
||
},
|
||
"ownerScopeCompletion": {
|
||
"title": "負責人範圍要齊全",
|
||
"body": "每包回覆都要有負責人、專案庫或範圍、決策、證據指標與回滾關聯。",
|
||
"rule": "範圍不完整時維持等待或補證,不得推動主要來源或收斂升級。",
|
||
"guard": "不把單一負責人口頭確認當成全部 S4.9-S4.12 驗收完成。"
|
||
},
|
||
"secretValueQuarantine": {
|
||
"title": "機密明文直接隔離",
|
||
"body": "任何權杖、密碼、私鑰、webhook 機密或可重用憑證值都不能進一般收件。",
|
||
"rule": "出現機密明文值時只能隔離並要求重提脫敏版本。",
|
||
"guard": "不保存、不展示、不複製、不轉送、不旋轉任何機密明文值。"
|
||
},
|
||
"repoMutationRequest": {
|
||
"title": "專案庫動作要求先拒收",
|
||
"body": "人工回覆若夾帶建立、刪除、改可見性或轉移專案庫要求,必須與收件驗收分離。",
|
||
"rule": "專案庫動作只能另走人工批准與回滾方案,不進收件作戰板。",
|
||
"guard": "不建立 GitHub 專案庫、不停用 Gitea、不改專案庫可見性。"
|
||
},
|
||
"refsMutationRequest": {
|
||
"title": "分支 / 標籤動作要求先拒收",
|
||
"body": "人工回覆可以描述分支 / 標籤真相,但不能在同一包裡要求同步、刪除或強制推送。",
|
||
"rule": "含分支 / 標籤異動要求時先拒收動作部分,只保留脫敏事實供人工審查。",
|
||
"guard": "不同步、不刪除、不強制推送任何分支或標籤參照。"
|
||
},
|
||
"runtimeExecutionRequest": {
|
||
"title": "執行要求一律另開閘門",
|
||
"body": "任何 Kali、SSH、主機更新、掃描、修復或部署要求都不能混在負責人回覆驗收裡。",
|
||
"rule": "執行要求只能另走人工批准、維護窗口、回滾與後驗證流程。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不建立執行期閘門。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseReviewOutcomeBoard": {
|
||
"title": "人工回覆審查結果分流",
|
||
"subtitle": "把安全驗收後可能進入的結果先放到 IwoooS:維持等待、要求補證、可進人工審查、隔離、拒收、只讀更新、需要人工決策。現在可審=0、已接受=0、執行期閘門=0;分流只是讓流程透明,不會自動批准或執行。",
|
||
"laneLabel": "結果分流",
|
||
"resultLabel": "審查結果",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "審查結果分流維持的保護線",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "結果分流",
|
||
"detail": "七條結果分流先可見,避免人工審查後語義混亂。"
|
||
},
|
||
"ready": {
|
||
"label": "可審",
|
||
"detail": "目前為 0;還沒有任何回覆進入人工審查。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前為 0;分流不等於接受。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;審查結果不會自動開閘門。"
|
||
}
|
||
},
|
||
"items": {
|
||
"remainWaiting": {
|
||
"title": "維持等待",
|
||
"body": "回覆還沒到、來源不明或仍等待負責人確認時,狀態維持等待。",
|
||
"result": "只顯示等待原因,不建立審查紀錄、不提高進度。",
|
||
"guard": "不把等待狀態當成已收到或已接受。"
|
||
},
|
||
"needsEvidence": {
|
||
"title": "要求補證",
|
||
"body": "回覆內容有方向但缺少脫敏證據、範圍、負責人或回滾關聯時,先要求補證。",
|
||
"result": "只回到人工補證佇列,不進入主要來源或執行期判定。",
|
||
"guard": "不因為有部分內容就推動 GitHub、Gitea、分支 / 標籤或工作流程動作。"
|
||
},
|
||
"readyForHumanReview": {
|
||
"title": "可進人工審查",
|
||
"body": "脫敏證據、範圍、負責人與決策欄位都齊全時,才標示可進人工審查。",
|
||
"result": "只代表可由人審查,不代表已接受或已批准。",
|
||
"guard": "不自動接受、不建立執行期閘門、不改外部系統。"
|
||
},
|
||
"quarantined": {
|
||
"title": "隔離處理",
|
||
"body": "含機密明文、來源衝突或不可驗證資料時,結果只能進隔離。",
|
||
"result": "隔離結果只保留最小必要中繼資訊與補提方向。",
|
||
"guard": "不展示、不保存、不轉送任何機密明文值。"
|
||
},
|
||
"rejected": {
|
||
"title": "拒收",
|
||
"body": "回覆要求越權、夾帶執行、夾帶專案庫異動或無法脫敏時,必須拒收。",
|
||
"result": "拒收只關閉該回覆輸入,不代表整個資安工作停止。",
|
||
"guard": "不把拒收轉成自動修復、刪除、停用或封鎖。"
|
||
},
|
||
"readonlyUpdate": {
|
||
"title": "只讀狀態更新",
|
||
"body": "若人工審查只確認事實狀態,可以更新只讀看板與證據參照。",
|
||
"result": "只更新已提交文件、快照或顯示狀態。",
|
||
"guard": "不改執行期、不改專案庫、不改分支 / 標籤、不改工作流程 / 機密設定。"
|
||
},
|
||
"humanDecisionRequired": {
|
||
"title": "需要人工決策",
|
||
"body": "涉及主要來源、回滾、維護窗口、部署或阻擋升級時,必須另走人工決策。",
|
||
"result": "只能產生人工決策需求,不產生執行命令。",
|
||
"guard": "不切主要來源、不停用 Gitea、不呼叫 Kali、不開 SSH。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseHumanDecisionQueueBoard": {
|
||
"title": "人工決策準備佇列",
|
||
"subtitle": "把需要人工決策前必須整理的資料先放到 IwoooS:決策包草稿、證據追溯包、審查人指派、回滾窗口候選、執行期閘門分離與主要來源切換分離。現在可決策=0、已批准=0、執行期閘門=0;這只是準備佇列,不會建立審批紀錄或執行命令。",
|
||
"queueLabel": "準備佇列",
|
||
"prepLabel": "準備內容",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "人工決策準備佇列維持的保護線",
|
||
"summary": {
|
||
"queueItems": {
|
||
"label": "準備項",
|
||
"detail": "六個人工決策前置項目先可見,避免審查結果直接跳到批准。"
|
||
},
|
||
"ready": {
|
||
"label": "可決策",
|
||
"detail": "目前為 0;還沒有任何回覆整理成可決策包。"
|
||
},
|
||
"approved": {
|
||
"label": "已批准",
|
||
"detail": "目前為 0;準備佇列不等於人工批准。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;人工決策準備不會開啟執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"decisionPacketDraft": {
|
||
"title": "決策包草稿",
|
||
"body": "把審查結果、負責人範圍、脫敏證據與待決策問題整理成草稿。",
|
||
"prep": "只產生可讀草稿,不建立正式人工決策紀錄。",
|
||
"guard": "不把草稿當批准、不提高進度、不啟動任何動作。"
|
||
},
|
||
"evidenceTraceBundle": {
|
||
"title": "證據追溯包",
|
||
"body": "整理來源、快照、證據參照與遮罩狀態,讓審查人能追溯每個判斷。",
|
||
"prep": "只引用已提交或脫敏證據,不收原始載荷或機密明文值。",
|
||
"guard": "不保存、不展示、不轉送任何機密明文值。"
|
||
},
|
||
"reviewerAssignment": {
|
||
"title": "審查人指派",
|
||
"body": "標示哪一類人需要看:專案庫負責人、資安審查人、部署責任人或主要來源負責人。",
|
||
"prep": "只顯示需要哪種審查角色,不自動通知或催收。",
|
||
"guard": "不建立審批紀錄、不代替人工簽核、不發送外部命令。"
|
||
},
|
||
"rollbackWindowCandidate": {
|
||
"title": "回滾窗口候選",
|
||
"body": "若決策會影響主要來源、部署、維護窗口或阻擋升級,先標出回滾窗口需求。",
|
||
"prep": "只列出候選窗口與待補證據,等待人工確認。",
|
||
"guard": "不安排維護、不部署、不切換主要來源。"
|
||
},
|
||
"runtimeGateSeparated": {
|
||
"title": "執行期閘門分離",
|
||
"body": "任何掃描、主機更新、修復、部署或阻擋控制都必須從決策準備中拆出去。",
|
||
"prep": "只保留需要另開執行期閘門的標記。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不建立執行期閘門。"
|
||
},
|
||
"sourceControlCutoverSeparated": {
|
||
"title": "主要來源切換分離",
|
||
"body": "GitHub 主要來源、Gitea 停用、分支 / 標籤參照或工作流程 / 機密設定都不能由準備佇列直接推進。",
|
||
"prep": "只把主要來源相關缺口列入待人工決策清單。",
|
||
"guard": "不建立專案庫、不改可見性、不同步參照、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseDecisionRecordDraftGuardBoard": {
|
||
"title": "人工決策紀錄草稿防誤用",
|
||
"subtitle": "即使未來開始整理人工決策紀錄,也必須先保護語義:草稿不是正式紀錄,正式紀錄不是執行命令,批准也不能自動推動主機、專案庫或主要來源切換。現在草稿=0、正式紀錄=0、已批准=0、執行期閘門=0。",
|
||
"guardItemLabel": "防誤用線",
|
||
"draftLabel": "草稿要求",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "人工決策紀錄草稿維持的保護線",
|
||
"summary": {
|
||
"guards": {
|
||
"label": "防誤用線",
|
||
"detail": "六條草稿保護線先可見,避免把紀錄草稿當正式批准。"
|
||
},
|
||
"drafts": {
|
||
"label": "草稿",
|
||
"detail": "目前為 0;還沒有任何正式決策紀錄草稿。"
|
||
},
|
||
"formalRecords": {
|
||
"label": "正式紀錄",
|
||
"detail": "目前為 0;草稿不等於正式紀錄。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;紀錄草稿不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"recordIdentityDraft": {
|
||
"title": "紀錄身分草稿",
|
||
"body": "每一份決策紀錄草稿都需要唯一身分、來源階段與對應證據參照,避免口頭決策散落。",
|
||
"draft": "只建立草稿身分欄位,不建立正式紀錄。",
|
||
"guard": "不把草稿編號當批准編號,也不提高整體進度。"
|
||
},
|
||
"decisionScopeSnapshot": {
|
||
"title": "決策範圍快照",
|
||
"body": "草稿必須標出適用專案庫、主機、服務、分支 / 標籤或工作流程範圍。",
|
||
"draft": "只引用已提交快照與脫敏證據,不讀取或修改外部系統。",
|
||
"guard": "不建立專案庫、不改分支 / 標籤、不改工作流程 / 機密設定。"
|
||
},
|
||
"reviewerRolePlaceholder": {
|
||
"title": "審查角色預留",
|
||
"body": "草稿只標示需要哪一類審查角色,讓後續人工簽核能找對人。",
|
||
"draft": "只保留角色欄位,不代填姓名、不自動通知、不催收。",
|
||
"guard": "不建立審批紀錄、不替人簽核、不產生外部任務。"
|
||
},
|
||
"evidenceVersionFreeze": {
|
||
"title": "證據版本凍結",
|
||
"body": "草稿要鎖定當下引用的文件、快照與證據版本,避免決策後證據漂移。",
|
||
"draft": "只凍結參照版本,不複製機密、不保存原始載荷。",
|
||
"guard": "不展示、不保存、不轉送任何機密明文值。"
|
||
},
|
||
"approvalNotExecutionBoundary": {
|
||
"title": "批准不等於執行",
|
||
"body": "即使未來有人工批准,也必須另外拆出執行期、維護窗口、回滾與後驗證。",
|
||
"draft": "只把需要另開執行期閘門的欄位標出。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不部署。"
|
||
},
|
||
"followupRuntimeGatePointer": {
|
||
"title": "後續執行期指標",
|
||
"body": "若決策牽涉掃描、修復、部署、主要來源切換或阻擋升級,草稿只能留下後續閘門指標。",
|
||
"draft": "只標記後續要走哪個人工閘門,不建立執行命令。",
|
||
"guard": "不切主要來源、不停用 Gitea、不建立執行期閘門。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordCandidatePreflightBoard": {
|
||
"title": "人工決策正式紀錄候選預檢",
|
||
"subtitle": "草稿若要往正式紀錄候選前進,必須先通過七個完整性檢查;候選仍不是正式紀錄、不是人工批准,也不能啟動主機、專案庫、工作流程、主要來源或執行期閘門。現在候選=0、正式紀錄=0、已批准=0、執行期閘門=0。",
|
||
"checkItemLabel": "候選預檢",
|
||
"preflightLabel": "預檢要求",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "正式紀錄候選維持的保護線",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "預檢項",
|
||
"detail": "七項正式紀錄候選檢查先可見,避免草稿直接升格。"
|
||
},
|
||
"candidates": {
|
||
"label": "候選",
|
||
"detail": "目前為 0;還沒有任何正式紀錄候選。"
|
||
},
|
||
"formalRecords": {
|
||
"label": "正式紀錄",
|
||
"detail": "目前為 0;候選不等於正式紀錄。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;正式紀錄候選不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"candidateIdentityTrace": {
|
||
"title": "候選身分追溯",
|
||
"body": "候選必須追溯到原始草稿、收件包、審查結果與證據版本,避免跳過中間狀態。",
|
||
"preflight": "只檢查追溯欄位是否齊全,不建立正式紀錄。",
|
||
"guard": "不把候選編號當正式紀錄編號或批准編號。"
|
||
},
|
||
"reviewerIdentityBoundary": {
|
||
"title": "審查人身分邊界",
|
||
"body": "候選只標記需要哪一類人工審查與簽核角色,不能自動代填或代簽。",
|
||
"preflight": "只檢查角色欄位、責任範圍與待補欄位。",
|
||
"guard": "不自動通知、不建立審批紀錄、不替任何人批准。"
|
||
},
|
||
"evidenceVersionChain": {
|
||
"title": "證據版本鏈",
|
||
"body": "候選要能連回已提交、已脫敏且可查的證據版本,避免引用漂移或口頭資訊。",
|
||
"preflight": "只檢查證據參照與版本鏈,不讀取外部系統。",
|
||
"guard": "不保存、不展示、不轉送機密明文或原始載荷。"
|
||
},
|
||
"scopeAndExpiry": {
|
||
"title": "範圍與期限",
|
||
"body": "正式紀錄候選必須標出適用專案庫、主機、服務、分支 / 標籤、工作流程範圍與有效期限。",
|
||
"preflight": "只檢查範圍與期限欄位是否明確。",
|
||
"guard": "不建立專案庫、不改可見性、不同步或刪除分支 / 標籤。"
|
||
},
|
||
"riskRollbackField": {
|
||
"title": "風險與回滾欄位",
|
||
"body": "候選需要保留風險、維護窗口、回滾負責人與後驗證欄位,避免批准後才補救。",
|
||
"preflight": "只檢查欄位存在與待補狀態。",
|
||
"guard": "不安排維護窗口、不部署、不建立修復工作。"
|
||
},
|
||
"runtimeGateSeparation": {
|
||
"title": "執行期分離",
|
||
"body": "任何掃描、修復、主機更新、部署或阻擋控制仍必須走獨立執行期閘門。",
|
||
"preflight": "只標記需要哪一種後續執行期閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不執行修復。"
|
||
},
|
||
"sourceControlSeparation": {
|
||
"title": "主要來源分離",
|
||
"body": "GitHub 主要來源切換、Gitea 停用、工作流程 / 機密設定或 refs 動作不能由候選直接推進。",
|
||
"preflight": "只標記需要另開主要來源或版本控制人工閘門。",
|
||
"guard": "不切 GitHub 主要來源、不停用 Gitea、不改 workflow / secrets。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordCandidateOutcomeBoard": {
|
||
"title": "人工決策正式紀錄候選結果分流",
|
||
"subtitle": "正式紀錄候選通過預檢後,仍只能進入只讀結果分流;分流會指出等待、退回草稿、補證、可交人工紀錄負責人、隔離或拒收,但不會自動升格正式紀錄,也不會批准或執行。現在分流=8、可交接=0、已升格=0、執行期閘門=0。",
|
||
"laneLabel": "結果分流",
|
||
"resultLabel": "分流結果",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "正式紀錄候選分流維持的保護線",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "分流",
|
||
"detail": "八條候選結果分流先可見,避免候選直接升格。"
|
||
},
|
||
"ready": {
|
||
"label": "可交接",
|
||
"detail": "目前為 0;還沒有候選可交人工紀錄負責人。"
|
||
},
|
||
"promoted": {
|
||
"label": "已升格",
|
||
"detail": "目前為 0;沒有候選被升格正式紀錄。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;候選分流不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"remainCandidateWaiting": {
|
||
"title": "維持候選等待",
|
||
"body": "資料尚未足以交人工紀錄負責人時,候選維持等待,不升格也不退回。",
|
||
"result": "只更新只讀等待狀態。",
|
||
"guard": "不建立正式紀錄、不建立審批紀錄。"
|
||
},
|
||
"returnToDraft": {
|
||
"title": "退回草稿補齊",
|
||
"body": "若候選缺少追溯、範圍、角色或版本欄位,先退回草稿層補齊。",
|
||
"result": "只標記退回原因與待補欄位。",
|
||
"guard": "不刪草稿、不改證據、不提高進度。"
|
||
},
|
||
"needsEvidenceRefresh": {
|
||
"title": "要求證據更新",
|
||
"body": "若候選引用的證據版本過期、缺少脫敏證明或與範圍不一致,先要求補證。",
|
||
"result": "只列出需要更新的證據參照。",
|
||
"guard": "不讀取外部系統、不保存原始載荷。"
|
||
},
|
||
"needsReviewerClarification": {
|
||
"title": "要求審查說明",
|
||
"body": "若審查角色、責任範圍或簽核語義不清,候選必須回到人工說明。",
|
||
"result": "只標記需要哪一類人工說明。",
|
||
"guard": "不自動通知、不代填姓名、不替任何人批准。"
|
||
},
|
||
"readyForRecordOwner": {
|
||
"title": "可交紀錄負責人",
|
||
"body": "候選若欄位齊全,可進入人工紀錄負責人交接,但仍不是正式紀錄。",
|
||
"result": "只標記可交接,等待人工確認。",
|
||
"guard": "不自動升格、不建立正式紀錄、不建立審批紀錄。"
|
||
},
|
||
"quarantineSensitivePayload": {
|
||
"title": "隔離敏感載荷",
|
||
"body": "若候選含機密明文、token、cookie、private key 或 exploit payload,必須先隔離。",
|
||
"result": "只標記隔離原因與來源欄位。",
|
||
"guard": "不展示、不保存、不轉送任何機密明文值。"
|
||
},
|
||
"rejectMutationRequest": {
|
||
"title": "拒收變更要求",
|
||
"body": "若候選夾帶專案庫、refs、workflow、secrets、主機或部署變更要求,先拒收。",
|
||
"result": "只標記拒收原因,等待重新提交只讀候選。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets。"
|
||
},
|
||
"runtimeOrCutoverGateRequired": {
|
||
"title": "另開執行或切換閘門",
|
||
"body": "若候選需要掃描、修復、主機更新、主要來源切換或 Gitea 停用,必須另開人工閘門。",
|
||
"result": "只標記需要哪一種後續閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不切 GitHub 主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerHandoffBoard": {
|
||
"title": "人工決策正式紀錄負責人交接準備",
|
||
"subtitle": "候選若進入可交接狀態,仍只能整理交接包,不能自動指派紀錄負責人、不能建立正式紀錄,也不能批准或執行。現在交接包=7、可交接=0、已指派=0、執行期閘門=0。",
|
||
"packetLabel": "交接包",
|
||
"handoffLabel": "交接要求",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "正式紀錄負責人交接維持的保護線",
|
||
"summary": {
|
||
"packets": {
|
||
"label": "交接包",
|
||
"detail": "七個交接包先可見,避免候選直接變成正式紀錄。"
|
||
},
|
||
"ready": {
|
||
"label": "可交接",
|
||
"detail": "目前為 0;沒有候選可交給紀錄負責人。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;沒有任何正式紀錄負責人被自動指派。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;交接準備不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"handoffIdentityBundle": {
|
||
"title": "身分追溯包",
|
||
"body": "交接包需要保留候選、草稿、收件包、審查結果與來源階段的追溯鏈。",
|
||
"handoff": "只整理已提交的追溯參照。",
|
||
"guard": "不建立正式紀錄、不產生新的審批編號。"
|
||
},
|
||
"handoffDecisionContext": {
|
||
"title": "決策脈絡包",
|
||
"body": "交接包要說明候選為何可交接、仍缺哪些人工確認,以及哪些內容不能視為批准。",
|
||
"handoff": "只整理背景、限制與待人工確認欄位。",
|
||
"guard": "不替人工下決策、不自動批准。"
|
||
},
|
||
"handoffEvidenceLock": {
|
||
"title": "證據鎖定包",
|
||
"body": "交接前需要列出已脫敏、已提交、可追溯的證據版本與引用位置。",
|
||
"handoff": "只引用證據版本與文件路徑。",
|
||
"guard": "不讀取外部系統、不保存原始載荷或機密明文。"
|
||
},
|
||
"handoffReviewerNotes": {
|
||
"title": "審查備註包",
|
||
"body": "交接包要保留審查說明、退回理由、補證狀態與未決事項。",
|
||
"handoff": "只整理已存在的審查備註摘要。",
|
||
"guard": "不自動通知、不代填姓名、不建立外部任務。"
|
||
},
|
||
"handoffRiskRollback": {
|
||
"title": "風險回滾包",
|
||
"body": "若未來正式紀錄會影響主機、服務、主要來源或部署節奏,交接包只先列風險與回滾欄位。",
|
||
"handoff": "只標出風險、維護窗口、回滾負責人與後驗證欄位。",
|
||
"guard": "不安排維護、不部署、不建立修復工作。"
|
||
},
|
||
"handoffRuntimeGatePointer": {
|
||
"title": "執行期閘門指標包",
|
||
"body": "任何掃描、修復、主機更新或阻擋控制都必須留在獨立執行期閘門。",
|
||
"handoff": "只標記後續可能需要哪一種人工執行期閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不執行修復。"
|
||
},
|
||
"handoffSourceControlPointer": {
|
||
"title": "主要來源指標包",
|
||
"body": "GitHub 主要來源切換、Gitea 停用、refs 或 workflow / secrets 動作只能作為後續人工閘門指標。",
|
||
"handoff": "只標記版本控制與主要來源相關待決事項。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerHandoffReviewBoard": {
|
||
"title": "人工決策正式紀錄負責人交接驗收清單",
|
||
"subtitle": "交接包進入人工檢查前,先用七個只讀驗收項確認資料是否足夠;這仍不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在驗收項=7、通過=0、已指派=0、執行期閘門=0。",
|
||
"checkLabel": "驗收項",
|
||
"reviewLabel": "檢查方式",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "交接驗收清單維持的保護線",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "驗收項",
|
||
"detail": "七個驗收項先可見,避免交接包被直接視為可指派。"
|
||
},
|
||
"passed": {
|
||
"label": "通過",
|
||
"detail": "目前為 0;沒有任何交接驗收被標記通過。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;交接驗收不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"packetCompleteness": {
|
||
"title": "交接包完整性",
|
||
"body": "檢查七個交接包是否都有來源、摘要、限制、缺口與後續人工確認欄位。",
|
||
"review": "只列出缺漏欄位與待補項目。",
|
||
"guard": "不補寫正式紀錄、不自動產生批准文字。"
|
||
},
|
||
"recordOwnerIdentityScope": {
|
||
"title": "負責人身分範圍",
|
||
"body": "檢查交接包是否說明未來紀錄負責人的角色範圍、責任邊界與可聯絡依據。",
|
||
"review": "只確認身分欄位是否足夠人工判讀。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"authorityBoundaryMatch": {
|
||
"title": "權責邊界比對",
|
||
"body": "檢查交接包是否清楚區分可閱讀、可審查、可批准與可執行四種不同權限。",
|
||
"review": "只標記邊界是否清楚,避免審查語義混淆。",
|
||
"guard": "不把可審查當成可批准,不把批准當成可執行。"
|
||
},
|
||
"evidenceVersionConfirm": {
|
||
"title": "證據版本確認",
|
||
"body": "檢查交接包引用的證據是否已脫敏、可追溯,並標示版本或文件路徑。",
|
||
"review": "只確認證據指標是否可追溯。",
|
||
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
|
||
},
|
||
"reviewerNoteConfirm": {
|
||
"title": "審查備註確認",
|
||
"body": "檢查退回理由、補證狀態、人工備註與未決事項是否足夠讓下一位審查者接手。",
|
||
"review": "只整理既有備註是否完整。",
|
||
"guard": "不建立外部任務、不自動通知、不改審查結論。"
|
||
},
|
||
"mutationRequestReject": {
|
||
"title": "變更要求拒收檢查",
|
||
"body": "檢查交接包是否夾帶專案庫、refs、workflow、secrets、部署或主機變更要求。",
|
||
"review": "只標記需要拒收或重送只讀版本的項目。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
|
||
},
|
||
"runtimeCutoverSeparation": {
|
||
"title": "執行與切換分離",
|
||
"body": "檢查掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否被留在獨立人工閘門。",
|
||
"review": "只標記後續需要哪一類獨立閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard": {
|
||
"title": "人工決策正式紀錄負責人交接驗收結果分流",
|
||
"subtitle": "交接驗收後只會落到八條只讀結果分流;這仍不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在分流=8、可進負責人檢查=0、已指派=0、執行期閘門=0。",
|
||
"laneLabel": "結果分流",
|
||
"resultLabel": "分流結果",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "交接驗收結果分流維持的保護線",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "分流",
|
||
"detail": "八條結果分流先可見,避免驗收結果直接變成指派。"
|
||
},
|
||
"ready": {
|
||
"label": "可進檢查",
|
||
"detail": "目前為 0;沒有交接包可進紀錄負責人檢查。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;結果分流不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"remainReviewWaiting": {
|
||
"title": "維持驗收等待",
|
||
"body": "若交接包仍在等待人工檢查,結果只能維持等待狀態。",
|
||
"result": "只顯示仍待驗收與缺少哪一類檢查。",
|
||
"guard": "不自動通過、不建立正式紀錄、不指派負責人。"
|
||
},
|
||
"requestPacketCompletion": {
|
||
"title": "要求補齊交接包",
|
||
"body": "若身分、脈絡、證據、備註、風險或指標包缺漏,必須退回補齊。",
|
||
"result": "只列出缺漏交接包與需要補充的欄位。",
|
||
"guard": "不代寫補件、不自動批准、不建立外部任務。"
|
||
},
|
||
"requestOwnerScopeClarification": {
|
||
"title": "要求負責人範圍說明",
|
||
"body": "若未來紀錄負責人的角色、權責或聯絡依據不清,必須要求人工說明。",
|
||
"result": "只標記需要補充哪一類負責人範圍。",
|
||
"guard": "不查外部帳號、不代填姓名、不自動指派。"
|
||
},
|
||
"requestEvidenceRefresh": {
|
||
"title": "要求證據版本更新",
|
||
"body": "若證據版本、文件路徑、脫敏狀態或引用位置不清,必須回到證據補正。",
|
||
"result": "只標記需要更新的證據指標。",
|
||
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
|
||
},
|
||
"readyForRecordOwnerReview": {
|
||
"title": "可進負責人檢查",
|
||
"body": "若驗收項都足夠,交接包可以進入人工紀錄負責人檢查,但仍不是指派。",
|
||
"result": "只標記可進人工檢查,等待人工確認。",
|
||
"guard": "不自動升格、不建立正式紀錄、不建立審批紀錄。"
|
||
},
|
||
"quarantineSensitivePayload": {
|
||
"title": "隔離敏感載荷",
|
||
"body": "若交接包或補件夾帶 token、cookie、private key、密碼或 exploit payload,必須隔離。",
|
||
"result": "只標記隔離原因與來源欄位。",
|
||
"guard": "不展示、不保存、不轉送任何機密明文值。"
|
||
},
|
||
"rejectMutationRequest": {
|
||
"title": "拒收變更要求",
|
||
"body": "若驗收結果夾帶專案庫、refs、workflow、secrets、部署或主機變更要求,先拒收。",
|
||
"result": "只標記拒收原因,等待重新提交只讀版本。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
|
||
},
|
||
"runtimeOrCutoverGateRequired": {
|
||
"title": "另開執行或切換閘門",
|
||
"body": "若結果需要掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用,必須另開人工閘門。",
|
||
"result": "只標記需要哪一種後續閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerReviewPreparationBoard": {
|
||
"title": "人工決策正式紀錄負責人檢查準備包",
|
||
"subtitle": "交接驗收結果若可進負責人檢查,仍只能整理人工檢查前需要看的八個準備包;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在準備包=8、可檢查=0、已指派=0、執行期閘門=0。",
|
||
"packetLabel": "準備包",
|
||
"prepareLabel": "準備方式",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "負責人檢查準備包維持的保護線",
|
||
"summary": {
|
||
"packets": {
|
||
"label": "準備包",
|
||
"detail": "八個準備包先可見,避免可進檢查被直接視為指派。"
|
||
},
|
||
"ready": {
|
||
"label": "可檢查",
|
||
"detail": "目前為 0;沒有交接包可進入負責人檢查。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;準備包不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"reviewIdentityPacket": {
|
||
"title": "檢查身分包",
|
||
"body": "保留交接驗收結果、候選紀錄、草稿與來源階段的追溯關係。",
|
||
"prepare": "只整理既有追溯參照與缺漏欄位。",
|
||
"guard": "不建立正式紀錄、不產生新的審批編號。"
|
||
},
|
||
"handoffOutcomeSnapshot": {
|
||
"title": "交接結果快照",
|
||
"body": "整理驗收結果分流、可進檢查理由、仍待人工確認與不得升格的限制。",
|
||
"prepare": "只整理結果摘要與限制說明。",
|
||
"guard": "不把可進檢查升格成已指派或已批准。"
|
||
},
|
||
"ownerScopePacket": {
|
||
"title": "負責人範圍包",
|
||
"body": "列出未來紀錄負責人需要確認的角色範圍、責任邊界與聯絡依據。",
|
||
"prepare": "只整理需要人工判讀的範圍欄位。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"authorityBoundaryPacket": {
|
||
"title": "權責邊界包",
|
||
"body": "明確區分可閱讀、可檢查、可審查、可批准與可執行的不同邊界。",
|
||
"prepare": "只標記邊界是否足夠清楚。",
|
||
"guard": "不把檢查當審批,不把批准當執行。"
|
||
},
|
||
"evidenceTracePacket": {
|
||
"title": "證據追溯包",
|
||
"body": "整理已脫敏、可追溯的證據版本、文件路徑、引用位置與補證狀態。",
|
||
"prepare": "只引用安全證據指標與文件路徑。",
|
||
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
|
||
},
|
||
"reviewerNotePacket": {
|
||
"title": "審查備註包",
|
||
"body": "整理退回理由、補件結果、人工備註、未決事項與下一位檢查者需要看的脈絡。",
|
||
"prepare": "只摘要既有備註與未決事項。",
|
||
"guard": "不建立外部任務、不自動通知、不改審查結論。"
|
||
},
|
||
"mutationRejectionPacket": {
|
||
"title": "變更拒收包",
|
||
"body": "整理專案庫、refs、workflow、secrets、部署或主機變更要求是否已被拒收。",
|
||
"prepare": "只標記拒收理由與需要重送只讀版本的項目。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
|
||
},
|
||
"runtimeCutoverPointer": {
|
||
"title": "執行切換指標包",
|
||
"body": "整理掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否需要另開人工閘門。",
|
||
"prepare": "只標記後續可能需要哪一種獨立閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerReviewChecklistBoard": {
|
||
"title": "人工決策正式紀錄負責人檢查清單",
|
||
"subtitle": "準備包若進入人工負責人檢查,仍只能逐項確認八個檢查點;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已指派=0、執行期閘門=0。",
|
||
"checkLabel": "檢查項",
|
||
"reviewLabel": "檢查方式",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "負責人檢查清單維持的保護線",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "檢查項",
|
||
"detail": "八個檢查項先可見,避免準備包被直接視為已通過。"
|
||
},
|
||
"passed": {
|
||
"label": "通過",
|
||
"detail": "目前為 0;沒有任何負責人檢查被標記通過。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;檢查清單不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"identityTraceCheck": {
|
||
"title": "身分追溯檢查",
|
||
"body": "確認交接驗收結果、候選紀錄、草稿、準備包與來源階段是否能互相追溯。",
|
||
"review": "只標記追溯鏈是否足夠清楚。",
|
||
"guard": "不建立正式紀錄、不產生新的審批編號。"
|
||
},
|
||
"handoffOutcomeCheck": {
|
||
"title": "交接結果檢查",
|
||
"body": "確認可進檢查理由、仍待人工確認與不得升格的限制是否完整。",
|
||
"review": "只確認結果摘要與限制是否可讀。",
|
||
"guard": "不把可進檢查升格成已指派或已批准。"
|
||
},
|
||
"ownerScopeCheck": {
|
||
"title": "負責人範圍檢查",
|
||
"body": "確認未來紀錄負責人的角色範圍、責任邊界與聯絡依據是否足夠人工判讀。",
|
||
"review": "只標記範圍欄位是否足夠。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"authorityBoundaryCheck": {
|
||
"title": "權責邊界檢查",
|
||
"body": "確認可閱讀、可檢查、可審查、可批准與可執行的邊界是否分離。",
|
||
"review": "只標記權責語義是否清楚。",
|
||
"guard": "不把檢查當審批,不把批准當執行。"
|
||
},
|
||
"evidenceTraceCheck": {
|
||
"title": "證據追溯檢查",
|
||
"body": "確認證據版本、文件路徑、引用位置、脫敏狀態與補證狀態是否足夠。",
|
||
"review": "只確認安全證據指標是否可追溯。",
|
||
"guard": "不讀取機密明文、不保存原始載荷、不抓外部系統。"
|
||
},
|
||
"reviewerNoteCheck": {
|
||
"title": "審查備註檢查",
|
||
"body": "確認退回理由、補件結果、人工備註、未決事項與下一步說明是否完整。",
|
||
"review": "只標記備註與未決事項是否足夠。",
|
||
"guard": "不建立外部任務、不自動通知、不改審查結論。"
|
||
},
|
||
"mutationRejectionCheck": {
|
||
"title": "變更拒收檢查",
|
||
"body": "確認專案庫、refs、workflow、secrets、部署或主機變更要求是否已被拒收或隔離。",
|
||
"review": "只標記拒收狀態與需要重送只讀版本的項目。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
|
||
},
|
||
"runtimeCutoverSeparationCheck": {
|
||
"title": "執行切換分離檢查",
|
||
"body": "確認掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用是否留在獨立人工閘門。",
|
||
"review": "只標記後續是否需要獨立閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerReviewOutcomeBoard": {
|
||
"title": "人工決策正式紀錄負責人檢查結果分流",
|
||
"subtitle": "負責人檢查清單後只能進入八條只讀結果分流;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在分流=8、可進人工指派確認=0、已指派=0、執行期閘門=0。",
|
||
"laneLabel": "結果分流",
|
||
"resultLabel": "分流結果",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "負責人檢查結果分流維持的保護線",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "分流",
|
||
"detail": "八條分流先可見,避免檢查清單被直接視為已決策。"
|
||
},
|
||
"ready": {
|
||
"label": "可進人工指派確認",
|
||
"detail": "目前為 0;沒有任何檢查結果可進入人工指派確認。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;結果分流不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"remainOwnerReviewWaiting": {
|
||
"title": "維持負責人檢查等待",
|
||
"body": "當檢查項尚未完整、人工備註不足或證據仍在補正時,維持等待。",
|
||
"result": "只標記仍在等待哪一類檢查。",
|
||
"guard": "不自動通過、不指派負責人、不建立正式紀錄。"
|
||
},
|
||
"requestTraceCompletion": {
|
||
"title": "要求追溯鏈補齊",
|
||
"body": "若交接驗收結果、候選紀錄、草稿、準備包或來源階段無法互相對應,退回補齊。",
|
||
"result": "只標記需要補哪一段追溯關係。",
|
||
"guard": "不產生審批編號、不改既有紀錄狀態。"
|
||
},
|
||
"requestOwnerScopeClarification": {
|
||
"title": "要求負責人範圍說明",
|
||
"body": "若角色範圍、責任邊界、聯絡依據或代理關係不清,要求人工補說明。",
|
||
"result": "只標記負責人範圍仍需說明。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"requestAuthorityBoundaryFix": {
|
||
"title": "要求權責邊界修正",
|
||
"body": "若可閱讀、可檢查、可審查、可批准與可執行的語義混在一起,退回修正。",
|
||
"result": "只標記需要修正哪一類權責語義。",
|
||
"guard": "不把檢查當批准,不把批准當執行。"
|
||
},
|
||
"readyForManualOwnerAssignmentReview": {
|
||
"title": "可進人工指派確認",
|
||
"body": "若八個檢查項都足夠,結果可以進入下一個人工指派確認,但仍不是已指派。",
|
||
"result": "只標記可進人工確認,等待人控決策。",
|
||
"guard": "不自動指派、不建立正式紀錄、不建立審批紀錄。"
|
||
},
|
||
"quarantineSensitivePayload": {
|
||
"title": "隔離敏感載荷",
|
||
"body": "若檢查資料夾帶 token、cookie、private key、密碼、未脫敏截圖或可執行載荷,必須隔離。",
|
||
"result": "只標記隔離原因與來源欄位。",
|
||
"guard": "不展示、不保存、不轉送任何機密明文值。"
|
||
},
|
||
"rejectMutationRequest": {
|
||
"title": "拒收變更要求",
|
||
"body": "若結果夾帶專案庫、refs、workflow、secrets、部署或主機變更要求,必須拒收。",
|
||
"result": "只標記拒收原因,等待重新提交只讀版本。",
|
||
"guard": "不建立專案庫、不改 refs、不改 workflow / secrets、不部署。"
|
||
},
|
||
"runtimeOrPrimaryGateRequired": {
|
||
"title": "另開執行或主要來源閘門",
|
||
"body": "若後續需要掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用,必須另開人工閘門。",
|
||
"result": "只標記後續需要哪一種獨立閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerAssignmentPreparationBoard": {
|
||
"title": "人工決策正式紀錄負責人指派確認準備包",
|
||
"subtitle": "可進人工指派確認後,先整理八個只讀準備包;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在準備包=8、可確認=0、已指派=0、執行期閘門=0。",
|
||
"packetLabel": "準備包",
|
||
"preparationLabel": "確認準備",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "指派確認準備包維持的保護線",
|
||
"summary": {
|
||
"packets": {
|
||
"label": "準備包",
|
||
"detail": "八個準備包先可見,避免結果分流被直接視為已指派。"
|
||
},
|
||
"ready": {
|
||
"label": "可確認",
|
||
"detail": "目前為 0;沒有任何準備包可進入人工指派確認。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;準備包不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"assignmentIdentityCandidate": {
|
||
"title": "指派身分候選包",
|
||
"body": "整理可被人工確認的負責人身分來源、角色名稱與來源證據索引。",
|
||
"preparation": "只標記身分候選資料是否可被人審閱讀。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"ownerScopeConfirmation": {
|
||
"title": "負責人範圍確認包",
|
||
"body": "整理負責人涵蓋的主機、專案、服務、專案庫、工作流程或網站範圍。",
|
||
"preparation": "只標記範圍欄位是否足以進人工確認。",
|
||
"guard": "不擴大掃描範圍、不把範圍視為授權。"
|
||
},
|
||
"authorityBoundaryConfirmation": {
|
||
"title": "權責邊界確認包",
|
||
"body": "整理可閱讀、可檢查、可審查、可批准與可執行的邊界,避免混用。",
|
||
"preparation": "只標記邊界語義是否可被人工確認。",
|
||
"guard": "不把指派確認當批准,不把批准當執行。"
|
||
},
|
||
"evidenceTraceConfirmation": {
|
||
"title": "證據追溯確認包",
|
||
"body": "整理交接驗收、檢查清單、結果分流與來源快照之間的追溯關係。",
|
||
"preparation": "只標記追溯鏈是否可讀與是否仍需補齊。",
|
||
"guard": "不產生審批編號、不改既有紀錄狀態。"
|
||
},
|
||
"reviewOutcomeReference": {
|
||
"title": "審查結果引用包",
|
||
"body": "整理 S2.94 的分流結果、補證要求、隔離或拒收理由,供人工確認引用。",
|
||
"preparation": "只引用只讀結果,不把結果變成正式決策。",
|
||
"guard": "不自動通過、不建立正式紀錄、不建立審批紀錄。"
|
||
},
|
||
"backupOwnerNote": {
|
||
"title": "代理與備援說明包",
|
||
"body": "若負責人需要代理人、備援窗口或跨工作階段接手說明,先以只讀欄位呈現。",
|
||
"preparation": "只標記需要補哪一類代理或備援說明。",
|
||
"guard": "不自動通知、不建立值班、不改 AwoooP 指派。"
|
||
},
|
||
"mutationRejectionConfirmation": {
|
||
"title": "變更要求拒收確認包",
|
||
"body": "確認準備包沒有夾帶專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求。",
|
||
"preparation": "只標記拒收原因與需要重新提交的欄位。",
|
||
"guard": "不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不部署。"
|
||
},
|
||
"runtimePrimarySeparation": {
|
||
"title": "執行與主要來源分離包",
|
||
"body": "若後續需要掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用,保留到獨立閘門。",
|
||
"preparation": "只標記後續需要哪一種獨立閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerAssignmentChecklistBoard": {
|
||
"title": "人工決策正式紀錄負責人指派確認清單",
|
||
"subtitle": "指派確認準備包後,仍要逐項檢查八個只讀條件;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已指派=0、執行期閘門=0。",
|
||
"checkLabel": "確認檢查",
|
||
"confirmationLabel": "確認條件",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "指派確認清單維持的保護線",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "檢查項",
|
||
"detail": "八個確認檢查先可見,避免準備包被直接視為已指派。"
|
||
},
|
||
"passed": {
|
||
"label": "通過",
|
||
"detail": "目前為 0;沒有任何指派確認檢查被標記通過。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;確認清單不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"assignmentIdentityReadable": {
|
||
"title": "指派身分可讀檢查",
|
||
"body": "確認負責人身分來源、角色名稱與來源證據索引是否可被人工閱讀。",
|
||
"confirmation": "只標記身分欄位是否完整可讀。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"ownerScopeCurrent": {
|
||
"title": "負責人範圍有效檢查",
|
||
"body": "確認主機、專案、服務、專案庫、工作流程或網站範圍仍是目前可審版本。",
|
||
"confirmation": "只標記範圍是否足以進人工確認。",
|
||
"guard": "不擴大掃描範圍、不把範圍視為授權。"
|
||
},
|
||
"authorityBoundaryReadable": {
|
||
"title": "權責邊界可讀檢查",
|
||
"body": "確認可閱讀、可檢查、可審查、可批准與可執行的邊界沒有混用。",
|
||
"confirmation": "只標記邊界語義是否仍需修正。",
|
||
"guard": "不把確認當批准,不把批准當執行。"
|
||
},
|
||
"evidenceTraceReadable": {
|
||
"title": "證據追溯可讀檢查",
|
||
"body": "確認交接驗收、檢查清單、結果分流、準備包與來源快照可以互相追溯。",
|
||
"confirmation": "只標記追溯鏈是否足以供人工閱讀。",
|
||
"guard": "不產生審批編號、不改既有紀錄狀態。"
|
||
},
|
||
"reviewOutcomeLinked": {
|
||
"title": "審查結果引用檢查",
|
||
"body": "確認 S2.94 分流結果、補證要求、隔離或拒收理由已被安全引用。",
|
||
"confirmation": "只確認引用關係,不把引用變成正式決策。",
|
||
"guard": "不自動通過、不建立正式紀錄、不建立審批紀錄。"
|
||
},
|
||
"backupOwnerNoteReadable": {
|
||
"title": "代理與備援說明檢查",
|
||
"body": "確認代理人、備援窗口或跨工作階段接手說明是否足以被人工理解。",
|
||
"confirmation": "只標記代理或備援說明是否仍需補齊。",
|
||
"guard": "不自動通知、不建立值班、不改 AwoooP 指派。"
|
||
},
|
||
"mutationRejectionConfirmed": {
|
||
"title": "變更要求拒收檢查",
|
||
"body": "確認清單沒有夾帶專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求。",
|
||
"confirmation": "只標記是否需要拒收並重送只讀版本。",
|
||
"guard": "不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不部署。"
|
||
},
|
||
"runtimePrimarySeparated": {
|
||
"title": "執行與主要來源分離檢查",
|
||
"body": "確認掃描、修復、主機更新、GitHub 主要來源切換或 Gitea 停用都留在獨立閘門。",
|
||
"confirmation": "只標記後續是否需要獨立人工閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerAssignmentOutcomeBoard": {
|
||
"title": "人工決策正式紀錄負責人指派確認結果分流",
|
||
"subtitle": "指派確認清單後只能進入八條只讀結果分流;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在分流=8、可進人工指派決策=0、已指派=0、執行期閘門=0。",
|
||
"laneLabel": "結果分流",
|
||
"resultLabel": "分流結果",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "指派確認結果分流維持的保護線",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "分流",
|
||
"detail": "八條只讀結果分流先可見,避免確認清單被直接視為已指派。"
|
||
},
|
||
"ready": {
|
||
"label": "可進決策",
|
||
"detail": "目前為 0;沒有任何項目可直接進入人工指派決策。"
|
||
},
|
||
"assigned": {
|
||
"label": "已指派",
|
||
"detail": "目前為 0;仍沒有正式紀錄負責人被指定。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;結果分流不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"remainAssignmentCheckWaiting": {
|
||
"title": "維持指派確認等待",
|
||
"body": "確認清單尚未完整、尚未人工判讀或仍需等待原始負責人回覆時,維持在等待狀態。",
|
||
"result": "只標記仍需等待,不把等待改成通過。",
|
||
"guard": "不建立正式紀錄、不指派紀錄負責人、不更新審批狀態。"
|
||
},
|
||
"requestIdentityClarification": {
|
||
"title": "要求身分說明補齊",
|
||
"body": "負責人身分、角色、來源或代理說明不足時,只要求補齊可讀說明。",
|
||
"result": "只要求補身分欄位,不代填、不查外部帳號。",
|
||
"guard": "不自動指定人員、不建立值班、不通知外部服務。"
|
||
},
|
||
"requestScopeRefresh": {
|
||
"title": "要求負責人範圍更新",
|
||
"body": "主機、專案、服務、專案庫、網站、工作流程或機密名稱範圍過舊時,要求更新範圍描述。",
|
||
"result": "只要求更新可審範圍,不擴大掃描或執行授權。",
|
||
"guard": "不掃描、不登入主機、不修改專案庫或工作流程。"
|
||
},
|
||
"requestAuthorityBoundaryFix": {
|
||
"title": "要求權責邊界修正",
|
||
"body": "若確認、審查、批准、正式紀錄與執行邊界混用,回到人工修正。",
|
||
"result": "只要求修正文案與欄位語義,不提升權限。",
|
||
"guard": "不把確認當批准,不把批准當執行。"
|
||
},
|
||
"readyForManualOwnerAssignmentDecision": {
|
||
"title": "可進人工指派決策",
|
||
"body": "只有在身分、範圍、權責、證據與拒收檢查都可讀時,才標記可交給人工做下一步指派決策。",
|
||
"result": "只表示可被人工判讀,仍不是已指派或已批准。",
|
||
"guard": "不自動建立正式紀錄、不產生審批編號、不觸發 runtime gate。"
|
||
},
|
||
"quarantineSensitivePayload": {
|
||
"title": "隔離敏感載荷",
|
||
"body": "若回覆夾帶密碼、token、金鑰、credential 明文或不可保存載荷,進入隔離分流。",
|
||
"result": "只保留脫敏後 metadata 與隔離理由。",
|
||
"guard": "不保存秘密值、不顯示明文、不把隔離內容交給前端。"
|
||
},
|
||
"rejectMutationRequest": {
|
||
"title": "拒收變更要求",
|
||
"body": "若回覆要求建立專案庫、改分支 / 標籤參照、改工作流程、改機密設定、部署或主機變更,直接拒收。",
|
||
"result": "只標記拒收原因與需要重送只讀版本。",
|
||
"guard": "不建立專案庫、不同步 refs、不改工作流程 / 機密設定、不部署。"
|
||
},
|
||
"runtimeOrPrimaryGateRequired": {
|
||
"title": "另開執行或主要來源閘門",
|
||
"body": "若後續需要 Kali 掃描、SSH、主機更新、修復、GitHub 主要來源切換或 Gitea 停用,必須另開獨立人工閘門。",
|
||
"result": "只標記需要哪一種後續閘門,不在本看板執行。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard": {
|
||
"title": "人工決策正式紀錄負責人指派決策準備包",
|
||
"subtitle": "指派確認結果分流後,只能整理八個只讀決策準備包;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在準備包=8、可進決策=0、已決策=0、執行期閘門=0。",
|
||
"packetLabel": "決策準備包",
|
||
"requirementLabel": "準備要求",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "指派決策準備包維持的保護線",
|
||
"summary": {
|
||
"packets": {
|
||
"label": "準備包",
|
||
"detail": "八個只讀準備包先可見,避免結果分流被直接視為已決策。"
|
||
},
|
||
"ready": {
|
||
"label": "可進決策",
|
||
"detail": "目前為 0;沒有任何指派決策準備包被標記可交付。"
|
||
},
|
||
"decisions": {
|
||
"label": "已決策",
|
||
"detail": "目前為 0;仍沒有任何正式負責人指派決策。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;準備包不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"outcomeTracePacket": {
|
||
"title": "結果分流追溯包",
|
||
"body": "整理 S2.97 八條分流的來源、目前分流、退回理由與可讀證據索引。",
|
||
"requirement": "只整理結果脈絡,不把分流結果改成決策。",
|
||
"guard": "不建立正式紀錄、不更新審批狀態、不標記已接受。"
|
||
},
|
||
"ownerIdentityPacket": {
|
||
"title": "負責人身分包",
|
||
"body": "整理候選負責人、代理人、角色名稱、來源證據與仍需補齊的身分欄位。",
|
||
"requirement": "只保留人工可讀身分欄位與缺口。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"scopeSnapshotPacket": {
|
||
"title": "範圍快照包",
|
||
"body": "整理主機、專案、服務、專案庫、網站、工作流程與機密名稱的目前可審範圍。",
|
||
"requirement": "只固定當前可審範圍,不擴大掃描或執行授權。",
|
||
"guard": "不掃描、不登入主機、不修改專案庫或工作流程。"
|
||
},
|
||
"authorityBoundaryPacket": {
|
||
"title": "權責邊界包",
|
||
"body": "整理確認、審查、指派、正式紀錄、批准與執行各自的邊界。",
|
||
"requirement": "只讓人工知道下一步需要哪一種角色判讀。",
|
||
"guard": "不把確認當批准,不把批准當執行。"
|
||
},
|
||
"evidenceReviewPacket": {
|
||
"title": "證據審查包",
|
||
"body": "整理交接、檢查、結果分流與準備包之間的證據鏈與版本標記。",
|
||
"requirement": "只準備可讀證據索引,不寫入正式決策紀錄。",
|
||
"guard": "不產生審批編號、不建立正式紀錄、不更改原始 evidence。"
|
||
},
|
||
"quarantineAndExceptionPacket": {
|
||
"title": "隔離與例外包",
|
||
"body": "整理敏感載荷隔離、缺欄、例外、退回與補證原因,保留脫敏 metadata。",
|
||
"requirement": "只顯示隔離原因與可讀 metadata。",
|
||
"guard": "不保存秘密值、不顯示明文、不把隔離內容交給前端。"
|
||
},
|
||
"mutationRejectionPacket": {
|
||
"title": "變更拒收包",
|
||
"body": "整理專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求的拒收理由。",
|
||
"requirement": "只標記拒收原因與需要重送的只讀版本。",
|
||
"guard": "不建立專案庫、不同步 refs、不改工作流程 / 機密設定、不部署。"
|
||
},
|
||
"runtimePrimaryGatePacket": {
|
||
"title": "執行與主要來源閘門包",
|
||
"body": "整理後續若要 Kali、SSH、主機更新、修復、GitHub 主要來源切換或 Gitea 停用時需要另開的人工閘門。",
|
||
"requirement": "只標記後續閘門類型,不在本看板執行。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard": {
|
||
"title": "人工決策正式紀錄負責人指派決策檢查清單",
|
||
"subtitle": "指派決策準備包後,仍要逐項檢查八個只讀條件;這不是紀錄負責人指派、正式紀錄、人工批准或執行授權。現在檢查項=8、通過=0、已決策=0、執行期閘門=0。",
|
||
"checkLabel": "決策檢查",
|
||
"confirmationLabel": "確認條件",
|
||
"guardLabel": "仍不會做",
|
||
"boundaryTitle": "指派決策檢查清單維持的保護線",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "檢查項",
|
||
"detail": "八個只讀檢查先可見,避免準備包被直接視為已決策。"
|
||
},
|
||
"passed": {
|
||
"label": "通過",
|
||
"detail": "目前為 0;沒有任何指派決策檢查被標記通過。"
|
||
},
|
||
"decisions": {
|
||
"label": "已決策",
|
||
"detail": "目前為 0;仍沒有任何正式負責人指派決策。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前為 0;檢查清單不會啟動執行期。"
|
||
}
|
||
},
|
||
"items": {
|
||
"decisionTraceReadable": {
|
||
"title": "決策追溯可讀檢查",
|
||
"body": "確認結果分流、準備包、退回理由與證據索引是否能被人工完整追溯。",
|
||
"confirmation": "只標記追溯鏈是否足以供人工閱讀。",
|
||
"guard": "不建立正式紀錄、不更新審批狀態、不標記已接受。"
|
||
},
|
||
"ownerIdentityConfirmable": {
|
||
"title": "負責人身分可確認檢查",
|
||
"body": "確認候選負責人、代理人、角色名稱、來源證據與缺口欄位是否可人工判讀。",
|
||
"confirmation": "只標記身分欄位是否可確認。",
|
||
"guard": "不代填姓名、不查外部帳號、不自動指派。"
|
||
},
|
||
"scopeSnapshotCurrent": {
|
||
"title": "範圍快照有效檢查",
|
||
"body": "確認主機、專案、服務、專案庫、網站、工作流程與機密名稱範圍仍是目前可審版本。",
|
||
"confirmation": "只標記範圍快照是否足以進人工判讀。",
|
||
"guard": "不掃描、不登入主機、不修改專案庫或工作流程。"
|
||
},
|
||
"authorityBoundaryChecked": {
|
||
"title": "權責邊界已檢查",
|
||
"body": "確認確認、審查、指派、正式紀錄、批准與執行沒有被混用。",
|
||
"confirmation": "只標記邊界是否仍需人工修正。",
|
||
"guard": "不把確認當批准,不把批准當執行。"
|
||
},
|
||
"evidenceChainReadable": {
|
||
"title": "證據鏈可讀檢查",
|
||
"body": "確認交接、檢查、結果分流、準備包與後續人工決策可以互相追溯。",
|
||
"confirmation": "只標記證據鏈是否完整可讀。",
|
||
"guard": "不產生審批編號、不建立正式紀錄、不更改原始 evidence。"
|
||
},
|
||
"quarantineExceptionChecked": {
|
||
"title": "隔離與例外已檢查",
|
||
"body": "確認敏感載荷、缺欄、例外、退回與補證原因已用脫敏 metadata 呈現。",
|
||
"confirmation": "只標記隔離原因與例外欄位是否可讀。",
|
||
"guard": "不保存秘密值、不顯示明文、不把隔離內容交給前端。"
|
||
},
|
||
"mutationRejectionChecked": {
|
||
"title": "變更拒收已檢查",
|
||
"body": "確認沒有夾帶專案庫、分支 / 標籤參照、工作流程、機密設定、部署或主機變更要求。",
|
||
"confirmation": "只標記是否需要拒收並重送只讀版本。",
|
||
"guard": "不建立專案庫、不同步 refs、不改工作流程 / 機密設定、不部署。"
|
||
},
|
||
"runtimePrimarySeparated": {
|
||
"title": "執行與主要來源分離檢查",
|
||
"body": "確認 Kali、SSH、主機更新、修復、GitHub 主要來源切換或 Gitea 停用都留在獨立閘門。",
|
||
"confirmation": "只標記後續是否需要獨立人工閘門。",
|
||
"guard": "不呼叫 Kali、不開 SSH、不更新主機、不切主要來源、不停用 Gitea。"
|
||
}
|
||
}
|
||
},
|
||
"awooopReadOnlyLandingReadiness": {
|
||
"title": "AwoooP 只讀接入就緒度",
|
||
"subtitle": "S2.51 把 AwoooP 主線要如何只讀消費 IwoooS / 資安鏡像狀態整理成接入準備面板。這是接入就緒度,不是 production landing enabled,也不接 execution router。",
|
||
"readinessLabel": "只讀接入",
|
||
"requirementLabel": "接入要求",
|
||
"guardLabel": "仍鎖住",
|
||
"items": {
|
||
"rollupSnapshotReadable": {
|
||
"title": "彙總快照可讀",
|
||
"body": "`security-mirror-status-rollup.snapshot.json` 與 `iwooos-posture-projection.snapshot.json` 已可作為 AwoooP 只讀入口的主要來源。",
|
||
"requirement": "AwoooP 只讀消費已提交快照與 guard output,不直接呼叫 Kali、Gitea、GitHub 或 runtime API。",
|
||
"guard": "production_landing_enabled=false;execution router linked=false"
|
||
},
|
||
"evidenceRefsReadable": {
|
||
"title": "Evidence refs 可追溯",
|
||
"body": "IwoooS 已列出資安 rollout、負責人回覆驗證、Kali 狀態、彙總與投影的 evidence refs。",
|
||
"requirement": "AwoooP landing 只能顯示 evidence refs 與狀態摘要,不保存原始載荷、credential plaintext 或 token value。",
|
||
"guard": "payloads_ingested=false;secret value collection=false"
|
||
},
|
||
"guardChecksKnown": {
|
||
"title": "Guard 檢查已知",
|
||
"body": "`security-mirror-progress-guard.py` 與 `source-control-owner-response-guard.py` 是接入前必跑的只讀檢查。",
|
||
"requirement": "AwoooP 主線接入前必須保留進度、負責人回覆、runtime flags、action button 與 forbidden output 檢查。",
|
||
"guard": "不跳過 guard;不把 guard pass 當 runtime approval"
|
||
},
|
||
"routeGroupsKnown": {
|
||
"title": "鏡像路由群組已知",
|
||
"body": "`security_mirror_route_v1` 已定義操作控制台、runtime state、channel event、audit evidence、approval queue 的只讀目的地。",
|
||
"requirement": "AwoooP 只能依 route group 顯示與分類,不新增掃描、執行、修復、repo、refs 或部署動作。",
|
||
"guard": "action_buttons_allowed=false;runtime_execution_authorized=false"
|
||
},
|
||
"forbiddenOutputsLocked": {
|
||
"title": "禁止輸出已鎖住",
|
||
"body": "IwoooS / rollup 已明確列出不得從接入就緒度產生 action button、runtime gate、GitHub 主要來源或 production execution。",
|
||
"requirement": "AwoooP 接入時必須保留禁止輸出清單,並把所有寫入、執行、切換與收 secret value 的入口維持關閉。",
|
||
"guard": "不把接入就緒度當 production consumption"
|
||
},
|
||
"productionHandoffPending": {
|
||
"title": "Production 交接仍待接入",
|
||
"body": "目前只是 AwoooP 只讀 landing 的接入準備,尚未證明 AwoooP production 主線已消費這組狀態。",
|
||
"requirement": "需要後續 PR / deployment evidence 證明 AwoooP 主線只讀顯示 rollup、evidence refs 與 guard result。",
|
||
"guard": "progress_change_applied=false;headline percent delta=0"
|
||
}
|
||
}
|
||
},
|
||
"progressAcceleration": {
|
||
"title": "進度加速與真正解鎖點",
|
||
"subtitle": "目前不是沒有推進,而是 58% headline 只在負責人回覆、runtime gate、GitHub 主要來源就緒度或 AwoooP production landing 有實質 evidence 時才會重估。這裡把下一批有感推進點集中顯示。",
|
||
"laneLabel": "加速路線",
|
||
"unlockLabel": "解鎖訊號",
|
||
"guardLabel": "仍維持低摩擦邊界",
|
||
"items": {
|
||
"ownerResponses": {
|
||
"title": "負責人回覆先收斂",
|
||
"body": "S4.9-S4.12 的 Gitea、GitHub target、refs truth、workflow / secret name 負責人回覆是目前 58% 最主要的卡點。",
|
||
"unlock": "收到並驗收第一批脫敏負責人回覆後,headline 才有重估依據。",
|
||
"guard": "只收脫敏 evidence;不建立 repo、不同步 refs、不修改 workflow、不收 secret value。"
|
||
},
|
||
"redactedIngestion": {
|
||
"title": "脫敏匯入接上可見證據",
|
||
"body": "資安 finding、Kali observe 訊號與負責人 evidence 需要先以 redacted metadata 進入只讀收件面,再談 runtime。",
|
||
"unlock": "redacted payload ingestion adapter 經人工批准並通過 preflight 後,runtime landing 會有實質訊號。",
|
||
"guard": "不收原始載荷、不收 credential plaintext、不啟動 active scan。"
|
||
},
|
||
"runtimeGate": {
|
||
"title": "Runtime gate 必須獨立批准",
|
||
"body": "後續真正掃描、修復、主機更新或 blocking control 都不能從前端狀態自動推進。",
|
||
"unlock": "S3 / S3.4 有人工批准、rollback、post-check metrics 與 active runtime gate 後,才進入落地重估。",
|
||
"guard": "active runtime gate=0;action button=false;Kali /execute 仍是 block candidate。"
|
||
},
|
||
"githubReadiness": {
|
||
"title": "GitHub 主要來源就緒度要拆關鍵缺口",
|
||
"body": "Gitea 轉 GitHub 的大方向已確認,但 target、refs、workflow / secret name、rollback ADR 還沒全量驗證。",
|
||
"unlock": "負責人回覆、refs truth、workflow parity 與 rollback ADR 都可驗證後,primary_ready_count 才能往上。",
|
||
"guard": "不切主要來源、不 force push、不刪 refs、不建立未批准 target repo。"
|
||
},
|
||
"awooopLanding": {
|
||
"title": "AwoooP / IwoooS 主線可見",
|
||
"body": "使用者感覺慢的原因之一,是資安工作還太像後台契約;需要把下一步、卡點、禁令與解鎖訊號放到產品入口。",
|
||
"unlock": "AwoooP 主線只讀消費 rollup 與 IwoooS 面板後,使用者能直接看到真正卡點。",
|
||
"guard": "只讀 landing;不把可見狀態當授權,不新增執行按鈕。"
|
||
},
|
||
"cadenceCompression": {
|
||
"title": "後續節奏改成批次推進",
|
||
"body": "S2.38-S2.45 太多細層 checklist 讓進度看起來碎。後續應優先收斂 P0 owner response 與 AwoooP landing,而不是無限拆小核對項。",
|
||
"unlock": "相同類型的 framework detail 之後合併成一批回報,只有高層 gate 變動才調整 headline。",
|
||
"guard": "節奏加快不等於放寬安全;runtime 與 source-control cutover 仍需人工 gate。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseNextActionFocus": {
|
||
"title": "Owner Response 下一步收件焦點",
|
||
"subtitle": "S2.47 將下一個真正能推動 58% 的 owner response 工作排清楚:先收 S4.9 Gitea owner attestation,再依序處理 GitHub target、refs truth、workflow / secret name。這裡只顯示收件焦點,不催收、不代填、不標記 received。",
|
||
"focusLabel": "下一步焦點",
|
||
"nextLabel": "要看的 evidence",
|
||
"guardLabel": "仍禁止",
|
||
"items": {
|
||
"giteaOwnerAttestation": {
|
||
"title": "S4.9 Gitea owner attestation 先收",
|
||
"body": "先確認 Gitea 覆蓋範圍、public-only / local gap、org/user endpoint、110 adjacent source、canonical owner 與 legacy disposition。",
|
||
"next": "需要 owner 依 GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE 回覆 5 個脫敏 evidence refs。",
|
||
"guard": "received=0;accepted=0;不保存 token value、不寫 Gitea、不 sync refs、不切 primary。"
|
||
},
|
||
"githubTargetOwnerDecision": {
|
||
"title": "S4.10 GitHub target 決策接續",
|
||
"body": "確認每個 GitHub target 的 owner、visibility、canonical disposition 與 not_found_or_private 處理方式。",
|
||
"next": "S4.9 通過後,才依 GITHUB-TARGET-OWNER-DECISION-RESPONSE 收 7 個 target responses。",
|
||
"guard": "不建立 GitHub repo、不改 visibility、不同步 refs、不把 target response 當 primary approval。"
|
||
},
|
||
"refsTruthOwnerResponse": {
|
||
"title": "S4.11 Refs truth 再判定",
|
||
"body": "釐清 main/dev truth、deprecated drift、release tag 與 GitHub-only refs,避免 migration 時把舊 refs 誤當真相。",
|
||
"next": "需要 repo owner 對 141 個 ref review items 做單 repo / 單 ref 判定。",
|
||
"guard": "不 fetch、不 push、不 delete refs、不 force push、不 rewrite history。"
|
||
},
|
||
"workflowSecretOwnerResponse": {
|
||
"title": "S4.12 Workflow / secret 名稱最後補齊",
|
||
"body": "補 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity。",
|
||
"next": "只收名稱、owner 與脫敏 parity evidence,讓 GitHub readiness 有可驗證缺口表。",
|
||
"guard": "不收 secret value、不改 workflow、不啟用 runner、不使用 write token。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseRequestTemplates": {
|
||
"title": "S4.9 Owner Response 五個回覆 Template",
|
||
"subtitle": "S2.49 將 S4.9 owner 要逐項回答的五個 template 顯示在 IwoooS。這裡只是 request-ready 清單:request 仍未送出、不催收、不代填、不標記 received / accepted,也不把任何 template 當成 Gitea inventory 或 GitHub migration approval。",
|
||
"templateLabel": "Template",
|
||
"ownerActionLabel": "Owner 要回覆",
|
||
"guardLabel": "仍禁止",
|
||
"items": {
|
||
"publicOnlyVsLocalGiteaGap": {
|
||
"title": "Public-only / local Gitea gap",
|
||
"body": "判定 `wooo/clawbot-v5` 與 `wooo/wooo-aiops` 是否屬於本輪 inventory / migration scope。",
|
||
"ownerAction": "逐 repo 回覆 in scope、out of scope、legacy archived、external system、inaccessible 或 needs more evidence,並引用脫敏 evidence refs。",
|
||
"guard": "request_ready_not_sent;received=0;accepted=0;不寫 Gitea、不建立 repo、不 sync refs。"
|
||
},
|
||
"orgUserEndpointIdentity": {
|
||
"title": "Gitea `wooo` org/user endpoint",
|
||
"body": "釐清 `wooo` 在 Gitea 中應以 user、org 或兩者盤點,避免把 endpoint 404 誤讀成不存在。",
|
||
"ownerAction": "回覆 canonical endpoint 身分、查證方式與後續 owner。",
|
||
"guard": "不呼叫 admin API、不使用 token、不把 endpoint 判定當成 inventory completed。"
|
||
},
|
||
"internal110AdjacentScope": {
|
||
"title": "110 adjacent source scope",
|
||
"body": "判定 `bitan-pharmacy`、`root/momo-pro-system`、`tsenyang-website`、`wooo/wooo-infra-config` 是否納入本輪 scope。",
|
||
"ownerAction": "逐項標示 in scope / out of scope / legacy / external / inaccessible,並補脫敏來源證據。",
|
||
"guard": "不讀取私有 repo 內容、不匯入 archive、不把 110 adjacent source 自動納入 migration。"
|
||
},
|
||
"repoOwnerCanonicalScope": {
|
||
"title": "Repo owner / canonical / GitHub target",
|
||
"body": "為 in-scope repo 指定 owner、canonical source、GitHub target candidate 與 visibility review owner。",
|
||
"ownerAction": "回覆 owner role/team、canonical source、GitHub target candidate、visibility review owner 與理由。",
|
||
"guard": "不建立 GitHub repo、不改 visibility、不切 primary、不把 target candidate 當 approval。"
|
||
},
|
||
"legacyOrInaccessibleDisposition": {
|
||
"title": "Legacy / inaccessible disposition",
|
||
"body": "對 legacy、inaccessible 或 external repo 留下 disposition、理由與 follow-up owner。",
|
||
"ownerAction": "標示 archive、exclude、follow-up evidence 或 external owner,並保留脫敏 trace。",
|
||
"guard": "不刪除、不停用、不封存 repo;disposition 只是人工分類,不是執行命令。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseDispatchFlow": {
|
||
"title": "S4.9 負責人回覆送件鏈路摘要",
|
||
"subtitle": "S2.106 把 S4.9 從工作單、封套、送件前檢查、結果分流、請求草稿到人工送件閘門整理成一條專業只讀鏈路。這是給使用者與 AwoooP 平行 Session 判讀目前卡點的摘要,不提供送出、批准、執行或主要來源切換入口。",
|
||
"stepLabel": "步驟",
|
||
"boundaryTitle": "送件鏈路邊界",
|
||
"boundaryIntro": "以下鍵值固定這條鏈路仍是只讀可視化,不是 request sent、稽核事件、人工批准或執行授權。",
|
||
"summary": {
|
||
"steps": {
|
||
"label": "鏈路步驟",
|
||
"detail": "六段只讀流程可供掃描。"
|
||
},
|
||
"current": {
|
||
"label": "目前焦點",
|
||
"detail": "停在送件請求草稿,不開送件。"
|
||
},
|
||
"sent": {
|
||
"label": "已送出",
|
||
"detail": "目前仍是 0,不通知負責人。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍是 0,不推動 headline。"
|
||
}
|
||
},
|
||
"items": {
|
||
"workOrder": {
|
||
"title": "人工收件工作單",
|
||
"body": "五個 S4.9 收件項已可讀,但仍只是人工要填什麼的工作界面。"
|
||
},
|
||
"envelope": {
|
||
"title": "回覆封套欄位",
|
||
"body": "六個必填欄位仍是空白封套,不代表 owner 已提交。"
|
||
},
|
||
"preflight": {
|
||
"title": "送件前檢查",
|
||
"body": "六個檢查項目前通過數為 0,不可升成可送件。"
|
||
},
|
||
"outcome": {
|
||
"title": "結果分流",
|
||
"body": "七條分流只說明補欄、修正、隔離、拒收或等待方向。"
|
||
},
|
||
"requestDraft": {
|
||
"title": "送件請求草稿",
|
||
"body": "送件文字、對象、脫敏證據與禁止變更條款仍待人工整理。"
|
||
},
|
||
"manualDispatchGate": {
|
||
"title": "人工送件閘門",
|
||
"body": "送件閘門尚未開啟,沒有按鈕、通知或稽核事件。"
|
||
}
|
||
}
|
||
},
|
||
"securityComplianceFrontStage": {
|
||
"title": "前台安全合規整合判定",
|
||
"subtitle": "S2.107 的專業判定是保留 `/security-compliance`,並把它改成 IwoooS 的前台友善入口。使用者仍可從熟悉的安全合規頁看到安全監控與合規統計,但資安網總覽、進度與執行邊界統一由 IwoooS 說明。",
|
||
"decisionLabel": "判定",
|
||
"boundaryTitle": "前台入口邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是導覽與資訊架構整合,不是 runtime 授權、審批、掃描、修復、部署或 GitHub primary 切換。",
|
||
"summary": {
|
||
"route": {
|
||
"label": "前台路由",
|
||
"detail": "保留既有安全合規入口,避免連結失效。"
|
||
},
|
||
"decision": {
|
||
"label": "專業建議",
|
||
"detail": "整合到 IwoooS,不移除。"
|
||
},
|
||
"removed": {
|
||
"label": "是否移除",
|
||
"detail": "不移除,改成橋接入口。"
|
||
},
|
||
"runtime": {
|
||
"label": "Runtime 控制",
|
||
"detail": "維持 0,不新增執行控制。"
|
||
}
|
||
},
|
||
"items": {
|
||
"routePreserved": {
|
||
"title": "保留安全合規頁",
|
||
"body": "`/security-compliance` 保留 SecurityPanel 與 CompliancePanel 頁籤,讓前台使用者不用改變既有入口。"
|
||
},
|
||
"frontStageBridge": {
|
||
"title": "橋接到 IwoooS",
|
||
"body": "安全合規頁增加 IwoooS 前台說明與只讀導流,IwoooS 作為資安網總覽與姿態來源。"
|
||
},
|
||
"singleSecurityNarrative": {
|
||
"title": "收斂資安敘事",
|
||
"body": "原本分散在安全、合規、治理、授權、告警與 Code Review 的內容,統一由 IwoooS 顯示整體邊界。"
|
||
},
|
||
"runtimeControls": {
|
||
"title": "不新增執行控制",
|
||
"body": "本階段只有可視化與資訊架構整理,不新增掃描、修復、批准、部署或 blocking control。"
|
||
}
|
||
}
|
||
},
|
||
"frontstageEntryRoles": {
|
||
"title": "前台資安入口角色分流",
|
||
"subtitle": "S2.108 把前台會看到的資安入口拆成清楚角色:IwoooS 看總覽,安全合規給熟悉入口,安全 / 合規保留原始資料頁,AwoooP 審批顯示人控等待。這只降低使用者困惑,不新增執行控制。",
|
||
"routeLabel": "路由",
|
||
"boundaryTitle": "入口分流邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是前台導覽與理解成本收斂,不是掃描、修復、批准、部署、GitHub 主要來源切換或任何執行期入口。",
|
||
"summary": {
|
||
"entries": {
|
||
"label": "入口數",
|
||
"detail": "五個入口各有角色,不互相取代。"
|
||
},
|
||
"primary": {
|
||
"label": "總覽來源",
|
||
"detail": "資安網總覽與邊界以 IwoooS 為準。"
|
||
},
|
||
"familiar": {
|
||
"label": "熟悉入口",
|
||
"detail": "安全合規保留給前台使用者。"
|
||
},
|
||
"execution": {
|
||
"label": "執行入口",
|
||
"detail": "維持 0,不從前台入口執行。"
|
||
}
|
||
},
|
||
"items": {
|
||
"iwooosOverview": {
|
||
"title": "IwoooS 資安總覽",
|
||
"body": "閱讀整體進度、Kali 主機、開發主機、原始碼版本來源、負責人回覆與執行期閘門邊界。"
|
||
},
|
||
"securityComplianceHub": {
|
||
"title": "安全合規前台入口",
|
||
"body": "保留既有安全監控與合規統計頁籤,讓使用者不用改變既有操作路徑。"
|
||
},
|
||
"securityMonitor": {
|
||
"title": "安全事件監控",
|
||
"body": "查看錯誤與議題類安全訊號,仍只保留原資料來源與只讀橋接。"
|
||
},
|
||
"complianceStats": {
|
||
"title": "合規統計",
|
||
"body": "查看事件摘要、處置劇本與自動修復統計,不把合規統計升成批准。"
|
||
},
|
||
"awooopApprovals": {
|
||
"title": "AwoooP 人控等待",
|
||
"body": "查看負責人回覆與審批等待狀態;這仍不是資安執行期閘門或執行入口。"
|
||
}
|
||
}
|
||
},
|
||
"lowFrictionRollout": {
|
||
"title": "低摩擦分階段收斂主控",
|
||
"subtitle": "S2.111 把安全合規頁的低摩擦收斂節奏同步回 IwoooS 主入口:目前先觀測與盤點,補齊證據後才進人工審查;只有明確批准後才開執行期閘門,最後再逐步收嚴。",
|
||
"phaseLabel": "階段",
|
||
"boundaryTitle": "分階段收斂邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是 IwoooS 主入口的策略可視化,不是掃描、修復、批准、部署、主要來源切換或任何執行期入口。",
|
||
"summary": {
|
||
"phases": {
|
||
"label": "階段數",
|
||
"detail": "五段策略保持低摩擦。"
|
||
},
|
||
"current": {
|
||
"label": "目前階段",
|
||
"detail": "停在觀測優先,不阻擋流程。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期開閘",
|
||
"detail": "目前仍是 0,等待批准。"
|
||
},
|
||
"enforcement": {
|
||
"label": "強制收嚴",
|
||
"detail": "目前仍是 0,不一口氣鎖流程。"
|
||
}
|
||
},
|
||
"items": {
|
||
"observe": {
|
||
"title": "觀測與盤點",
|
||
"body": "整理 Kali、開發主機、專案、網站、監控與工具姿態,不阻擋使用者流程。"
|
||
},
|
||
"evidence": {
|
||
"title": "補齊證據",
|
||
"body": "收斂脫敏證據、版本來源、負責人回覆與 AwoooP 只讀消費證明。"
|
||
},
|
||
"humanReview": {
|
||
"title": "人工審查",
|
||
"body": "由負責人確認例外、風險接受、修復順序與是否進入執行期閘門。"
|
||
},
|
||
"runtimeGate": {
|
||
"title": "批准後開閘",
|
||
"body": "只有明確批准後才允許掃描、修復、部署或主機變更的執行期流程。"
|
||
},
|
||
"tightening": {
|
||
"title": "逐步收嚴",
|
||
"body": "依證據與影響範圍分批提高管控,不一次把整個產品流程鎖死。"
|
||
}
|
||
}
|
||
},
|
||
"lowFrictionNextActions": {
|
||
"title": "低摩擦下一步行動邊界",
|
||
"subtitle": "S2.112 把 IwoooS 主入口的下一步拆成可做、準備與禁止:目前只能推只讀盤點、脫敏證據包與人工審查準備,掃描、主機變更、部署、來源切換仍要等明確批准與執行期閘門。",
|
||
"boundaryTitle": "下一步行動邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是下一步行動的前台說明與防誤用邊界,不是掃描、修復、批准、部署、主機變更或版本來源操作入口。",
|
||
"summary": {
|
||
"allowed": {
|
||
"label": "可做項",
|
||
"detail": "只讀盤點與脫敏證據可以繼續。"
|
||
},
|
||
"prep": {
|
||
"label": "準備項",
|
||
"detail": "人工審查資料可整理,不等於批准。"
|
||
},
|
||
"blocked": {
|
||
"label": "禁止項",
|
||
"detail": "掃描、主機變更、部署與來源操作仍關閉。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前仍是 0,沒有執行授權。"
|
||
}
|
||
},
|
||
"items": {
|
||
"observeInventory": {
|
||
"title": "只讀盤點與姿態整理",
|
||
"body": "可以繼續整理 Kali、開發主機、專案、網站、監控與工具的現況描述。",
|
||
"gate": "不可啟動掃描、登入主機或修改設定。"
|
||
},
|
||
"evidencePacket": {
|
||
"title": "脫敏證據包",
|
||
"body": "可以整理版本來源、負責人回覆、快照與 guard 結果的脫敏參照。",
|
||
"gate": "不可收集機密明文、token value 或未脫敏 payload。"
|
||
},
|
||
"humanReviewPrep": {
|
||
"title": "人工審查準備",
|
||
"body": "可以把例外、風險接受、修復順序與候選 gate 整理成人工審查材料。",
|
||
"gate": "不可把準備材料視為批准紀錄或執行期閘門。"
|
||
},
|
||
"runtimeClosed": {
|
||
"title": "執行期仍關閉",
|
||
"body": "掃描、修復、部署、SSH、主機更新、主要來源切換與 Gitea 停用都仍禁止。",
|
||
"gate": "只有明確批准與後續 runtime gate 開啟後才可能進入執行。"
|
||
}
|
||
}
|
||
},
|
||
"progressMovementSignals": {
|
||
"title": "58% 進度移動訊號驗收條",
|
||
"subtitle": "S2.113 把真正會讓整體資安網 headline 往前的訊號拉到 IwoooS:負責人回覆、脫敏證據匯入、執行期閘門、GitHub 主要來源就緒與 AwoooP 落地證據目前都還是 0 或 false,所以進度維持 58%。",
|
||
"boundaryTitle": "進度移動驗收邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是 headline 移動條件的只讀驗收條,不是進度灌水、批准、掃描、修復、部署、主機變更或版本來源操作入口。",
|
||
"summary": {
|
||
"headline": {
|
||
"label": "目前進度",
|
||
"detail": "仍維持 58%,不把框架細節灌水。"
|
||
},
|
||
"signals": {
|
||
"label": "移動訊號",
|
||
"detail": "五個訊號都要有可驗收證據。"
|
||
},
|
||
"passed": {
|
||
"label": "已通過",
|
||
"detail": "目前 0,還沒有 headline 移動證據。"
|
||
},
|
||
"runtime": {
|
||
"label": "執行期閘門",
|
||
"detail": "目前 0,沒有執行授權。"
|
||
}
|
||
},
|
||
"items": {
|
||
"ownerResponse": {
|
||
"title": "負責人回覆接受",
|
||
"body": "S4.9 至少要有可追溯、已脫敏且通過驗收的 owner response,才可能觸發 headline review。"
|
||
},
|
||
"redactedEvidence": {
|
||
"title": "脫敏證據匯入",
|
||
"body": "只接受 metadata 與脫敏參照;未脫敏 payload、機密明文與 token value 仍要隔離。"
|
||
},
|
||
"runtimeGate": {
|
||
"title": "執行期閘門開啟",
|
||
"body": "只有人工批准與後續 runtime gate 開啟後,才可能進入掃描、修復或主機變更。"
|
||
},
|
||
"sourceControl": {
|
||
"title": "GitHub 主要來源就緒",
|
||
"body": "需要 target、refs truth、workflow / secret 名稱與 rollback readiness 都有 owner evidence。"
|
||
},
|
||
"awooopLanding": {
|
||
"title": "AwoooP 落地證據",
|
||
"body": "AwoooP 需能只讀消費 snapshot、guard 與 evidence refs,且不新增執行按鈕。"
|
||
}
|
||
}
|
||
},
|
||
"firstProgressUnlockPath": {
|
||
"title": "第一個進度解鎖路徑",
|
||
"subtitle": "S2.114 把 58% 下一個真正能往前的路徑收斂到 S4.9 負責人回覆:先收到可追溯回覆,再補齊脫敏證據參照,通過收件預檢與審查接受後,才可能成為 headline review 候選。",
|
||
"stepLabel": "步驟",
|
||
"boundaryTitle": "第一解鎖路徑邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是 S4.9 第一解鎖路徑的只讀收斂,不是送件完成、回覆已收到、批准、掃描、修復、部署或執行期入口。",
|
||
"summary": {
|
||
"focus": {
|
||
"label": "目前焦點",
|
||
"detail": "S4.9 是第一個可能推動 58% 的收件路徑。"
|
||
},
|
||
"steps": {
|
||
"label": "解鎖步驟",
|
||
"detail": "五步都需要證據,不跳步。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前 0,還不能觸發 headline review。"
|
||
},
|
||
"headline": {
|
||
"label": "進度審查",
|
||
"detail": "目前未開,只能等待證據。"
|
||
}
|
||
},
|
||
"items": {
|
||
"ownerResponseScope": {
|
||
"title": "收到負責人回覆",
|
||
"body": "先確認 S4.9 owner role、decision、reason、scope 與 follow-up owner 都可追溯。"
|
||
},
|
||
"redactedEvidencePointer": {
|
||
"title": "補齊脫敏證據參照",
|
||
"body": "只收 metadata 與 evidence refs,不收機密明文、token value 或未脫敏 payload。"
|
||
},
|
||
"intakePreflight": {
|
||
"title": "通過收件預檢",
|
||
"body": "檢查欄位完整、範圍一致、敏感內容隔離與禁止變更條款都成立。"
|
||
},
|
||
"reviewAcceptance": {
|
||
"title": "審查接受",
|
||
"body": "人工 reviewer 接受後,才可把 S4.9 視為有效 movement signal。"
|
||
},
|
||
"headlineReviewCandidate": {
|
||
"title": "成為進度審查候選",
|
||
"body": "只有 accepted evidence 出現後,才可能進入 headline review;目前仍未授權。"
|
||
}
|
||
}
|
||
},
|
||
"firstUnlockEvidencePacket": {
|
||
"title": "第一解鎖證據包",
|
||
"subtitle": "S2.115 把 S4.9 要讓 58% 真正前進所需的證據收斂成五個欄位:負責人判定 metadata、範圍與來源參照、脫敏聲明、收件預檢軌跡、審查接受摘要。這裡只顯示要補什麼,不收 raw payload、不收機密明文、不開 headline review。",
|
||
"slotLabel": "欄位",
|
||
"boundaryTitle": "證據包收件邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是第一解鎖證據包的只讀欄位定義,不是送件、收件、驗收通過、審批、掃描、修復、部署或執行期入口。",
|
||
"summary": {
|
||
"slots": {
|
||
"label": "證據欄位",
|
||
"detail": "五個欄位缺一不可。"
|
||
},
|
||
"filled": {
|
||
"label": "已補齊",
|
||
"detail": "目前仍是 0,不把定義當證據。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍是 0,不能觸發進度審查。"
|
||
},
|
||
"payload": {
|
||
"label": "敏感 payload",
|
||
"detail": "raw payload、token value 與機密明文都禁止收件。"
|
||
}
|
||
},
|
||
"items": {
|
||
"ownerDecisionMetadata": {
|
||
"title": "負責人判定 metadata",
|
||
"body": "需要 owner role、decision、reason、follow-up owner 與判定時間;不接受口頭同意。"
|
||
},
|
||
"scopeEvidenceRefs": {
|
||
"title": "範圍與來源參照",
|
||
"body": "需要對應 S4.9 範圍、Gitea / GitHub 來源脈絡與可追溯 evidence refs。"
|
||
},
|
||
"redactionAttestation": {
|
||
"title": "脫敏聲明",
|
||
"body": "需要明確標示只含 metadata 與 evidence pointer,raw payload 與機密值已隔離。"
|
||
},
|
||
"preflightTrace": {
|
||
"title": "收件預檢軌跡",
|
||
"body": "需要欄位完整、範圍一致、敏感內容隔離與禁止變更條款的預檢結果。"
|
||
},
|
||
"reviewAcceptanceSummary": {
|
||
"title": "審查接受摘要",
|
||
"body": "人工 reviewer 接受後才可形成 movement signal;目前仍未接受、未授權。"
|
||
}
|
||
}
|
||
},
|
||
"firstUnlockEvidencePacketPreflightOutcomes": {
|
||
"title": "第一解鎖證據包預檢分流",
|
||
"subtitle": "S2.116 把第一解鎖證據包進來後的結果分成六條只讀分流:可進審查、補 owner metadata、補範圍參照、隔離 raw payload、拒收機密值、等待 reviewer。這裡只說明預檢結果,不把任何分流當成已接受或授權。",
|
||
"laneLabel": "分流",
|
||
"boundaryTitle": "預檢分流邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是第一解鎖證據包的預檢結果分流,不是證據已補齊、審查已接受、headline review、掃描、修復、部署或執行期入口。",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "結果分流",
|
||
"detail": "六條分流讓補證、隔離與拒收不混在一起。"
|
||
},
|
||
"ready": {
|
||
"label": "可進審查",
|
||
"detail": "目前仍是 0,沒有可審查證據包。"
|
||
},
|
||
"quarantine": {
|
||
"label": "已隔離",
|
||
"detail": "目前仍是 0;若有 raw payload 才會隔離。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍是 0,不能推動 headline。"
|
||
}
|
||
},
|
||
"items": {
|
||
"readyForReview": {
|
||
"title": "可進人工審查",
|
||
"body": "五個欄位完整、只有 metadata 與脫敏參照時,才可進 reviewer queue;目前仍是 0。"
|
||
},
|
||
"needsOwnerMetadata": {
|
||
"title": "要求補 owner metadata",
|
||
"body": "缺 owner role、decision、reason、follow-up owner 或判定時間時,只能退回補欄。"
|
||
},
|
||
"needsScopeRefs": {
|
||
"title": "要求補範圍參照",
|
||
"body": "缺 S4.9 範圍、來源脈絡或 evidence refs 時,不能進審查。"
|
||
},
|
||
"quarantineRawPayload": {
|
||
"title": "隔離 raw payload",
|
||
"body": "任何未脫敏 payload、截圖原文或高風險輸出都要隔離,不進一般審查。"
|
||
},
|
||
"rejectSecretValue": {
|
||
"title": "拒收機密明文值",
|
||
"body": "token value、登入口令、私鑰或其他機密明文值直接拒收,不保留在前端或 snapshot。"
|
||
},
|
||
"waitingReviewer": {
|
||
"title": "等待 reviewer 接受",
|
||
"body": "預檢可通過也不代表 accepted;仍需人工 reviewer 接受後才可能形成 movement signal。"
|
||
}
|
||
}
|
||
},
|
||
"firstUnlockEvidencePacketSupplementPath": {
|
||
"title": "第一解鎖證據包補件路徑",
|
||
"subtitle": "S2.117 把第一解鎖證據包未通過預檢時的補件方式拆成五步:補 owner metadata、補範圍參照、補脫敏聲明、補預檢軌跡、等待 reviewer queue。這裡只顯示補件路徑,不送出 request、不接受證據、不開 headline review。",
|
||
"stepLabel": "補件步驟",
|
||
"boundaryTitle": "補件路徑邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是第一解鎖證據包的補件說明,不是送件、收件、審查接受、headline review、掃描、修復、部署或執行期入口。",
|
||
"summary": {
|
||
"steps": {
|
||
"label": "補件步驟",
|
||
"detail": "五步只說明缺口,不代表已補齊。"
|
||
},
|
||
"ready": {
|
||
"label": "可送審",
|
||
"detail": "目前仍是 0,沒有可送審補件。"
|
||
},
|
||
"submitted": {
|
||
"label": "已送出",
|
||
"detail": "目前仍是 0,不把路徑當 request sent。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍是 0,headline 不提高。"
|
||
}
|
||
},
|
||
"items": {
|
||
"ownerMetadataPatch": {
|
||
"title": "補 owner metadata",
|
||
"body": "補齊 owner role、decision、reason、follow-up owner 與判定時間;缺一項就不能進審查。"
|
||
},
|
||
"scopeRefsPatch": {
|
||
"title": "補範圍與來源參照",
|
||
"body": "補上 S4.9 scope、Gitea / GitHub 來源脈絡與 evidence refs,避免範圍漂移。"
|
||
},
|
||
"redactionPatch": {
|
||
"title": "補脫敏聲明",
|
||
"body": "只允許 metadata 與 evidence pointer;raw payload、token value、私鑰與登入口令仍不可收。"
|
||
},
|
||
"preflightTracePatch": {
|
||
"title": "補預檢軌跡",
|
||
"body": "補上欄位完整、範圍一致、敏感內容隔離與禁止變更條款的檢查結果。"
|
||
},
|
||
"reviewerQueuePatch": {
|
||
"title": "等待 reviewer queue",
|
||
"body": "補件就緒也只是進入人工 reviewer queue;accepted 前不得成為 movement signal。"
|
||
}
|
||
}
|
||
},
|
||
"firstUnlockEvidencePacketSupplementPreReview": {
|
||
"title": "第一解鎖證據包補件送審前檢查",
|
||
"subtitle": "S2.118 把補件要進 reviewer queue 前的檢查拆成六項:owner metadata 完整、範圍參照可追溯、脫敏聲明成立、預檢軌跡附上、禁止變更條款維持、reviewer queue 未開。這裡只顯示送審前檢查,不代表補件已送出或已接受。",
|
||
"checkLabel": "檢查",
|
||
"boundaryTitle": "送審前檢查邊界",
|
||
"boundaryIntro": "以下鍵值固定:這是補件送審前檢查,不是送件、收件、審查接受、headline review、掃描、修復、部署或執行期入口。",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "檢查項",
|
||
"detail": "六項都只是送審前條件。"
|
||
},
|
||
"passed": {
|
||
"label": "已通過",
|
||
"detail": "目前仍是 0,不把檢查表當通過。"
|
||
},
|
||
"ready": {
|
||
"label": "可送審",
|
||
"detail": "目前仍是 0,reviewer queue 未開。"
|
||
},
|
||
"queue": {
|
||
"label": "審查佇列",
|
||
"detail": "目前 false,沒有送審入口。"
|
||
}
|
||
},
|
||
"items": {
|
||
"ownerMetadataComplete": {
|
||
"title": "owner metadata 完整",
|
||
"body": "確認 owner role、decision、reason、follow-up owner 與判定時間都存在且可追溯。"
|
||
},
|
||
"scopeRefsTraceable": {
|
||
"title": "範圍參照可追溯",
|
||
"body": "確認 S4.9 scope、來源脈絡與 evidence refs 一致,不把其他專案或其他主機混入。"
|
||
},
|
||
"redactionAttested": {
|
||
"title": "脫敏聲明成立",
|
||
"body": "確認只含 metadata 與 evidence pointer,raw payload、token value、私鑰與登入口令都未進入收件。"
|
||
},
|
||
"preflightTraceAttached": {
|
||
"title": "預檢軌跡附上",
|
||
"body": "確認欄位完整、範圍一致、敏感內容隔離與禁止變更條款都有檢查結果。"
|
||
},
|
||
"noMutationClauseHeld": {
|
||
"title": "禁止變更條款維持",
|
||
"body": "確認補件不會觸發 repo、refs、workflow、secret、Kali、SSH、部署或主機變更。"
|
||
},
|
||
"reviewerQueueReady": {
|
||
"title": "reviewer queue 未開",
|
||
"body": "即使前五項都補齊,也要等人工 reviewer queue 開啟;目前仍是 false。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseWorkOrder": {
|
||
"title": "S4.9 Owner Response 人工收件工作單",
|
||
"subtitle": "S2.101 把第一個真正能推動 58% 的 S4.9 回覆收件格式放到 IwoooS:每項都要包含 owner role/team、decision、decision reason、受影響 scope、脫敏 evidence refs 與 follow-up owner。這裡只是人工收件工作單,不送出 request、不收件、不標記 received / accepted。",
|
||
"itemLabel": "收件項目",
|
||
"requiredFieldsLabel": "必填欄位",
|
||
"acceptanceLabel": "驗收方式",
|
||
"guardLabel": "仍禁止",
|
||
"boundaryTitle": "S4.9 收件邊界",
|
||
"summary": {
|
||
"items": {
|
||
"label": "工作項",
|
||
"detail": "五個 S4.9 owner response 項目仍全部未收。"
|
||
},
|
||
"fields": {
|
||
"label": "每項必填",
|
||
"detail": "六個欄位缺一不可,避免口頭同意被誤收。"
|
||
},
|
||
"received": {
|
||
"label": "已收到",
|
||
"detail": "目前仍是 0,不把工作單當回覆。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍是 0,五項通過前不得 accepted。"
|
||
}
|
||
},
|
||
"items": {
|
||
"scopeGapResponse": {
|
||
"title": "Public-only / local gap 回覆",
|
||
"body": "請 owner 判定 public-only 與 local Gitea 差異是否納入本輪 inventory / migration scope。",
|
||
"requiredFields": "owner role/team、decision、decision reason、affected scope、redacted evidence refs、follow-up owner。",
|
||
"acceptance": "decision 必須落在 in scope、out of scope、legacy archived、external system、inaccessible 或 needs more evidence。",
|
||
"guard": "不建立 repo、不讀私有內容、不同步 refs、不把差異判定當 migration approval。"
|
||
},
|
||
"endpointIdentityResponse": {
|
||
"title": "Gitea `wooo` endpoint 身分回覆",
|
||
"body": "請 owner 判定 `wooo` 應以 user、org 或雙重來源盤點,避免把 endpoint 404 誤讀成不存在。",
|
||
"requiredFields": "owner role/team、canonical endpoint identity、decision reason、affected endpoint、redacted evidence refs、follow-up owner。",
|
||
"acceptance": "必須能追溯到已知 endpoint evidence,且不得含 token、cookie、private URL credential 或 admin API payload。",
|
||
"guard": "不呼叫 Gitea admin API、不使用 token、不把 endpoint 身分當 inventory completed。"
|
||
},
|
||
"adjacentSourceResponse": {
|
||
"title": "110 adjacent source scope 回覆",
|
||
"body": "請 owner 判定 `bitan-pharmacy`、`root/momo-pro-system`、`tsenyang-website`、`wooo/wooo-infra-config` 是否納入本輪 scope。",
|
||
"requiredFields": "owner role/team、per-source decision、decision reason、affected source、redacted evidence refs、follow-up owner。",
|
||
"acceptance": "逐項標示 in scope、out of scope、legacy、external、inaccessible 或 needs more evidence,並保留脫敏 trace。",
|
||
"guard": "不讀取私有 repo 內容、不匯入 archive、不把 110 adjacent source 自動納入 migration。"
|
||
},
|
||
"canonicalOwnerResponse": {
|
||
"title": "Repo owner / canonical scope 回覆",
|
||
"body": "請 owner 為 in-scope repo 指定 canonical source、GitHub target candidate、visibility review owner 與理由。",
|
||
"requiredFields": "owner role/team、canonical source、GitHub target candidate、visibility review owner、redacted evidence refs、follow-up owner。",
|
||
"acceptance": "target candidate 只能作為 readiness evidence,需後續 S4.10 / S4.11 / S4.12 驗收後才可進 primary review。",
|
||
"guard": "不建立 GitHub repo、不改 visibility、不切 primary、不把 target candidate 當 approval。"
|
||
},
|
||
"legacyDispositionResponse": {
|
||
"title": "Legacy / inaccessible disposition 回覆",
|
||
"body": "請 owner 對 legacy、inaccessible 或 external repo 留下 disposition、理由與後續負責人。",
|
||
"requiredFields": "owner role/team、disposition、decision reason、affected repo/source、redacted evidence refs、follow-up owner。",
|
||
"acceptance": "disposition 只能是 archive candidate、exclude、follow-up evidence、external owner 或 needs more evidence。",
|
||
"guard": "不刪除、不停用、不封存 repo;disposition 只是人工分類,不是執行命令。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseEnvelope": {
|
||
"title": "S4.9 負責人回覆封套欄位",
|
||
"subtitle": "S2.102 把 S4.9 負責人回覆的六個必填欄位做成只讀回覆封套矩陣。這讓負責人可以照同一格式回覆,也讓審查者能逐欄驗收;目前仍是空白封套,不提交、不收件、不建立稽核事件。",
|
||
"fieldLabel": "封套欄位",
|
||
"formatLabel": "建議格式",
|
||
"guardLabel": "仍禁止",
|
||
"boundaryTitle": "回覆封套邊界",
|
||
"summary": {
|
||
"fields": {
|
||
"label": "欄位",
|
||
"detail": "六個欄位缺一不可。"
|
||
},
|
||
"filled": {
|
||
"label": "已填",
|
||
"detail": "目前仍是 0,不把封套當回覆。"
|
||
},
|
||
"submitted": {
|
||
"label": "已提交",
|
||
"detail": "目前仍是 0,不送出請求。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍是 0,不開進度重估。"
|
||
}
|
||
},
|
||
"items": {
|
||
"ownerRoleTeam": {
|
||
"title": "負責人角色 / 團隊",
|
||
"body": "標示這筆 S4.9 回覆由哪個角色、團隊或負責人代表提供。",
|
||
"format": "使用角色 / 團隊名稱與可追溯責任範圍,不填個人密碼、權杖或私人聯絡資訊。",
|
||
"guard": "不把負責人欄位當審批人、不自動指派權責。"
|
||
},
|
||
"decision": {
|
||
"title": "判定 / 處置",
|
||
"body": "標示這筆回覆的判定結果,例如納入範圍、排除範圍、既有封存、外部系統、無法存取或需要更多證據。",
|
||
"format": "只能使用該收件項允許值,避免自由文字被誤讀成遷移批准。",
|
||
"guard": "不把同意、可進行或看起來沒問題升級成主要來源切換。"
|
||
},
|
||
"decisionReason": {
|
||
"title": "判定理由",
|
||
"body": "說明判定理由,讓審查者能追溯為什麼該專案庫、端點或範圍被納入、排除或要求補證。",
|
||
"format": "使用短句與證據參照對應,不貼原始日誌、私有網址憑證或機密片段。",
|
||
"guard": "不把理由欄當正式 ADR、不把口頭理由當審批紀錄。"
|
||
},
|
||
"affectedScope": {
|
||
"title": "受影響範圍",
|
||
"body": "列出受影響專案庫、端點、來源或範圍,讓 S4.13 驗收彙整能對應到正確收件項。",
|
||
"format": "使用專案庫 / 端點 / 來源名稱或脫敏識別碼,不貼封存檔、資料庫傾印或 Git 物件包。",
|
||
"guard": "不讀取私有內容、不匯入來源、不自動擴大遷移範圍。"
|
||
},
|
||
"redactedEvidenceRefs": {
|
||
"title": "脫敏證據參照",
|
||
"body": "引用已脫敏的文件、快照、中繼資料指標或審查者可追溯的證據參照。",
|
||
"format": "只接受脫敏參照;權杖、機密、cookie、session、私鑰、憑證明文必須隔離。",
|
||
"guard": "不保存機密明文、不把證據參照當載荷匯入。"
|
||
},
|
||
"followupOwner": {
|
||
"title": "後續負責人",
|
||
"body": "指定若需要補證、隔離、拒收或後續 S4.10-S4.12 判定時的負責人。",
|
||
"format": "使用角色 / 團隊 / 工作窗口,不含私人機密與一次性憑證。",
|
||
"guard": "不把後續負責人當批准者、不開執行期閘門。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseEnvelopePreflight": {
|
||
"title": "S4.9 負責人回覆封套送件前檢查",
|
||
"subtitle": "S2.103 把回覆封套送出前的六個檢查點做成只讀看板。它只協助負責人與審查者確認欄位、判定、證據、範圍、變更要求與後續負責人是否可讀;目前通過=0、可送件=0,不送出、不收件、不建立稽核事件。",
|
||
"checkLabel": "送件前檢查",
|
||
"failureLabel": "不通過時",
|
||
"guardLabel": "仍禁止",
|
||
"boundaryTitle": "送件前檢查邊界",
|
||
"summary": {
|
||
"checks": {
|
||
"label": "檢查項",
|
||
"detail": "六個檢查缺一不可。"
|
||
},
|
||
"passed": {
|
||
"label": "通過",
|
||
"detail": "目前仍是 0,不把封套當可送件。"
|
||
},
|
||
"ready": {
|
||
"label": "可送件",
|
||
"detail": "目前仍是 0,不開收件。"
|
||
},
|
||
"submitted": {
|
||
"label": "已提交",
|
||
"detail": "目前仍是 0,不送出請求。"
|
||
}
|
||
},
|
||
"items": {
|
||
"fieldCompleteness": {
|
||
"title": "六欄完整檢查",
|
||
"body": "確認負責人角色 / 團隊、判定 / 處置、判定理由、受影響範圍、脫敏證據參照、後續負責人六欄都存在。",
|
||
"failure": "缺欄時只能要求補齊,不得標記可送件。",
|
||
"guard": "不接受口頭同意、不用缺欄封套建立審批紀錄。"
|
||
},
|
||
"allowedDisposition": {
|
||
"title": "判定值允許檢查",
|
||
"body": "確認判定落在該收件項允許值內,避免自由文字被誤讀成遷移或主要來源批准。",
|
||
"failure": "判定值不明確時只能要求負責人修正。",
|
||
"guard": "不把同意、可進行、看起來沒問題升級成執行授權。"
|
||
},
|
||
"redactedEvidence": {
|
||
"title": "脫敏證據檢查",
|
||
"body": "確認證據只引用脫敏文件、快照或中繼資料指標,沒有機密明文、權杖、私鑰、cookie 或 session。",
|
||
"failure": "出現敏感載荷時只能隔離,不得匯入或轉送。",
|
||
"guard": "不保存機密明文、不把證據參照當載荷匯入。"
|
||
},
|
||
"scopeTraceability": {
|
||
"title": "範圍追溯檢查",
|
||
"body": "確認受影響專案庫、端點、來源或範圍能對應到 S4.9 五個人工收件項之一。",
|
||
"failure": "範圍無法對應時只能要求補證或修正範圍。",
|
||
"guard": "不讀取私有內容、不匯入來源、不自動擴大遷移範圍。"
|
||
},
|
||
"mutationRequestRejected": {
|
||
"title": "變更要求拒收檢查",
|
||
"body": "確認回覆封套沒有夾帶建立專案庫、改可見性、同步分支、修改工作流程或收集機密值的要求。",
|
||
"failure": "夾帶變更要求時只能拒收或拆到獨立人工閘門。",
|
||
"guard": "不從封套觸發 GitHub、Gitea、分支 / 標籤參照、工作流程、機密設定或執行器動作。"
|
||
},
|
||
"followupOwnerTrace": {
|
||
"title": "後續負責人追溯檢查",
|
||
"body": "確認補證、隔離、拒收或後續 S4.10-S4.12 判定都有可追溯角色或團隊。",
|
||
"failure": "沒有後續負責人時只能維持等待,不得進入接受。",
|
||
"guard": "不把後續負責人當批准者、不開執行期閘門。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseEnvelopePreflightOutcome": {
|
||
"title": "S4.9 負責人回覆封套送件前結果分流",
|
||
"subtitle": "S2.104 把送件前檢查後的七種結果做成只讀分流。它只說明封套不通過時要補欄、修正判定、隔離敏感證據、修正範圍、拒收變更要求或維持等待;目前可進收件=0,不送出、不收件、不接受。",
|
||
"laneLabel": "結果分流",
|
||
"nextLabel": "下一步",
|
||
"guardLabel": "仍禁止",
|
||
"boundaryTitle": "結果分流邊界",
|
||
"summary": {
|
||
"lanes": {
|
||
"label": "分流",
|
||
"detail": "七條分流只供人工判讀。"
|
||
},
|
||
"ready": {
|
||
"label": "可進收件",
|
||
"detail": "目前仍是 0,不開收件。"
|
||
},
|
||
"quarantined": {
|
||
"label": "已隔離",
|
||
"detail": "目前仍是 0,不保存敏感載荷。"
|
||
},
|
||
"rejected": {
|
||
"label": "已拒收",
|
||
"detail": "目前仍是 0,不建立拒收紀錄。"
|
||
}
|
||
},
|
||
"items": {
|
||
"keepEnvelopeWaiting": {
|
||
"title": "維持封套等待",
|
||
"body": "封套尚未通過送件前檢查時,保持等待狀態,避免被誤認成已送出或已收到。",
|
||
"next": "回到封套欄位與送件前檢查,不建立任何收件事件。",
|
||
"guard": "不把等待狀態當進度增加、不開人工批准。"
|
||
},
|
||
"requestFieldCompletion": {
|
||
"title": "要求補齊欄位",
|
||
"body": "六欄任一缺漏時,要求補齊負責人角色 / 團隊、判定、理由、範圍、脫敏證據或後續負責人。",
|
||
"next": "只回到補欄,不標記可進收件。",
|
||
"guard": "不接受口頭補充、不用缺欄封套建立審批紀錄。"
|
||
},
|
||
"requestDispositionCorrection": {
|
||
"title": "要求修正判定",
|
||
"body": "判定值不在允許範圍或語意模糊時,要求負責人改成可驗收的明確判定。",
|
||
"next": "只要求修正判定,不推進主要來源或遷移判定。",
|
||
"guard": "不把同意、可進行或看起來沒問題當執行授權。"
|
||
},
|
||
"quarantineSensitiveEvidence": {
|
||
"title": "隔離敏感證據",
|
||
"body": "若封套含機密明文、權杖、私鑰、cookie、session 或私有憑證,必須先隔離。",
|
||
"next": "只進隔離與脫敏補證,不匯入原始載荷。",
|
||
"guard": "不保存機密明文、不轉送敏感載荷。"
|
||
},
|
||
"requestScopeCorrection": {
|
||
"title": "要求修正範圍",
|
||
"body": "受影響專案庫、端點、來源或範圍無法對應 S4.9 收件項時,要求補證或修正。",
|
||
"next": "只回到範圍補正,不自動擴大遷移範圍。",
|
||
"guard": "不讀取私有內容、不匯入來源。"
|
||
},
|
||
"rejectMutationRequest": {
|
||
"title": "拒收變更要求",
|
||
"body": "封套夾帶建立專案庫、改可見性、同步分支、修改工作流程或收集機密值時,直接分流為拒收。",
|
||
"next": "只記為需另開人工閘門的變更要求,不在封套內處理。",
|
||
"guard": "不從封套觸發 GitHub、Gitea、分支 / 標籤參照、工作流程、機密設定或執行器動作。"
|
||
},
|
||
"keepFollowupOwnerWaiting": {
|
||
"title": "維持後續負責人等待",
|
||
"body": "補證、隔離、拒收或後續 S4.10-S4.12 判定沒有可追溯角色或團隊時,維持等待。",
|
||
"next": "只要求補上後續負責人,不進入接受。",
|
||
"guard": "不把後續負責人當批准者、不開執行期閘門。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponseRequestDraft": {
|
||
"title": "S4.9 負責人回覆送件請求草稿",
|
||
"subtitle": "S2.105 把送件請求拆成只讀草稿,讓封套、預檢與結果分流之後仍有明確的防誤送邊界。這裡只顯示送件前要整理的草稿項,不寄送 request、不通知負責人、不建立稽核事件、不標記收到或接受。",
|
||
"draftLabel": "草稿項",
|
||
"gapLabel": "目前缺口",
|
||
"guardLabel": "仍禁止",
|
||
"boundaryTitle": "送件草稿邊界",
|
||
"summary": {
|
||
"drafts": {
|
||
"label": "草稿項",
|
||
"detail": "六個草稿項只供人工整理。"
|
||
},
|
||
"ready": {
|
||
"label": "可送件",
|
||
"detail": "目前仍是 0,不開送件。"
|
||
},
|
||
"sent": {
|
||
"label": "已送出",
|
||
"detail": "目前仍是 0,不通知負責人。"
|
||
},
|
||
"emitted": {
|
||
"label": "稽核事件",
|
||
"detail": "目前仍是 0,不寫入事件。"
|
||
}
|
||
},
|
||
"items": {
|
||
"scopeMappingDraft": {
|
||
"title": "收件範圍對應草稿",
|
||
"body": "把 S4.9 五個人工收件項對應到封套範圍,確認每筆請求只問已定義的清冊、端點、鄰近來源、標準負責人或 legacy disposition 問題。",
|
||
"gap": "尚未有可送出的範圍對應,不建立 request。",
|
||
"guard": "不自動擴大專案庫範圍、不把範圍草稿當 owner response。"
|
||
},
|
||
"ownerRecipientDraft": {
|
||
"title": "負責人收件對象草稿",
|
||
"body": "只列出需要人工確認的角色、團隊或後續負責人欄位,不推定個人信箱、帳號或權限。",
|
||
"gap": "收件對象尚未確認,不寄送通知。",
|
||
"guard": "不抓取私有通訊錄、不自動標記 owner 已通知。"
|
||
},
|
||
"redactedEvidenceDraft": {
|
||
"title": "脫敏證據參照草稿",
|
||
"body": "只允許引用脫敏快照、文件路徑或 metadata 指標,避免把 token、私鑰、cookie、session 或原始 inventory payload 放進請求。",
|
||
"gap": "尚未有可接受的脫敏證據包,不進收件。",
|
||
"guard": "不保存機密明文、不轉送敏感載荷。"
|
||
},
|
||
"noMutationClauseDraft": {
|
||
"title": "禁止變更條款草稿",
|
||
"body": "送件文字必須明確說明這不是建立專案庫、改可見性、同步分支、修改 workflow、收集 secret value 或切換主要來源的要求。",
|
||
"gap": "禁止變更條款未經人工確認前,不可送件。",
|
||
"guard": "不把 request 草稿變成 GitHub、Gitea、分支 / 標籤參照、工作流程或機密設定動作。"
|
||
},
|
||
"auditTemplateDraft": {
|
||
"title": "稽核事件範本草稿",
|
||
"body": "預先標出未來若人工送件時需要留下的事件欄位,但目前仍是 template only,沒有 event id、沒有 emitted timestamp。",
|
||
"gap": "稽核事件仍未發出,不能作為已送件證據。",
|
||
"guard": "不寫入 production audit、不把範本當正式紀錄。"
|
||
},
|
||
"manualDispatchGateDraft": {
|
||
"title": "人工送件閘門草稿",
|
||
"body": "把送件前最後一道人工確認獨立出來:只有確認收件範圍、對象、脫敏證據、禁止變更條款與稽核範本後,才可另行批准送件。",
|
||
"gap": "人工送件閘門未開,request_sent 仍為 false。",
|
||
"guard": "不提供送出按鈕、不代替負責人回覆、不開執行期閘門。"
|
||
}
|
||
}
|
||
},
|
||
"s49OwnerResponsePreflight": {
|
||
"title": "S4.9 Owner Response 收件前 Preflight",
|
||
"subtitle": "S2.48 把 S4.9 的 6 個收件前檢查拉到 IwoooS:先確認回覆是否對應已知 attestation item、欄位完整、decision 合法、evidence 脫敏、沒有執行要求,且五個 items 到齊前不得 accepted。這裡只顯示 preflight,不寄送 request、不標記 received、不建立 audit event。",
|
||
"checkLabel": "Preflight",
|
||
"failureLabel": "不通過時",
|
||
"guardLabel": "仍禁止",
|
||
"items": {
|
||
"knownAttestationItem": {
|
||
"title": "對應 S4.7 已知 item",
|
||
"body": "owner response 必須明確對應 public-only / local gap、org/user endpoint、110 adjacent source、canonical owner 或 legacy disposition 其中之一。",
|
||
"failure": "不明確時只能 request owner correction,不能進 accepted。",
|
||
"guard": "不把模糊回覆當作 coverage attestation,也不自動補成某個 item。"
|
||
},
|
||
"requiredOwnerFields": {
|
||
"title": "必填欄位完整",
|
||
"body": "每筆回覆都要有 owner role/team、decision、decision reason、受影響 scope、evidence refs 與 followup owner。",
|
||
"failure": "欄位不足只能 request more evidence。",
|
||
"guard": "不接受口頭 OK、不用缺欄位回覆建立 approval record。"
|
||
},
|
||
"allowedDecision": {
|
||
"title": "Decision 在允許值內",
|
||
"body": "decision 必須落在該 template 允許的 acceptable decisions,避免自由文字被誤讀成授權。",
|
||
"failure": "decision 不合規時 request owner correction。",
|
||
"guard": "不把同意、可進行、看起來沒問題升級成 migration 或 primary approval。"
|
||
},
|
||
"redactedEvidenceOnly": {
|
||
"title": "只接受脫敏 evidence refs",
|
||
"body": "evidence 只能指向 repo 內文件、snapshot 或脫敏 metadata pointer,不貼 token、secret、cookie、session、private key 或私有 URL 憑證。",
|
||
"failure": "出現敏感 payload 只能 quarantine sensitive payload。",
|
||
"guard": "不保存 raw secret、不匯入 DB dump、不收 git object pack 或 repo archive。"
|
||
},
|
||
"noExecutionRequest": {
|
||
"title": "不得夾帶執行要求",
|
||
"body": "回覆不得要求 Gitea/GitHub 寫入、repo 建立、visibility 修改、refs sync/delete/force-push、workflow/secret/runner 變更、scan 或 runtime action。",
|
||
"failure": "夾帶執行要求時 reject execution request。",
|
||
"guard": "不寫 Gitea、不建 GitHub repo、不同步 refs、不開 runtime gate。"
|
||
},
|
||
"allFiveItemsBeforeAccepted": {
|
||
"title": "五個項目到齊前不得 Accepted",
|
||
"body": "S4.9 要被標示 accepted 前,五個回覆範本都必須收到可驗收的負責人回覆。",
|
||
"failure": "部分回覆只能維持 waiting 或 request more evidence。",
|
||
"guard": "preflight 可見不代表 request sent、received、accepted 或 audit emitted。"
|
||
}
|
||
}
|
||
},
|
||
"awooopCrossSessionHandoff": {
|
||
"title": "AwoooP 跨 Session Handoff",
|
||
"subtitle": "S2.52 將目前 PR、分支、進度語義、必跑 guard、禁止動作與下一個協調 gate 固定成只讀 handoff packet,讓另一個 AwoooP Session 可直接接手,不把 handoff 當 production landing 或執行授權。",
|
||
"packetLabel": "Handoff packet",
|
||
"handoffLabel": "交接說明",
|
||
"guardLabel": "仍鎖住",
|
||
"items": {
|
||
"branchAndPrAnchor": {
|
||
"title": "PR / 分支錨點",
|
||
"body": "目前以 PR #117 與 codex/security-supply-chain-contracts-20260512 作為只讀同步錨點。",
|
||
"handoff": "另一個 Session 先確認同一 PR / branch / latest commit,再讀 LOGBOOK 與 rollup ledger。",
|
||
"guard": "不從 handoff 自動 merge、deploy、切 primary 或改 refs。"
|
||
},
|
||
"progressSemantics": {
|
||
"title": "進度語義",
|
||
"body": "headline 仍是 58%,framework 80-85%,runtime / ingestion / GitHub primary / AwoooP production landing 35-40%。",
|
||
"handoff": "所有新 UI / docs / snapshot 只能進 framework_detail ledger,除非 owner response、runtime gate、GitHub primary 或 production landing 有 evidence。",
|
||
"guard": "不把 framework detail、readiness、handoff、guard pass 當 headline delta。"
|
||
},
|
||
"requiredGuardCommands": {
|
||
"title": "必跑 Guard",
|
||
"body": "接手前先跑 security-mirror-progress-guard.py 與 source-control-owner-response-guard.py。",
|
||
"handoff": "兩個 guard 都通過後才能繼續 read-only projection;失敗時先停下修 contract / snapshot。",
|
||
"guard": "不跳過 guard;不把 guard pass 當 runtime approval。"
|
||
},
|
||
"forbiddenRuntimeActions": {
|
||
"title": "Runtime 禁止動作",
|
||
"body": "Kali /execute、SSH、host update、active scan、credentialed scan、blocking control、repo / refs / workflow 動作仍未授權。",
|
||
"handoff": "另一個 Session 只能新增 read-only evidence、UI projection、docs、snapshot、guard。",
|
||
"guard": "runtime_execution_authorized=false;action_buttons_allowed=false"
|
||
},
|
||
"awooopReadOnlyInputs": {
|
||
"title": "AwoooP 只讀輸入",
|
||
"body": "可消費 rollup snapshot、IwoooS projection、owner response validation rollup、Kali status 與 rollout policy。",
|
||
"handoff": "AwoooP 主線接入時只顯示狀態、evidence refs、route group 與 forbidden actions。",
|
||
"guard": "不保存原始載荷、credential plaintext、token value 或 execution payload。"
|
||
},
|
||
"nextCoordinationGate": {
|
||
"title": "下一個協調 Gate",
|
||
"body": "下一個真正能推動 headline 的高層 gate 仍是 owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready 或 AwoooP production landing。",
|
||
"handoff": "若另一個 Session 要推進 production landing,必須提交 read-only consumption evidence 與 deployment proof。",
|
||
"guard": "不把 handoff packet 當 production consumption。"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"tickets": {
|
||
"title": "工單",
|
||
"subtitle": "事件工單追蹤",
|
||
"loading": "載入中...",
|
||
"id": "工單 ID",
|
||
"title_col": "標題",
|
||
"status": "狀態",
|
||
"priority": "優先級",
|
||
"createdAt": "建立時間",
|
||
"error": "載入失敗",
|
||
"noTickets": "目前無工單"
|
||
},
|
||
"users": {
|
||
"title": "操作稽核",
|
||
"subtitle": "K8s 操作執行紀錄",
|
||
"loading": "載入中...",
|
||
"totalExecutions": "總執行數",
|
||
"successCount": "成功數",
|
||
"failureCount": "失敗數",
|
||
"successRate": "成功率",
|
||
"avgDuration": "平均耗時",
|
||
"recentOps": "最近操作",
|
||
"operation": "操作類型",
|
||
"namespace": "命名空間",
|
||
"result": "結果",
|
||
"time": "執行時間",
|
||
"error": "載入失敗",
|
||
"noUsers": "無稽核紀錄",
|
||
"name": "姓名",
|
||
"role": "角色",
|
||
"status": "狀態"
|
||
},
|
||
"emptyState": {
|
||
"noData": "--",
|
||
"comingSoon": "資料尚未整合"
|
||
},
|
||
"drift": {
|
||
"title": "配置漂移偵測",
|
||
"subtitle": "GitOps 守門員 — 偵測 K8s 實際狀態 vs Git YAML 的漂移",
|
||
"scan": "立即掃描",
|
||
"scanning": "掃描中...",
|
||
"loading": "載入中...",
|
||
"noReports": "目前無漂移報告",
|
||
"noReportsHint": "CronJob 每小時自動掃描,或點擊「立即掃描」手動觸發",
|
||
"noDrift": "無漂移",
|
||
"reportId": "報告 ID",
|
||
"scannedAt": "掃描時間",
|
||
"namespace": "Namespace",
|
||
"triggeredBy": "觸發來源",
|
||
"highCount": "高",
|
||
"mediumCount": "中",
|
||
"infoCount": "低",
|
||
"status": "狀態",
|
||
"driftLevel": {
|
||
"high": "高",
|
||
"medium": "中",
|
||
"info": "低"
|
||
},
|
||
"interpretation": "Nemotron 意圖分析",
|
||
"noInterpretation": "無需分析(無漂移)",
|
||
"rollback": "覆蓋回 Git",
|
||
"adopt": "承認變更",
|
||
"rollbackConfirm": "確定要將此資源覆蓋回 Git 狀態嗎?",
|
||
"adoptConfirm": "確定要將此變更承認並更新至 Git 嗎?",
|
||
"pending": "待處理",
|
||
"resolved": "已解決",
|
||
"ignored": "已忽略"
|
||
},
|
||
"neuralCommand": {
|
||
"title": "神經指揮中心",
|
||
"subtitle": "SSH_COMMAND 指揮權鏈 · OpenClaw 🦞 × NemoTron ⚡",
|
||
"lastRefresh": "更新於 {time}",
|
||
"refresh": "重新整理",
|
||
"preFlightAudit": "Pre-Flight 審查",
|
||
"liveCommand": "指揮中心",
|
||
"statsHistory": "統計 & 歷史",
|
||
"nuclearApproval": "核鑰授權",
|
||
"preFlightTitle": "SSH_COMMAND 架構安全預審",
|
||
"preFlightSubtitle": "WHITELIST 已更新至生產標準",
|
||
"progress": "修復進度",
|
||
"riskLevel": "風險等級",
|
||
"riskLow": "低",
|
||
"auditStatus": "審查狀態",
|
||
"passed": "通過",
|
||
"pending": "待處理",
|
||
"passBannerTitle": "預審通過 — 架構符合安全規範",
|
||
"passBannerDesc": "8/8 檢查項目已通過 · Shell Injection 防護已啟用 · known_hosts 已掛載",
|
||
"statusFixed": "已修復",
|
||
"statusPending": "待處理",
|
||
"featureToggles": "功能開關狀態",
|
||
"approvedPlaybooks": "已核准 Playbooks",
|
||
"highQuality": "高品質",
|
||
"totalExecutions": "總執行次數",
|
||
"successRate": "成功率",
|
||
"checkA1Label": "密鑰檢查 (known_hosts)",
|
||
"checkA1Desc": "K8s Secret 掛載至 /etc/repair-ssh/known_hosts",
|
||
"checkA2Label": "白名單 (ConfigMap)",
|
||
"checkA2Desc": "Hardcoded Whitelist → K8s ConfigMap",
|
||
"checkA3Label": "指令注入過濾",
|
||
"checkA3Desc": "禁止 ; | && $() · 長度上限 512 字元",
|
||
"checkB1Label": "稽核日誌 (AuditLog)",
|
||
"checkB1Desc": "Missing AuditLog → PostgreSQL 寫入",
|
||
"checkB2Label": "Langfuse 鍵路追蹤",
|
||
"checkB2Desc": "SSH Trace Missing → 決策溯源已補上",
|
||
"checkC1Label": "冪等鎖 (Redis)",
|
||
"checkC1Desc": "repair_lock 防止重複執行",
|
||
"checkC2Label": "反饋閉環 (Success Rate)",
|
||
"checkC2Desc": "Success Rate Update → RAG 信心自更新",
|
||
"checkC3Label": "執行路徑明確化 (.188)",
|
||
"checkC3Desc": "ansible:// 強制路由至 .188 控制節點",
|
||
"agentRoleOC": "診斷 & RAG 匹配",
|
||
"agentRoleNemo": "決策 & 執行下令",
|
||
"todayMatches": "本日匹配",
|
||
"ragConf": "RAG 信心",
|
||
"execSuccess": "執行成功",
|
||
"avgDuration": "平均耗時",
|
||
"pendingApproval": "待審核",
|
||
"alertRadar": "告警雷達",
|
||
"chainTitle": "神經傳導路徑",
|
||
"nodeDone": "完成",
|
||
"nodeActive": "執行中",
|
||
"nodeWaiting": "等待中",
|
||
"execStream": "執行串流",
|
||
"waitingApproval": "等待統帥授權",
|
||
"kpiSuccessRate": "整體成功率",
|
||
"kpiTotalExec": "總執行次數",
|
||
"kpiPlaybooks": "Playbooks",
|
||
"kpiAvgDuration": "平均修復時間",
|
||
"kpiPendingAppr": "待審核授權",
|
||
"trendUp": "↑ {n}% 本週",
|
||
"trendDown": "↓ {n}s 本週",
|
||
"schemeBreakdown": "執行路徑分佈",
|
||
"playbookRanking": "Playbook 成效排名",
|
||
"thName": "名稱",
|
||
"thType": "類型",
|
||
"thRate": "成功率",
|
||
"thCount": "執行",
|
||
"historyTimeline": "修復歷史時間軸",
|
||
"ago": "前",
|
||
"approvalTitle": "主機層指揮令 — 需要統帥授權",
|
||
"diagnosis": "診斷",
|
||
"recommendation": "建議",
|
||
"execPathDetails": "執行路徑詳情",
|
||
"uriScheme": "URI Scheme",
|
||
"controlNode": "控制節點",
|
||
"targetHost": "目標主機",
|
||
"playbookPath": "Playbook",
|
||
"repairLock": "冪等鎖",
|
||
"riskMediumDesc": "操作不可即時撤銷,但有備份保護",
|
||
"confirmExec": "長按 5 秒確認授權執行",
|
||
"rejectApproval": "拒絕授權 — 轉人工處理",
|
||
"approvalGranted": "授權已核准",
|
||
"approvalGrantedDesc": "NemoTron 正在執行 ansible-playbook...",
|
||
"approvalRejected": "授權已拒絕",
|
||
"approvalRejectedDesc": "已轉交人工處理",
|
||
"noHistory": "尚無修復紀錄",
|
||
"noActiveAlerts": "目前無活躍告警",
|
||
"noPlaybooks": "尚無 Playbook 紀錄",
|
||
"noApprovals": "目前無待審核項目",
|
||
"noApprovalsDesc": "所有授權請求已處理完畢",
|
||
"chainAlert": "告警觸發",
|
||
"chainRAG": "🦞 OpenClaw RAG 診斷",
|
||
"chainDecide": "⚡ NemoTron 決策",
|
||
"chainExec": "Executor 路由",
|
||
"chainIdleSub": "等待新告警進入...",
|
||
"backToList": "返回列表",
|
||
"approvalError": "操作失敗",
|
||
"processing": "處理中...",
|
||
"blastRadius": "爆炸半徑",
|
||
"affectedPods": "影響 Pods",
|
||
"estimatedDowntime": "預估停機",
|
||
"relatedServices": "相關服務",
|
||
"dataImpact": "資料影響",
|
||
"dryRunChecks": "Dry-Run 檢查",
|
||
"approvalQueueCount": "共 {count} 個待審核項目",
|
||
"dispositionBreakdown": "告警處置分佈",
|
||
"dispositionAuto": "自動修復",
|
||
"dispositionHuman": "人工審核",
|
||
"dispositionManual": "手動處理",
|
||
"dispositionCold": "冷啟動信任",
|
||
"autoRateLabel": "自動化率"
|
||
},
|
||
"alertOpLogs": {
|
||
"title": "告警操作日誌",
|
||
"subtitle": "alert_operation_log · 全事件流追蹤",
|
||
"refresh": "重新整理",
|
||
"totalEvents24h": "24h 總事件",
|
||
"allEventTypes": "全部事件類型",
|
||
"incidentIdFilter": "事件 ID 篩選...",
|
||
"totalCount": "共 {count} 筆",
|
||
"colTime": "時間",
|
||
"colEventType": "事件類型",
|
||
"colIncident": "事件",
|
||
"colActor": "操作者",
|
||
"colDetail": "說明",
|
||
"colResult": "結果",
|
||
"loading": "載入中...",
|
||
"noRecords": "無記錄",
|
||
"loadError": "載入失敗,請重試",
|
||
"pageInfo": "第 {page} / {total} 頁",
|
||
"prevPage": "上一頁",
|
||
"nextPage": "下一頁",
|
||
"eventAlertReceived": "告警收到",
|
||
"eventTelegramSent": "TG 通知",
|
||
"eventUserAction": "用戶操作",
|
||
"eventAutoRepairTriggered": "自動修復",
|
||
"eventExecutionStarted": "執行開始",
|
||
"eventExecutionCompleted": "執行完成",
|
||
"eventTelegramResultSent": "TG 結果",
|
||
"eventResolved": "已解決",
|
||
"eventSilenced": "已靜音",
|
||
"eventEscalated": "已升級",
|
||
"eventGuardrailBlocked": "護欄攔截",
|
||
"eventPreFlightPassed": "預檢通過",
|
||
"eventPreFlightFailed": "預檢失敗",
|
||
"eventBackupTriggered": "備份觸發",
|
||
"eventBackupCompleted": "備份完成",
|
||
"eventBackupFailed": "備份失敗",
|
||
"eventApprovalEscalated": "審批升級",
|
||
"eventChangeApplied": "變更套用"
|
||
},
|
||
"commandPalette": {
|
||
"placeholder": "搜尋指令、頁面或事件...",
|
||
"noResults": "找不到符合結果",
|
||
"hint": "↑↓ 選擇 Enter 確認 Esc 關閉",
|
||
"groupNav": "導航",
|
||
"groupActions": "快速動作",
|
||
"groupRecent": "最近事件",
|
||
"actionOpenTerminal": "開啟 Omni-Terminal",
|
||
"actionGoHome": "前往指令中心",
|
||
"actionGoObservability": "前往可觀測性",
|
||
"actionGoAutomation": "前往自動化",
|
||
"actionGoOperations": "前往營運",
|
||
"actionGoSecurity": "前往安全合規",
|
||
"actionGoIwooos": "前往 IwoooS",
|
||
"actionGoKnowledge": "前往知識殿堂",
|
||
"actionGoSettings": "前往設定",
|
||
"actionGoTerminal": "前往終端頁面",
|
||
"actionGoApprovals": "前往授權中心"
|
||
},
|
||
"aiopsTimeline": {
|
||
"title": "AIOps 全景時序",
|
||
"subtitle": "告警→感官調查→AI決策→自動執行→驗證→學習 完整鏈路",
|
||
"mockBadge": "MOCK 模式",
|
||
"stages": {
|
||
"alert": "告警觸發",
|
||
"diagnose": "感官調查",
|
||
"decide": "AI 決策",
|
||
"execute": "自動執行",
|
||
"verify": "結果驗證",
|
||
"learn": "學習更新"
|
||
},
|
||
"status": {
|
||
"success": "成功",
|
||
"running": "執行中",
|
||
"failed": "失敗",
|
||
"skipped": "跳過",
|
||
"pending": "待執行"
|
||
},
|
||
"filters": {
|
||
"incident_id": "事件編號",
|
||
"incident_id_placeholder": "搜尋事件 ID...",
|
||
"time_range": "時間範圍",
|
||
"status_filter": "狀態篩選",
|
||
"incident_count": "{count} 筆事件",
|
||
"timeRange": {
|
||
"1h": "1H",
|
||
"6h": "6H",
|
||
"24h": "24H",
|
||
"7d": "7D"
|
||
},
|
||
"statusFilter": {
|
||
"all": "全部",
|
||
"success": "成功",
|
||
"failed": "失敗",
|
||
"running": "進行中"
|
||
}
|
||
},
|
||
"incident": {
|
||
"started_at": "開始時間",
|
||
"resolved_at": "結束時間",
|
||
"duration": "持續時長",
|
||
"in_progress": "處理中",
|
||
"severity": "嚴重度",
|
||
"stages_summary": "{success} 成功 / {total} 階段",
|
||
"expand_all": "展開全部",
|
||
"collapse_all": "收合全部"
|
||
},
|
||
"stage": {
|
||
"toggle_details": "展開 {stage} 詳情"
|
||
},
|
||
"evidence": {
|
||
"dimensions": "8D 維度",
|
||
"anomalyCount": "{count}/{total} 異常維度",
|
||
"noData": "N/A"
|
||
},
|
||
"stageDetails": {
|
||
"alert": {
|
||
"name": "告警名稱",
|
||
"rule": "規則",
|
||
"value": "當前值",
|
||
"labels": "標籤"
|
||
},
|
||
"diagnose": {
|
||
"investigator": "調查器",
|
||
"tools_used": "MCP 工具",
|
||
"hypothesis": "根因假設",
|
||
"evidence": "8D 證據"
|
||
},
|
||
"decide": {
|
||
"engine": "決策引擎",
|
||
"fusion": "融合方法",
|
||
"confidence": "信心度",
|
||
"confidenceThreshold": "門檻 {value}%",
|
||
"auto_execute": "自動執行",
|
||
"auto_yes": "是",
|
||
"auto_no": "否(需授權)",
|
||
"playbook": "Playbook",
|
||
"decision": "決策指令",
|
||
"reasoning": "推理依據",
|
||
"alternates": "備選方案"
|
||
},
|
||
"execute": {
|
||
"command": "執行指令",
|
||
"target": "執行目標",
|
||
"executor": "執行器",
|
||
"duration": "耗時",
|
||
"stdout": "輸出",
|
||
"exit_code": "退出碼"
|
||
},
|
||
"verify": {
|
||
"verifier": "驗證器",
|
||
"outcome": "結果",
|
||
"checks": "檢查項",
|
||
"trust_delta": "信任度變化",
|
||
"notes": "備註"
|
||
},
|
||
"learn": {
|
||
"playbook": "Playbook",
|
||
"trust_update": "信任度更新",
|
||
"km_entry": "知識庫記錄",
|
||
"summary": "學習摘要"
|
||
}
|
||
},
|
||
"loading": "載入時序資料中...",
|
||
"empty": {
|
||
"title": "無事件記錄",
|
||
"subtitle": "目前沒有符合條件的 AIOps 事件"
|
||
},
|
||
"error": {
|
||
"title": "資料載入失敗",
|
||
"retry": "重試"
|
||
}
|
||
},
|
||
"governance": {
|
||
"title": "AI 治理中樞",
|
||
"complianceBadge": {
|
||
"label": "AI 治理中樞",
|
||
"loading": "載入中...",
|
||
"score": "整體合規率",
|
||
"target": "目標 ≥ 95%"
|
||
},
|
||
"tabs": {
|
||
"slo": "SLO 儀表",
|
||
"events": "治理事件",
|
||
"queue": "AI 待辦"
|
||
},
|
||
"comingSoon": "本 Tab 即將上線",
|
||
"slo": {
|
||
"kpi": {
|
||
"autonomy_rate": "自主化率",
|
||
"decision_accuracy": "決策準確率",
|
||
"confidence_calibration": "信心校準",
|
||
"km_growth_rate": "KM 成長率",
|
||
"mcp_call_diversity": "MCP 呼叫多樣性",
|
||
"auto_execute_success_rate": "自動執行成功率",
|
||
"human_override_rate": "人工推翻率",
|
||
"verifier_false_neg_rate": "驗證漏判率",
|
||
"current": "當前",
|
||
"target": "目標",
|
||
"sparkline": "7 日趨勢",
|
||
"loading": "載入中...",
|
||
"error": "無法載入",
|
||
"noData": "暫無資料",
|
||
"sampleCount": "樣本 {count}",
|
||
"window": "視窗 {window}",
|
||
"state": {
|
||
"ok": "正常",
|
||
"warning": "低於目標",
|
||
"violated": "硬紅線",
|
||
"skipped_low_volume": "低樣本等待",
|
||
"no_data": "沒有資料",
|
||
"error": "查詢失敗",
|
||
"partial": "部分可評估"
|
||
},
|
||
"reason": {
|
||
"none": "無",
|
||
"denominator_below_minimum_events": "分母事件不足",
|
||
"prometheus_nan_or_inf": "Prometheus 暫無有效分母",
|
||
"prometheus_empty_result_metric_not_emitted": "Prometheus 尚未回傳指標",
|
||
"unknown": "原因待查"
|
||
}
|
||
},
|
||
"chart": {
|
||
"title": "30 日違反事件時序",
|
||
"xAxisLabel": "日期",
|
||
"yAxisLabel": "次數",
|
||
"loading": "載入圖表...",
|
||
"error": "圖表載入失敗",
|
||
"empty": "30 日內無違反事件",
|
||
"tooltip": "違反次數"
|
||
},
|
||
"compliance": {
|
||
"title": "整體合規率",
|
||
"target": "目標 ≥ 95%"
|
||
},
|
||
"coverage": {
|
||
"title": "驗證覆蓋率",
|
||
"subtitle": "近 {window} 自動修復執行與 verifier 寫回狀態",
|
||
"totalAuto": "自動修復",
|
||
"verifiedAuto": "已驗證",
|
||
"unverifiedAuto": "待驗證",
|
||
"coverageRate": "覆蓋率",
|
||
"successRate": "成功驗證",
|
||
"lastVerified": "最後已驗證執行",
|
||
"reasonLabel": "原因",
|
||
"failureBreakdown": "非成功驗證分類",
|
||
"recentFindings": "近期非成功驗證",
|
||
"remediationQueue": "補救工作佇列",
|
||
"queueSummary": "總數 {total};AI 可接手 {ready};人工 {human}",
|
||
"dryRunButton": "試跑",
|
||
"dryRunLoading": "試跑中",
|
||
"dryRunResult": "{mode};預覽 {result};工具 {tools}",
|
||
"dryRunHistoryRecorded": "已寫入歷史",
|
||
"dryRunHistorySummary": "歷史 {count} 次;上次 {time};{route}",
|
||
"dryRunBlocked": "試跑未放行",
|
||
"dryRunError": "試跑失敗",
|
||
"state": {
|
||
"ok": "正常",
|
||
"warning": "需追蹤",
|
||
"violated": "硬紅線",
|
||
"skipped_low_volume": "等待樣本",
|
||
"no_data": "沒有資料",
|
||
"error": "查詢失敗"
|
||
},
|
||
"reason": {
|
||
"none": "無",
|
||
"no_auto_repair_executions_24h": "近 24h 無自動修復執行",
|
||
"verification_backlog_present": "有自動修復尚未寫入驗證結果",
|
||
"non_success_verification_present": "存在 degraded / failed / timeout 驗證結果",
|
||
"postgresql_query_error": "PostgreSQL 查詢失敗"
|
||
},
|
||
"failureClass": {
|
||
"unsupported_action_scheme": "PlayBook 動作未走支援執行器",
|
||
"verifier_missing_promql": "Verifier 缺 PromQL 查詢",
|
||
"verifier_target_missing_pod": "Verifier 缺 Pod 目標",
|
||
"auto_repair_execution_failed": "自動修復執行失敗",
|
||
"verification_failed": "驗證失敗",
|
||
"verification_timeout": "驗證逾時",
|
||
"verification_degraded": "驗證降級",
|
||
"unknown": "待分類"
|
||
},
|
||
"nextStep": {
|
||
"normalize_playbook_executor": "修正 PlayBook 執行器",
|
||
"add_verifier_query_template": "補 verifier 查詢模板",
|
||
"map_verifier_target": "補 verifier 目標映射",
|
||
"review_auto_repair_execution": "檢查自動修復紀錄",
|
||
"escalate_verification_failure": "升級驗證失敗",
|
||
"review_degraded_verification": "檢查降級證據"
|
||
},
|
||
"remediationStatus": {
|
||
"ready_for_replay": "可重跑",
|
||
"ready_for_reverify": "可重驗",
|
||
"needs_target_mapping": "待補目標",
|
||
"needs_playbook_ticket": "待建 Ticket",
|
||
"manual_review": "人工檢查",
|
||
"unknown": "待分類"
|
||
},
|
||
"remediationAction": {
|
||
"replay_with_supported_executor": "用支援 executor 重跑",
|
||
"reverify_with_promql_template": "用 PromQL 模板重驗",
|
||
"map_target_and_reverify": "補目標後重驗",
|
||
"create_playbook_ticket": "建立 PlayBook Ticket",
|
||
"escalate_verification_failure": "升級驗證失敗",
|
||
"inspect_degraded_evidence": "檢查降級證據"
|
||
}
|
||
}
|
||
},
|
||
"events": {
|
||
"filter": {
|
||
"eventType": "事件類型",
|
||
"dateRange": "時間範圍",
|
||
"status": "狀態",
|
||
"severity": "嚴重度",
|
||
"clearAll": "清除全部",
|
||
"allStatuses": "全部狀態",
|
||
"resolved": "已解決",
|
||
"unresolved": "未解決",
|
||
"allSeverities": "全部嚴重度",
|
||
"critical": "危急",
|
||
"warning": "警告",
|
||
"info": "資訊",
|
||
"placeholder": "選擇事件類型...",
|
||
"from": "起始日期",
|
||
"to": "結束日期"
|
||
},
|
||
"column": {
|
||
"eventType": "事件類型",
|
||
"triggeredAt": "觸發時間",
|
||
"status": "狀態",
|
||
"impact": "影響摘要",
|
||
"actions": "操作"
|
||
},
|
||
"detail": {
|
||
"rawData": "原始資料",
|
||
"remediation": "修復建議",
|
||
"dispatch": "派遣記錄",
|
||
"noRemediation": "暫無修復建議",
|
||
"noDispatch": "暫無派遣記錄"
|
||
},
|
||
"eventType": {
|
||
"slo_breach": "SLO 違反",
|
||
"accuracy_drop": "準確率下降",
|
||
"km_stall": "KM 停滯",
|
||
"mcp_failure": "MCP 失敗",
|
||
"trust_degradation": "信任降級",
|
||
"unknown": "未知類型"
|
||
},
|
||
"status": {
|
||
"resolved": "已解決",
|
||
"unresolved": "未解決"
|
||
},
|
||
"severity": {
|
||
"critical": "危急",
|
||
"warning": "警告",
|
||
"info": "資訊"
|
||
},
|
||
"emptyState": "暫無治理事件",
|
||
"emptyStateHint": "目前系統運作正常,無違規事件",
|
||
"errorState": "無法載入事件列表",
|
||
"retry": "重試",
|
||
"page": "第",
|
||
"of": "頁,共",
|
||
"prevPage": "上一頁",
|
||
"nextPage": "下一頁",
|
||
"perPage": "每頁 20 筆 ·",
|
||
"expand": "展開詳情",
|
||
"collapse": "收合詳情"
|
||
},
|
||
"queue": {
|
||
"status": {
|
||
"connected": "即時更新中",
|
||
"disconnected": "離線模式",
|
||
"connecting": "連線中..."
|
||
},
|
||
"column": {
|
||
"eventType": "事件類型",
|
||
"createdAt": "建立時間",
|
||
"proposedAction": "建議操作",
|
||
"playbookTrust": "Playbook 信任度",
|
||
"dispatchStatus": "派遣狀態"
|
||
},
|
||
"action": {
|
||
"approve": "批准",
|
||
"reject": "拒絕",
|
||
"approveTitle": "批准此操作",
|
||
"rejectTitle": "拒絕此操作"
|
||
},
|
||
"history": {
|
||
"title": "歷史記錄",
|
||
"succeeded": "已成功",
|
||
"failed": "已失敗",
|
||
"empty": "暫無歷史記錄"
|
||
},
|
||
"emptyState": {
|
||
"noTable": "派遣表尚未建立",
|
||
"noTableHint": "Track D 派遣表正在初始化中",
|
||
"noPending": "目前無待辦事項",
|
||
"noPendingHint": "AI 系統運作正常,無需人工介入"
|
||
},
|
||
"sse": {
|
||
"label": "即時更新",
|
||
"connected": "已連線",
|
||
"disconnected": "已斷線"
|
||
},
|
||
"pendingSection": "待辦",
|
||
"loading": "載入待辦佇列...",
|
||
"error": "無法載入待辦佇列",
|
||
"retry": "重試"
|
||
}
|
||
},
|
||
"awooop": {
|
||
"home": {
|
||
"eyebrow": "AI 自動化飛輪控制面",
|
||
"title": "AwoooP 治理總覽",
|
||
"subtitle": "把租戶、合約、執行紀錄、審批與通道狀態收斂到同一個操作面,避免 AI 自動化飛輪和治理面各自長出一套邏輯。",
|
||
"refresh": "重新整理",
|
||
"snapshotStatus": "快照狀態",
|
||
"lastUpdated": "最後更新",
|
||
"migrationMode": "遷移模式",
|
||
"migrationValue": "鏡像 / 影子模式",
|
||
"ready": "同步中",
|
||
"loading": "讀取中",
|
||
"degraded": "降級",
|
||
"securityMirror": {
|
||
"title": "IwoooS 資安鏡像",
|
||
"subtitle": "AwoooP 首頁以只讀候選方式顯示 IwoooS / 資安鏡像狀態,讓使用者理解資安網進度與邊界;這不是正式入口啟用,也不接執行路由器。",
|
||
"badge": "只讀候選",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"checkpointsTitle": "接入檢查",
|
||
"boundaryLabel": "安全邊界",
|
||
"boundaryTitle": "仍維持低摩擦框架期",
|
||
"boundaryDetail": "這個面板只顯示已提交快照與防護檢查口徑,不呼叫 Kali、GitHub、Gitea 或執行期 API,也不提供掃描、執行、修復、部署、主要來源切換或分支 / 標籤參照動作。",
|
||
"metrics": {
|
||
"headline": {
|
||
"label": "整體資安網",
|
||
"detail": "整體百分比仍等負責人回覆、脫敏匯入、執行期閘門、GitHub 主要來源或 AwoooP 正式入口證據。"
|
||
},
|
||
"framework": {
|
||
"label": "框架成熟度",
|
||
"detail": "治理、文件、結構定義、只讀證據與 IwoooS 投影已接近完整。"
|
||
},
|
||
"runtime": {
|
||
"label": "落地執行",
|
||
"detail": "執行期匯入、GitHub 主要來源與 AwoooP 正式入口仍需後續證據。"
|
||
},
|
||
"activeGates": {
|
||
"label": "主動執行閘門",
|
||
"detail": "目前維持 0,任何主機或阻擋型控制都仍需獨立批准。"
|
||
}
|
||
},
|
||
"checkpoints": {
|
||
"iwooosProjection": {
|
||
"title": "IwoooS 投影可讀",
|
||
"detail": "AwoooP 只顯示 IwoooS 態勢、進度、證據參照與禁止動作。"
|
||
},
|
||
"rollupGuard": {
|
||
"title": "防護檢查口徑一致",
|
||
"detail": "接手前維持 security-mirror-progress-guard.py 與 source-control-owner-response-guard.py 綠燈。"
|
||
},
|
||
"ownerResponse": {
|
||
"title": "負責人回覆仍等待",
|
||
"detail": "S4.9 到 S4.12 收到 / 接受都仍為 0,不把顯示狀態當驗收完成。"
|
||
},
|
||
"productionLanding": {
|
||
"title": "正式入口尚未完成",
|
||
"detail": "AwoooP 主線仍需部署證據與只讀消費證據才能進入整體百分比重估。"
|
||
}
|
||
}
|
||
},
|
||
"githubPrimaryReadiness": {
|
||
"title": "GitHub 主要來源就緒度",
|
||
"subtitle": "AwoooP 首頁同步顯示 Gitea 轉 GitHub 的原始碼管控就緒度缺口;目前只做框架期可視化,不建立專案庫、不改分支 / 標籤參照、不收機密明文值,也不切換主要來源。",
|
||
"badge": "只讀摘要",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"readinessRefsTitle": "就緒度證據參照",
|
||
"boundaryLabel": "GitHub 主要來源邊界",
|
||
"boundaryTitle": "目前仍不可推進主要來源切換",
|
||
"boundaryDetail": "這個摘要只顯示已提交快照與負責人回覆缺口,不能被解讀成 GitHub 主要來源批准、專案庫建立授權、分支 / 標籤參照變更、機密值收集、Gitea 停用或執行期執行。",
|
||
"metrics": {
|
||
"candidateRepos": {
|
||
"label": "候選專案庫",
|
||
"detail": "S2.63 起已盤點 8 個候選專案庫;這不是建立 GitHub 專案庫的授權。"
|
||
},
|
||
"inScopeRepos": {
|
||
"label": "範圍內專案庫",
|
||
"detail": "目前 7 個專案庫進入主要來源就緒度範圍,仍等待負責人回覆。"
|
||
},
|
||
"primaryReady": {
|
||
"label": "主要來源就緒數",
|
||
"detail": "就緒數維持 0,不能切換 GitHub 主要來源或停用 Gitea。"
|
||
},
|
||
"ownerResponses": {
|
||
"label": "負責人回覆",
|
||
"detail": "22 個回覆範本仍為 0 收到 / 0 接受。"
|
||
},
|
||
"workflowInventory": {
|
||
"label": "工作流程清冊",
|
||
"detail": "7 個專案庫的工作流程 / 機密名稱清冊尚未完成。"
|
||
}
|
||
},
|
||
"readinessRefs": {
|
||
"primaryReadiness": "GitHub 主要來源就緒度閘門仍是候選狀態,不能觸發專案庫建立或可見性變更。",
|
||
"ownerValidation": "負責人回覆驗證彙總顯示四包回覆資料都仍等待人工回覆與驗收。",
|
||
"rollbackAdr": "回復架構決策紀錄尚未完成負責人批准的演練,因此不能把 GitHub 切為主要來源。",
|
||
"workflowInventory": "工作流程 / 機密名稱清冊只收集名稱與路由,不收機密明文值、不改 GitHub 機密設定。"
|
||
}
|
||
},
|
||
"ownerResponseValidation": {
|
||
"title": "負責人回覆驗收總覽",
|
||
"subtitle": "AwoooP 首頁把 S4.9 到 S4.12 四包負責人回覆的收件、驗收與稽核檢查放在同一張只讀看板;目前收到 / 接受 / 拒收都是 0,不代表任何批准或執行授權。",
|
||
"badge": "只讀驗收",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"packetsTitle": "四包待收回覆",
|
||
"validationTitle": "驗收與稽核檢查",
|
||
"boundaryLabel": "驗收邊界",
|
||
"boundaryTitle": "仍等待負責人證據,不開執行權限",
|
||
"boundaryDetail": "這個總覽只顯示 source_control_owner_response_validation_rollup_v1 的只讀狀態;不能被解讀成負責人回覆已收到、已接受、GitHub 主要來源已批准、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定可修改,或執行期可執行。",
|
||
"fields": {
|
||
"templates": "範本",
|
||
"received": "收到",
|
||
"accepted": "接受",
|
||
"rejected": "拒收"
|
||
},
|
||
"metrics": {
|
||
"packets": {
|
||
"label": "回覆包",
|
||
"detail": "S4.9 到 S4.12 四包都仍是等待收件狀態。"
|
||
},
|
||
"templates": {
|
||
"label": "回覆範本",
|
||
"detail": "22 個範本只是負責人要回覆的問題,不代表請求已送出。"
|
||
},
|
||
"received": {
|
||
"label": "已收到",
|
||
"detail": "目前仍為 0,不得把可見看板當成收件完成。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍為 0,不得推進 GitHub 主要來源或執行期閘門。"
|
||
},
|
||
"rejected": {
|
||
"label": "已拒收",
|
||
"detail": "目前仍為 0;若收到原始載荷或機密明文值必須隔離。"
|
||
}
|
||
},
|
||
"packets": {
|
||
"giteaInventory": {
|
||
"title": "Gitea 清冊負責人聲明",
|
||
"detail": "先收公開範圍 / 本地缺口、組織 / 使用者端點、110 相鄰範圍、標準負責人與舊版處置五題。"
|
||
},
|
||
"githubTarget": {
|
||
"title": "GitHub 目標負責人判定",
|
||
"detail": "逐專案庫確認 GitHub 目標、可見性、標準負責人;不能自動建立專案庫或變更可見性。"
|
||
},
|
||
"refTruth": {
|
||
"title": "分支 / 標籤真相來源負責人回覆",
|
||
"detail": "確認 main / dev 真相來源、棄用漂移、release tag 與 GitHub-only 分支 / 標籤參照;不能自動同步、刪除或強制推送。"
|
||
},
|
||
"workflowSecret": {
|
||
"title": "工作流程 / 機密名稱負責人回覆",
|
||
"detail": "只收工作流程、執行器、部署金鑰、分支保護、機密名稱與負責人中繼資料;不收機密明文值。"
|
||
}
|
||
},
|
||
"checks": {
|
||
"crossPacket": {
|
||
"label": "跨包驗收",
|
||
"detail": "10 個跨包檢查只做一致性檢查。"
|
||
},
|
||
"evidenceRouting": {
|
||
"label": "證據路由",
|
||
"detail": "6 條路由規則只分流補證、隔離或只讀更新。"
|
||
},
|
||
"displaySections": {
|
||
"label": "顯示區塊",
|
||
"detail": "8 個區塊固定 AwoooP 只讀呈現順序。"
|
||
},
|
||
"stateTransitions": {
|
||
"label": "狀態轉移",
|
||
"detail": "7 條規則只定義審查狀態語義,不執行。"
|
||
},
|
||
"reviewerChecklist": {
|
||
"label": "審查清單",
|
||
"detail": "9 個清單項目給人工審查者判讀。"
|
||
},
|
||
"reviewerOutcomes": {
|
||
"label": "審查結果",
|
||
"detail": "7 條結果分流只導向補證、隔離、拒收或等待後續閘門。"
|
||
}
|
||
}
|
||
},
|
||
"quality": {
|
||
"title": "自動化品質",
|
||
"subtitle": "最近 24 小時告警是否真正走到 AI 自動修復、驗證與學習回寫。",
|
||
"claimReady": "可宣稱完整閉環",
|
||
"claimBlocked": "不可宣稱完整閉環",
|
||
"claimReadyDetail": "所有告警都完成驗證閉環",
|
||
"claimBlockedDetail": "仍有告警缺少執行、驗證或學習記錄",
|
||
"unavailable": "無法讀取",
|
||
"loadFailed": "無法讀取自動化品質總覽。請確認操作員權限與真相鏈 API 狀態。",
|
||
"empty": "尚無可評估的告警品質資料。",
|
||
"yes": "是",
|
||
"no": "否",
|
||
"metrics": {
|
||
"evaluated": "已評估告警",
|
||
"evaluatedDetail": "套用同一組品質閘門",
|
||
"verified": "已驗證自動修復",
|
||
"verifiedDetail": "必須有自動修復與驗證記錄",
|
||
"averageScore": "平均分數",
|
||
"averageScoreDetail": "0 到 100 的流程完整度",
|
||
"claim": "生產宣稱",
|
||
"claimReadyDetail": "所有告警都完成驗證閉環",
|
||
"claimBlockedDetail": "仍有告警缺少執行、驗證或學習記錄"
|
||
},
|
||
"scoreBuckets": "分數區間",
|
||
"scoreBucketsDetail": "共 {total} 筆已評估告警",
|
||
"green": "綠",
|
||
"yellow": "黃",
|
||
"red": "紅",
|
||
"verdictTitle": "流程判定分布",
|
||
"gateFailureTitle": "主要缺口",
|
||
"scoreRange": "最低 {min} / 最高 {max} / 平均 {avg}",
|
||
"verdicts": {
|
||
"autoRepairedVerified": "已驗證自動修復",
|
||
"executionUnverified": "已執行但未驗證",
|
||
"executionFailed": "執行失敗",
|
||
"manualRequiredNoAction": "人工介入:NO_ACTION",
|
||
"approvalRequired": "等待審批",
|
||
"observedNotExecuted": "已觀測但未執行",
|
||
"receivedOnly": "僅收到告警"
|
||
},
|
||
"gates": {
|
||
"sourcePersisted": "來源已落庫",
|
||
"outboundRecorded": "外送記錄",
|
||
"evidenceCollected": "證據收集",
|
||
"mcpGatewayObserved": "MCP 閘道",
|
||
"approvalState": "審批狀態",
|
||
"executionRecorded": "執行記錄",
|
||
"autoRepairRecorded": "自動修復記錄",
|
||
"verificationRecorded": "驗證記錄",
|
||
"learningRecorded": "學習回寫",
|
||
"timelineRecorded": "時間軸記錄"
|
||
},
|
||
"gateStatuses": {
|
||
"failed": "失敗",
|
||
"missing": "缺少"
|
||
}
|
||
},
|
||
"metrics": {
|
||
"tenants": "租戶",
|
||
"tenantsDetail": "{active} 個啟用,{shadow} 個影子模式",
|
||
"runs": "操作執行",
|
||
"runsDetail": "執行狀態是非同步任務的唯一觀測入口",
|
||
"approvals": "待審批",
|
||
"approvalsDetail": "所有高風險動作都必須停在人工閘門",
|
||
"contracts": "合約",
|
||
"contractsDetail": "專案 / 代理 / 政策合約發布狀態"
|
||
},
|
||
"disposition": {
|
||
"title": "處置語義",
|
||
"diagnosis": {
|
||
"title": "只讀診斷",
|
||
"signal": "AI 已收集證據",
|
||
"owner": "負責:AI 先整理,SRE 判讀",
|
||
"route": "流向:執行監控 / 事件詳情"
|
||
},
|
||
"approval": {
|
||
"title": "人工閘門",
|
||
"signal": "高風險待批准",
|
||
"owner": "負責:SRE 批准 / 拒絕",
|
||
"route": "流向:審批佇列"
|
||
},
|
||
"execute": {
|
||
"title": "自動執行",
|
||
"signal": "低風險可閉環",
|
||
"owner": "負責:MCP 閘道執行並稽核",
|
||
"route": "流向:執行狀態 / 稽核"
|
||
},
|
||
"manual": {
|
||
"title": "人工升級",
|
||
"signal": "AI 無法安全修復",
|
||
"owner": "負責:戰情室接手",
|
||
"route": "流向:AwoooI SRE 戰情室"
|
||
}
|
||
},
|
||
"lanes": {
|
||
"title": "飛輪鏈路",
|
||
"live": "已接線",
|
||
"mirror": "鏡像",
|
||
"providerName": "模型供應順序",
|
||
"providerDetail": "GCP-A Ollama → GCP-B Ollama → 111 Ollama → OpenClaw / Nemo → Gemini",
|
||
"mcpName": "MCP 閘道",
|
||
"mcpDetail": "MCP 閘道先鏡像 / 包裝,確認稽核與脫敏後才切成唯一閘門",
|
||
"channelName": "通道中心",
|
||
"channelDetail": "Telegram / LINE / Slack 先進通道事件,再逐步切換發送責任",
|
||
"approvalName": "審批平面",
|
||
"approvalDetail": "執行狀態與審批平面共享同一條審批語義"
|
||
},
|
||
"next": {
|
||
"title": "下一步操作",
|
||
"item1": "查看執行監控與模型供應備援",
|
||
"item2": "處理等待審批的高風險操作",
|
||
"item3": "審查合約生命週期",
|
||
"item4": "查看 AwoooP 工作鏈路地圖"
|
||
}
|
||
},
|
||
"tenants": {
|
||
"securityTenantScopeCandidate": {
|
||
"title": "IwoooS 租戶資安範圍只讀候選",
|
||
"subtitle": "租戶管理只顯示 AWOOOI 第一租戶與 IwoooS 資安鏡像的保護範圍;這不是租戶遷移模式變更,也不會改租戶政策。",
|
||
"badge": "租戶範圍",
|
||
"scopeRefsTitle": "只讀範圍參照",
|
||
"boundaryLabel": "租戶邊界",
|
||
"boundaryTitle": "目前沒有租戶設定可變更",
|
||
"boundaryDetail": "這個面板不變更租戶遷移模式、不改租戶政策、不寫入平台租戶 API、不呼叫 GitHub / Gitea / Kali,也不新增掃描、執行、部署、主要來源切換或分支 / 標籤參照動作。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"primaryTenant": "第一租戶",
|
||
"primaryTenantDetail": "AWOOOI 是 AwoooP 的第一個執行期租戶;此處只顯示範圍,不改設定。",
|
||
"securityEntry": "資安入口",
|
||
"securityEntryDetail": "IwoooS 仍是資訊安全的只讀入口與態勢鏡像。",
|
||
"hostCoverage": "主機覆蓋",
|
||
"hostCoverageDetail": "Kali 112、開發主機 168、開發主機 111 已納入只觀察視野。",
|
||
"policyMutations": "租戶政策變更",
|
||
"policyMutationsDetail": "目前為 0;負責人回覆與執行期閘門前不得改政策。"
|
||
},
|
||
"scopeRefs": {
|
||
"awoooiTenant": "AwoooP 平台身分下,AWOOOI 仍是第一個租戶 / 執行期主機,不是全平台的同義詞。",
|
||
"iwooosMirror": "IwoooS 顯示資安鏡像態勢、進度、證據參照與禁止動作。",
|
||
"hostCoverage": "三台指定主機目前只納入資安視野與證據就緒度;不做 SSH、更新、憑證式掃描或阻擋型控制。",
|
||
"ownerResponse": "S4.9-S4.12 負責人回覆已收到 / 已接受仍為 0,租戶範圍顯示不等於批准。"
|
||
}
|
||
},
|
||
"githubTenantReadinessScope": {
|
||
"title": "GitHub 主要來源就緒度租戶範圍",
|
||
"subtitle": "租戶管理同步顯示 AWOOOI 第一租戶與 Gitea 轉 GitHub 的原始碼管控負責人範圍缺口;這不是租戶政策、專案庫建立或主要來源切換授權。",
|
||
"badge": "只讀範圍",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"scopeRefsTitle": "負責人範圍參照",
|
||
"boundaryLabel": "租戶 / GitHub 邊界",
|
||
"boundaryTitle": "租戶範圍仍等待負責人回覆",
|
||
"boundaryDetail": "這個面板只呈現租戶與原始碼管控就緒度的對應關係;不變更租戶遷移模式、不改租戶政策、不建立 GitHub 專案庫、不改分支 / 標籤參照、不收機密明文值、不切主要來源,也不停用 Gitea。",
|
||
"metrics": {
|
||
"candidateRepos": {
|
||
"label": "候選專案庫",
|
||
"detail": "8 個候選專案庫只作為範圍可見性,不代表可建立 GitHub 專案庫。"
|
||
},
|
||
"inScopeRepos": {
|
||
"label": "範圍內專案庫",
|
||
"detail": "7 個專案庫仍需負責人範圍決策與原始碼管控回覆。"
|
||
},
|
||
"ownerResponses": {
|
||
"label": "負責人回覆",
|
||
"detail": "22 個回覆範本仍為 0 已收到 / 0 已接受。"
|
||
},
|
||
"tenantScopeChanges": {
|
||
"label": "租戶範圍變更",
|
||
"detail": "目前為 0;不得因顯示就緒度而改租戶政策或遷移模式。"
|
||
}
|
||
},
|
||
"scopeRefs": {
|
||
"tenantSourceScope": "AWOOOI 第一租戶只對應原始碼管控就緒範圍,不代表全平台或 GitHub 主要來源已接受。",
|
||
"giteaInventoryOwner": "S4.9 仍等待 Gitea 清冊負責人證明;覆蓋範圍接受前不得補寫專案庫範圍。",
|
||
"githubTargetOwner": "S4.10 仍等待 GitHub 目標負責人決策;目標負責人未接受前不得建立專案庫或改可見性。",
|
||
"workflowSecretOwner": "S4.12 只等待工作流程 / 機密名稱負責人回覆;仍不得收機密明文值或修改 GitHub 機密設定。"
|
||
}
|
||
},
|
||
"ownerResponseValidationScope": {
|
||
"title": "負責人回覆驗收租戶範圍",
|
||
"subtitle": "租戶管理同步顯示 AWOOOI 第一租戶仍等待 S4.13 驗收彙整與 S4.9-S4.12 四包來源回覆;這不是租戶政策、專案庫、分支 / 標籤參照、工作流程 / 機密設定或執行期授權。",
|
||
"badge": "只讀驗收範圍",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"scopeRefsTitle": "租戶驗收參照",
|
||
"boundaryLabel": "租戶驗收邊界",
|
||
"boundaryTitle": "目前沒有可套用的租戶政策變更",
|
||
"boundaryDetail": "這個面板只顯示四包、22 個回覆範本、已收到 / 已接受 / 已拒收仍為 0,以及 AWOOOI 第一租戶可理解的驗收範圍;不改租戶政策、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。",
|
||
"metrics": {
|
||
"packets": "回覆包",
|
||
"packetsDetail": "S4.9-S4.12 四包仍等待負責人回覆。",
|
||
"templates": "回覆範本",
|
||
"templatesDetail": "22 個範本只代表未來可收件格式,不代表已送出、已收到或已接受。",
|
||
"received": "已收到",
|
||
"receivedDetail": "目前仍為 0;租戶範圍可見不得改寫收件狀態。",
|
||
"accepted": "已接受",
|
||
"acceptedDetail": "目前仍為 0;只有脫敏證據通過驗收後才能改變。",
|
||
"tenantPolicyChanges": "租戶政策變更",
|
||
"tenantPolicyChangesDetail": "目前仍為 0;驗收前不得改租戶政策或遷移模式。",
|
||
"displaySections": "顯示區塊",
|
||
"displaySectionsDetail": "8 個顯示區塊只用於說明租戶如何理解驗收流程與邊界。"
|
||
},
|
||
"scopeRefs": {
|
||
"validationRollup": {
|
||
"title": "S4.13 驗收彙整",
|
||
"detail": "固定四包、跨包驗收、證據路由、審查清單與結果分流,但不產生租戶政策變更。"
|
||
},
|
||
"giteaAttestation": {
|
||
"title": "S4.9 Gitea 清冊負責人證明",
|
||
"detail": "5 個範本仍等待負責人回覆;租戶只能看到下一個收件焦點。"
|
||
},
|
||
"githubTarget": {
|
||
"title": "S4.10 GitHub 目標負責人決策",
|
||
"detail": "7 個目標負責人 / 可見性 / 標準回覆仍未接受,不得自動建立專案庫。"
|
||
},
|
||
"refsTruth": {
|
||
"title": "S4.11 分支 / 標籤真相負責人回覆",
|
||
"detail": "5 類真相判定仍等待脫敏回覆,不得同步、刪除或強制推送分支 / 標籤參照。"
|
||
},
|
||
"workflowSecret": {
|
||
"title": "S4.12 工作流程 / 機密名稱負責人回覆",
|
||
"detail": "5 類名稱與脫敏證據仍等待回覆;只允許名稱清冊,不允許機密明文值。"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"runs": {
|
||
"securityRunStateCandidate": {
|
||
"title": "IwoooS 執行狀態只讀候選",
|
||
"subtitle": "執行監控只顯示資安鏡像可以被 AwoooP 執行視角理解;這不是已建立執行紀錄,也不會接上執行路由器。",
|
||
"badge": "執行狀態候選",
|
||
"runRefsTitle": "只讀執行參照",
|
||
"boundaryLabel": "執行邊界",
|
||
"boundaryTitle": "目前沒有資安執行可啟動",
|
||
"boundaryDetail": "這個面板不建立平台執行紀錄、不接執行路由器、不呼叫 GitHub / Gitea / Kali,也不新增掃描、執行、修復、部署、主要來源切換或分支 / 標籤參照動作。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"visibility": "執行可見性",
|
||
"visibilityValue": "只讀",
|
||
"visibilityDetail": "只把資安鏡像投影到執行監控語境,不建立真正執行期動作。",
|
||
"runtimeRuns": "資安執行數",
|
||
"runtimeRunsDetail": "目前為 0;S2.58 只做顯示候選,不建立執行紀錄。",
|
||
"activeGates": "主動執行閘門",
|
||
"activeGatesDetail": "仍為 0;執行期閘門需獨立批准、回滾與後驗證證據。",
|
||
"ownerResponse": "負責人已接受",
|
||
"ownerResponseDetail": "S4.9-S4.12 負責人回覆已接受仍為 0,執行顯示不等於收件完成。"
|
||
},
|
||
"runRefs": {
|
||
"mirrorRunState": "AwoooP 執行監控可以理解資安鏡像,但只能當只讀候選。",
|
||
"readOnlyDryRun": "若未來產生試跑證據,也必須維持只讀與人工閘門語義。",
|
||
"ownerResponse": "負責人回覆已收到 / 已接受仍為 0,任何執行進一步行動都要等待人工收件。",
|
||
"activeGates": "主動執行期閘門仍為 0,不從執行監控頁開閘門或建立動作按鈕。"
|
||
}
|
||
},
|
||
"githubRunReadinessBoundary": {
|
||
"title": "GitHub 主要來源就緒度執行邊界",
|
||
"subtitle": "執行監控同步顯示 GitHub 主要來源就緒度仍不可產生資安執行;這不是平台執行、執行路由器、專案庫建立或主要來源切換授權。",
|
||
"badge": "執行邊界",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"runRefsTitle": "GitHub 就緒度執行參照",
|
||
"boundaryLabel": "GitHub / 執行邊界",
|
||
"boundaryTitle": "目前沒有 GitHub 主要來源執行可啟動",
|
||
"boundaryDetail": "這個面板只把原始碼管控就緒度投影到執行監控語境;不建立平台執行、不接執行路由器、不建立 GitHub 專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不停用 Gitea。",
|
||
"metrics": {
|
||
"candidateRepos": {
|
||
"label": "候選專案庫",
|
||
"detail": "8 個候選專案庫只顯示就緒度,不會產生 GitHub 專案庫建立執行。"
|
||
},
|
||
"inScopeRepos": {
|
||
"label": "範圍內專案庫",
|
||
"detail": "7 個專案庫仍等待負責人回覆;執行監控不得替它們開任務。"
|
||
},
|
||
"securityRuns": {
|
||
"label": "GitHub 資安執行數",
|
||
"detail": "目前為 0;就緒度可見不等於已建立平台執行。"
|
||
},
|
||
"ownerResponses": {
|
||
"label": "負責人回覆",
|
||
"detail": "22 個回覆範本仍為 0 已收到 / 0 已接受。"
|
||
},
|
||
"workflowInventory": {
|
||
"label": "工作流程清冊",
|
||
"detail": "7 個專案庫的工作流程 / 機密名稱清冊仍未完成。"
|
||
}
|
||
},
|
||
"runRefs": {
|
||
"primaryReadiness": "主要來源就緒度閘門仍顯示 ready=0,不能轉成 GitHub 主要來源執行。",
|
||
"ownerValidation": "負責人回覆驗證彙總仍是 0/22,不能被執行監控自動補成已接受。",
|
||
"workflowInventory": "工作流程 / 機密名稱清冊仍只收集名稱與路由,不收機密明文值、不修改 GitHub 機密設定。",
|
||
"rollbackAdr": "Rollback ADR 尚未完成負責人批准試跑,因此不能啟動主要來源切換執行。"
|
||
}
|
||
},
|
||
"ownerResponseValidationRunBoundary": {
|
||
"title": "負責人回覆驗收執行邊界",
|
||
"subtitle": "執行監控同步顯示 S4.13 驗收彙整與 S4.9-S4.12 四包來源回覆仍只可讀;這不是平台執行、執行路由器、審批紀錄、專案庫、分支 / 標籤參照、工作流程 / 機密設定或執行期授權。",
|
||
"badge": "只讀執行邊界",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"runRefsTitle": "執行驗收參照",
|
||
"boundaryLabel": "驗收 / 執行邊界",
|
||
"boundaryTitle": "目前沒有負責人回覆驗收執行可啟動",
|
||
"boundaryDetail": "這個面板只顯示四包、22 個回覆範本、已收到 / 已接受 / 已拒收仍為 0,以及執行監控可理解的驗收邊界;不建立平台執行、不接執行路由器、不建立審批紀錄、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。",
|
||
"metrics": {
|
||
"packets": "回覆包",
|
||
"packetsDetail": "S4.9-S4.12 四包仍等待負責人回覆。",
|
||
"templates": "回覆範本",
|
||
"templatesDetail": "22 個範本只代表未來可收件格式,不代表已送出、已收到或已接受。",
|
||
"received": "已收到",
|
||
"receivedDetail": "目前仍為 0;執行監控不得把可見性改寫成收件狀態。",
|
||
"accepted": "已接受",
|
||
"acceptedDetail": "目前仍為 0;只有脫敏證據通過驗收後才能改變。",
|
||
"securityRuns": "資安執行數",
|
||
"securityRunsDetail": "目前仍為 0;驗收邊界可見不等於建立平台執行。",
|
||
"displaySections": "顯示區塊",
|
||
"displaySectionsDetail": "8 個顯示區塊只用於說明執行監控如何理解驗收流程與邊界。"
|
||
},
|
||
"runRefs": {
|
||
"validationRollup": {
|
||
"title": "S4.13 驗收彙整",
|
||
"detail": "固定四包、跨包驗收、證據路由、審查清單與結果分流,但不產生平台執行。"
|
||
},
|
||
"giteaAttestation": {
|
||
"title": "S4.9 Gitea 清冊負責人證明",
|
||
"detail": "5 個範本仍等待負責人回覆;執行監控只能看到下一個收件焦點。"
|
||
},
|
||
"githubTarget": {
|
||
"title": "S4.10 GitHub 目標負責人決策",
|
||
"detail": "7 個目標負責人 / 可見性 / 標準回覆仍未接受,不得自動建立專案庫或執行紀錄。"
|
||
},
|
||
"refsTruth": {
|
||
"title": "S4.11 分支 / 標籤真相負責人回覆",
|
||
"detail": "5 類真相判定仍等待脫敏回覆,不得同步、刪除或強制推送分支 / 標籤參照。"
|
||
},
|
||
"workflowSecret": {
|
||
"title": "S4.12 工作流程 / 機密名稱負責人回覆",
|
||
"detail": "5 類名稱與脫敏證據仍等待回覆;只允許名稱清冊,不允許機密明文值。"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"contracts": {
|
||
"securityContractCandidate": {
|
||
"title": "IwoooS 資安契約只讀候選",
|
||
"subtitle": "合約儀表板只顯示 IwoooS / 資安鏡像目前依賴的結構定義、快照與防護檢查口徑;這不是合約發布,也不會觸發執行期閘門。",
|
||
"badge": "契約候選",
|
||
"contractRefsTitle": "只讀合約參照",
|
||
"boundaryLabel": "合約邊界",
|
||
"boundaryTitle": "目前沒有可發布的資安合約",
|
||
"boundaryDetail": "這個面板不發布合約版次、不改合約生命週期、不寫入平台合約 API、不呼叫 GitHub / Gitea / Kali,也不新增掃描、執行、部署、主要來源切換或分支 / 標籤參照動作。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"totalContracts": "合約總數",
|
||
"totalContractsDetail": "資安鏡像目前彙整 36 個主要合約。",
|
||
"readyForMirror": "鏡像就緒",
|
||
"readyForMirrorDetail": "33 個已就緒、2 個部分就緒、1 個僅契約、0 個阻擋。",
|
||
"partialReady": "部分就緒",
|
||
"partialReadyDetail": "缺口仍集中在負責人回覆、資料匯入與原始碼管控負責人證據。",
|
||
"activeRuntimeGates": "主動執行閘門",
|
||
"activeRuntimeGatesDetail": "仍為 0;合約可見性不等於執行期強制控管。"
|
||
},
|
||
"contractRefs": {
|
||
"statusRollup": "AwoooP / 資安工作階段的共同狀態入口,只彙整進度與安全閘門。",
|
||
"postureProjection": "IwoooS 前端態勢、主機覆蓋、負責人回覆焦點與禁止動作的投影契約。",
|
||
"ownerValidation": "S4.9-S4.12 負責人回覆已收到 / 已接受分離與審查者檢查口徑。",
|
||
"rolloutPolicy": "低摩擦、先觀測、封鎖前先由負責人審查的推出政策。"
|
||
}
|
||
},
|
||
"githubPrimaryReadinessCandidate": {
|
||
"title": "GitHub 主要來源就緒度合約只讀候選",
|
||
"subtitle": "合約儀表板同步顯示 Gitea 轉 GitHub 的就緒度合約參照、負責人回覆缺口與不可執行邊界;這不是專案庫建立、分支 / 標籤參照變更、機密收集或主要來源切換授權。",
|
||
"badge": "GitHub 就緒度",
|
||
"contractRefsTitle": "主要來源就緒度合約參照",
|
||
"boundaryLabel": "原始碼管控邊界",
|
||
"boundaryTitle": "目前沒有可切換的 GitHub 主要來源",
|
||
"boundaryDetail": "這個面板只顯示候選專案庫、範圍內專案庫、主要來源就緒數、負責人回覆與工作流程 / 機密名稱清冊缺口;不建立 GitHub 專案庫、不改可見性、不同步 / 刪除 / 強制推送分支或標籤參照、不收機密明文值、不切主要來源、不停用 Gitea,也不觸發執行期閘門。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"candidateRepos": "候選專案庫",
|
||
"candidateReposDetail": "S4.0 目前追蹤 8 個 GitHub 主要來源就緒度候選。",
|
||
"inScopeRepos": "範圍內專案庫",
|
||
"inScopeReposDetail": "7 個仍需負責人、可見性、主來源與回復證據。",
|
||
"primaryReady": "主要來源就緒數",
|
||
"primaryReadyDetail": "仍為 0;就緒度可見不等於已可切主要來源。",
|
||
"ownerResponses": "負責人回覆",
|
||
"ownerResponsesDetail": "S4.9-S4.12 共 22 個回覆範本仍為 0 已收到 / 0 已接受。",
|
||
"workflowInventory": "工作流程清冊",
|
||
"workflowInventoryDetail": "7 個範圍內專案庫的工作流程 / 機密名稱清冊仍未完成。"
|
||
},
|
||
"contractRefs": {
|
||
"primaryReadiness": "GitHub 主要來源一致性、負責人、分支 / 標籤參照、工作流程與回復前置缺口的主就緒度閘門。",
|
||
"ownerValidation": "四包負責人回覆的已收到 / 已接受 / 已拒收分離與審查者檢查口徑。",
|
||
"rollbackAdr": "7 個範圍內專案庫的回復 ADR 草案、負責人審查與驗證窗口。",
|
||
"workflowInventory": "工作流程、執行器、部署金鑰、分支保護、CODEOWNERS 與機密名稱清冊;只收名稱不收明文值。",
|
||
"postureProjection": "IwoooS 用來呈現 GitHub 就緒度狀態板與禁止動作的前端投影。"
|
||
}
|
||
},
|
||
"ownerResponseValidationCandidate": {
|
||
"title": "負責人回覆驗收契約只讀候選",
|
||
"subtitle": "合約儀表板同步顯示 S4.13 負責人回覆驗收彙整與四個來源收件包;這不是負責人回覆已收到、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程動作或執行期授權。",
|
||
"badge": "驗收候選",
|
||
"contractRefsTitle": "負責人回覆驗收合約參照",
|
||
"boundaryLabel": "驗收邊界",
|
||
"boundaryTitle": "目前沒有可發布或可執行的驗收結果",
|
||
"boundaryDetail": "這個面板只顯示四包、22 個回覆範本、收件 / 接受 / 拒收仍為 0,以及 AwoooP 可顯示的驗收區塊;不建立審批紀錄、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"packets": "回覆包",
|
||
"packetsDetail": "S4.9-S4.12 四包都仍在等待負責人回覆。",
|
||
"templates": "回覆範本",
|
||
"templatesDetail": "22 個範本只代表可收件格式,不代表已送出或已接受。",
|
||
"received": "已收到",
|
||
"receivedDetail": "目前仍為 0;工作項或合約可見性不得改寫收件狀態。",
|
||
"accepted": "已接受",
|
||
"acceptedDetail": "目前仍為 0;只有脫敏 evidence 通過驗收後才能改變。",
|
||
"displaySections": "顯示區塊",
|
||
"displaySectionsDetail": "8 個 AwoooP 顯示區塊只用於說明驗收流程與邊界。"
|
||
},
|
||
"contractRefs": {
|
||
"validationRollup": "S4.13 的四包驗收總覽,固定已收到 / 已接受 / 已拒收分離與審查者檢查口徑。",
|
||
"giteaAttestation": "S4.9 Gitea 清冊負責人證明收件包;目前 5 個範本仍未收到。",
|
||
"githubTarget": "S4.10 GitHub 目標負責人決策收件包;目前 7 個範本仍未接受。",
|
||
"refsTruth": "S4.11 分支 / 標籤真相負責人回覆收件包;不得把分類視為分支 / 標籤參照動作授權。",
|
||
"workflowSecret": "S4.12 工作流程 / 機密名稱負責人回覆收件包;只允許名稱與脫敏證據,不允許機密明文值。"
|
||
}
|
||
}
|
||
},
|
||
"approvals": {
|
||
"securityOwnerResponseGate": {
|
||
"title": "IwoooS 負責人回覆只讀審查焦點",
|
||
"subtitle": "AwoooP 審批佇列只顯示 S4.9-S4.12 負責人回覆的下一個人工收件焦點;這不是審批紀錄,也不會開執行期閘門。",
|
||
"badge": "只讀焦點",
|
||
"ownerChecksTitle": "負責人回覆收件順序",
|
||
"boundaryLabel": "審批邊界",
|
||
"boundaryTitle": "目前仍沒有可核准項目",
|
||
"boundaryDetail": "這個面板不送出請求、不標記已收到 / 已接受、不建立審批紀錄、不呼叫 GitHub / Gitea / Kali,也不新增批准、執行、部署、主要來源切換或分支 / 標籤參照動作。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"received": "已收到",
|
||
"receivedDetail": "S4.9-S4.12 負責人回覆已收到仍為 0。",
|
||
"accepted": "已接受",
|
||
"acceptedDetail": "尚未有可接受的脫敏負責人證據。",
|
||
"activeRuntimeGates": "主動執行閘門",
|
||
"activeRuntimeGatesDetail": "任何執行期閘門仍需獨立批准、回復方案與事後檢查證據。",
|
||
"headline": "整體資安網",
|
||
"headlineDetail": "58% 只在負責人回覆、執行期閘門、GitHub 主要來源或正式落地有證據時重估。"
|
||
},
|
||
"checks": {
|
||
"s49OwnerAttestation": {
|
||
"title": "S4.9 Gitea 負責人證明",
|
||
"detail": "下一個建議先收;需要回覆公開來源限定 / 本地差異、組織 / 使用者端點、110 鄰近來源、標準負責人與舊版處置。"
|
||
},
|
||
"s410GithubTarget": {
|
||
"title": "S4.10 GitHub 目標負責人",
|
||
"detail": "等待 S4.9 之後收斂 7 個 GitHub 目標的負責人 / 可見性 / 標準判定。"
|
||
},
|
||
"s411RefsTruth": {
|
||
"title": "S4.11 分支 / 標籤真相負責人回覆",
|
||
"detail": "等待負責人對主要 / 開發分支真相、棄用漂移、發布標籤與僅存在於 GitHub 的參照做脫敏判定。"
|
||
},
|
||
"s412WorkflowSecret": {
|
||
"title": "S4.12 工作流程 / 機密名稱",
|
||
"detail": "等待負責人對網路鉤子、執行器、部署金鑰、分支保護 / CODEOWNERS 與機密名稱一致性做脫敏判定。"
|
||
}
|
||
}
|
||
},
|
||
"githubPrimaryReadinessGate": {
|
||
"title": "GitHub 主要來源就緒度審批邊界",
|
||
"subtitle": "審批佇列只顯示 GitHub 主要來源前置負責人回覆缺口;這不是 GitHub 主要來源批准,也不會建立專案庫、改分支 / 標籤參照、收機密明文值或停用 Gitea。",
|
||
"badge": "只讀審批邊界",
|
||
"responseLanesTitle": "負責人回覆路線",
|
||
"boundaryLabel": "GitHub 主要來源邊界",
|
||
"boundaryTitle": "目前沒有可批准的主要來源切換",
|
||
"boundaryDetail": "這個面板只把 S4.9-S4.12 的收件順序放到審批視野;所有回覆仍為已收到=0 / 已接受=0,不建立審批紀錄、不切 GitHub 主要來源、不改 Gitea 主要來源,也不觸發執行期閘門。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"giteaOwner": "Gitea 負責人",
|
||
"giteaOwnerDetail": "S4.9 的 5 個負責人證明項目仍未收到 / 接受。",
|
||
"githubTargetOwner": "GitHub 目標負責人",
|
||
"githubTargetOwnerDetail": "S4.10 的 7 個目標負責人 / 可見性 / 標準回覆仍未接受。",
|
||
"refsTruth": "分支 / 標籤真相",
|
||
"refsTruthDetail": "S4.11 的 5 類分支 / 標籤真相負責人回覆仍未接受。",
|
||
"workflowSecretNames": "工作流程 / 機密名稱",
|
||
"workflowSecretNamesDetail": "S4.12 的 5 類工作流程 / 機密名稱負責人回覆仍未接受。",
|
||
"primaryReady": "主要來源就緒數",
|
||
"primaryReadyDetail": "仍為 0;審批可見不等於可切主要來源。"
|
||
},
|
||
"responseLanes": {
|
||
"giteaOwnerAttestation": {
|
||
"title": "Gitea 清冊負責人證明",
|
||
"detail": "先確認公開來源限定 / 本地差異、組織 / 使用者端點、110 鄰近來源、標準負責人與舊版處置。"
|
||
},
|
||
"githubTargetOwner": {
|
||
"title": "GitHub 目標負責人決策",
|
||
"detail": "再確認 7 個範圍內目標的負責人、可見性與標準目標,不自動建立專案庫。"
|
||
},
|
||
"refsTruthOwner": {
|
||
"title": "分支 / 標籤真相負責人回覆",
|
||
"detail": "接著確認主要 / 開發分支真相、棄用漂移、發布標籤與僅存在於 GitHub 的參照,不同步、刪除或強制推送。"
|
||
},
|
||
"workflowSecretOwner": {
|
||
"title": "工作流程 / 機密名稱負責人回覆",
|
||
"detail": "最後確認工作流程、執行器、部署金鑰、分支保護、CODEOWNERS 與機密名稱;只收名稱,不收明文值。"
|
||
}
|
||
}
|
||
},
|
||
"ownerResponseValidationBoundary": {
|
||
"title": "負責人回覆驗收只讀審查邊界",
|
||
"subtitle": "審批佇列同步顯示 S4.13 驗收彙整與 S4.9-S4.12 四個來源收件包;這不是已收到、已接受、審批紀錄、專案庫動作、分支 / 標籤參照動作、工作流程 / 機密設定動作或執行期授權。",
|
||
"badge": "只讀驗收邊界",
|
||
"reviewRefsTitle": "驗收與來源收件參照",
|
||
"boundaryLabel": "不可批准邊界",
|
||
"boundaryTitle": "目前沒有可建立的審批紀錄",
|
||
"boundaryDetail": "這個面板只顯示四包、22 個回覆範本、已收到 / 已接受 / 已拒收都仍為 0,以及 8 個可顯示區塊;不建立審批紀錄、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"metrics": {
|
||
"packets": "回覆包",
|
||
"packetsDetail": "S4.9-S4.12 四包仍等待負責人回覆。",
|
||
"templates": "回覆範本",
|
||
"templatesDetail": "22 個範本只代表未來可收件格式,不代表已送出、已收到或已接受。",
|
||
"received": "已收到",
|
||
"receivedDetail": "目前仍為 0;審批佇列可見不得改寫收件狀態。",
|
||
"accepted": "已接受",
|
||
"acceptedDetail": "目前仍為 0;只有脫敏證據通過驗收後才能改變。",
|
||
"rejected": "已拒收",
|
||
"rejectedDetail": "目前仍為 0;未進入人工驗收前不得產生拒收結果。",
|
||
"displaySections": "顯示區塊",
|
||
"displaySectionsDetail": "8 個顯示區塊只用於說明驗收流程、證據路由與邊界。"
|
||
},
|
||
"reviewRefs": {
|
||
"validationRollup": {
|
||
"title": "S4.13 驗收彙整",
|
||
"detail": "固定四包、跨包驗收、證據路由、審查清單與結果分流,但不產生審批紀錄。",
|
||
"contract": "source_control_owner_response_validation_rollup_v1"
|
||
},
|
||
"giteaAttestation": {
|
||
"title": "S4.9 Gitea 清冊負責人證明",
|
||
"detail": "5 個範本仍等待負責人回覆;目前只能顯示下一個收件焦點。",
|
||
"contract": "gitea_inventory_owner_attestation_response_v1"
|
||
},
|
||
"githubTarget": {
|
||
"title": "S4.10 GitHub 目標負責人決策",
|
||
"detail": "7 個目標負責人 / 可見性 / 標準回覆仍未接受,不得自動建立專案庫。",
|
||
"contract": "github_target_owner_decision_response_v1"
|
||
},
|
||
"refsTruth": {
|
||
"title": "S4.11 分支 / 標籤真相負責人回覆",
|
||
"detail": "5 類真相判定仍等待脫敏回覆,不得同步、刪除或強制推送分支 / 標籤參照。",
|
||
"contract": "source_control_ref_truth_owner_response_v1"
|
||
},
|
||
"workflowSecret": {
|
||
"title": "S4.12 工作流程 / 機密名稱負責人回覆",
|
||
"detail": "5 類名稱與脫敏證據仍等待回覆;只允許名稱清冊,不允許機密明文值。",
|
||
"contract": "source_control_workflow_secret_name_owner_response_v1"
|
||
}
|
||
}
|
||
}
|
||
},
|
||
"workItems": {
|
||
"title": "工作鏈路",
|
||
"subtitle": "{count} 個控制點,依營運真相鏈與治理資料同步狀態",
|
||
"refresh": "重新整理",
|
||
"lastUpdated": "最後更新 {time}",
|
||
"tableLabel": "AwoooP 工作鏈路",
|
||
"open": "開啟",
|
||
"summary": {
|
||
"live": "已完成",
|
||
"inProgress": "推進中",
|
||
"watching": "觀察期",
|
||
"blocked": "阻塞"
|
||
},
|
||
"status": {
|
||
"live": "已完成",
|
||
"in_progress": "推進中",
|
||
"blocked": "阻塞",
|
||
"watching": "觀察期"
|
||
},
|
||
"columns": {
|
||
"phase": "階段",
|
||
"work": "工作項目",
|
||
"status": "狀態",
|
||
"surface": "前端操作面",
|
||
"source": "資料來源",
|
||
"evidence": "營運證據",
|
||
"gate": "完成閘門",
|
||
"link": "連結"
|
||
},
|
||
"surfaces": {
|
||
"runs": "執行監控 / 執行詳情",
|
||
"governance": "治理事件 / 服務目標",
|
||
"workItems": "工作鏈路",
|
||
"iwooos": "IwoooS / 資安鏡像"
|
||
},
|
||
"items": {
|
||
"sourceDossier": {
|
||
"title": "來源事件卷宗與真相鏈鏡像"
|
||
},
|
||
"autoRepair": {
|
||
"title": "低風險 Alertmanager 自動修復閉環"
|
||
},
|
||
"remediationQueue": {
|
||
"title": "非成功驗證補救工作佇列"
|
||
},
|
||
"telegramCallbacks": {
|
||
"title": "Telegram 詳情 / 歷史改為資料庫真相優先"
|
||
},
|
||
"governanceDispatch": {
|
||
"title": "治理告警派送與去重"
|
||
},
|
||
"frontendConsole": {
|
||
"title": "AwoooP 操作控制台產品化"
|
||
},
|
||
"iwooosSecurityMirror": {
|
||
"title": "IwoooS 資安鏡像只讀工作項"
|
||
},
|
||
"githubPrimaryReadiness": {
|
||
"title": "GitHub 主要來源就緒度只讀工作項"
|
||
},
|
||
"ownerResponseValidation": {
|
||
"title": "負責人回覆驗收只讀工作項"
|
||
},
|
||
"mcpGateway": {
|
||
"title": "MCP 閘道使用證據總覽"
|
||
},
|
||
"timelineContract": {
|
||
"title": "時間軸 / 知識庫 / Playbook 回寫一致性"
|
||
}
|
||
},
|
||
"gates": {
|
||
"sourceDossier": "入站告警必須能查到已收到、已連到事件與來源參照",
|
||
"autoRepair": "必須同時有自動修復、驗證成功與知識庫回寫",
|
||
"remediationQueue": "每筆降級、失敗或逾時都必須映射到重跑、重驗、工單或人工檢查",
|
||
"telegramCallbacks": "按下詳情與歷史不能再只依賴 Redis TTL 或舊快照",
|
||
"governanceDispatch": "治理告警必須進入派送,並標示已略過、等待中或已修復",
|
||
"frontendConsole": "已完成與推進中的工作必須能從前端直接追蹤",
|
||
"iwooosSecurityMirror": "只讀追蹤資安網進度與邊界;不得建立掃描、執行、修復、部署、主要來源切換或執行期閘門",
|
||
"githubPrimaryReadiness": "只讀追蹤 Gitea 轉 GitHub 的就緒度缺口;不得建立專案庫、改可見性、同步分支 / 標籤參照、收機密明文值、切主要來源或停用 Gitea",
|
||
"ownerResponseValidation": "只讀追蹤四包負責人回覆驗收;不得把工作項當成已收到、已接受、審批紀錄、主要來源切換或執行期閘門",
|
||
"mcpGateway": "MCP 使用必須看得到代理、工具、範圍與阻擋原因",
|
||
"timelineContract": "事件、審批、證據、知識庫與時間軸不得互相矛盾"
|
||
},
|
||
"evidence": {
|
||
"channelEvents": "最近 Alertmanager 通道事件:{count}",
|
||
"autoRepair": "已驗證自動修復:{verified}/{evaluated}",
|
||
"remediationQueue": "補救工作:{total};AI 可接手:{ready};人工:{human}",
|
||
"telegramCallbacks": "目前修補 Telegram 回呼查詢鏈與歷史摘要",
|
||
"governance": "未解治理告警:{unresolved};等待派送:{queued}",
|
||
"governanceUnavailable": "治理事件 API 目前無法回應;等待派送:{queued}",
|
||
"governanceQueueMissing": "治理派送表尚未就緒;未解治理告警:{unresolved}",
|
||
"frontendConsole": "本頁已改讀營運 API,而非靜態清單",
|
||
"iwooosSecurityMirror": "整體 {headline};框架 {framework};落地 {runtime};主動執行閘門={gates}",
|
||
"iwooosSecurityMirrorOwner": "負責人回覆仍等待;production_landing_enabled=false",
|
||
"iwooosSecurityMirrorBoundary": "execution_router_linked=false;runtime_execution_authorized=false;action_buttons_allowed=false",
|
||
"githubPrimaryReadiness": "候選專案庫={candidates};範圍內={inScope};主要來源就緒={ready}",
|
||
"githubPrimaryOwnerResponses": "負責人回覆仍為 0/22;請求可送出不等於已接受",
|
||
"githubPrimaryWorkflowNames": "工作流程 / 機密名稱清冊完成=0/7;只收名稱不收機密明文值",
|
||
"githubPrimaryBoundary": "repo_creation=false;refs_mutation=false;github_primary_switch=false;disable_gitea=false",
|
||
"ownerResponseValidation": "回覆包={packets};範本={templates};已收到={received};已接受={accepted};已拒收={rejected}",
|
||
"ownerResponseValidationChecks": "跨包驗收={crossPacket};證據路由={routing};顯示區塊={sections}",
|
||
"ownerResponseValidationBoundary": "不建立審批紀錄、不切主要來源、不開執行期閘門",
|
||
"mcpReady": "MCP 閘道目前未列為主要缺口",
|
||
"mcpMissing": "品質總覽仍指出 MCP 閘道觀測缺口",
|
||
"remediationHistory": "試跑歷史:{count} 次;上次 {preview}",
|
||
"remediationHistoryEmpty": "尚無補救試跑歷史",
|
||
"remediationRoute": "MCP:{route}",
|
||
"remediationWrites": "寫入:事件={incident};自動修復={autoRepair}",
|
||
"timelineReady": "時間軸閘門目前未列為主要缺口",
|
||
"timelineMissing": "品質總覽仍指出時間軸 / 稽核記錄缺口"
|
||
}
|
||
},
|
||
"listEvidence": {
|
||
"column": "AI 證據",
|
||
"count": "試跑 {count} 次",
|
||
"route": "MCP:{route}",
|
||
"emptyShort": "尚未連到補救試跑",
|
||
"manualGate": "下一步:人工審批",
|
||
"filters": {
|
||
"label": "AI 證據篩選",
|
||
"all": "所有 AI 證據",
|
||
"incidentLabel": "事件 ID 篩選",
|
||
"incidentPlaceholder": "輸入事件 ID"
|
||
},
|
||
"incident": {
|
||
"column": "事件",
|
||
"empty": "尚未關聯",
|
||
"filterTitle": "只看 {incidentId}",
|
||
"more": "+{count} 筆"
|
||
},
|
||
"statuses": {
|
||
"noEvidence": "尚無試跑",
|
||
"readOnlyDryRun": "AI 已試跑:只讀",
|
||
"writeObserved": "有寫入旗標",
|
||
"blocked": "試跑受阻",
|
||
"observed": "有補救證據"
|
||
},
|
||
"details": {
|
||
"noEvidence": "此列尚未從 alert_operation_log 連到 ADR-100 補救試跑。",
|
||
"readOnlyDryRun": "AI 已走補救試跑,且最新紀錄沒有寫入 incident 或 auto-repair 狀態。",
|
||
"writeObserved": "最新補救紀錄含寫入旗標,審批前需確認狀態變更來源。",
|
||
"blocked": "補救試跑未通過或被 gate 阻擋,需人工確認卡點。",
|
||
"observed": "此列已連到補救歷史,請進入執行時間線查看完整證據。"
|
||
},
|
||
"summary": {
|
||
"readOnly": "只讀試跑",
|
||
"readOnlyDetail": "最新證據顯示 AI 已試跑且未寫狀態",
|
||
"manualGate": "人工閘門",
|
||
"manualGateDetail": "AI 已停在 approval gate,需 approve / reject",
|
||
"writeObserved": "寫入旗標",
|
||
"writeObservedDetail": "需確認是否為預期自動修復結果",
|
||
"noEvidence": "缺補救證據",
|
||
"noEvidenceDetail": "列表尚未連到 ADR-100 dry-run history",
|
||
"approvalReadOnlyDetail": "審批前已有只讀補救證據可回看",
|
||
"approvalNoEvidenceDetail": "審批前仍缺補救試跑證據,需進執行時間線檢查"
|
||
}
|
||
},
|
||
"incidentEvidence": {
|
||
"title": "事件證據",
|
||
"subtitle": "Telegram、執行、審批與工作項目共用同一組補救證據",
|
||
"empty": "--",
|
||
"incidentLabel": "事件",
|
||
"notLinked": "尚未關聯事件",
|
||
"filterTitle": "只看 {incidentId}",
|
||
"more": "+{count} 筆",
|
||
"dryRuns": "試跑",
|
||
"route": "MCP 路由",
|
||
"writes": "寫入旗標",
|
||
"writeFlags": "事件={incident} / 自動修復={autoRepair}",
|
||
"runLink": "執行時間線"
|
||
},
|
||
"runDetail": {
|
||
"back": "返回執行監控",
|
||
"title": "執行處置脈絡",
|
||
"refresh": "重新整理",
|
||
"empty": "--",
|
||
"durationSeconds": "{seconds}s",
|
||
"errors": {
|
||
"title": "無法載入執行詳情",
|
||
"loadFailed": "載入失敗"
|
||
},
|
||
"stats": {
|
||
"state": "目前狀態",
|
||
"timeline": "時間線",
|
||
"mcpSteps": "MCP / 步驟",
|
||
"duration": "執行時間"
|
||
},
|
||
"summary": {
|
||
"title": "執行摘要",
|
||
"project": "專案",
|
||
"agent": "代理",
|
||
"traceId": "追蹤 ID",
|
||
"trigger": "觸發來源",
|
||
"triggerRef": "觸發參照",
|
||
"cost": "成本",
|
||
"attempts": "嘗試次數",
|
||
"created": "建立時間",
|
||
"completed": "完成時間",
|
||
"error": "錯誤"
|
||
},
|
||
"timeline": {
|
||
"title": "處置時間線",
|
||
"lastUpdated": "上次更新 {time}",
|
||
"count": "{count} 筆",
|
||
"empty": "尚無時間線資料。"
|
||
},
|
||
"gateway": {
|
||
"title": "MCP Gateway",
|
||
"emptyState": "尚無紀錄",
|
||
"agent": "代理",
|
||
"tool": "工具",
|
||
"scope": "範圍",
|
||
"blockers": "卡點",
|
||
"metrics": {
|
||
"firstClass": "一級入口",
|
||
"policy": "政策已套用",
|
||
"approvalExecutor": "審批執行器",
|
||
"legacyBridge": "舊版橋接"
|
||
}
|
||
},
|
||
"remediation": {
|
||
"title": "補救試跑證據",
|
||
"empty": "此執行尚未連到 ADR-100 補救試跑歷史。",
|
||
"latest": "最新試跑",
|
||
"route": "MCP 路由",
|
||
"preview": "模式 {mode};預覽 {preview}",
|
||
"writes": "寫入:事件={incident};自動修復={autoRepair}",
|
||
"status": {
|
||
"linked": "已連到補救歷史",
|
||
"empty": "尚無補救歷史"
|
||
},
|
||
"metrics": {
|
||
"incidents": "事件",
|
||
"dryRuns": "試跑",
|
||
"tools": "工具",
|
||
"writes": "寫入旗標"
|
||
}
|
||
},
|
||
"dossier": {
|
||
"title": "來源事件卷宗",
|
||
"empty": "此 Run 尚未連到可回放的入站來源事件。",
|
||
"content": "脫敏內容",
|
||
"sourceRefs": "來源關聯",
|
||
"duplicate": "重複事件",
|
||
"firstSeen": "首次事件",
|
||
"status": {
|
||
"visible": "已寫入 truth-chain",
|
||
"empty": "尚無來源"
|
||
},
|
||
"metrics": {
|
||
"sources": "來源事件",
|
||
"refs": "關聯索引",
|
||
"redacted": "已脫敏",
|
||
"duplicates": "重複"
|
||
},
|
||
"fields": {
|
||
"stage": "階段",
|
||
"severity": "風險",
|
||
"namespace": "命名空間",
|
||
"target": "目標",
|
||
"hash": "雜湊"
|
||
},
|
||
"refs": {
|
||
"alertIds": "告警",
|
||
"approvalIds": "審批",
|
||
"eventIds": "事件",
|
||
"fingerprints": "指紋",
|
||
"incidentIds": "事件",
|
||
"sentryIssueIds": "Sentry",
|
||
"signozAlerts": "SignOz"
|
||
}
|
||
},
|
||
"action": {
|
||
"eyebrow": "下一步判斷",
|
||
"approval": {
|
||
"title": "等待人工審批",
|
||
"detail": "AI 已停在人工閘門,尚未恢復。請從審批頁核准或拒絕,所有決策都會回寫執行狀態與稽核紀錄。",
|
||
"primary": "前往審批決策"
|
||
},
|
||
"manual": {
|
||
"title": "需人工接手",
|
||
"detail": "AI 無法安全閉環,或執行已失敗 / 超時。請回執行監控比對同專案任務,必要時交由 SRE 戰情室處置。",
|
||
"primary": "回執行監控"
|
||
},
|
||
"completed": {
|
||
"title": "已完成,等待稽核回看",
|
||
"detail": "執行已收斂。請以時間線檢查 MCP、出站訊息與成本紀錄是否完整,必要時再回寫 KM / Playbook。",
|
||
"primary": "回執行監控"
|
||
},
|
||
"running": {
|
||
"title": "AI 正在處理",
|
||
"detail": "執行尚未結束,頁面會定期刷新。若長時間停留在執行中,請檢查心跳、MCP 延遲與 worker 狀態。",
|
||
"primary": "回執行監控"
|
||
},
|
||
"observe": {
|
||
"title": "觀察中",
|
||
"detail": "目前尚未進入人工閘門或終止狀態。請沿時間線確認入站事件、工具呼叫與出站訊息是否有缺口。",
|
||
"primary": "回執行監控"
|
||
},
|
||
"evidence": {
|
||
"inbound": "入站事件",
|
||
"outbound": "出站訊息",
|
||
"mcp": "MCP 呼叫",
|
||
"steps": "步驟"
|
||
}
|
||
},
|
||
"ownerResponseValidationDetailBoundary": {
|
||
"title": "負責人回覆驗收詳情邊界",
|
||
"subtitle": "單一執行詳情同步顯示 S4.13 驗收彙整與 S4.9-S4.12 四包來源回覆仍只可讀;這不是此 Run 的審批、補救、MCP 執行、專案庫、分支 / 標籤參照、工作流程 / 機密設定或執行期授權。",
|
||
"badge": "只讀詳情邊界",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"detailRefsTitle": "詳情驗收參照",
|
||
"boundaryLabel": "驗收 / 詳情邊界",
|
||
"boundaryTitle": "目前沒有負責人回覆驗收詳情可執行動作",
|
||
"boundaryDetail": "這個區塊只說明此 Run 詳情如何理解四包、22 個回覆範本、已收到 / 已接受 / 已拒收仍為 0,以及驗收資訊與執行時間線尚未連成授權;不建立審批紀錄、不啟動 MCP 或補救、不建立平台執行、不接執行路由器、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。",
|
||
"metrics": {
|
||
"packets": {
|
||
"label": "回覆包",
|
||
"detail": "S4.9-S4.12 四包仍等待負責人回覆。"
|
||
},
|
||
"templates": {
|
||
"label": "回覆範本",
|
||
"detail": "22 個範本只代表未來可收件格式,不代表此 Run 已收到回覆。"
|
||
},
|
||
"received": {
|
||
"label": "已收到",
|
||
"detail": "目前仍為 0;詳情頁不得把可視性改寫成收件狀態。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍為 0;只有脫敏證據通過驗收後才能改變。"
|
||
},
|
||
"validationRuns": {
|
||
"label": "驗收執行",
|
||
"detail": "目前仍為 0;此詳情卡不建立新的平台執行。"
|
||
},
|
||
"displaySections": {
|
||
"label": "顯示區塊",
|
||
"detail": "8 個顯示區塊只用於說明驗收流程與詳情邊界。"
|
||
}
|
||
},
|
||
"detailRefs": {
|
||
"validationRollup": {
|
||
"title": "S4.13 驗收彙整",
|
||
"detail": "固定四包、跨包驗收、證據路由、審查清單與結果分流,但不產生此 Run 的審批或補救執行。"
|
||
},
|
||
"giteaAttestation": {
|
||
"title": "S4.9 Gitea 清冊負責人證明",
|
||
"detail": "5 個範本仍等待負責人回覆;詳情頁只能標記下一個收件焦點。"
|
||
},
|
||
"githubTarget": {
|
||
"title": "S4.10 GitHub 目標負責人決策",
|
||
"detail": "7 個目標負責人 / 可見性 / 標準回覆仍未接受,不得自動建立專案庫或執行紀錄。"
|
||
},
|
||
"refsTruth": {
|
||
"title": "S4.11 分支 / 標籤真相負責人回覆",
|
||
"detail": "5 類真相判定仍等待脫敏回覆,不得同步、刪除或強制推送分支 / 標籤參照。"
|
||
},
|
||
"workflowSecret": {
|
||
"title": "S4.12 工作流程 / 機密名稱負責人回覆",
|
||
"detail": "5 類名稱與脫敏證據仍等待回覆;只允許名稱清冊,不允許機密明文值。"
|
||
}
|
||
}
|
||
},
|
||
"statuses": {
|
||
"blocked": "已阻擋",
|
||
"cancelled": "已取消",
|
||
"completed": "已完成",
|
||
"error": "錯誤",
|
||
"failed": "失敗",
|
||
"pending": "待執行",
|
||
"received": "已接收",
|
||
"running": "執行中",
|
||
"sent": "已送出",
|
||
"shadow": "影子",
|
||
"success": "成功",
|
||
"timeout": "已超時",
|
||
"warning": "警告",
|
||
"waitingApproval": "等待審批"
|
||
}
|
||
},
|
||
"approvalDecision": {
|
||
"back": "返回審批佇列",
|
||
"viewTimeline": "查看執行時間線",
|
||
"eyebrow": "人工審批閘門",
|
||
"title": "審批決策",
|
||
"timeout": "審批期限",
|
||
"empty": "--",
|
||
"errors": {
|
||
"title": "無法載入執行資料",
|
||
"loadFailed": "載入失敗",
|
||
"missingProject": "缺少 project_id,無法送出審批決策",
|
||
"actionFailed": "操作失敗"
|
||
},
|
||
"success": {
|
||
"approve": "執行已核准,正在回到時間線",
|
||
"reject": "執行已拒絕,正在回到時間線"
|
||
},
|
||
"notWaiting": {
|
||
"title": "此執行目前不在人工審批狀態",
|
||
"detail": "目前狀態為 {state}。此頁不會顯示 approve / reject,請回執行時間線檢查最新狀態。"
|
||
},
|
||
"remediation": {
|
||
"title": "補救試跑證據",
|
||
"empty": "此執行尚未連到補救試跑歷史;核准前仍需回執行時間線檢查來源卷宗與 MCP Gateway。",
|
||
"latest": "最新試跑",
|
||
"preview": "模式 {mode};預覽 {preview}",
|
||
"writes": "寫入:事件={incident};自動修復={autoRepair}",
|
||
"status": {
|
||
"linked": "已連到補救歷史",
|
||
"empty": "尚無補救歷史"
|
||
},
|
||
"metrics": {
|
||
"incidents": "事件",
|
||
"dryRuns": "試跑",
|
||
"tools": "工具"
|
||
}
|
||
},
|
||
"ownerResponseValidationDecisionBoundary": {
|
||
"title": "負責人回覆驗收審批決策邊界",
|
||
"subtitle": "審批決策頁同步顯示 S4.13 驗收彙整與 S4.9-S4.12 四包來源回覆仍只可讀;這不是負責人回覆接受、GitHub 主要來源批准、專案庫、分支 / 標籤參照、工作流程 / 機密設定或執行期授權。",
|
||
"badge": "只讀審批邊界",
|
||
"openIwooos": "開啟 IwoooS",
|
||
"decisionRefsTitle": "審批驗收參照",
|
||
"boundaryLabel": "驗收 / 審批決策邊界",
|
||
"boundaryTitle": "目前沒有負責人回覆驗收審批可執行動作",
|
||
"boundaryDetail": "這個區塊只說明審批決策頁如何理解四包、22 個回覆範本、已收到 / 已接受 / 已拒收仍為 0,以及審批按鈕與負責人回覆驗收仍然分離;不標記負責人回覆已收到或已接受、不建立資安審批紀錄、不建立平台執行、不接執行路由器、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。",
|
||
"metrics": {
|
||
"packets": {
|
||
"label": "回覆包",
|
||
"detail": "S4.9-S4.12 四包仍等待負責人回覆。"
|
||
},
|
||
"templates": {
|
||
"label": "回覆範本",
|
||
"detail": "22 個範本只代表未來可收件格式,不代表審批決策已接受回覆。"
|
||
},
|
||
"received": {
|
||
"label": "已收到",
|
||
"detail": "目前仍為 0;審批詳情不得把可視性改寫成收件狀態。"
|
||
},
|
||
"accepted": {
|
||
"label": "已接受",
|
||
"detail": "目前仍為 0;只有脫敏證據通過驗收後才能改變。"
|
||
},
|
||
"decisionAcceptance": {
|
||
"label": "審批接受",
|
||
"detail": "目前仍為 0;核准執行不等於接受負責人回覆。"
|
||
},
|
||
"displaySections": {
|
||
"label": "顯示區塊",
|
||
"detail": "8 個顯示區塊只用於說明驗收流程與審批邊界。"
|
||
}
|
||
},
|
||
"decisionRefs": {
|
||
"validationRollup": {
|
||
"title": "S4.13 驗收彙整",
|
||
"detail": "固定四包、跨包驗收、證據路由、審查清單與結果分流,但不產生審批接受或補救執行。"
|
||
},
|
||
"giteaAttestation": {
|
||
"title": "S4.9 Gitea 清冊負責人證明",
|
||
"detail": "5 個範本仍等待負責人回覆;審批頁只能標記下一個收件焦點。"
|
||
},
|
||
"githubTarget": {
|
||
"title": "S4.10 GitHub 目標負責人決策",
|
||
"detail": "7 個目標負責人 / 可見性 / 標準回覆仍未接受,不得自動建立專案庫或切主要來源。"
|
||
},
|
||
"refsTruth": {
|
||
"title": "S4.11 分支 / 標籤真相負責人回覆",
|
||
"detail": "5 類真相判定仍等待脫敏回覆,不得同步、刪除或強制推送分支 / 標籤參照。"
|
||
},
|
||
"workflowSecret": {
|
||
"title": "S4.12 工作流程 / 機密名稱負責人回覆",
|
||
"detail": "5 類名稱與脫敏證據仍等待回覆;只允許名稱清冊,不允許機密明文值。"
|
||
}
|
||
}
|
||
},
|
||
"details": {
|
||
"title": "執行詳情",
|
||
"runId": "執行 ID",
|
||
"project": "專案",
|
||
"agent": "代理",
|
||
"state": "狀態",
|
||
"traceId": "追蹤 ID",
|
||
"trigger": "觸發來源",
|
||
"triggerRef": "觸發參照",
|
||
"cost": "成本",
|
||
"attempts": "嘗試次數",
|
||
"created": "建立時間",
|
||
"timeout": "逾時",
|
||
"error": "錯誤",
|
||
"empty": "找不到執行資料。"
|
||
},
|
||
"actions": {
|
||
"approve": "核准",
|
||
"reject": "拒絕"
|
||
},
|
||
"dialog": {
|
||
"close": "關閉",
|
||
"cancel": "取消",
|
||
"runId": "執行 ID:",
|
||
"approve": {
|
||
"title": "確認核准",
|
||
"body": "核准後,執行會從人工閘門恢復,繼續交由 Runtime / MCP Gateway 執行。",
|
||
"warning": "此決策會寫入執行狀態、approval token 與稽核軌跡。",
|
||
"confirm": "確認核准"
|
||
},
|
||
"reject": {
|
||
"title": "確認拒絕",
|
||
"body": "拒絕後,執行會被取消,不會繼續自動執行。",
|
||
"reason": "拒絕原因",
|
||
"placeholder": "請輸入拒絕原因...",
|
||
"warning": "拒絕原因會寫入稽核軌跡,供後續稽核與執行時間線回看。",
|
||
"confirm": "確認拒絕"
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|