28 KiB
28 KiB
資安供應鏈整體進度
| 項目 | 內容 |
|---|---|
| 日期 | 2026-05-17 |
| 狀態 | S0/S1 read-only evidence 建置中 |
| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 |
| 原則 | 低摩擦分階段;文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary |
0. 本階段完成後整體進度
| 階段 | 狀態 | 目前結果 | 下一個 gate |
|---|---|---|---|
| S0 文件與契約同步 | 完成 | Kali / Codex / GitHub / Gitea / AwoooP 邊界已文件化,核心 schema 草案已建立 | AwoooP 只讀 mirror 消費 |
| S1 source-control read-only inventory | 進行中 | 已有 Gitea/GitHub refs、Gitea public-only user repo list、本機 remote、GitHub target probe、canonical lineage、110 refs evidence | Gitea private/internal 全量 repo list |
| S1.0 Gitea 全量 inventory approval | 完成草案 | 已建立 read-only token / admin export approval package | 統帥或 repo owner 批准 |
| S1.1 GitHub target 決策 | 完成草案 | 8 個 target 候選,7 個需人工批准;3 個 not_found_or_private 不得自動建立;S4.10 已補 owner response 收件包 |
owner / visibility / canonical response |
| S1.2 GitHub target 逐 repo approval | 完成草案 | 7 個 approval-required targets 已拆成逐 repo pending package,並彙整成 8-item approval board;S4.10 目前 response 0 筆 | 低摩擦逐項批准 |
| S1.2a refs reconcile plan | 完成草案 | awoooi、clawbot-v5、wooo-aiops 已產生 draft plan;狀態仍為 draft_blocked |
authenticated inventory + branch/tag diff + single-repo approval |
| S1.2b branch/tag detail diff | 完成草案 | 3 個 refs-blocked mapped repos 已完成 branch/tag 明細 diff;已忽略本 PR 分支避免 evidence 自我污染 | 人工判定真相來源與 deprecated refs |
| S1.2c refs 真相來源分類 | 完成草案 | 141 個 ref review items 已分類:4 個真相來源、114 個 drift deprecated 候選、3 個 release tags、20 個 GitHub-only refs;S4.11 已補 owner response 收件包 | repo owner 單 ref / 單 repo 判定 |
| S1.3 低摩擦 rollout policy | 完成草案 | observe-first / mirror-only matrix 已建立 | AwoooP read-only policy 消費 |
| S1.4 契約索引 | 完成草案 | 35 個主要 contract 已集中成 manifest | AwoooP mirror-only contract registry |
| S1.5 Kali 112 live 整合狀態 | 完成第一波 | 112 已登入盤點、scanner API healthy、targeted scanner packages updated、Asia/Taipei timezone、no reboot required | scan result ingestion + /execute high-risk gate |
| S1.6 Kali finding / scan scope approval | 完成草案 | security_finding_v1 sample snapshot 與 kali_scan_scope_approval_v1 approval package 已建立;111/168 已納入 observe-only scope |
人工批准 safe crawl / credentialed scan / runtime ingestion / full-upgrade gate |
| S1.7 Security approval queue | 完成草案 | 8 個 approval queue items 已集中:7 pending approval、1 block candidate;AwoooP 可 mirror 但不得執行 | 先 review redacted finding ingestion,再 review safe crawl / Gitea inventory |
| S2 AwoooP mirror-only readiness | 完成草案 | security_mirror_readiness_v1 已整理 35 個 contracts:32 ready、2 partial、1 contract-only、0 blocked |
AwoooP 主線建立只讀入口 |
| S2.1 AwoooP mirror-only intake plan | 完成草案 | security_mirror_intake_plan_v1 已建立 5 個 intake waves 與 4 個 acceptance gates |
AwoooP 主線照 wave mirror,不新增 execution router |
| S2.2 AwoooP 鏡像事件信封 | 完成草案 | security_mirror_event_v1 已建立,要求每筆鏡像 payload 標示 execution_authorized=false 與 action_buttons_allowed=false |
AwoooP 鏡像 payload 統一信封 |
| S2.3 AwoooP 鏡像路由矩陣 | 完成草案 | security_mirror_route_v1 已建立 5 個 route groups,定義目的地、channel policy 與 review lane |
AwoooP 消費時不猜路由、不新增執行入口 |
| S2.4 AwoooP 鏡像驗收契約 | 完成草案 | security_mirror_acceptance_v1 已建立 7 個 acceptance checks;blocking 只針對鏡像資料不完整或未脫敏 |
AwoooP 接入時可驗收,不升級成 runtime enforcement |
| S2.5 AwoooP 鏡像隔離契約 | 完成草案 | security_mirror_quarantine_v1 已建立 5 個 quarantine lanes;失敗 payload 必須等新 snapshot commit 後才能 retry |
AwoooP 可隔離壞資料,不阻擋 runtime |
| S2.6 AwoooP 鏡像 dry-run 報告契約 | 完成草案 | security_mirror_dry_run_v1 已建立 6 個 dry-run steps;目前狀態為 contract defined not executed |
AwoooP 未來可回報演練結果,但不啟動 production ingestion |
| S2.7 AwoooP 鏡像狀態彙整契約 | 完成草案 | security_mirror_status_rollup_v1 已建立,彙整 S0-S4、approval queue summary 與下一個安全 gate;S4.13 已補 owner response validation rollup |
兩個 Session 用同一份 rollup 同步,不誤啟執行面 |
| S3 approval gate | 進行中 | security_approval_gate_v1 已建立 8 個人工 gate items:7 pending、1 block candidate、0 approved |
不得繞過人工批准;批准後仍需 follow-up runtime gate |
| S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item |
| S3.1 人工決策紀錄契約 | 完成草案 | security_approval_decision_record_v1 已建立;目前 0 筆 decision records、0 個 runtime action 授權 |
AwoooP 可稽核決策,不可把決策當執行 |
| S3.2 人工審查封包契約 | 完成草案 | security_approval_review_packet_v1 已建立;8 個 review packets、7 ready for human review、1 block candidate、0 個 runtime action 授權 |
AwoooP 可顯示 review lane,不可把 packet 當批准或執行 |
| S3.3 人工決策狀態轉移契約 | 完成草案 | security_approval_state_transition_v1 已建立;5 個 decision options 都有 next state、0 個 runtime action 授權 |
AwoooP 可顯示決策後狀態,不可把 transition 當執行 |
| S3.4 後續 runtime gate 準備契約 | 完成草案 | security_followup_runtime_gate_v1 已建立;8 個 gate templates、0 個 active runtime gates、0 個 approved scope |
AwoooP 可顯示前置 evidence、preflight checks 與 rollback / disable requirement,不可啟用 runtime gate |
| S4.0 GitHub primary readiness gate | 完成草案 | source_control_primary_readiness_gate_v1 已建立;8 個 candidate repos、7 個 in-scope blocked、0 個 primary ready;S4.10 已補 target owner response gate;S4.11 已補 refs truth owner response gate;S4.12 已補 workflow / secret 名稱 owner response gate |
AwoooP 可顯示 parity、owner、rollback ADR 缺口,不可切 primary |
| S4.1 Workflow / Secret 名稱 inventory 契約 | 完成草案 | source_control_workflow_secret_name_inventory_v1 已建立;8 個 candidate repos、7 個 in-scope repos 尚缺實際 inventory、0 個 complete、禁止收集 secret value |
AwoooP 可顯示 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱缺口,不可修改 workflow 或 secret |
| S4.2 Workflow / Secret 名稱 local evidence | 完成草案 | 已建立 local read-only collector 與 snapshot;7 個 local repos visible、4 個 local evidence repos、31 個 workflow files、43 個 referenced secret names、secret value detected=false | 補 webhook / deploy key / branch protection / repository secret parity 的 redacted evidence;仍不可切 primary |
| S4.3 Workflow / Secret 名稱 redacted export request | 完成草案 | 已建立 export request schema / snapshot / 人讀版;7 個 in-scope repos、5 類 export lanes:webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity;write token allowed=false | repo owner 或未來只讀 API 依 request 補 redacted export;仍不可收 secret value、不可修改 GitHub/Gitea |
| S4.12 Workflow / Secret Name Owner Response 收件包 | 完成草案 | 已建立 owner response schema / snapshot / 人讀版;5 個 response templates、8 個 acceptance checks、10 個 rejection rules、candidate repos 8、in-scope repos 7、received response 0、accepted 0、execution authorized=false | owner 依模板回覆 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity;response 通過只更新 read-only inventory / export request / readiness wording,不代表收 secret value、改 workflow、啟用 runner 或 primary approval |
| S4.13 Source Control Owner Response Validation Rollup | 完成草案 | 已建立 validation rollup schema / snapshot / 人讀版;彙整 S4.9 / S4.10 / S4.11 / S4.12 四包 response packets、22 個 response templates、10 個 cross-packet checks、40 個 rejection rules、received / accepted / rejected response 皆為 0、execution authorized=false | AwoooP 可顯示四包 owner response 驗收總覽與 quarantine rules;rollup 不代表 approval、runtime gate、repo / refs / workflow / secret / runner 執行授權或 primary approval |
| S4.4 GitHub Primary rollback ADR | 完成草案 | 已建立 rollback ADR schema / snapshot / 人讀版;7 個 in-scope rollback drafts、0 owner approved、0 dry-run completed、0 active cutover | repo owner 審查 rollback owner、validation window 與 triggers;仍不可切 primary 或執行 rollback |
| S4.5 Gitea 認證清冊匯出請求 | 完成草案 | 已建立匯出請求 schema / snapshot / 人讀版;目前未認證公開範圍 repo 2 個、本機可見 Gitea unique repo 4 個、覆蓋缺口 2 個、匯出來源選項 2 類;允許收集 token value=false | repo owner 依只讀 token API 或已脫敏管理匯出補私有 / 內部全量 repo list;仍不可保存 token、不可 write Gitea、不可 refs sync |
| S4.6 Gitea 認證清冊匯入驗收契約 | 完成草案 | 已建立匯入驗收 schema / snapshot / 人讀版;目前 received payload 0、accepted 0、rejected 0;定義 10 個驗收檢查、10 個拒收規則與 4 個 quarantine lanes | owner 提供脫敏 payload 後先驗收 / 拒收 / 隔離;仍不可把驗收當 primary approval |
| S4.7 Gitea 清冊覆蓋 Owner Attestation | 完成草案 | 已建立 coverage attestation schema / snapshot / 人讀版;5 個 owner decision items、received attestation 0、accepted 0、execution authorized=false | owner 判定 public-only / local remote gap、org/user endpoint、110 adjacent source、canonical owner 與 legacy/inaccessible disposition;仍不可把 attestation 當 migration approval |
| S4.8 Gitea Owner Attestation Approval Lane 對齊 | 完成草案 | 已將既有 Gitea approval queue / gate / review packet / follow-up runtime gate 對齊 S4.7 先行條件;queue items 維持 8、review packets 維持 8、active runtime gates 維持 0 | AwoooP 先顯示 5 個 attestation items,owner decision 接受前不得執行 read-only inventory 或標記 complete |
| S4.9 Gitea Owner Attestation Response 收件包 | 完成草案 | 已建立 owner response schema / snapshot / 人讀版;5 個 response templates、8 個 acceptance checks、10 個 rejection rules、received response 0、accepted 0、execution authorized=false | owner 依模板回覆 S4.7 五個 items;response 通過只更新 read-only matrix / decision table / readiness gate,不代表 inventory 執行或 primary approval |
| S4.10 GitHub Target Owner Decision Response 收件包 | 完成草案 | 已建立 owner decision response schema / snapshot / 人讀版;7 個 response templates、8 個 acceptance checks、10 個 rejection rules、received response 0、accepted 0、execution authorized=false | owner 依模板回覆 7 個 GitHub target 的 owner / visibility / canonical;response 通過只更新 read-only decision table / approval package / approval board / readiness gate,不代表 repo creation、visibility change、refs sync 或 primary approval |
| S4.11 Source Control Ref Truth Owner Response 收件包 | 完成草案 | 已建立 owner response schema / snapshot / 人讀版;5 個 response templates、8 個 acceptance checks、10 個 rejection rules、total ref review items 141、received response 0、accepted 0、execution authorized=false | owner 依模板回覆 main/dev truth、deprecated drift、release tag、GitHub-only refs;response 通過只更新 read-only classification / reconcile / readiness wording,不代表 refs sync、delete、force push 或 primary approval |
| S4 migration execution | 未開始 | GitHub primary 長期方向已確認,但 refs / tags / workflow / secret 名稱尚未全量驗證,rollback ADR 仍待 owner approval | SHA/tag/workflow parity、rollback ADR owner approval 與 runtime gate |
1. 已建立的主要 evidence
| 類型 | 檔案 |
|---|---|
| AwoooP handoff | docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md |
| Mirror-only 清單 | docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md |
| Gitea/GitHub migration inventory | docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md |
| Gitea server-side inventory runbook | docs/security/GITEA-SERVER-SIDE-INVENTORY-RUNBOOK.md |
| Gitea read-only inventory approval package | docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md |
| Gitea read-only inventory approval JSON | docs/security/gitea-readonly-inventory-approval.snapshot.json |
| Gitea 認證清冊匯出請求 | docs/security/GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md |
| Gitea 認證清冊匯出請求 JSON | docs/security/gitea-authenticated-inventory-export-request.snapshot.json |
| Gitea 認證清冊匯入驗收契約 | docs/security/GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md |
| Gitea 認證清冊匯入驗收契約 JSON | docs/security/gitea-authenticated-inventory-import-acceptance.snapshot.json |
| Gitea 清冊覆蓋 owner attestation | docs/security/GITEA-INVENTORY-COVERAGE-ATTESTATION.md |
| Gitea 清冊覆蓋 owner attestation JSON | docs/security/gitea-inventory-coverage-attestation.snapshot.json |
| Gitea owner attestation response 收件包 | docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md |
| Gitea owner attestation response JSON | docs/security/gitea-inventory-owner-attestation-response.snapshot.json |
| Gitea 管理匯出 redaction checklist | docs/security/GITEA-ADMIN-EXPORT-REDACTION-CHECKLIST.md |
| Gitea org endpoint blocked evidence | docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md |
| Source-control migration matrix | docs/security/SOURCE-CONTROL-MIGRATION-MATRIX.md |
| Canonical repo 判定表 | docs/security/SOURCE-CONTROL-CANONICAL-DECISION-TABLE.md |
| GitHub target 決策表 | docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md |
| GitHub target 決策 JSON | docs/security/github-target-decision.snapshot.json |
| GitHub target owner decision response 收件包 | docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md |
| GitHub target owner decision response JSON | docs/security/github-target-owner-decision-response.snapshot.json |
| GitHub target repo approval package | docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md |
| GitHub target repo approval JSON | docs/security/github-target-repo-approval-package.snapshot.json |
| Source Control approval board | docs/security/SOURCE-CONTROL-APPROVAL-BOARD.md |
| Source Control approval board JSON | docs/security/source-control-approval-board.snapshot.json |
| Source Control draft reconcile plan | docs/security/SOURCE-CONTROL-RECONCILE-PLAN.md |
| Source Control draft reconcile plan JSON | docs/security/source-control-reconcile-plan.snapshot.json |
| Source Control branch/tag detail diff | docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md |
| Source Control branch/tag detail diff JSON | docs/security/source-control-ref-detail-diff.snapshot.json |
| Source Control ref truth classification | docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md |
| Source Control ref truth classification JSON | docs/security/source-control-ref-truth-classification.snapshot.json |
| Source Control ref truth owner response 收件包 | docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md |
| Source Control ref truth owner response JSON | docs/security/source-control-ref-truth-owner-response.snapshot.json |
| Source Control GitHub primary readiness gate | docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md |
| Source Control GitHub primary readiness gate JSON | docs/security/source-control-primary-readiness-gate.snapshot.json |
| Source Control GitHub primary rollback ADR | docs/security/SOURCE-CONTROL-PRIMARY-ROLLBACK-ADR.md |
| Source Control GitHub primary rollback ADR JSON | docs/security/source-control-primary-rollback-adr.snapshot.json |
| Source Control workflow / secret name inventory | docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md |
| Source Control workflow / secret name inventory JSON | docs/security/source-control-workflow-secret-name-inventory.snapshot.json |
| Source Control workflow / secret name local evidence | docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-LOCAL-EVIDENCE.md |
| Source Control workflow / secret name local evidence JSON | docs/security/source-control-workflow-secret-name-local-evidence.snapshot.json |
| Source Control workflow / secret name local collector | scripts/security/source-control-workflow-secret-name-local-inventory.py |
| Source Control workflow / secret name export request | docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-EXPORT-REQUEST.md |
| Source Control workflow / secret name export request JSON | docs/security/source-control-workflow-secret-name-export-request.snapshot.json |
| Source Control workflow / secret name owner response 收件包 | docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md |
| Source Control workflow / secret name owner response JSON | docs/security/source-control-workflow-secret-name-owner-response.snapshot.json |
| Source Control owner response validation rollup | docs/security/SOURCE-CONTROL-OWNER-RESPONSE-VALIDATION-ROLLUP.md |
| Source Control owner response validation rollup JSON | docs/security/source-control-owner-response-validation-rollup.snapshot.json |
| Kali 112 integration status | docs/security/KALI-INTEGRATION-STATUS.md |
| Kali 112 integration status JSON | docs/security/kali-integration-status.snapshot.json |
| Security finding contract | docs/security/SECURITY-FINDING-CONTRACT.md |
| Security finding sample JSON | docs/security/security-finding-kali-sample.snapshot.json |
| Kali scan scope approval package | docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md |
| Kali scan scope approval JSON | docs/security/kali-scan-scope-approval.snapshot.json |
| Security approval queue | docs/security/SECURITY-APPROVAL-QUEUE.md |
| Security approval queue JSON | docs/security/security-approval-queue.snapshot.json |
| Security approval gate | docs/security/SECURITY-APPROVAL-GATE.md |
| Security approval gate JSON | docs/security/security-approval-gate.snapshot.json |
| Security approval decision record | docs/security/SECURITY-APPROVAL-DECISION-RECORD.md |
| Security approval decision record JSON | docs/security/security-approval-decision-record.snapshot.json |
| Security approval review packet | docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md |
| Security approval review packet JSON | docs/security/security-approval-review-packet.snapshot.json |
| Security approval state transition | docs/security/SECURITY-APPROVAL-STATE-TRANSITION.md |
| Security approval state transition JSON | docs/security/security-approval-state-transition.snapshot.json |
| Security follow-up runtime gate preparation | docs/security/SECURITY-FOLLOWUP-RUNTIME-GATE.md |
| Security follow-up runtime gate preparation JSON | docs/security/security-followup-runtime-gate.snapshot.json |
| Security mirror readiness | docs/security/SECURITY-MIRROR-READINESS.md |
| Security mirror readiness JSON | docs/security/security-mirror-readiness.snapshot.json |
| Security mirror intake plan | docs/security/SECURITY-MIRROR-INTAKE-PLAN.md |
| Security mirror intake plan JSON | docs/security/security-mirror-intake-plan.snapshot.json |
| 資安鏡像事件契約 | docs/security/SECURITY-MIRROR-EVENT-CONTRACT.md |
| 資安鏡像事件範例 JSON | docs/security/security-mirror-event-sample.snapshot.json |
| 資安鏡像路由矩陣 | docs/security/SECURITY-MIRROR-ROUTE.md |
| 資安鏡像路由矩陣 JSON | docs/security/security-mirror-route.snapshot.json |
| 資安鏡像驗收契約 | docs/security/SECURITY-MIRROR-ACCEPTANCE.md |
| 資安鏡像驗收契約 JSON | docs/security/security-mirror-acceptance.snapshot.json |
| 資安鏡像隔離契約 | docs/security/SECURITY-MIRROR-QUARANTINE.md |
| 資安鏡像隔離契約 JSON | docs/security/security-mirror-quarantine.snapshot.json |
| 資安鏡像 dry-run 報告契約 | docs/security/SECURITY-MIRROR-DRY-RUN.md |
| 資安鏡像 dry-run 報告契約 JSON | docs/security/security-mirror-dry-run.snapshot.json |
| 資安鏡像狀態彙整契約 | docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md |
| 資安鏡像狀態彙整契約 JSON | docs/security/security-mirror-status-rollup.snapshot.json |
| 低摩擦 rollout policy | docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md |
| 低摩擦 rollout policy JSON | docs/security/security-rollout-policy.snapshot.json |
| Security Supply Chain contract manifest | docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md |
| Security Supply Chain contract manifest JSON | docs/security/security-supply-chain-contract-manifest.snapshot.json |
2. 現在不能做的事
- 不建立或刪除 GitHub / Gitea repo。
- 不修改 repo visibility。
- 不同步 refs、branch、tag。
- 不切 GitHub primary。
- 不把 Codex patch runner、Kali scan 或 deploy 接進 AwoooP runtime。
- 不保存 secret / token value。
2.1 初期不要過度收緊
- Read-only inventory、文件化、risk label、mirror evidence 可持續推進。
- 初期不把 LOW / MEDIUM observation 變成阻擋條件。
- 初期不要求所有 repo 一次完成最高等級 controls。
- 只針對不可逆或高風險動作設 approval gate。
- 每階段完成後再逐步收斂,避免讓產品、架構與部署流程突然變複雜。
3. 下一階段建議
- 先依 S4.9
GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md收到並驗收 S4.7GITEA-INVENTORY-COVERAGE-ATTESTATION.md的 owner response;S4.8 已把這件事接到既有 approval queue / gate / review packet / follow-up runtime gate。之後再依 S4.5GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md取得 Gitea 認證清冊;收到 payload 後依 S4.6GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md驗收 / 拒收 / 隔離。目前未認證公開範圍 2 個、本機可見 Gitea unique 4 個、覆蓋缺口 2 個、attestation items 5 個、owner response 0 筆;只能用只讀 token API 或已脫敏管理匯出補私有 / 內部 server-side 全量 repo list,不保存 token value。 - 依 S4.10
GITHUB-TARGET-OWNER-DECISION-RESPONSE.md與SOURCE-CONTROL-APPROVAL-BOARD.md對 7 個approval_required=true的 GitHub target 做 owner / visibility / canonical response;目前 response 0 筆、accepted 0 筆,通過後也只更新 read-only decision table / approval package / readiness gate,不代表 repo creation、visibility change、refs sync 或 primary approval。 - 依 S4.11
SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md與SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md對awoooi、clawbot-v5、wooo-aiops做單 repo / 單 ref owner response 驗收;response 通過也只更新 read-only classification / reconcile / readiness wording,仍不得 push/delete refs 或 force push。 - 依 S4.12
SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md與SOURCE-CONTROL-WORKFLOW-SECRET-NAME-EXPORT-REQUEST.md對 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 做 owner response 驗收;response 通過也只更新 read-only inventory / export request / readiness wording,仍不得收 secret value、改 workflow 或啟用 runner。 - 依 S4.13
SOURCE-CONTROL-OWNER-RESPONSE-VALIDATION-ROLLUP.md集中檢查 S4.9 / S4.10 / S4.11 / S4.12 四包 response packets;rollup 通過也只更新 read-only wording,不代表 approval 或 execution authorization。 - 對
ewoooc/momo-pro-system完成 server-side canonical 判定。 - 依
KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md取得 safe crawl、credentialed scan、runtime ingestion、full-upgrade / reboot 等 gate 的人工批准;不得直接接/execute。 - AwoooP 主線先讀
security_mirror_readiness_v1、security_mirror_intake_plan_v1、security_mirror_event_v1、security_mirror_route_v1、security_mirror_acceptance_v1、security_mirror_quarantine_v1、security_mirror_dry_run_v1、security_mirror_status_rollup_v1、S4.13source_control_owner_response_validation_rollup_v1、security_approval_gate_v1、security_approval_decision_record_v1、security_approval_review_packet_v1、security_approval_state_transition_v1、security_followup_runtime_gate_v1、source_control_primary_readiness_gate_v1、source_control_primary_rollback_adr_v1與source_control_workflow_secret_name_inventory_v1,只建立 mirror-only / read-only policy 入口,不新增執行按鈕;其中 Gitea inventory 需同時顯示 S4.5 認證清冊匯出請求、S4.6 匯入驗收契約、S4.7 owner coverage attestation 與 S4.9 owner response 收件包,GitHub target 決策需同時顯示 S4.10 owner decision response templates,refs truth 需同時顯示 S4.11 owner response templates,workflow / secret inventory 需同時顯示 S4.3 redacted export request 與 S4.12 owner response templates,primary readiness 需同時顯示 S4.4 rollback ADR 草案。 - AwoooP 主線消費
security_rollout_policy_v1時,只做 read-only policy,不做 runtime blocking。 - AwoooP 主線再讀
security_approval_queue_v1、security_approval_gate_v1、security_approval_decision_record_v1、security_approval_review_packet_v1、security_approval_state_transition_v1、security_followup_runtime_gate_v1、source_control_primary_readiness_gate_v1、source_control_primary_rollback_adr_v1、source_control_workflow_secret_name_inventory_v1與security_supply_chain_contract_manifest_v1,顯示 review order、批准範圍、審查封包、決策紀錄、決策後狀態、後續 runtime gate 準備條件、Gitea inventory 覆蓋缺口、S4.5 認證匯出請求、S4.6 匯入驗收 / 隔離規則、S4.7 owner attestation items、S4.9 owner response templates、S4.10 GitHub target owner response templates、S4.11 refs truth owner response templates、S4.12 workflow / secret 名稱 owner response templates、S4.13 owner response validation rollup、GitHub primary readiness blockers、rollback ADR 草案、workflow / secret 名稱 inventory 缺口、redacted export request 與 blocked reason,不新增 execution router。