3.2 KiB
3.2 KiB
| 1 | rule_id | kind | status | required | reason | next_action | evidence_refs |
|---|---|---|---|---|---|---|---|
| 2 | http.method.post | http | passed | yes | todos os probes usaram POST | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 3 | header.content-type.json | header | passed | yes | todos os probes usaram application/json | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 4 | header.user-agent.codex | header | passed | yes | User-Agent operacional aplicado | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 5 | auth.bearer.present-redacted | auth | passed | yes | bearer usado como credencial de probe e redigido nos artefatos | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 6 | waf.classification.explicit | waf | passed | yes | WAF nao bloqueou os probes atuais; HTTP/runtime classificados separadamente | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 7 | evidence.trace-audit-required | evidence | passed | yes | traceId e auditId presentes em todos os probes | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 8 | evidence.hashes-required | evidence | passed | yes | hashes de request/response presentes | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 9 | redaction.no-secret-shapes | redaction | passed | yes | nenhum formato de segredo bruto detectado nas evidencias | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 10 | rate-limit.default | rate_limit | passed | yes | regra institucional materializada no artefato de politica | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 11 | retention.logs | retention | passed | yes | regra institucional materializada no artefato de politica | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 12 | transit.required-fields | transit | passed | yes | regra institucional materializada no artefato de politica | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |
| 13 | governance.plugin-not-operational-path | governance | passed | yes | regra institucional materializada no artefato de politica | manter regra como gate de release | evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461 |