From 72c6782c45f75b9feb33a9b1124455b8463770fb Mon Sep 17 00:00:00 2001 From: hao Date: Tue, 17 Mar 2026 02:00:01 -0700 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0:=2089=20=E4=B8=AA=E6=96=87?= =?UTF-8?q?=E4=BB=B6=20-=202026-03-17=2002:00:01?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 07-framework-security/cms/directus/INDEX.md | 2 +- 07-framework-security/cms/discourse/INDEX.md | 2 +- 07-framework-security/cms/drupal/INDEX.md | 2 +- 07-framework-security/cms/ghost/INDEX.md | 2 +- 07-framework-security/cms/joomla/INDEX.md | 2 +- 07-framework-security/cms/mediawiki/INDEX.md | 2 +- 07-framework-security/cms/moodle/INDEX.md | 2 +- 07-framework-security/cms/strapi/INDEX.md | 2 +- 07-framework-security/cms/wordpress/INDEX.md | 2 +- .../ecommerce/adobe-commerce/INDEX.md | 2 +- .../ecommerce/magento-open-source/INDEX.md | 2 +- .../ecommerce/medusa/INDEX.md | 2 +- .../ecommerce/opencart/INDEX.md | 2 +- .../ecommerce/openmage/INDEX.md | 2 +- .../ecommerce/prestashop/INDEX.md | 2 +- .../ecommerce/saleor/INDEX.md | 2 +- .../ecommerce/shopware/INDEX.md | 2 +- .../ecommerce/woocommerce/INDEX.md | 2 +- .../frameworks/angular/INDEX.md | 2 +- .../frameworks/aspnet-core/INDEX.md | 2 +- .../frameworks/astro/INDEX.md | 2 +- .../frameworks/django/INDEX.md | 2 +- .../frameworks/echo/INDEX.md | 2 +- .../frameworks/esbuild/INDEX.md | 2 +- .../frameworks/express/INDEX.md | 2 +- .../frameworks/fastify/INDEX.md | 2 +- .../frameworks/flask/INDEX.md | 2 +- 07-framework-security/frameworks/gin/INDEX.md | 2 +- .../frameworks/hapi/INDEX.md | 2 +- 07-framework-security/frameworks/koa/INDEX.md | 2 +- .../frameworks/laravel/INDEX.md | 2 +- .../frameworks/nestjs/INDEX.md | 2 +- .../frameworks/nextjs/INDEX.md | 2 +- .../frameworks/nodejs/INDEX.md | 2 +- .../frameworks/nuxt/INDEX.md | 2 +- .../frameworks/rails/INDEX.md | 2 +- .../frameworks/react/INDEX.md | 2 +- .../frameworks/spring-boot/INDEX.md | 2 +- .../frameworks/spring-framework/INDEX.md | 2 +- .../frameworks/spring-security/INDEX.md | 2 +- .../frameworks/sveltekit/INDEX.md | 2 +- .../frameworks/symfony/INDEX.md | 2 +- .../frameworks/undici/INDEX.md | 2 +- .../frameworks/vite/INDEX.md | 2 +- 07-framework-security/frameworks/vue/INDEX.md | 2 +- .../frameworks/webpack/INDEX.md | 2 +- .../frameworks/werkzeug/INDEX.md | 2 +- .../platforms/adminer/INDEX.md | 2 +- .../platforms/gitea/INDEX.md | 2 +- .../platforms/gitlab-ce/INDEX.md | 2 +- .../platforms/grafana/INDEX.md | 2 +- .../platforms/jenkins/INDEX.md | 2 +- .../platforms/kibana/INDEX.md | 2 +- .../platforms/mattermost/INDEX.md | 2 +- .../platforms/phpmyadmin/INDEX.md | 2 +- .../platforms/redmine/INDEX.md | 2 +- .../servers/apache-httpd/INDEX.md | 2 +- .../servers/apache-tomcat/INDEX.md | 2 +- 07-framework-security/servers/caddy/INDEX.md | 2 +- .../servers/haproxy/INDEX.md | 2 +- 07-framework-security/servers/nginx/INDEX.md | 2 +- .../servers/traefik/INDEX.md | 2 +- .../generated/dashboard/architecture.json | 5938 ++++++++++++++++ .../generated/dashboard/assets/app.js | 376 +- .../generated/dashboard/assets/styles.css | 168 +- .../dashboard/docs/architecture-library.html | 6030 +++++++++++++++++ .../dashboard/docs/authorization-model.html | 123 + .../dashboard/docs/coverage-matrix.html | 159 + .../dashboard/docs/design-source.html | 4 +- .../docs/frontend-dashboard-design.html | 12 +- .../dashboard/docs/project-features.html | 8 +- .../generated/dashboard/docs/repro-map.html | 838 +++ .../generated/dashboard/docs/root-readme.html | 212 + .../dashboard/docs/secure-code-index.html | 4 +- .../generated/dashboard/docs/source-map.html | 2096 ++++++ .../generated/dashboard/index.html | 59 +- .../dashboard/legacy/architecture.json | 1 + 08-threat-intel/generated/dashboard/runs.json | 14 +- .../generated/dashboard/summary.json | 2 +- 08-threat-intel/generated/latest-ingest.md | 2 +- 08-threat-intel/generated/run-summary.json | 2 +- README.md | 2 + docs/frontend-dashboard-design.md | 8 +- docs/project-features.md | 4 +- scripts/intel/validators.py | 7 + .../dashboard_templates/lovart/assets/app.js | 376 +- .../lovart/assets/styles.css | 168 +- .../lab/dashboard_templates/lovart/index.html | 59 +- scripts/lab/render.py | 508 +- 89 files changed, 16931 insertions(+), 373 deletions(-) create mode 100644 08-threat-intel/generated/dashboard/architecture.json create mode 100644 08-threat-intel/generated/dashboard/docs/architecture-library.html create mode 100644 08-threat-intel/generated/dashboard/docs/authorization-model.html create mode 100644 08-threat-intel/generated/dashboard/docs/coverage-matrix.html create mode 100644 08-threat-intel/generated/dashboard/docs/repro-map.html create mode 100644 08-threat-intel/generated/dashboard/docs/root-readme.html create mode 100644 08-threat-intel/generated/dashboard/docs/source-map.html create mode 120000 08-threat-intel/generated/dashboard/legacy/architecture.json diff --git a/07-framework-security/cms/directus/INDEX.md b/07-framework-security/cms/directus/INDEX.md index 3490b6e8..50f1119c 100644 --- a/07-framework-security/cms/directus/INDEX.md +++ b/07-framework-security/cms/directus/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/discourse/INDEX.md b/07-framework-security/cms/discourse/INDEX.md index 6d268c57..822a7631 100644 --- a/07-framework-security/cms/discourse/INDEX.md +++ b/07-framework-security/cms/discourse/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/drupal/INDEX.md b/07-framework-security/cms/drupal/INDEX.md index aa0b2c13..23e5a240 100644 --- a/07-framework-security/cms/drupal/INDEX.md +++ b/07-framework-security/cms/drupal/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/ghost/INDEX.md b/07-framework-security/cms/ghost/INDEX.md index a294a0c3..4b051a4d 100644 --- a/07-framework-security/cms/ghost/INDEX.md +++ b/07-framework-security/cms/ghost/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/joomla/INDEX.md b/07-framework-security/cms/joomla/INDEX.md index 149c7c1d..5c9670ac 100644 --- a/07-framework-security/cms/joomla/INDEX.md +++ b/07-framework-security/cms/joomla/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/mediawiki/INDEX.md b/07-framework-security/cms/mediawiki/INDEX.md index 02a524b2..c9666ddb 100644 --- a/07-framework-security/cms/mediawiki/INDEX.md +++ b/07-framework-security/cms/mediawiki/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/moodle/INDEX.md b/07-framework-security/cms/moodle/INDEX.md index cf03ae02..814e82f6 100644 --- a/07-framework-security/cms/moodle/INDEX.md +++ b/07-framework-security/cms/moodle/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/strapi/INDEX.md b/07-framework-security/cms/strapi/INDEX.md index 96fa9770..2c0ac33b 100644 --- a/07-framework-security/cms/strapi/INDEX.md +++ b/07-framework-security/cms/strapi/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/cms/wordpress/INDEX.md b/07-framework-security/cms/wordpress/INDEX.md index 041e7478..ec1a58cc 100644 --- a/07-framework-security/cms/wordpress/INDEX.md +++ b/07-framework-security/cms/wordpress/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/adobe-commerce/INDEX.md b/07-framework-security/ecommerce/adobe-commerce/INDEX.md index 0399713a..4517fa56 100644 --- a/07-framework-security/ecommerce/adobe-commerce/INDEX.md +++ b/07-framework-security/ecommerce/adobe-commerce/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/magento-open-source/INDEX.md b/07-framework-security/ecommerce/magento-open-source/INDEX.md index f6224d16..7ec22d5f 100644 --- a/07-framework-security/ecommerce/magento-open-source/INDEX.md +++ b/07-framework-security/ecommerce/magento-open-source/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/medusa/INDEX.md b/07-framework-security/ecommerce/medusa/INDEX.md index 29fe9e6c..4d6ba965 100644 --- a/07-framework-security/ecommerce/medusa/INDEX.md +++ b/07-framework-security/ecommerce/medusa/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/opencart/INDEX.md b/07-framework-security/ecommerce/opencart/INDEX.md index 070d0031..afb55d22 100644 --- a/07-framework-security/ecommerce/opencart/INDEX.md +++ b/07-framework-security/ecommerce/opencart/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/openmage/INDEX.md b/07-framework-security/ecommerce/openmage/INDEX.md index 86885d0b..9a68fe29 100644 --- a/07-framework-security/ecommerce/openmage/INDEX.md +++ b/07-framework-security/ecommerce/openmage/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/prestashop/INDEX.md b/07-framework-security/ecommerce/prestashop/INDEX.md index fe8b5624..981e4ade 100644 --- a/07-framework-security/ecommerce/prestashop/INDEX.md +++ b/07-framework-security/ecommerce/prestashop/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/saleor/INDEX.md b/07-framework-security/ecommerce/saleor/INDEX.md index e14944c3..a943c50d 100644 --- a/07-framework-security/ecommerce/saleor/INDEX.md +++ b/07-framework-security/ecommerce/saleor/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/shopware/INDEX.md b/07-framework-security/ecommerce/shopware/INDEX.md index 12a5ebb5..aa25d9d9 100644 --- a/07-framework-security/ecommerce/shopware/INDEX.md +++ b/07-framework-security/ecommerce/shopware/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/ecommerce/woocommerce/INDEX.md b/07-framework-security/ecommerce/woocommerce/INDEX.md index 6623069f..1cedb635 100644 --- a/07-framework-security/ecommerce/woocommerce/INDEX.md +++ b/07-framework-security/ecommerce/woocommerce/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/angular/INDEX.md b/07-framework-security/frameworks/angular/INDEX.md index ba9f7fed..93ddc151 100644 --- a/07-framework-security/frameworks/angular/INDEX.md +++ b/07-framework-security/frameworks/angular/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/aspnet-core/INDEX.md b/07-framework-security/frameworks/aspnet-core/INDEX.md index 38210cd9..3d0073f8 100644 --- a/07-framework-security/frameworks/aspnet-core/INDEX.md +++ b/07-framework-security/frameworks/aspnet-core/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/astro/INDEX.md b/07-framework-security/frameworks/astro/INDEX.md index a840ff53..f2df415f 100644 --- a/07-framework-security/frameworks/astro/INDEX.md +++ b/07-framework-security/frameworks/astro/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/django/INDEX.md b/07-framework-security/frameworks/django/INDEX.md index a86f315e..e81fe4fe 100644 --- a/07-framework-security/frameworks/django/INDEX.md +++ b/07-framework-security/frameworks/django/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/echo/INDEX.md b/07-framework-security/frameworks/echo/INDEX.md index c43c8155..80bb48c4 100644 --- a/07-framework-security/frameworks/echo/INDEX.md +++ b/07-framework-security/frameworks/echo/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/esbuild/INDEX.md b/07-framework-security/frameworks/esbuild/INDEX.md index 84a0bc67..2b485601 100644 --- a/07-framework-security/frameworks/esbuild/INDEX.md +++ b/07-framework-security/frameworks/esbuild/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/express/INDEX.md b/07-framework-security/frameworks/express/INDEX.md index 0aaf8678..49a65e1c 100644 --- a/07-framework-security/frameworks/express/INDEX.md +++ b/07-framework-security/frameworks/express/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/fastify/INDEX.md b/07-framework-security/frameworks/fastify/INDEX.md index fd18c9fb..267af5ce 100644 --- a/07-framework-security/frameworks/fastify/INDEX.md +++ b/07-framework-security/frameworks/fastify/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/flask/INDEX.md b/07-framework-security/frameworks/flask/INDEX.md index 4580664c..7f418f17 100644 --- a/07-framework-security/frameworks/flask/INDEX.md +++ b/07-framework-security/frameworks/flask/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/gin/INDEX.md b/07-framework-security/frameworks/gin/INDEX.md index cb9b75bc..a3ee2ec0 100644 --- a/07-framework-security/frameworks/gin/INDEX.md +++ b/07-framework-security/frameworks/gin/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/hapi/INDEX.md b/07-framework-security/frameworks/hapi/INDEX.md index 8e087fe6..5b37c226 100644 --- a/07-framework-security/frameworks/hapi/INDEX.md +++ b/07-framework-security/frameworks/hapi/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/koa/INDEX.md b/07-framework-security/frameworks/koa/INDEX.md index 990ed7a3..c2c14678 100644 --- a/07-framework-security/frameworks/koa/INDEX.md +++ b/07-framework-security/frameworks/koa/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/laravel/INDEX.md b/07-framework-security/frameworks/laravel/INDEX.md index 43c0e8b0..354a34ec 100644 --- a/07-framework-security/frameworks/laravel/INDEX.md +++ b/07-framework-security/frameworks/laravel/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/nestjs/INDEX.md b/07-framework-security/frameworks/nestjs/INDEX.md index ae20cd96..f7230b86 100644 --- a/07-framework-security/frameworks/nestjs/INDEX.md +++ b/07-framework-security/frameworks/nestjs/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/nextjs/INDEX.md b/07-framework-security/frameworks/nextjs/INDEX.md index e9632cac..6cee9efe 100644 --- a/07-framework-security/frameworks/nextjs/INDEX.md +++ b/07-framework-security/frameworks/nextjs/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `26` -- 最近渲染时间: `2026-03-17T08:20:16+00:00` +- 最近渲染时间: `2026-03-17T08:59:42+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/nodejs/INDEX.md b/07-framework-security/frameworks/nodejs/INDEX.md index 7a04e1e0..60912f9b 100644 --- a/07-framework-security/frameworks/nodejs/INDEX.md +++ b/07-framework-security/frameworks/nodejs/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/nuxt/INDEX.md b/07-framework-security/frameworks/nuxt/INDEX.md index a4f3f092..b2d81135 100644 --- a/07-framework-security/frameworks/nuxt/INDEX.md +++ b/07-framework-security/frameworks/nuxt/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:16+00:00` +- 最近渲染时间: `2026-03-17T08:59:42+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/rails/INDEX.md b/07-framework-security/frameworks/rails/INDEX.md index f8bf34e4..27ef63a9 100644 --- a/07-framework-security/frameworks/rails/INDEX.md +++ b/07-framework-security/frameworks/rails/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/react/INDEX.md b/07-framework-security/frameworks/react/INDEX.md index 86499cd1..63f809db 100644 --- a/07-framework-security/frameworks/react/INDEX.md +++ b/07-framework-security/frameworks/react/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:15+00:00` +- 最近渲染时间: `2026-03-17T08:59:41+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/spring-boot/INDEX.md b/07-framework-security/frameworks/spring-boot/INDEX.md index abdbb550..1dc613fc 100644 --- a/07-framework-security/frameworks/spring-boot/INDEX.md +++ b/07-framework-security/frameworks/spring-boot/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/spring-framework/INDEX.md b/07-framework-security/frameworks/spring-framework/INDEX.md index 0fbc2870..c1281900 100644 --- a/07-framework-security/frameworks/spring-framework/INDEX.md +++ b/07-framework-security/frameworks/spring-framework/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/spring-security/INDEX.md b/07-framework-security/frameworks/spring-security/INDEX.md index 435c3405..9b9a864c 100644 --- a/07-framework-security/frameworks/spring-security/INDEX.md +++ b/07-framework-security/frameworks/spring-security/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/sveltekit/INDEX.md b/07-framework-security/frameworks/sveltekit/INDEX.md index 3c63dd66..4225fc30 100644 --- a/07-framework-security/frameworks/sveltekit/INDEX.md +++ b/07-framework-security/frameworks/sveltekit/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/symfony/INDEX.md b/07-framework-security/frameworks/symfony/INDEX.md index 350a5461..fb482185 100644 --- a/07-framework-security/frameworks/symfony/INDEX.md +++ b/07-framework-security/frameworks/symfony/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/undici/INDEX.md b/07-framework-security/frameworks/undici/INDEX.md index 9e7b5b61..2284527f 100644 --- a/07-framework-security/frameworks/undici/INDEX.md +++ b/07-framework-security/frameworks/undici/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `14` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/vite/INDEX.md b/07-framework-security/frameworks/vite/INDEX.md index b47a666e..6db664e5 100644 --- a/07-framework-security/frameworks/vite/INDEX.md +++ b/07-framework-security/frameworks/vite/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `12` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:43+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/vue/INDEX.md b/07-framework-security/frameworks/vue/INDEX.md index 83638d78..e313014f 100644 --- a/07-framework-security/frameworks/vue/INDEX.md +++ b/07-framework-security/frameworks/vue/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:16+00:00` +- 最近渲染时间: `2026-03-17T08:59:42+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/webpack/INDEX.md b/07-framework-security/frameworks/webpack/INDEX.md index d7f2a562..3cc33040 100644 --- a/07-framework-security/frameworks/webpack/INDEX.md +++ b/07-framework-security/frameworks/webpack/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/frameworks/werkzeug/INDEX.md b/07-framework-security/frameworks/werkzeug/INDEX.md index 26587f7f..65f335f8 100644 --- a/07-framework-security/frameworks/werkzeug/INDEX.md +++ b/07-framework-security/frameworks/werkzeug/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/adminer/INDEX.md b/07-framework-security/platforms/adminer/INDEX.md index e8bcd6a9..ffc2ac57 100644 --- a/07-framework-security/platforms/adminer/INDEX.md +++ b/07-framework-security/platforms/adminer/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/gitea/INDEX.md b/07-framework-security/platforms/gitea/INDEX.md index d8d99cc6..cf372e93 100644 --- a/07-framework-security/platforms/gitea/INDEX.md +++ b/07-framework-security/platforms/gitea/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `1` - 待人工/缺浏览器证据: `36` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/gitlab-ce/INDEX.md b/07-framework-security/platforms/gitlab-ce/INDEX.md index 77828aeb..e64787dd 100644 --- a/07-framework-security/platforms/gitlab-ce/INDEX.md +++ b/07-framework-security/platforms/gitlab-ce/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/grafana/INDEX.md b/07-framework-security/platforms/grafana/INDEX.md index 4ee67b4d..6090a088 100644 --- a/07-framework-security/platforms/grafana/INDEX.md +++ b/07-framework-security/platforms/grafana/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/jenkins/INDEX.md b/07-framework-security/platforms/jenkins/INDEX.md index 11e0876d..403088a9 100644 --- a/07-framework-security/platforms/jenkins/INDEX.md +++ b/07-framework-security/platforms/jenkins/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/kibana/INDEX.md b/07-framework-security/platforms/kibana/INDEX.md index 8b010041..d124d8e1 100644 --- a/07-framework-security/platforms/kibana/INDEX.md +++ b/07-framework-security/platforms/kibana/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/mattermost/INDEX.md b/07-framework-security/platforms/mattermost/INDEX.md index ff6c49e4..53a021ca 100644 --- a/07-framework-security/platforms/mattermost/INDEX.md +++ b/07-framework-security/platforms/mattermost/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/phpmyadmin/INDEX.md b/07-framework-security/platforms/phpmyadmin/INDEX.md index c917599e..61452f46 100644 --- a/07-framework-security/platforms/phpmyadmin/INDEX.md +++ b/07-framework-security/platforms/phpmyadmin/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/platforms/redmine/INDEX.md b/07-framework-security/platforms/redmine/INDEX.md index 95793c9e..164b2bbc 100644 --- a/07-framework-security/platforms/redmine/INDEX.md +++ b/07-framework-security/platforms/redmine/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:20+00:00` +- 最近渲染时间: `2026-03-17T08:59:46+00:00` ## 目标约束 diff --git a/07-framework-security/servers/apache-httpd/INDEX.md b/07-framework-security/servers/apache-httpd/INDEX.md index 6401ae3e..6f6bea00 100644 --- a/07-framework-security/servers/apache-httpd/INDEX.md +++ b/07-framework-security/servers/apache-httpd/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/servers/apache-tomcat/INDEX.md b/07-framework-security/servers/apache-tomcat/INDEX.md index 2a271812..bae6afe4 100644 --- a/07-framework-security/servers/apache-tomcat/INDEX.md +++ b/07-framework-security/servers/apache-tomcat/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/servers/caddy/INDEX.md b/07-framework-security/servers/caddy/INDEX.md index 1f9e4a1d..ad6ec1e4 100644 --- a/07-framework-security/servers/caddy/INDEX.md +++ b/07-framework-security/servers/caddy/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/servers/haproxy/INDEX.md b/07-framework-security/servers/haproxy/INDEX.md index d51e8885..4323652d 100644 --- a/07-framework-security/servers/haproxy/INDEX.md +++ b/07-framework-security/servers/haproxy/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/servers/nginx/INDEX.md b/07-framework-security/servers/nginx/INDEX.md index 788c5578..3cfccd8f 100644 --- a/07-framework-security/servers/nginx/INDEX.md +++ b/07-framework-security/servers/nginx/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/07-framework-security/servers/traefik/INDEX.md b/07-framework-security/servers/traefik/INDEX.md index f14d95c3..32f94c33 100644 --- a/07-framework-security/servers/traefik/INDEX.md +++ b/07-framework-security/servers/traefik/INDEX.md @@ -12,7 +12,7 @@ - 已实证(synthetic): `0` - 阻塞数: `0` - 待人工/缺浏览器证据: `0` -- 最近渲染时间: `2026-03-17T08:20:17+00:00` +- 最近渲染时间: `2026-03-17T08:59:44+00:00` ## 目标约束 diff --git a/08-threat-intel/generated/dashboard/architecture.json b/08-threat-intel/generated/dashboard/architecture.json new file mode 100644 index 00000000..982461c3 --- /dev/null +++ b/08-threat-intel/generated/dashboard/architecture.json @@ -0,0 +1,5938 @@ +{ + "generated_at": "2026-03-17T08:59:56+00:00", + "title": "\u5f53\u524d\u67b6\u6784\u5e93", + "summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002", + "sections": [ + { + "title": "\u4ed3\u5e93\u5b9a\u4f4d\u4e0e\u5f53\u524d\u72b6\u6001", + "summary": "\u6388\u6743\u653b\u9632\u5b9e\u9a8c\u4e0e\u7814\u7a76\u77e5\u8bc6\u5e93\uff1b\u4ec5\u9002\u7528\u4e8e\u81ea\u6709\u8d44\u4ea7\u3001\u672c\u5730\u9776\u573a\u548c\u660e\u786e\u6388\u6743\u76ee\u6807\u3002", + "open": true, + "badges": [ + "LAB ONLY", + "AUTHORIZED TARGETS ONLY", + "\u975e\u751f\u4ea7\u5b89\u5168\u57fa\u7ebf" + ], + "stats": [ + { + "label": "\u7eb3\u7ba1\u7cfb\u7edf", + "value": "62" + }, + { + "label": "\u5386\u53f2\u5168\u91cf\u7cfb\u7edf", + "value": "18" + }, + { + "label": "\u8fd1\u4e24\u5e74\u5168\u91cf\u7cfb\u7edf", + "value": "44" + }, + { + "label": "\u5f53\u524d\u8fd0\u884c", + "value": "3" + }, + { + "label": "\u5f53\u524d\u6f0f\u6d1e\u6761\u76ee", + "value": "89" + } + ], + "fields": [ + { + "label": "\u4ed3\u5e93\u6839\u76ee\u5f55", + "value": "/Users/x/websafe" + }, + { + "label": "\u9ed8\u8ba4\u672c\u5730\u5730\u5740", + "value": "http://127.0.0.1:8734/" + }, + { + "label": "\u81ea\u52a8\u5237\u65b0\u5468\u671f", + "value": "5 \u79d2" + }, + { + "label": "\u751f\u6210\u65f6\u95f4", + "value": "2026-03-17T08:59:56+00:00" + } + ], + "links": [ + { + "label": "\u6b63\u5f0f\u5de5\u4f5c\u53f0", + "href": "./index.html", + "description": "\u672c\u5730\u5316\u4e3b UI\uff0c\u9ed8\u8ba4\u5165\u53e3\u3002" + }, + { + "label": "\u65e7\u7248\u5de5\u4f5c\u53f0", + "href": "./legacy/index.html", + "description": "\u4fdd\u7559\u7684 legacy \u56de\u9000\u5165\u53e3\u3002" + }, + { + "label": "\u9879\u76ee\u529f\u80fd\u6587\u6863", + "href": "./docs/project-features.html", + "description": "\u9879\u76ee\u80fd\u529b\u3001\u76ee\u5f55\u7ed3\u6784\u4e0e\u81ea\u52a8\u5316\u94fe\u8def\u603b\u89c8\u3002" + }, + { + "label": "\u524d\u7aef\u8bbe\u8ba1\u6587\u6863", + "href": "./docs/frontend-dashboard-design.html", + "description": "\u5f53\u524d\u672c\u5730\u5de5\u4f5c\u53f0\u7684\u4ea4\u4e92\u4e0e\u89c6\u89c9\u89c4\u8303\u3002" + } + ] + }, + { + "title": "\u6388\u6743\u8fb9\u754c\u4e0e\u76ee\u6807\u6a21\u578b", + "summary": "\u6240\u6709\u5b9e\u9a8c\u90fd\u7ed1\u5b9a\u5230\u672c\u5730\u3001\u81ea\u5efa\u516c\u7f51\u6216\u660e\u786e\u6388\u6743\u76ee\u6807\uff0c\u4e0d\u9762\u5411\u65e0\u5173\u7b2c\u4e09\u65b9\u8d44\u4ea7\u3002", + "open": true, + "stats": [ + { + "label": "\u5141\u8bb8\u76ee\u6807\u7c7b\u578b", + "value": "3" + }, + { + "label": "\u7981\u6b62\u7c7b\u578b", + "value": "1" + } + ], + "fields": [ + { + "label": "\u5141\u8bb8\u76ee\u6807", + "value": "lab-local\nlab-public\nauthorized-third-party" + }, + { + "label": "\u7981\u6b62\u76ee\u6807", + "value": "out-of-scope\n\u65e0\u5f52\u5c5e\u8bc1\u660e\u76ee\u6807\n\u516c\u5171\u77e5\u540d\u7ad9\u70b9\n\u6cdb\u4e92\u8054\u7f51\u679a\u4e3e" + }, + { + "label": "\u5168\u5c40\u539f\u5219", + "value": "\u4efb\u4f55\u516c\u7f51\u9a8c\u8bc1\u524d\u5148\u786e\u8ba4\u8d44\u4ea7\u5f52\u5c5e\u6216\u6388\u6743\u5173\u7cfb\u3002\n\u4f18\u5148\u53ea\u8bfb\u63a2\u6d4b\u3001\u6700\u5c0f\u5316\u56de\u663e\u9a8c\u8bc1\u548c\u4f4e\u9891\u5b9e\u9a8c\u3002\n\u6d89\u53ca\u8d26\u6237\u3001\u4ee4\u724c\u3001\u654f\u611f\u6570\u636e\u548c\u4e1a\u52a1\u5199\u5165\u65f6\u91c7\u7528\u6700\u5c0f\u5fc5\u8981\u52a8\u4f5c\u3002\n\u4e0d\u505a\u6cdb\u4e92\u8054\u7f51\u679a\u4e3e\uff0c\u4e0d\u5bf9\u65e0\u5173\u516c\u5171\u7ad9\u70b9\u590d\u7528\u540c\u7c7b\u6d4b\u8bd5\u3002" + } + ], + "links": [ + { + "label": "\u6388\u6743\u6a21\u578b\u955c\u50cf", + "href": "./docs/authorization-model.html", + "description": "\u76ee\u6807\u5206\u7c7b\u3001\u539f\u5219\u4e0e\u8bb0\u5f55\u8981\u6c42\u3002" + }, + { + "label": "\u9879\u76ee README \u955c\u50cf", + "href": "./docs/root-readme.html", + "description": "\u4ed3\u5e93\u5b9a\u4f4d\u3001\u80fd\u529b\u77e9\u9635\u4e0e\u81ea\u52a8\u5316\u5165\u53e3\u3002" + } + ] + }, + { + "title": "\u63a7\u5236\u9762\u4e0e\u81ea\u52a8\u5316\u5165\u53e3", + "summary": "Intel \u63a7\u5236\u9762\u8d1f\u8d23\u60c5\u62a5\u5165\u5e93\uff1bLab \u63a7\u5236\u9762\u8d1f\u8d23\u672c\u5730\u90e8\u7f72\u3001\u653b\u51fb\u9a8c\u8bc1\u3001\u8bc1\u636e\u6536\u96c6\u548c\u770b\u677f\u751f\u6210\u3002", + "open": true, + "items": [ + { + "title": "\u60c5\u62a5\u63a7\u5236\u9762\uff08Intel\uff09", + "summary": "\u8d1f\u8d23 source adapter\u3001\u89c4\u8303\u5316\u3001\u6e32\u67d3\u3001\u6821\u9a8c\u548c PR \u6d41\u7a0b\u3002", + "open": false, + "fields": [ + { + "label": "CLI \u5165\u53e3", + "value": "python3 /Users/x/websafe/scripts/intel/main.py" + }, + { + "label": "\u4e3b\u8981\u547d\u4ee4", + "value": "render\nvalidate\nhotlane\ningest --since last-success\nreconcile\nbackfill --tier history-full --dry-run\nopen-pr --dry-run" + }, + { + "label": "\u5b9a\u65f6\u5165\u53e3", + "value": "scripts/intel/run-hourly.sh\nscripts/intel/run-nightly.sh\nscripts/intel/run-weekly-reconcile.sh" + } + ] + }, + { + "title": "\u5b9e\u8bc1\u63a7\u5236\u9762\uff08Lab\uff09", + "summary": "\u8d1f\u8d23 catalog\u3001compose\u3001seed\u3001baseline\u3001attack\u3001browser\u3001evidence\u3001render \u548c queue\u3002", + "open": false, + "fields": [ + { + "label": "CLI \u5165\u53e3", + "value": "python3 /Users/x/websafe/scripts/lab/main.py" + }, + { + "label": "\u4e3b\u8981\u547d\u4ee4", + "value": "catalog sync\nvalidate\nrun-case\nrun-system\nrun-batch\nrender-run\nserve-dashboard --port 8734\ncleanup\nretry-failures" + }, + { + "label": "\u5173\u952e\u6a21\u5757", + "value": "catalog/\nprovision/\ncompose/\nseed/\nbaseline/\nattack/\nbrowser/\nevidence/\nrender/\nqueue/" + } + ] + } + ] + }, + { + "title": "\u6570\u636e\u5c42\u4e0e\u672c\u5730\u5730\u5740", + "summary": "Registry\u3001\u751f\u6210\u5c42\u3001run bundle \u4e0e docs \u955c\u50cf\u5171\u540c\u6784\u6210\u5de5\u4f5c\u53f0\u7684\u672c\u5730\u6570\u636e\u9762\u3002", + "open": true, + "items": [ + { + "title": "\u771f\u503c\u5c42", + "summary": "\u7edf\u4e00\u7684 registry \u4e0e repro/source \u914d\u7f6e\u3002", + "open": false, + "fields": [ + { + "label": "\u6f0f\u6d1e\u6761\u76ee Registry", + "value": "08-threat-intel/registry/advisories/*.json" + }, + { + "label": "\u7cfb\u7edf Registry", + "value": "08-threat-intel/registry/systems/*.json" + }, + { + "label": "\u8fd0\u884c Registry", + "value": "08-threat-intel/registry/runs/*.json" + }, + { + "label": "source-map \u771f\u503c", + "value": "08-threat-intel/source-map.yaml" + }, + { + "label": "repro-map \u771f\u503c", + "value": "08-threat-intel/repro-map.yaml" + } + ] + }, + { + "title": "\u751f\u6210\u5c42\u4e0e\u5c55\u793a\u5c42", + "summary": "dashboard JSON\u3001run report\u3001docs \u955c\u50cf\u4e0e\u672c\u5730\u9759\u6001 UI\u3002", + "open": false, + "links": [ + { + "label": "\u6b63\u5f0f\u5de5\u4f5c\u53f0", + "href": "./index.html", + "description": "\u672c\u5730\u5316\u4e3b UI\uff0c\u9ed8\u8ba4\u5165\u53e3\u3002" + }, + { + "label": "\u65e7\u7248\u5de5\u4f5c\u53f0", + "href": "./legacy/index.html", + "description": "\u4fdd\u7559\u7684 legacy \u56de\u9000\u5165\u53e3\u3002" + }, + { + "label": "\u9879\u76ee\u529f\u80fd\u6587\u6863", + "href": "./docs/project-features.html", + "description": "\u9879\u76ee\u80fd\u529b\u3001\u76ee\u5f55\u7ed3\u6784\u4e0e\u81ea\u52a8\u5316\u94fe\u8def\u603b\u89c8\u3002" + }, + { + "label": "\u524d\u7aef\u8bbe\u8ba1\u6587\u6863", + "href": "./docs/frontend-dashboard-design.html", + "description": "\u5f53\u524d\u672c\u5730\u5de5\u4f5c\u53f0\u7684\u4ea4\u4e92\u4e0e\u89c6\u89c9\u89c4\u8303\u3002" + }, + { + "label": "\u5b89\u5168\u7f16\u7801\u7d22\u5f15", + "href": "./docs/secure-code-index.html", + "description": "secure-code \u4fee\u590d\u5e93\u672c\u5730\u955c\u50cf\u3002" + }, + { + "label": "README \u955c\u50cf", + "href": "./docs/root-readme.html", + "description": "\u4ed3\u5e93\u6839 README \u7684\u672c\u5730\u955c\u50cf\u3002" + }, + { + "label": "\u6388\u6743\u6a21\u578b", + "href": "./docs/authorization-model.html", + "description": "\u5141\u8bb8\u76ee\u6807\u8303\u56f4\u3001\u5168\u5c40\u539f\u5219\u4e0e\u8bb0\u5f55\u8981\u6c42\u3002" + }, + { + "label": "source-map \u771f\u503c", + "href": "./docs/source-map.html", + "description": "\u7cfb\u7edf\u8986\u76d6\u3001\u6765\u6e90\u548c\u8f93\u51fa\u76ee\u5f55\u771f\u503c\u3002" + }, + { + "label": "repro-map \u771f\u503c", + "href": "./docs/repro-map.html", + "description": "\u590d\u73b0\u65cf\u8def\u7531\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002" + }, + { + "label": "\u8986\u76d6\u77e9\u9635", + "href": "./docs/coverage-matrix.html", + "description": "\u81ea\u52a8\u751f\u6210\u8986\u76d6\u6458\u8981\u7684\u672c\u5730\u955c\u50cf\u3002" + }, + { + "label": "\u8bbe\u8ba1\u6765\u6e90\u6e05\u5355", + "href": "./docs/design-source.html", + "description": "Lovart \u6a21\u677f\u672c\u5730 vendor manifest\u3002" + }, + { + "label": "\u67b6\u6784\u5e93\u955c\u50cf", + "href": "./docs/architecture-library.html", + "description": "\u5f53\u524d\u67b6\u6784\u5e93\u7684\u7ed3\u6784\u5316\u955c\u50cf\u9875\u3002" + }, + { + "label": "summary.json", + "href": "./summary.json", + "description": "\u5168\u5c40\u6458\u8981\u3001\u72b6\u6001\u5206\u5e03\u548c\u6700\u8fd1\u5931\u8d25\u3002" + }, + { + "label": "runs.json", + "href": "./runs.json", + "description": "\u6700\u8fd1 run \u7684\u7ed3\u6784\u5316\u8be6\u60c5\u3002" + }, + { + "label": "systems.json", + "href": "./systems.json", + "description": "\u7cfb\u7edf\u7ea7\u8986\u76d6\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u6458\u8981\u3002" + }, + { + "label": "advisories.json", + "href": "./advisories.json", + "description": "advisory \u5143\u6570\u636e\u4e0e\u6765\u6e90\u3002" + }, + { + "label": "profiles.json", + "href": "./profiles.json", + "description": "repro profile \u5143\u6570\u636e\u3002" + }, + { + "label": "architecture.json", + "href": "./architecture.json", + "description": "\u5f53\u524d\u67b6\u6784\u5e93\u7ed3\u6784\u5316 JSON\u3002" + } + ], + "fields": [ + { + "label": "\u5de5\u4f5c\u53f0\u6839\u76ee\u5f55", + "value": "08-threat-intel/generated/dashboard/" + }, + { + "label": "\u8fd0\u884c\u5f52\u6863\u6839\u76ee\u5f55", + "value": "06-case-studies/generated-runs//" + }, + { + "label": "\u5de5\u4f5c\u53f0\u5165\u53e3", + "value": "/index.html" + }, + { + "label": "\u65e7\u7248\u5165\u53e3", + "value": "/legacy/index.html" + } + ] + } + ] + }, + { + "title": "\u7cfb\u7edf\u8986\u76d6\u5206\u7ec4", + "summary": "\u57fa\u4e8e source-map \u548c repro-map \u751f\u6210\u7684\u5f53\u524d\u5206\u7ec4\u89c6\u56fe\uff0c\u53ef\u5c55\u5f00\u67e5\u770b\u6bcf\u4e2a\u7cfb\u7edf\u7684\u6765\u6e90\u3001\u8f93\u51fa\u76ee\u5f55\u548c\u590d\u73b0\u9ed8\u8ba4\u503c\u3002", + "open": true, + "items": [ + { + "title": "CMS / \u5185\u5bb9\u5e73\u53f0", + "summary": "9 \u4e2a\u7cfb\u7edf \u00b7 \u5386\u53f2\u5168\u91cf 3 \u00b7 \u8fd1\u4e24\u5e74\u5168\u91cf 6", + "open": false, + "stats": [ + { + "label": "\u7cfb\u7edf\u6570", + "value": "9" + }, + { + "label": "\u5386\u53f2\u5168\u91cf", + "value": "3" + }, + { + "label": "\u8fd1\u4e24\u5e74\u5168\u91cf", + "value": "6" + } + ], + "items": [ + { + "title": "Directus (directus)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/directus" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "directus" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Directus GitHub Advisories\nOSV Directus" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Discourse (discourse)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/discourse" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "discourse" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Discourse Meta Security\nGitHub Discourse Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Drupal (drupal)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, module", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 1", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/drupal" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nmodule" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\nfile-upload-validation\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "drupal:drupal" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "drupal\ndrupal core" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Drupal Security Advisories RSS\nNVD Drupal" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "Drupal Security Advisories Site" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Ghost (ghost)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/ghost" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "ghost" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Ghost GitHub Advisories\nNVD Ghost" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Joomla (joomla)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/joomla" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nfile-upload-validation\npath-traversal-guard\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "joomla:joomla!" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "joomla" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Joomla Security Centre\nNVD Joomla" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "MediaWiki (mediawiki)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/mediawiki" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nauthz-server-side-recheck\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "mediawiki:mediawiki" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "mediawiki" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "MediaWiki Security Releases\nNVD MediaWiki" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Moodle (moodle)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/moodle" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "moodle:moodle" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "moodle" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Moodle Security News\nNVD Moodle" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Strapi (strapi)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/strapi" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "strapi" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Strapi GitHub Advisories\nOSV Strapi" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "WordPress (wordpress)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 3", + "\u7814\u7a76\u6e90 1" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/cms/wordpress" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "plugin-extension-trust-policy\nxss-output-encoding\nfile-upload-validation\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "wordpress:wordpress" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "wordpress\nwp-admin\nwp-includes" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "WordPress Security News\nNVD WordPress" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "Wordfence Vulnerability Database\nPatchstack Database\nWPScan Vulnerability Database" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "PortSwigger Research" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + } + ] + }, + { + "title": "Web \u6846\u67b6\u4e0e\u8fd0\u884c\u65f6", + "summary": "29 \u4e2a\u7cfb\u7edf \u00b7 \u5386\u53f2\u5168\u91cf 6 \u00b7 \u8fd1\u4e24\u5e74\u5168\u91cf 23", + "open": false, + "stats": [ + { + "label": "\u7cfb\u7edf\u6570", + "value": "29" + }, + { + "label": "\u5386\u53f2\u5168\u91cf", + "value": "6" + }, + { + "label": "\u8fd1\u4e24\u5e74\u5168\u91cf", + "value": "23" + } + ], + "items": [ + { + "title": "ASP.NET Core (aspnet-core)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 1", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/aspnet-core" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "microsoft:asp.net_core" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "asp.net core" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "NVD ASP.NET Core" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Angular (angular)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/angular" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\ntemplate-injection-guard\ncsp-trusted-types" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "angular" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Angular" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Astro (astro)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/astro" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ncsp-trusted-types" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "astro" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Astro" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "authz-bypass-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Django (django)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/django" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\npath-traversal-guard\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "djangoproject:django" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "django" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Django Security RSS\nOSV Django" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Echo (echo)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 1", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/echo" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "echo" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "OSV Echo" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Express (express)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/express" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nssrf-url-validation\nproxy-trust-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "express" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Express" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Fastify (fastify)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/fastify" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nssrf-url-validation\nxss-output-encoding" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "fastify" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Fastify" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Flask (flask)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/flask" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nssrf-url-validation\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "flask" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "OSV Flask\nGitHub Global Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Gin (gin)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 1", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/gin" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nxss-output-encoding" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "gin" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "OSV Gin" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Hapi (hapi)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/hapi" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "hapi" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Hapi" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Koa (koa)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/koa" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nssrf-url-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "koa" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Koa" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Laravel (laravel)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/laravel" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nauthz-server-side-recheck\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "laravel" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Laravel" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "NestJS (nestjs)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/nestjs" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage\nssrf-url-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "nestjs" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV NestJS" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "ssrf-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Next.js (nextjs)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/nextjs" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nproxy-trust-boundary\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "next.js\nnext" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Next.js Advisories\nGitHub Global Advisories\nOSV Next.js" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-source\nsynthetic\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Node.js (nodejs)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/nodejs" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "ssrf-url-validation\nrequest-smuggling-boundary\ndependency-upgrade-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "nodejs:node.js" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "nodejs\nnode.js" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Node.js Security Releases\nCISA KEV Node.js" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "ssrf-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-source\nsynthetic\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Nuxt (nuxt)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/nuxt" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nproxy-trust-boundary\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "nuxt" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Nuxt Security\nGitHub Global Advisories\nOSV Nuxt" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-source\nsynthetic\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "React (react)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/react" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\ndom-sink-hardening\ncsp-trusted-types" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "react\nreact-dom" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub React Advisories\nGitHub Global Advisories\nOSV React" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Ruby on Rails (rails)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/rails" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nfile-upload-validation\nauthz-server-side-recheck" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "rails" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Rails" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Spring Boot (spring-boot)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/spring-boot" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nauthz-server-side-recheck" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "spring boot" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Spring Security Advisories\nGitHub Global Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Spring Framework (spring-framework)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/spring-framework" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\npath-traversal-guard\ndeserialization-safety" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "vmware:spring_framework" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "spring framework" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Spring Security Advisories\nGitHub Global Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "deserialization-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Spring Security (spring-security)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/spring-security" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage\nproxy-trust-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "spring security" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Spring Security Advisories\nGitHub Global Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "SvelteKit (sveltekit)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/sveltekit" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "sveltekit\nsvelte" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV SvelteKit" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "session-token-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Symfony (symfony)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/symfony" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nauthz-server-side-recheck\npath-traversal-guard" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "symfony" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Symfony" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Undici (undici)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/undici" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "ssrf-url-validation\nproxy-trust-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "undici" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV Undici" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Vite (vite)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/vite" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "dependency-upgrade-policy\nfile-upload-validation\nproxy-trust-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "vite" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Vite Security\nGitHub Global Advisories\nOSV Vite" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-source\nsynthetic\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Vue (vue)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/vue" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\ntemplate-injection-guard\ncsp-trusted-types" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "vue\nvue compiler" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Vue Security\nGitHub Global Advisories\nOSV Vue" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-source\nsynthetic\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Werkzeug (werkzeug)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/werkzeug" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nrequest-smuggling-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "werkzeug" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "OSV Werkzeug\nGitHub Global Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "esbuild (esbuild)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/esbuild" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "dependency-upgrade-policy\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "esbuild" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV esbuild" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "webpack (webpack)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/frameworks/webpack" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "dependency-upgrade-policy\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "webpack" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Global Advisories\nOSV webpack" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + } + ] + }, + { + "title": "\u5f00\u6e90\u5e73\u53f0\u4e0e\u540e\u53f0\u7cfb\u7edf", + "summary": "9 \u4e2a\u7cfb\u7edf \u00b7 \u5386\u53f2\u5168\u91cf 0 \u00b7 \u8fd1\u4e24\u5e74\u5168\u91cf 9", + "open": false, + "stats": [ + { + "label": "\u7cfb\u7edf\u6570", + "value": "9" + }, + { + "label": "\u5386\u53f2\u5168\u91cf", + "value": "0" + }, + { + "label": "\u8fd1\u4e24\u5e74\u5168\u91cf", + "value": "9" + } + ], + "items": [ + { + "title": "Adminer (adminer)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 1", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/adminer" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nauthz-server-side-recheck" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "adminer:adminer" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "adminer" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "NVD Adminer" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "GitLab CE (gitlab-ce)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 1", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/gitlab-ce" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage\ndeserialization-safety" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "gitlab:gitlab" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "gitlab" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitLab Security Releases\nNVD GitLab" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "GitLab Advisory Database" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "deserialization-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Gitea (gitea)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/gitea" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage\nproxy-trust-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "gitea" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Gitea Advisories\nOSV Gitea" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Grafana (grafana)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/grafana" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nplugin-extension-trust-policy\nxss-output-encoding" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "grafana:grafana" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "grafana" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Grafana Security Advisories\nCISA KEV Grafana" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Jenkins (jenkins)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/jenkins" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "plugin-extension-trust-policy\nauthz-server-side-recheck\ndeserialization-safety" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "jenkins:jenkins" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "jenkins" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Jenkins Security Advisories\nNVD Jenkins" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "deserialization-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Kibana (kibana)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/kibana" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\nproxy-trust-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "elastic:kibana" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "kibana" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Elastic Security Announcements\nNVD Kibana" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Mattermost (mattermost)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/mattermost" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "mattermost:mattermost" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "mattermost" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Mattermost Security Updates\nNVD Mattermost" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Redmine (redmine)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, plugin", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/redmine" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nplugin" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nxss-output-encoding\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "redmine:redmine" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "redmine" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Redmine Security Advisories\nNVD Redmine" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "phpMyAdmin (phpmyadmin)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/platforms/phpmyadmin" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "xss-output-encoding\nauthz-server-side-recheck\npath-traversal-guard" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "phpmyadmin:phpmyadmin" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "phpmyadmin" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "phpMyAdmin Security Page\nNVD phpMyAdmin" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + } + ] + }, + { + "title": "\u670d\u52a1\u5668\u4e0e\u8fb9\u754c\u5c42", + "summary": "6 \u4e2a\u7cfb\u7edf \u00b7 \u5386\u53f2\u5168\u91cf 3 \u00b7 \u8fd1\u4e24\u5e74\u5168\u91cf 3", + "open": false, + "stats": [ + { + "label": "\u7cfb\u7edf\u6570", + "value": "6" + }, + { + "label": "\u5386\u53f2\u5168\u91cf", + "value": "3" + }, + { + "label": "\u8fd1\u4e24\u5e74\u5168\u91cf", + "value": "3" + } + ], + "items": [ + { + "title": "Apache HTTP Server (apache-httpd)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 server", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/servers/apache-httpd" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "server" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "request-smuggling-boundary\nproxy-trust-boundary\npath-traversal-guard" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "apache:http_server" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "apache http server\nhttpd" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Apache HTTPD Security\nCISA KEV Apache HTTPD\nNVD Apache HTTP Server" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Apache Tomcat (apache-tomcat)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 server", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/servers/apache-tomcat" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "server" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "request-smuggling-boundary\nauthz-server-side-recheck\npath-traversal-guard" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "apache:tomcat" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "tomcat" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Apache Tomcat Security\nCISA KEV Tomcat\nNVD Tomcat" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "authz-bypass-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Caddy (caddy)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 server", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/servers/caddy" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "server" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nrequest-smuggling-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "caddy" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Caddy Advisories\nOSV Caddy" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "HAProxy (haproxy)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 server", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/servers/haproxy" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "server" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nrequest-smuggling-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "haproxy:haproxy" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "haproxy" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "HAProxy Security Advisories\nNVD HAProxy" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Nginx (nginx)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 server", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 3", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/servers/nginx" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "server" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nrequest-smuggling-boundary\ncsp-trusted-types" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "f5:nginx\nnginx:nginx" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "nginx" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "NGINX Security Advisories\nNVD NGINX\nCISA KEV NGINX" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Traefik (traefik)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 server", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/servers/traefik" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "server" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "proxy-trust-boundary\nrequest-smuggling-boundary" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "traefik" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Traefik Advisories\nOSV Traefik" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "proxy-boundary-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u5426" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "minimal-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + } + ] + }, + { + "title": "\u7535\u5546\u7cfb\u7edf", + "summary": "9 \u4e2a\u7cfb\u7edf \u00b7 \u5386\u53f2\u5168\u91cf 6 \u00b7 \u8fd1\u4e24\u5e74\u5168\u91cf 3", + "open": false, + "stats": [ + { + "label": "\u7cfb\u7edf\u6570", + "value": "9" + }, + { + "label": "\u5386\u53f2\u5168\u91cf", + "value": "6" + }, + { + "label": "\u8fd1\u4e24\u5e74\u5168\u91cf", + "value": "3" + } + ], + "items": [ + { + "title": "Adobe Commerce (adobe-commerce)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 1", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/adobe-commerce" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nfile-upload-validation\nxss-output-encoding\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "adobe:commerce\nmagento:magento" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "magento\nadobe commerce" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Adobe Security Bulletins\nNVD Adobe Commerce" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "Sansec Research" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Magento Open Source (magento-open-source)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 1", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/magento-open-source" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nfile-upload-validation\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "magento:magento" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "magento" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Magento GitHub Advisories\nNVD Magento" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "Sansec Research" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Medusa (medusa)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/medusa" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "medusa" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Medusa Advisories\nOSV Medusa" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "session-token-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "OpenCart (opencart)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/opencart" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nplugin-extension-trust-policy\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "opencart:opencart" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "opencart" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "OpenCart Releases\nNVD OpenCart" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "OpenMage / Mage-OS (openmage)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/openmage" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nplugin-extension-trust-policy" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "openmage\nmage-os" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "OpenMage GitHub Advisories\nNVD OpenMage" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "plugin-extension-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "PrestaShop (prestashop)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, module", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 1", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/prestashop" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nmodule" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "plugin-extension-trust-policy\nauthz-server-side-recheck\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "prestashop:prestashop" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "prestashop" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "PrestaShop Security Page\nGitHub PrestaShop Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "Friends Of Presta Security" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "official-image\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Saleor (saleor)", + "summary": "\u8fd1\u4e24\u5e74\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u8fd1\u4e24\u5e74\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/saleor" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\ntoken-cookie-storage" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "saleor" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "GitHub Saleor Advisories\nNVD Saleor" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "session-token-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "Shopware (shopware)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 0", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/shopware" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "authz-server-side-recheck\nplugin-extension-trust-policy\nfile-upload-validation" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "shopware" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Shopware Security Advisories\nNVD Shopware" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "-" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "file-upload-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + }, + { + "title": "WooCommerce (woocommerce)", + "summary": "\u5386\u53f2\u5168\u91cf \u00b7 core, extension", + "open": false, + "badges": [ + "\u5386\u53f2\u5168\u91cf", + "\u5b98\u65b9\u6e90 2", + "\u751f\u6001\u6e90 2", + "\u7814\u7a76\u6e90 0" + ], + "fields": [ + { + "label": "\u8f93\u51fa\u76ee\u5f55", + "value": "07-framework-security/ecommerce/woocommerce" + }, + { + "label": "Advisory \u6a21\u5f0f", + "value": "core\nextension" + }, + { + "label": "Secure-Code \u4e3b\u9898", + "value": "plugin-extension-trust-policy\nxss-output-encoding\nauthz-server-side-recheck" + }, + { + "label": "CPE \u5173\u952e\u5b57", + "value": "-" + }, + { + "label": "GHSA \u5173\u952e\u5b57", + "value": "woocommerce" + } + ], + "items": [ + { + "title": "\u6765\u6e90\u914d\u7f6e", + "summary": "\u5b98\u65b9\u3001\u751f\u6001\u6743\u5a01\u4e0e\u7814\u7a76\u8865\u5145\u6765\u6e90\u3002", + "open": false, + "fields": [ + { + "label": "\u5b98\u65b9\u6765\u6e90", + "value": "Woo Developer Advisories\nGitHub WooCommerce Advisories" + }, + { + "label": "\u751f\u6001\u6765\u6e90", + "value": "Patchstack Database\nWordfence Vulnerability Database" + }, + { + "label": "\u7814\u7a76\u6765\u6e90", + "value": "-" + } + ] + }, + { + "title": "\u590d\u73b0\u9ed8\u8ba4\u503c", + "summary": "repro-map \u4e2d\u7684\u9ed8\u8ba4\u653b\u51fb\u65cf\u3001\u6d4f\u89c8\u5668\u8981\u6c42\u548c\u65e5\u5fd7\u7b56\u7565\u3002", + "open": false, + "fields": [ + { + "label": "\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf", + "value": "xss-generic" + }, + { + "label": "\u6d4f\u89c8\u5668\u9ed8\u8ba4\u8981\u6c42", + "value": "\u662f" + }, + { + "label": "\u4f18\u5148\u5236\u54c1\u6a21\u5f0f", + "value": "synthetic\nofficial-source\nsynthetic" + }, + { + "label": "\u79cd\u5b50\u7b56\u7565", + "value": "default-seed" + }, + { + "label": "\u65e5\u5fd7\u91c7\u96c6\u5668", + "value": "docker-logs\nhttp-snapshot" + }, + { + "label": "\u62a5\u544a\u6a21\u677f", + "value": "default-lab-report" + } + ] + } + ] + } + ] + } + ] + }, + { + "title": "Repro \u8def\u7531\u6982\u89c8", + "summary": "\u6309\u9ed8\u8ba4\u6f0f\u6d1e\u5bb6\u65cf\u805a\u5408\u5f53\u524d\u7cfb\u7edf\u8def\u7531\uff0c\u5e2e\u52a9\u67e5\u770b family runner \u8986\u76d6\u9762\u3002", + "open": true, + "items": [ + { + "title": "xss-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a27", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "27" + } + ] + }, + { + "title": "proxy-boundary-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a16", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "16" + } + ] + }, + { + "title": "file-upload-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a8", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "8" + } + ] + }, + { + "title": "deserialization-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a3", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "3" + } + ] + }, + { + "title": "session-token-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a3", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "3" + } + ] + }, + { + "title": "authz-bypass-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a2", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "2" + } + ] + }, + { + "title": "ssrf-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a2", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "2" + } + ] + }, + { + "title": "plugin-extension-generic", + "summary": "\u9ed8\u8ba4\u8def\u7531\u5230\u8be5 family \u7684\u7cfb\u7edf\u6570\uff1a1", + "open": false, + "fields": [ + { + "label": "\u7cfb\u7edf\u6570\u91cf", + "value": "1" + } + ] + } + ] + }, + { + "title": "\u5f53\u524d\u751f\u6210\u6001\u4e0e\u963b\u585e\u6982\u89c8", + "summary": "\u5f53\u524d render \u540e\u7684\u72b6\u6001\u5206\u5e03\u3001\u5931\u8d25\u6458\u8981\u4e0e\u6700\u8fd1\u53ef\u89c1\u963b\u585e\u3002", + "open": true, + "stats": [ + { + "label": "Run \u6570", + "value": "3" + }, + { + "label": "Advisory \u6570", + "value": "89" + }, + { + "label": "\u72b6\u6001\u7c7b\u578b", + "value": "2" + }, + { + "label": "\u6700\u8fd1\u5931\u8d25", + "value": "3" + } + ], + "items": [ + { + "title": "\u72b6\u6001\u5206\u5e03", + "summary": "verification_status \u5f53\u524d\u8ba1\u6570\u3002", + "open": false, + "items": [ + { + "title": "\u5236\u54c1\u963b\u585e", + "summary": "\u5f53\u524d\u7d2f\u8ba1 2 \u6761\u3002", + "open": false, + "fields": [ + { + "label": "\u72b6\u6001\u7f16\u7801", + "value": "blocked-artifact" + }, + { + "label": "\u6570\u91cf", + "value": "2" + } + ] + }, + { + "title": "\u4eba\u5de5\u5206\u8bca", + "summary": "\u5f53\u524d\u7d2f\u8ba1 1 \u6761\u3002", + "open": false, + "fields": [ + { + "label": "\u72b6\u6001\u7f16\u7801", + "value": "triage-manual" + }, + { + "label": "\u6570\u91cf", + "value": "1" + } + ] + } + ] + }, + { + "title": "\u6700\u8fd1\u5931\u8d25", + "summary": "\u5f53\u524d dashboard \u6458\u8981\u91cc\u53ef\u89c1\u7684\u5931\u8d25\u6216\u4eba\u5de5\u5206\u8bca\u6837\u672c\u3002", + "open": false, + "items": [ + { + "title": "Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea", + "summary": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?", + "open": false, + "badges": [ + "\u5236\u54c1\u963b\u585e" + ], + "fields": [ + { + "label": "\u8fd0\u884c ID", + "value": "gitea-livecheck-20260316" + }, + { + "label": "\u6f0f\u6d1e\u6761\u76ee", + "value": "gitea--CVE-2025-68939" + }, + { + "label": "\u72b6\u6001", + "value": "\u5236\u54c1\u963b\u585e" + }, + { + "label": "\u963b\u585e\u539f\u56e0", + "value": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?" + } + ] + }, + { + "title": "Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea", + "summary": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?", + "open": false, + "badges": [ + "\u5236\u54c1\u963b\u585e" + ], + "fields": [ + { + "label": "\u8fd0\u884c ID", + "value": "gitea-gitea--CVE-2025-68939-20260317063330" + }, + { + "label": "\u6f0f\u6d1e\u6761\u76ee", + "value": "gitea--CVE-2025-68939" + }, + { + "label": "\u72b6\u6001", + "value": "\u5236\u54c1\u963b\u585e" + }, + { + "label": "\u963b\u585e\u539f\u56e0", + "value": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?" + } + ] + }, + { + "title": "Authorization Bypass in Next.js Middleware", + "summary": "dry-run only", + "open": false, + "badges": [ + "\u4eba\u5de5\u5206\u8bca" + ], + "fields": [ + { + "label": "\u8fd0\u884c ID", + "value": "nextjs-nextjs--CVE-2025-29927-20260317063047" + }, + { + "label": "\u6f0f\u6d1e\u6761\u76ee", + "value": "nextjs--CVE-2025-29927" + }, + { + "label": "\u72b6\u6001", + "value": "\u4eba\u5de5\u5206\u8bca" + }, + { + "label": "\u963b\u585e\u539f\u56e0", + "value": "dry-run only" + } + ] + } + ] + } + ] + } + ] +} diff --git a/08-threat-intel/generated/dashboard/assets/app.js b/08-threat-intel/generated/dashboard/assets/app.js index 519437b9..d9dab9f2 100644 --- a/08-threat-intel/generated/dashboard/assets/app.js +++ b/08-threat-intel/generated/dashboard/assets/app.js @@ -4,6 +4,7 @@ const state = { systems: [], advisories: {}, profiles: {}, + architecture: null, selectedRunId: null, selectedArtifact: null, refreshHandle: null, @@ -21,12 +22,33 @@ const state = { evidence: true, logs: true, sources: true, + architecture: true, run_json: false, advisory_json: false, profile_json: false } }; +const STATUS_LABELS = { + "verified-real": "真实版本已实证", + "verified-synthetic": "合成靶场已实证", + "blocked-artifact": "制品阻塞", + "blocked-destructive": "破坏性风险阻塞", + "triage-manual": "人工分诊", + suspected: "仅疑似命中", + completed: "已完成", + failed: "失败", + skipped: "已跳过", + planned: "已规划", + unknown: "未知" +}; + +const ARTIFACT_KIND_LABELS = { + image: "图片", + text: "文本", + link: "链接" +}; + const $ = (id) => document.getElementById(id); const icon = (name, className = "icon") => ``; @@ -37,7 +59,7 @@ const statusClass = (status) => ({ "blocked-artifact": "status-pill status-blocked-artifact", "blocked-destructive": "status-pill status-blocked-destructive", "triage-manual": "status-pill status-triage-manual", - "suspected": "status-pill status-suspected", + suspected: "status-pill status-suspected", completed: "status-pill status-verified-real", failed: "status-pill status-blocked-artifact", skipped: "status-pill status-triage-manual" @@ -52,21 +74,37 @@ function escapeHtml(value) { } function formatStatus(value) { - return String(value || "unknown").replaceAll("-", " "); + return STATUS_LABELS[value] || String(value || "unknown").replaceAll("-", " "); +} + +function formatDateTime(value) { + if (!value) return "-"; + const date = new Date(value); + if (Number.isNaN(date.getTime())) return String(value); + return date.toLocaleString("zh-CN", { + hour12: false, + year: "numeric", + month: "2-digit", + day: "2-digit", + hour: "2-digit", + minute: "2-digit", + second: "2-digit" + }); } function timeAgo(value) { if (!value) return "-"; const diff = Date.now() - new Date(value).getTime(); - if (Number.isNaN(diff)) return value; + if (Number.isNaN(diff)) return String(value); const seconds = Math.floor(diff / 1000); - if (seconds < 60) return `${seconds}s ago`; + if (seconds <= 5) return "刚刚"; + if (seconds < 60) return `${seconds} 秒前`; const minutes = Math.floor(seconds / 60); - if (minutes < 60) return `${minutes}m ago`; + if (minutes < 60) return `${minutes} 分钟前`; const hours = Math.floor(minutes / 60); - if (hours < 24) return `${hours}h ago`; + if (hours < 24) return `${hours} 小时前`; const days = Math.floor(hours / 24); - return `${days}d ago`; + return `${days} 天前`; } async function fetchJson(url) { @@ -94,30 +132,30 @@ function metricCards() { return [ { - label: "Total Runs", + label: "运行总数", value: state.summary?.run_count || 0, - note: `${state.summary?.advisory_count || 0} advisories indexed`, + note: `已索引漏洞条目 ${state.summary?.advisory_count || 0} 条`, color: "var(--accent-purple)", iconName: "report" }, { - label: "Success", + label: "实证成功", value: successCount, - note: "verified-real + verified-synthetic", + note: "真实版本 + 合成靶场", color: "var(--accent-green)", iconName: "shield" }, { - label: "Blocked", + label: "当前阻塞", value: blockedCount, - note: "artifact or destructive blockers", + note: "制品阻塞或破坏性风险阻塞", color: "var(--accent-red)", iconName: "failure" }, { - label: "In Progress", + label: "待处理 / 进行中", value: inProgressCount, - note: "manual review or incomplete verification", + note: "人工分诊、待补证据或未完成实证", color: "var(--accent-blue)", iconName: "timeline" } @@ -149,11 +187,16 @@ function renderSyncState(kind, title, detail) { $("syncState").dataset.kind = kind; } +function optionLabel(kind, value) { + if (kind === "status") return formatStatus(value); + return value; +} + function hydrateFilters() { const controls = [ - ["systemFilter", "system", state.runs.map((item) => item.system_id), "All systems"], - ["statusFilter", "status", state.runs.map((item) => item.verification_status), "All statuses"], - ["profileFilter", "profile", state.runs.map((item) => item.repro_profile_id), "All profiles"] + ["systemFilter", "system", state.runs.map((item) => item.system_id), "全部系统"], + ["statusFilter", "status", state.runs.map((item) => item.verification_status), "全部状态"], + ["profileFilter", "profile", state.runs.map((item) => item.repro_profile_id), "全部复现档案"] ]; for (const [id, key, values, label] of controls) { @@ -161,7 +204,7 @@ function hydrateFilters() { const current = state.filters[key]; control.innerHTML = ``; control.innerHTML += distinct(values) - .map((value) => ``) + .map((value) => ``) .join(""); control.value = current; } @@ -198,20 +241,20 @@ function renderSystems() {
${escapeHtml(system.display_name || system.system_id)} - ${escapeHtml(system.browser_present || 0)}/${escapeHtml(system.browser_required || 0)} browser + ${escapeHtml(system.browser_present || 0)}/${escapeHtml(system.browser_required || 0)} 浏览器证据
-
${escapeHtml(system.system_id)} · latest ${escapeHtml(system.latest_update || "-")}
+
${escapeHtml(system.system_id)} · 最近更新 ${escapeHtml(formatDateTime(system.latest_update || "-"))}
- real ${escapeHtml(system.verified_real || 0)} - synthetic ${escapeHtml(system.verified_synthetic || 0)} - blocked ${escapeHtml(system.blocked || 0)} + 真实 ${escapeHtml(system.verified_real || 0)} + 合成 ${escapeHtml(system.verified_synthetic || 0)} + 阻塞 ${escapeHtml(system.blocked || 0)}
`; }) .join("") - : `
No system coverage data.
`; + : `
暂无系统覆盖数据。
`; } function renderRecentFailures() { @@ -226,23 +269,24 @@ function renderRecentFailures() { ${escapeHtml(formatStatus(item.status))}
${escapeHtml(item.title || item.advisory_id)}
-
${escapeHtml(item.blocked_reason || "-")}
+
${escapeHtml(item.blocked_reason || "未提供失败原因。")}
` ) .join("") - : `
No recent blockers.
`; + : `
当前没有最近失败记录。
`; } function renderRunQueue() { const runs = filteredRuns(); - $("runCount").textContent = `${runs.length} shown`; + $("runCount").textContent = `${runs.length} 条`; $("runQueue").innerHTML = runs.length ? runs .map((item) => { const active = item.run_id === state.selectedRunId ? "is-active" : ""; - const browserState = item.browser_evidence?.present ? "ready" : (item.browser_evidence?.required ? "required" : "optional"); + const browserState = item.browser_evidence?.present ? "已采集" : (item.browser_evidence?.required ? "必需待补" : "可选"); const lead = item.reasoning_lines?.[0] || item.blocked_reason || item.advisory_meta?.summary || ""; + const artifactCount = (item.artifact_groups || []).reduce((sum, group) => sum + Number(group.count || 0), 0); return ` `; }) .join("") - : `
No runs match the current filters.
`; + : `
当前筛选条件下没有匹配的运行。
`; document.querySelectorAll("[data-run-id]").forEach((button) => { button.addEventListener("click", () => { @@ -278,18 +322,18 @@ function renderRunQueue() { function progressSegments(progress) { const order = [ - ["completed", "Completed", "progress-completed"], - ["blocked", "Blocked", "progress-blocked"], - ["failed", "Failed", "progress-failed"], - ["skipped", "Skipped", "progress-skipped"], - ["planned", "Planned", "progress-planned"], - ["other", "Other", "progress-other"] + ["completed", "已完成", "progress-completed"], + ["blocked", "已阻塞", "progress-blocked"], + ["failed", "失败", "progress-failed"], + ["skipped", "已跳过", "progress-skipped"], + ["planned", "已规划", "progress-planned"], + ["other", "其他", "progress-other"] ]; const total = order.reduce((sum, [key]) => sum + Number(progress?.[key] || 0), 0); if (!total) { return { bar: `
`, - legend: `no progress` + legend: `暂无进度` }; } const bar = order @@ -379,7 +423,7 @@ async function openArtifact(href, label, kind) { } viewer.innerHTML = `
${escapeHtml(formatted)}
`; } catch (error) { - viewer.innerHTML = `
Artifact load failed: ${escapeHtml(error.message)}
`; + viewer.innerHTML = `
加载 artifact 失败:${escapeHtml(error.message)}
`; } } @@ -396,16 +440,147 @@ function bindPanelToggles() { }); } +function renderArchitectureFields(fields = []) { + if (!fields.length) return ""; + return ` +
+ ${fields + .map( + (field) => ` +
+ ${escapeHtml(field.label || "-")} +
${escapeHtml(field.value || "-")}
+
+ ` + ) + .join("")} +
+ `; +} + +function renderArchitectureStats(stats = []) { + if (!stats.length) return ""; + return ` +
+ ${stats + .map( + (item) => ` +
+ ${escapeHtml(item.label || "-")} + ${escapeHtml(item.value || "-")} +
+ ` + ) + .join("")} +
+ `; +} + +function renderArchitectureLinks(links = []) { + if (!links.length) return ""; + return ` +
+ ${links + .map( + (linkItem) => ` + + ${escapeHtml(linkItem.label || "打开链接")} + ${escapeHtml(linkItem.description || linkItem.href || "")} + + ` + ) + .join("")} +
+ `; +} + +function renderArchitectureNode(node, depth = 0) { + if (!node) return ""; + const children = (node.items || []).map((item) => renderArchitectureNode(item, depth + 1)).join(""); + const fields = renderArchitectureFields(node.fields || []); + const stats = renderArchitectureStats(node.stats || []); + const links = renderArchitectureLinks(node.links || []); + const badges = (node.badges || []) + .map((badge) => `${escapeHtml(badge)}`) + .join(""); + const hasBody = Boolean(children || fields || stats || links || node.summary || badges); + const summaryBlock = ` +
+ ${escapeHtml(node.title || "未命名节点")} + ${node.summary ? `${escapeHtml(node.summary)}` : ""} +
+
+ ${node.items?.length ? `${escapeHtml(node.items.length)} 个子项` : ""} + ${node.fields?.length ? `${escapeHtml(node.fields.length)} 个字段` : ""} + ${node.links?.length ? `${escapeHtml(node.links.length)} 个链接` : ""} +
+ `; + + if (!hasBody) { + return ` +
+ ${summaryBlock} +
+ `; + } + + const openAttr = node.open === false ? "" : "open"; + return ` +
+ + ${summaryBlock} + +
+ ${badges ? `
${badges}
` : ""} + ${stats} + ${fields} + ${links} + ${children ? `
${children}
` : ""} +
+
+ `; +} + +function renderArchitecturePanel() { + const architecture = state.architecture; + if (!architecture) { + return renderPanel("architecture", "当前架构库", "未生成", "systems", `
尚未找到架构 JSON,请先执行渲染命令。
`); + } + const sections = architecture.sections || []; + const content = ` +
+ ${escapeHtml(architecture.title || "当前架构库")} +
${escapeHtml(architecture.summary || "当前工作台的结构化真值视图。")}
+
+ 生成时间 ${escapeHtml(formatDateTime(architecture.generated_at))} + 架构 JSON + 镜像页 + 仓库入口镜像 +
+
+
+ ${sections.length ? sections.map((section) => renderArchitectureNode(section, 0)).join("") : `
架构库目前没有可展示的分区。
`} +
+ `; + return renderPanel("architecture", "当前架构库", `${sections.length} 个分区`, "systems", content); +} + +function renderEmptyWorkspace() { + $("detailWorkspace").innerHTML = ` +
+ ${icon("shield", "icon icon-xl")} +

选择一个运行

+

左侧队列用于切换 run。即使当前没有选中运行,你也可以直接展开下方“当前架构库”查看仓库控制面、数据层、系统分组、授权边界与本地入口。

+
+ ${renderArchitecturePanel()} + `; + bindPanelToggles(); +} + function renderDetail() { const run = state.runs.find((item) => item.run_id === state.selectedRunId); if (!run) { - $("detailWorkspace").innerHTML = ` -
- ${icon("shield", "icon icon-xl")} -

Select a run

-

Pick a run from the left queue to inspect timeline, evidence, logs and raw JSON.

-
- `; + renderEmptyWorkspace(); return; } @@ -413,7 +588,7 @@ function renderDetail() { const profile = run.profile_meta || {}; const screenshotItems = ((run.artifact_groups || []).find((group) => group.key === "browser")?.items || []).filter((item) => item.kind === "image"); const segments = progressSegments(run.progress || {}); - const browserStatus = run.browser_evidence?.present ? "Ready" : (run.browser_evidence?.required ? "Required" : "Optional"); + const browserStatus = run.browser_evidence?.present ? "已采集" : (run.browser_evidence?.required ? "必需待补" : "可选"); const artifactCount = (run.artifact_groups || []).reduce((sum, group) => sum + Number(group.count || 0), 0); const timelineContent = ` @@ -426,42 +601,42 @@ function renderDetail() {
${escapeHtml(item.step || "-")} - ${escapeHtml(item.at || "-")} + ${escapeHtml(formatDateTime(item.at || "-"))}
${escapeHtml(formatStatus(item.status || "unknown"))}
${escapeHtml(item.detail || "-")}
`) - .join("") || `
No timeline items recorded.
`} + .join("") || `
当前运行没有记录时间线。
`} `; const reasoningCards = [ { - label: "Summary", - copy: advisory.summary || "No advisory summary available." + label: "概要", + copy: advisory.summary || "当前漏洞条目没有摘要。" }, { - label: "Success Criteria", - copy: (profile.success_criteria || []).join(" | ") || "No success criteria defined." + label: "成功判据", + copy: (profile.success_criteria || []).join(" | ") || "当前 profile 没有定义成功判据。" }, { - label: "Seed / Attack Notes", - copy: (run.reasoning_lines || []).join("\n\n") || "No reasoning lines recorded." + label: "Seed / 攻击思路", + copy: (run.reasoning_lines || []).join("\n\n") || "当前运行没有记录思路说明。" }, { - label: "Allowed Targets", - copy: (profile.allowed_target_types || []).join(", ") || "No target scope declared." + label: "允许目标", + copy: (profile.allowed_target_types || []).join(", ") || "当前 profile 没有声明允许目标类型。" } ]; const reasoningContent = ` - ${run.blocked_reason ? `
Failure reason
${escapeHtml(run.blocked_reason)}
` : ""} + ${run.blocked_reason ? `
失败原因
${escapeHtml(run.blocked_reason)}
` : ""}
- vuln family ${escapeHtml(profile.vuln_family || "unknown")} - cleanup ${escapeHtml(profile.cleanup_policy || "-")} - destructive risk ${escapeHtml(profile.destructive_risk || "-")} - artifact ${escapeHtml(run.artifact_mode || "-")} + 漏洞家族 ${escapeHtml(profile.vuln_family || "未定义")} + 清理策略 ${escapeHtml(profile.cleanup_policy || "-")} + 破坏性风险 ${escapeHtml(profile.destructive_risk || "-")} + 制品模式 ${escapeHtml(run.artifact_mode || "-")}
${reasoningCards @@ -490,7 +665,7 @@ function renderDetail() { (item) => ` ` ) @@ -499,7 +674,7 @@ function renderDetail() { ` ) - .join("") || `
No artifact groups for this run.
`} + .join("") || `
当前运行没有可浏览的产物分组。
`} ${ screenshotItems.length @@ -524,27 +699,31 @@ function renderDetail() {
-
${escapeHtml(state.selectedArtifact?.label || "Select an artifact")}
-
${escapeHtml(state.selectedArtifact?.href || "Artifact preview will appear here.")}
+
${escapeHtml(state.selectedArtifact?.label || "选择一个产物")}
+
${escapeHtml(state.selectedArtifact?.href || "这里会显示 JSON、文本、HTML 报告、截图和其他日志的预览。")}
- ${icon("link")}Open artifact - + ${icon("link")}打开产物 +
- 
Select a report, log, screenshot, JSON or HTML artifact to preview it here.
+ 
选择报告、日志、截图、JSON 或 HTML 产物后,会在这里直接预览。
`; + const sourceLinks = [ + advisory.official_source_url + ? `${escapeHtml(advisory.official_source_url)}` + : `当前漏洞条目没有关联官方来源。`, + ...(advisory.secondary_source_urls || []).map((url) => `${escapeHtml(url)}`) + ].join(""); + const sourcesContent = `
${(advisory.aliases || []).map((alias) => `${escapeHtml(alias)}`).join("")} ${(advisory.secure_code_topics || []).map((topic) => `${escapeHtml(topic)}`).join("")}
-
- ${advisory.official_source_url ? `${escapeHtml(advisory.official_source_url)}` : `No official source linked.`} - ${(advisory.secondary_source_urls || []).map((url) => `${escapeHtml(url)}`).join("")} -
+
${sourceLinks}
`; const rawRunContent = `
${escapeHtml(JSON.stringify(run, null, 2))}
`; @@ -563,42 +742,43 @@ function renderDetail() {

${escapeHtml(advisory.title || run.advisory_id)}

-
${escapeHtml(advisory.summary || "No advisory summary available.")}
+
${escapeHtml(advisory.summary || "当前漏洞条目没有摘要。")}
- ${icon("report")}HTML report - ${icon("markdown")}Markdown - ${icon("json")}Run JSON + ${icon("report")}HTML 报告 + ${icon("markdown")}Markdown 报告 + ${icon("json")}运行 JSON
- Timeline Steps + 时间线步骤 ${escapeHtml(run.timeline?.length || 0)}
- Artifacts + Artifact 数 ${escapeHtml(artifactCount)}
- Browser Evidence + 浏览器证据 ${escapeHtml(browserStatus)}
- Finished + 完成时间 ${escapeHtml(timeAgo(run.finished_at))}
- ${renderPanel("timeline", "Progress Timeline", `${escapeHtml(run.timeline?.length || 0)} steps`, "timeline", timelineContent)} - ${renderPanel("reasoning", "Attack Plan & Reasoning", escapeHtml(profile.vuln_family || "unknown"), "reasoning", reasoningContent)} - ${renderPanel("evidence", "Evidence Explorer", `${escapeHtml(run.artifact_groups?.length || 0)} groups`, "evidence", evidenceContent)} - ${renderPanel("logs", "Live Log Viewer", state.selectedArtifact ? "active" : "idle", "logs", logContent)} - ${renderPanel("sources", "Sources & Fix Topics", `${escapeHtml((advisory.secondary_source_urls || []).length + (advisory.official_source_url ? 1 : 0))} links`, "sources", sourcesContent)} - ${renderPanel("run_json", "Run JSON", "raw", "json", rawRunContent)} - ${renderPanel("advisory_json", "Advisory JSON", "raw", "json", rawAdvisoryContent)} - ${renderPanel("profile_json", "Profile JSON", "raw", "json", rawProfileContent)} + ${renderPanel("timeline", "进度时间线", `${escapeHtml(run.timeline?.length || 0)} 步`, "timeline", timelineContent)} + ${renderPanel("reasoning", "攻击方案与推理", escapeHtml(profile.vuln_family || "未定义"), "reasoning", reasoningContent)} + ${renderPanel("evidence", "证据浏览器", `${escapeHtml(run.artifact_groups?.length || 0)} 组`, "evidence", evidenceContent)} + ${renderPanel("logs", "实时日志查看器", state.selectedArtifact ? "已选产物" : "等待选择", "logs", logContent)} + ${renderPanel("sources", "来源与修复主题", `${escapeHtml((advisory.secondary_source_urls || []).length + (advisory.official_source_url ? 1 : 0))} 条链接`, "sources", sourcesContent)} + ${renderArchitecturePanel()} + ${renderPanel("run_json", "运行 JSON", "原始数据", "json", rawRunContent)} + ${renderPanel("advisory_json", "漏洞条目 JSON", "原始数据", "json", rawAdvisoryContent)} + ${renderPanel("profile_json", "复现档案 JSON", "原始数据", "json", rawProfileContent)} `; bindPanelToggles(); @@ -663,15 +843,16 @@ function startRefreshLoop() { async function loadData(preserveSelection = true) { const previous = state.selectedRunId; - renderSyncState("loading", "Refreshing", new Date().toLocaleTimeString()); + renderSyncState("loading", "刷新中", `本地时间 ${new Date().toLocaleTimeString("zh-CN", { hour12: false })}`); try { - const [summary, runs, systems, advisories, profiles] = await Promise.all([ + const [summary, runs, systems, advisories, profiles, architecture] = await Promise.all([ fetchJson("./summary.json"), fetchJson("./runs.json"), fetchJson("./systems.json"), fetchJson("./advisories.json"), - fetchJson("./profiles.json") + fetchJson("./profiles.json"), + fetchJson("./architecture.json") ]); state.summary = summary; @@ -679,6 +860,7 @@ async function loadData(preserveSelection = true) { state.systems = systems; state.advisories = advisories; state.profiles = profiles; + state.architecture = architecture; hydrateFilters(); const hashRun = location.hash.startsWith("#run=") ? location.hash.replace("#run=", "") : null; @@ -690,11 +872,11 @@ async function loadData(preserveSelection = true) { } renderAll(); - renderSyncState("live", "Live", summary.generated_at || new Date().toISOString()); + renderSyncState("live", "实时同步", `最近生成 ${formatDateTime(summary.generated_at || new Date().toISOString())}`); } catch (error) { - $("runQueue").innerHTML = `
Dashboard load failed: ${escapeHtml(error.message)}
`; - $("detailWorkspace").innerHTML = `

Load failed

${escapeHtml(error.message)}

`; - renderSyncState("error", "Load Failed", error.message); + $("runQueue").innerHTML = `
工作台加载失败:${escapeHtml(error.message)}
`; + $("detailWorkspace").innerHTML = `

加载失败

${escapeHtml(error.message)}

`; + renderSyncState("error", "加载失败", error.message); } } diff --git a/08-threat-intel/generated/dashboard/assets/styles.css b/08-threat-intel/generated/dashboard/assets/styles.css index 4788a321..893eafb6 100644 --- a/08-threat-intel/generated/dashboard/assets/styles.css +++ b/08-threat-intel/generated/dashboard/assets/styles.css @@ -963,6 +963,171 @@ select { text-underline-offset: 3px; } +.architecture-tree { + display: grid; + gap: 14px; +} + +.architecture-callout { + border-color: rgba(77, 141, 255, 0.28); + background: rgba(77, 141, 255, 0.08); +} + +.arch-node, +.arch-leaf { + border: 1px solid rgba(148, 163, 184, 0.14); + border-radius: 16px; + background: rgba(255, 255, 255, 0.025); +} + +.arch-node + .arch-node, +.arch-leaf + .arch-node, +.arch-node + .arch-leaf, +.arch-leaf + .arch-leaf { + margin-top: 12px; +} + +.arch-node summary { + list-style: none; +} + +.arch-node summary::-webkit-details-marker { + display: none; +} + +.arch-summary { + display: flex; + justify-content: space-between; + gap: 14px; + padding: 15px 16px; + cursor: pointer; +} + +.arch-summary::after { + content: ""; + width: 9px; + height: 9px; + margin-top: 6px; + border-right: 2px solid rgba(255, 255, 255, 0.72); + border-bottom: 2px solid rgba(255, 255, 255, 0.72); + transform: rotate(45deg); + transition: transform 0.2s ease; +} + +.arch-node[open] > .arch-summary::after { + transform: rotate(225deg); +} + +.arch-summary-main { + display: grid; + gap: 6px; + min-width: 0; +} + +.arch-title { + font-size: 0.98rem; +} + +.arch-summary-copy { + color: var(--text-secondary); + line-height: 1.5; + font-size: 0.88rem; +} + +.arch-summary-meta { + display: flex; + flex-wrap: wrap; + justify-content: flex-end; + gap: 8px; +} + +.arch-body { + display: grid; + gap: 14px; + padding: 0 16px 16px; +} + +.arch-badges { + margin-top: -2px; +} + +.arch-stat-grid, +.arch-field-grid, +.arch-link-grid { + display: grid; + gap: 12px; +} + +.arch-stat-grid { + grid-template-columns: repeat(auto-fit, minmax(150px, 1fr)); +} + +.arch-stat, +.arch-field, +.arch-link-card { + border: 1px solid rgba(148, 163, 184, 0.14); + border-radius: 14px; + background: rgba(255, 255, 255, 0.03); +} + +.arch-stat, +.arch-field { + padding: 12px 14px; +} + +.arch-stat-label, +.arch-field-label, +.arch-link-label { + display: block; + color: var(--text-secondary); + text-transform: uppercase; + letter-spacing: 0.06em; + font-size: 0.72rem; +} + +.arch-stat-value { + display: block; + margin-top: 8px; + font-size: 1.1rem; +} + +.arch-field-value, +.arch-link-copy { + margin-top: 8px; + color: var(--text-primary); + line-height: 1.58; + white-space: pre-wrap; + word-break: break-word; + font-size: 0.9rem; +} + +.arch-link-grid { + grid-template-columns: repeat(auto-fit, minmax(220px, 1fr)); +} + +.arch-link-card { + display: block; + padding: 12px 14px; + transition: transform 0.18s ease, border-color 0.18s ease, background 0.18s ease; +} + +.arch-link-card:hover { + transform: translateY(-1px); + border-color: rgba(77, 141, 255, 0.42); + background: rgba(77, 141, 255, 0.08); +} + +.arch-children { + display: grid; + gap: 12px; + padding-left: 14px; + border-left: 1px solid rgba(148, 163, 184, 0.12); +} + +.arch-leaf { + padding: 14px 16px; +} + .json-card pre { margin: 0; max-height: 420px; @@ -1050,7 +1215,8 @@ select { .tag-row, .panel-meta, .viewer-toolbar, - .dashboard-footer { + .dashboard-footer, + .arch-summary { flex-direction: column; align-items: stretch; } diff --git a/08-threat-intel/generated/dashboard/docs/architecture-library.html b/08-threat-intel/generated/dashboard/docs/architecture-library.html new file mode 100644 index 00000000..e764219f --- /dev/null +++ b/08-threat-intel/generated/dashboard/docs/architecture-library.html @@ -0,0 +1,6030 @@ + + + + + + 当前架构库镜像 + + + +
+
+
+ 返回工作台 +
+

当前架构库镜像

+
工作台内置镜像页:当前架构库结构化数据镜像。
+ 
{
+  "generated_at": "2026-03-17T08:59:56+00:00",
+  "title": "当前架构库",
+  "summary": "工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。",
+  "sections": [
+    {
+      "title": "仓库定位与当前状态",
+      "summary": "授权攻防实验与研究知识库;仅适用于自有资产、本地靶场和明确授权目标。",
+      "open": true,
+      "badges": [
+        "LAB ONLY",
+        "AUTHORIZED TARGETS ONLY",
+        "非生产安全基线"
+      ],
+      "stats": [
+        {
+          "label": "纳管系统",
+          "value": "62"
+        },
+        {
+          "label": "历史全量系统",
+          "value": "18"
+        },
+        {
+          "label": "近两年全量系统",
+          "value": "44"
+        },
+        {
+          "label": "当前运行",
+          "value": "3"
+        },
+        {
+          "label": "当前漏洞条目",
+          "value": "89"
+        }
+      ],
+      "fields": [
+        {
+          "label": "仓库根目录",
+          "value": "/Users/x/websafe"
+        },
+        {
+          "label": "默认本地地址",
+          "value": "http://127.0.0.1:8734/"
+        },
+        {
+          "label": "自动刷新周期",
+          "value": "5 秒"
+        },
+        {
+          "label": "生成时间",
+          "value": "2026-03-17T08:59:56+00:00"
+        }
+      ],
+      "links": [
+        {
+          "label": "正式工作台",
+          "href": "./index.html",
+          "description": "本地化主 UI,默认入口。"
+        },
+        {
+          "label": "旧版工作台",
+          "href": "./legacy/index.html",
+          "description": "保留的 legacy 回退入口。"
+        },
+        {
+          "label": "项目功能文档",
+          "href": "./docs/project-features.html",
+          "description": "项目能力、目录结构与自动化链路总览。"
+        },
+        {
+          "label": "前端设计文档",
+          "href": "./docs/frontend-dashboard-design.html",
+          "description": "当前本地工作台的交互与视觉规范。"
+        }
+      ]
+    },
+    {
+      "title": "授权边界与目标模型",
+      "summary": "所有实验都绑定到本地、自建公网或明确授权目标,不面向无关第三方资产。",
+      "open": true,
+      "stats": [
+        {
+          "label": "允许目标类型",
+          "value": "3"
+        },
+        {
+          "label": "禁止类型",
+          "value": "1"
+        }
+      ],
+      "fields": [
+        {
+          "label": "允许目标",
+          "value": "lab-local\nlab-public\nauthorized-third-party"
+        },
+        {
+          "label": "禁止目标",
+          "value": "out-of-scope\n无归属证明目标\n公共知名站点\n泛互联网枚举"
+        },
+        {
+          "label": "全局原则",
+          "value": "任何公网验证前先确认资产归属或授权关系。\n优先只读探测、最小化回显验证和低频实验。\n涉及账户、令牌、敏感数据和业务写入时采用最小必要动作。\n不做泛互联网枚举,不对无关公共站点复用同类测试。"
+        }
+      ],
+      "links": [
+        {
+          "label": "授权模型镜像",
+          "href": "./docs/authorization-model.html",
+          "description": "目标分类、原则与记录要求。"
+        },
+        {
+          "label": "项目 README 镜像",
+          "href": "./docs/root-readme.html",
+          "description": "仓库定位、能力矩阵与自动化入口。"
+        }
+      ]
+    },
+    {
+      "title": "控制面与自动化入口",
+      "summary": "Intel 控制面负责情报入库;Lab 控制面负责本地部署、攻击验证、证据收集和看板生成。",
+      "open": true,
+      "items": [
+        {
+          "title": "情报控制面(Intel)",
+          "summary": "负责 source adapter、规范化、渲染、校验和 PR 流程。",
+          "open": false,
+          "fields": [
+            {
+              "label": "CLI 入口",
+              "value": "python3 /Users/x/websafe/scripts/intel/main.py"
+            },
+            {
+              "label": "主要命令",
+              "value": "render\nvalidate\nhotlane\ningest --since last-success\nreconcile\nbackfill --tier history-full --dry-run\nopen-pr --dry-run"
+            },
+            {
+              "label": "定时入口",
+              "value": "scripts/intel/run-hourly.sh\nscripts/intel/run-nightly.sh\nscripts/intel/run-weekly-reconcile.sh"
+            }
+          ]
+        },
+        {
+          "title": "实证控制面(Lab)",
+          "summary": "负责 catalog、compose、seed、baseline、attack、browser、evidence、render 和 queue。",
+          "open": false,
+          "fields": [
+            {
+              "label": "CLI 入口",
+              "value": "python3 /Users/x/websafe/scripts/lab/main.py"
+            },
+            {
+              "label": "主要命令",
+              "value": "catalog sync\nvalidate\nrun-case\nrun-system\nrun-batch\nrender-run\nserve-dashboard --port 8734\ncleanup\nretry-failures"
+            },
+            {
+              "label": "关键模块",
+              "value": "catalog/\nprovision/\ncompose/\nseed/\nbaseline/\nattack/\nbrowser/\nevidence/\nrender/\nqueue/"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "title": "数据层与本地地址",
+      "summary": "Registry、生成层、run bundle 与 docs 镜像共同构成工作台的本地数据面。",
+      "open": true,
+      "items": [
+        {
+          "title": "真值层",
+          "summary": "统一的 registry 与 repro/source 配置。",
+          "open": false,
+          "fields": [
+            {
+              "label": "漏洞条目 Registry",
+              "value": "08-threat-intel/registry/advisories/*.json"
+            },
+            {
+              "label": "系统 Registry",
+              "value": "08-threat-intel/registry/systems/*.json"
+            },
+            {
+              "label": "运行 Registry",
+              "value": "08-threat-intel/registry/runs/*.json"
+            },
+            {
+              "label": "source-map 真值",
+              "value": "08-threat-intel/source-map.yaml"
+            },
+            {
+              "label": "repro-map 真值",
+              "value": "08-threat-intel/repro-map.yaml"
+            }
+          ]
+        },
+        {
+          "title": "生成层与展示层",
+          "summary": "dashboard JSON、run report、docs 镜像与本地静态 UI。",
+          "open": false,
+          "links": [
+            {
+              "label": "正式工作台",
+              "href": "./index.html",
+              "description": "本地化主 UI,默认入口。"
+            },
+            {
+              "label": "旧版工作台",
+              "href": "./legacy/index.html",
+              "description": "保留的 legacy 回退入口。"
+            },
+            {
+              "label": "项目功能文档",
+              "href": "./docs/project-features.html",
+              "description": "项目能力、目录结构与自动化链路总览。"
+            },
+            {
+              "label": "前端设计文档",
+              "href": "./docs/frontend-dashboard-design.html",
+              "description": "当前本地工作台的交互与视觉规范。"
+            },
+            {
+              "label": "安全编码索引",
+              "href": "./docs/secure-code-index.html",
+              "description": "secure-code 修复库本地镜像。"
+            },
+            {
+              "label": "README 镜像",
+              "href": "./docs/root-readme.html",
+              "description": "仓库根 README 的本地镜像。"
+            },
+            {
+              "label": "授权模型",
+              "href": "./docs/authorization-model.html",
+              "description": "允许目标范围、全局原则与记录要求。"
+            },
+            {
+              "label": "source-map 真值",
+              "href": "./docs/source-map.html",
+              "description": "系统覆盖、来源和输出目录真值。"
+            },
+            {
+              "label": "repro-map 真值",
+              "href": "./docs/repro-map.html",
+              "description": "复现族路由、浏览器要求和日志策略。"
+            },
+            {
+              "label": "覆盖矩阵",
+              "href": "./docs/coverage-matrix.html",
+              "description": "自动生成覆盖摘要的本地镜像。"
+            },
+            {
+              "label": "设计来源清单",
+              "href": "./docs/design-source.html",
+              "description": "Lovart 模板本地 vendor manifest。"
+            },
+            {
+              "label": "架构库镜像",
+              "href": "./docs/architecture-library.html",
+              "description": "当前架构库的结构化镜像页。"
+            },
+            {
+              "label": "summary.json",
+              "href": "./summary.json",
+              "description": "全局摘要、状态分布和最近失败。"
+            },
+            {
+              "label": "runs.json",
+              "href": "./runs.json",
+              "description": "最近 run 的结构化详情。"
+            },
+            {
+              "label": "systems.json",
+              "href": "./systems.json",
+              "description": "系统级覆盖与浏览器证据摘要。"
+            },
+            {
+              "label": "advisories.json",
+              "href": "./advisories.json",
+              "description": "advisory 元数据与来源。"
+            },
+            {
+              "label": "profiles.json",
+              "href": "./profiles.json",
+              "description": "repro profile 元数据。"
+            },
+            {
+              "label": "architecture.json",
+              "href": "./architecture.json",
+              "description": "当前架构库结构化 JSON。"
+            }
+          ],
+          "fields": [
+            {
+              "label": "工作台根目录",
+              "value": "08-threat-intel/generated/dashboard/"
+            },
+            {
+              "label": "运行归档根目录",
+              "value": "06-case-studies/generated-runs/<run-id>/"
+            },
+            {
+              "label": "工作台入口",
+              "value": "/index.html"
+            },
+            {
+              "label": "旧版入口",
+              "value": "/legacy/index.html"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "title": "系统覆盖分组",
+      "summary": "基于 source-map 和 repro-map 生成的当前分组视图,可展开查看每个系统的来源、输出目录和复现默认值。",
+      "open": true,
+      "items": [
+        {
+          "title": "CMS / 内容平台",
+          "summary": "9 个系统 · 历史全量 3 · 近两年全量 6",
+          "open": false,
+          "stats": [
+            {
+              "label": "系统数",
+              "value": "9"
+            },
+            {
+              "label": "历史全量",
+              "value": "3"
+            },
+            {
+              "label": "近两年全量",
+              "value": "6"
+            }
+          ],
+          "items": [
+            {
+              "title": "Directus (directus)",
+              "summary": "近两年全量 · core, extension",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/directus"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "directus"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Directus GitHub Advisories\nOSV Directus"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Discourse (discourse)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/discourse"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "discourse"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Discourse Meta Security\nGitHub Discourse Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Drupal (drupal)",
+              "summary": "历史全量 · core, module",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 1",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/drupal"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nmodule"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\nfile-upload-validation\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "drupal:drupal"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "drupal\ndrupal core"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Drupal Security Advisories RSS\nNVD Drupal"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "Drupal Security Advisories Site"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Ghost (ghost)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/ghost"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "ghost"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Ghost GitHub Advisories\nNVD Ghost"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Joomla (joomla)",
+              "summary": "历史全量 · core, extension",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/joomla"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nfile-upload-validation\npath-traversal-guard\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "joomla:joomla!"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "joomla"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Joomla Security Centre\nNVD Joomla"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "MediaWiki (mediawiki)",
+              "summary": "近两年全量 · core, extension",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/mediawiki"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nauthz-server-side-recheck\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "mediawiki:mediawiki"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "mediawiki"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "MediaWiki Security Releases\nNVD MediaWiki"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Moodle (moodle)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/moodle"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "moodle:moodle"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "moodle"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Moodle Security News\nNVD Moodle"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Strapi (strapi)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/strapi"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "strapi"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Strapi GitHub Advisories\nOSV Strapi"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "WordPress (wordpress)",
+              "summary": "历史全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 3",
+                "研究源 1"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/cms/wordpress"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "plugin-extension-trust-policy\nxss-output-encoding\nfile-upload-validation\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "wordpress:wordpress"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "wordpress\nwp-admin\nwp-includes"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "WordPress Security News\nNVD WordPress"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "Wordfence Vulnerability Database\nPatchstack Database\nWPScan Vulnerability Database"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "PortSwigger Research"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            }
+          ]
+        },
+        {
+          "title": "Web 框架与运行时",
+          "summary": "29 个系统 · 历史全量 6 · 近两年全量 23",
+          "open": false,
+          "stats": [
+            {
+              "label": "系统数",
+              "value": "29"
+            },
+            {
+              "label": "历史全量",
+              "value": "6"
+            },
+            {
+              "label": "近两年全量",
+              "value": "23"
+            }
+          ],
+          "items": [
+            {
+              "title": "ASP.NET Core (aspnet-core)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 1",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/aspnet-core"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "microsoft:asp.net_core"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "asp.net core"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "NVD ASP.NET Core"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Angular (angular)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/angular"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\ntemplate-injection-guard\ncsp-trusted-types"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "angular"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Angular"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Astro (astro)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/astro"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ncsp-trusted-types"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "astro"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Astro"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "authz-bypass-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Django (django)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/django"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\npath-traversal-guard\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "djangoproject:django"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "django"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Django Security RSS\nOSV Django"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Echo (echo)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 1",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/echo"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "echo"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "OSV Echo"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Express (express)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/express"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nssrf-url-validation\nproxy-trust-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "express"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Express"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Fastify (fastify)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/fastify"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nssrf-url-validation\nxss-output-encoding"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "fastify"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Fastify"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Flask (flask)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/flask"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nssrf-url-validation\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "flask"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "OSV Flask\nGitHub Global Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Gin (gin)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 1",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/gin"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nxss-output-encoding"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "gin"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "OSV Gin"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Hapi (hapi)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/hapi"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "hapi"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Hapi"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Koa (koa)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/koa"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nssrf-url-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "koa"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Koa"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Laravel (laravel)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/laravel"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nauthz-server-side-recheck\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "laravel"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Laravel"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "NestJS (nestjs)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/nestjs"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage\nssrf-url-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "nestjs"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV NestJS"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "ssrf-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Next.js (nextjs)",
+              "summary": "历史全量 · core",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/nextjs"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nproxy-trust-boundary\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "next.js\nnext"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Next.js Advisories\nGitHub Global Advisories\nOSV Next.js"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-source\nsynthetic\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Node.js (nodejs)",
+              "summary": "历史全量 · core",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/nodejs"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "ssrf-url-validation\nrequest-smuggling-boundary\ndependency-upgrade-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "nodejs:node.js"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "nodejs\nnode.js"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Node.js Security Releases\nCISA KEV Node.js"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "ssrf-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-source\nsynthetic\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Nuxt (nuxt)",
+              "summary": "历史全量 · core",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/nuxt"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nproxy-trust-boundary\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "nuxt"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Nuxt Security\nGitHub Global Advisories\nOSV Nuxt"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-source\nsynthetic\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "React (react)",
+              "summary": "历史全量 · core",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/react"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\ndom-sink-hardening\ncsp-trusted-types"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "react\nreact-dom"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub React Advisories\nGitHub Global Advisories\nOSV React"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Ruby on Rails (rails)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/rails"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nfile-upload-validation\nauthz-server-side-recheck"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "rails"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Rails"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Spring Boot (spring-boot)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/spring-boot"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nauthz-server-side-recheck"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "spring boot"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Spring Security Advisories\nGitHub Global Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Spring Framework (spring-framework)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/spring-framework"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\npath-traversal-guard\ndeserialization-safety"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "vmware:spring_framework"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "spring framework"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Spring Security Advisories\nGitHub Global Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "deserialization-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Spring Security (spring-security)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/spring-security"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage\nproxy-trust-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "spring security"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Spring Security Advisories\nGitHub Global Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "SvelteKit (sveltekit)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/sveltekit"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "sveltekit\nsvelte"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV SvelteKit"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "session-token-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Symfony (symfony)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/symfony"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nauthz-server-side-recheck\npath-traversal-guard"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "symfony"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Symfony"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Undici (undici)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/undici"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "ssrf-url-validation\nproxy-trust-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "undici"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV Undici"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Vite (vite)",
+              "summary": "历史全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/vite"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "dependency-upgrade-policy\nfile-upload-validation\nproxy-trust-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "vite"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Vite Security\nGitHub Global Advisories\nOSV Vite"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-source\nsynthetic\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Vue (vue)",
+              "summary": "历史全量 · core",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/vue"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\ntemplate-injection-guard\ncsp-trusted-types"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "vue\nvue compiler"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Vue Security\nGitHub Global Advisories\nOSV Vue"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-source\nsynthetic\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Werkzeug (werkzeug)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/werkzeug"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nrequest-smuggling-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "werkzeug"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "OSV Werkzeug\nGitHub Global Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "esbuild (esbuild)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/esbuild"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "dependency-upgrade-policy\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "esbuild"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV esbuild"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "webpack (webpack)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/frameworks/webpack"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "dependency-upgrade-policy\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "webpack"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Global Advisories\nOSV webpack"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            }
+          ]
+        },
+        {
+          "title": "开源平台与后台系统",
+          "summary": "9 个系统 · 历史全量 0 · 近两年全量 9",
+          "open": false,
+          "stats": [
+            {
+              "label": "系统数",
+              "value": "9"
+            },
+            {
+              "label": "历史全量",
+              "value": "0"
+            },
+            {
+              "label": "近两年全量",
+              "value": "9"
+            }
+          ],
+          "items": [
+            {
+              "title": "Adminer (adminer)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 1",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/adminer"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nauthz-server-side-recheck"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "adminer:adminer"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "adminer"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "NVD Adminer"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "GitLab CE (gitlab-ce)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 1",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/gitlab-ce"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage\ndeserialization-safety"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "gitlab:gitlab"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "gitlab"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitLab Security Releases\nNVD GitLab"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "GitLab Advisory Database"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "deserialization-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Gitea (gitea)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/gitea"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage\nproxy-trust-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "gitea"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Gitea Advisories\nOSV Gitea"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Grafana (grafana)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/grafana"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nplugin-extension-trust-policy\nxss-output-encoding"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "grafana:grafana"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "grafana"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Grafana Security Advisories\nCISA KEV Grafana"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Jenkins (jenkins)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/jenkins"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "plugin-extension-trust-policy\nauthz-server-side-recheck\ndeserialization-safety"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "jenkins:jenkins"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "jenkins"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Jenkins Security Advisories\nNVD Jenkins"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "deserialization-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Kibana (kibana)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/kibana"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\nproxy-trust-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "elastic:kibana"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "kibana"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Elastic Security Announcements\nNVD Kibana"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Mattermost (mattermost)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/mattermost"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "mattermost:mattermost"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "mattermost"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Mattermost Security Updates\nNVD Mattermost"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Redmine (redmine)",
+              "summary": "近两年全量 · core, plugin",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/redmine"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nplugin"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nxss-output-encoding\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "redmine:redmine"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "redmine"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Redmine Security Advisories\nNVD Redmine"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "phpMyAdmin (phpmyadmin)",
+              "summary": "近两年全量 · core",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/platforms/phpmyadmin"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "xss-output-encoding\nauthz-server-side-recheck\npath-traversal-guard"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "phpmyadmin:phpmyadmin"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "phpmyadmin"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "phpMyAdmin Security Page\nNVD phpMyAdmin"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            }
+          ]
+        },
+        {
+          "title": "服务器与边界层",
+          "summary": "6 个系统 · 历史全量 3 · 近两年全量 3",
+          "open": false,
+          "stats": [
+            {
+              "label": "系统数",
+              "value": "6"
+            },
+            {
+              "label": "历史全量",
+              "value": "3"
+            },
+            {
+              "label": "近两年全量",
+              "value": "3"
+            }
+          ],
+          "items": [
+            {
+              "title": "Apache HTTP Server (apache-httpd)",
+              "summary": "历史全量 · server",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/servers/apache-httpd"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "server"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "request-smuggling-boundary\nproxy-trust-boundary\npath-traversal-guard"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "apache:http_server"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "apache http server\nhttpd"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Apache HTTPD Security\nCISA KEV Apache HTTPD\nNVD Apache HTTP Server"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Apache Tomcat (apache-tomcat)",
+              "summary": "历史全量 · server",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/servers/apache-tomcat"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "server"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "request-smuggling-boundary\nauthz-server-side-recheck\npath-traversal-guard"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "apache:tomcat"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "tomcat"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Apache Tomcat Security\nCISA KEV Tomcat\nNVD Tomcat"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "authz-bypass-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Caddy (caddy)",
+              "summary": "近两年全量 · server",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/servers/caddy"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "server"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nrequest-smuggling-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "caddy"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Caddy Advisories\nOSV Caddy"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "HAProxy (haproxy)",
+              "summary": "近两年全量 · server",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/servers/haproxy"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "server"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nrequest-smuggling-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "haproxy:haproxy"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "haproxy"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "HAProxy Security Advisories\nNVD HAProxy"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Nginx (nginx)",
+              "summary": "历史全量 · server",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 3",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/servers/nginx"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "server"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nrequest-smuggling-boundary\ncsp-trusted-types"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "f5:nginx\nnginx:nginx"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "nginx"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "NGINX Security Advisories\nNVD NGINX\nCISA KEV NGINX"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Traefik (traefik)",
+              "summary": "近两年全量 · server",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/servers/traefik"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "server"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "proxy-trust-boundary\nrequest-smuggling-boundary"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "traefik"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Traefik Advisories\nOSV Traefik"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "proxy-boundary-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "否"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "minimal-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            }
+          ]
+        },
+        {
+          "title": "电商系统",
+          "summary": "9 个系统 · 历史全量 6 · 近两年全量 3",
+          "open": false,
+          "stats": [
+            {
+              "label": "系统数",
+              "value": "9"
+            },
+            {
+              "label": "历史全量",
+              "value": "6"
+            },
+            {
+              "label": "近两年全量",
+              "value": "3"
+            }
+          ],
+          "items": [
+            {
+              "title": "Adobe Commerce (adobe-commerce)",
+              "summary": "历史全量 · core, extension",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 1",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/adobe-commerce"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nfile-upload-validation\nxss-output-encoding\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "adobe:commerce\nmagento:magento"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "magento\nadobe commerce"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Adobe Security Bulletins\nNVD Adobe Commerce"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "Sansec Research"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Magento Open Source (magento-open-source)",
+              "summary": "历史全量 · core, extension",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 1",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/magento-open-source"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nfile-upload-validation\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "magento:magento"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "magento"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Magento GitHub Advisories\nNVD Magento"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "Sansec Research"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Medusa (medusa)",
+              "summary": "近两年全量 · core, extension",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/medusa"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "medusa"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Medusa Advisories\nOSV Medusa"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "session-token-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "OpenCart (opencart)",
+              "summary": "历史全量 · core, extension",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/opencart"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nplugin-extension-trust-policy\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "opencart:opencart"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "opencart"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "OpenCart Releases\nNVD OpenCart"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "OpenMage / Mage-OS (openmage)",
+              "summary": "近两年全量 · core, extension",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/openmage"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nplugin-extension-trust-policy"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "openmage\nmage-os"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "OpenMage GitHub Advisories\nNVD OpenMage"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "plugin-extension-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "PrestaShop (prestashop)",
+              "summary": "历史全量 · core, module",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 1",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/prestashop"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nmodule"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "plugin-extension-trust-policy\nauthz-server-side-recheck\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "prestashop:prestashop"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "prestashop"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "PrestaShop Security Page\nGitHub PrestaShop Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "Friends Of Presta Security"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "official-image\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Saleor (saleor)",
+              "summary": "近两年全量 · core, extension",
+              "open": false,
+              "badges": [
+                "近两年全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/saleor"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\ntoken-cookie-storage"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "saleor"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "GitHub Saleor Advisories\nNVD Saleor"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "session-token-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "Shopware (shopware)",
+              "summary": "历史全量 · core, extension",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 0",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/shopware"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "authz-server-side-recheck\nplugin-extension-trust-policy\nfile-upload-validation"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "shopware"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Shopware Security Advisories\nNVD Shopware"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "-"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "file-upload-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            },
+            {
+              "title": "WooCommerce (woocommerce)",
+              "summary": "历史全量 · core, extension",
+              "open": false,
+              "badges": [
+                "历史全量",
+                "官方源 2",
+                "生态源 2",
+                "研究源 0"
+              ],
+              "fields": [
+                {
+                  "label": "输出目录",
+                  "value": "07-framework-security/ecommerce/woocommerce"
+                },
+                {
+                  "label": "Advisory 模式",
+                  "value": "core\nextension"
+                },
+                {
+                  "label": "Secure-Code 主题",
+                  "value": "plugin-extension-trust-policy\nxss-output-encoding\nauthz-server-side-recheck"
+                },
+                {
+                  "label": "CPE 关键字",
+                  "value": "-"
+                },
+                {
+                  "label": "GHSA 关键字",
+                  "value": "woocommerce"
+                }
+              ],
+              "items": [
+                {
+                  "title": "来源配置",
+                  "summary": "官方、生态权威与研究补充来源。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "官方来源",
+                      "value": "Woo Developer Advisories\nGitHub WooCommerce Advisories"
+                    },
+                    {
+                      "label": "生态来源",
+                      "value": "Patchstack Database\nWordfence Vulnerability Database"
+                    },
+                    {
+                      "label": "研究来源",
+                      "value": "-"
+                    }
+                  ]
+                },
+                {
+                  "title": "复现默认值",
+                  "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。",
+                  "open": false,
+                  "fields": [
+                    {
+                      "label": "默认漏洞家族",
+                      "value": "xss-generic"
+                    },
+                    {
+                      "label": "浏览器默认要求",
+                      "value": "是"
+                    },
+                    {
+                      "label": "优先制品模式",
+                      "value": "synthetic\nofficial-source\nsynthetic"
+                    },
+                    {
+                      "label": "种子策略",
+                      "value": "default-seed"
+                    },
+                    {
+                      "label": "日志采集器",
+                      "value": "docker-logs\nhttp-snapshot"
+                    },
+                    {
+                      "label": "报告模板",
+                      "value": "default-lab-report"
+                    }
+                  ]
+                }
+              ]
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "title": "Repro 路由概览",
+      "summary": "按默认漏洞家族聚合当前系统路由,帮助查看 family runner 覆盖面。",
+      "open": true,
+      "items": [
+        {
+          "title": "xss-generic",
+          "summary": "默认路由到该 family 的系统数:27",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "27"
+            }
+          ]
+        },
+        {
+          "title": "proxy-boundary-generic",
+          "summary": "默认路由到该 family 的系统数:16",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "16"
+            }
+          ]
+        },
+        {
+          "title": "file-upload-generic",
+          "summary": "默认路由到该 family 的系统数:8",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "8"
+            }
+          ]
+        },
+        {
+          "title": "deserialization-generic",
+          "summary": "默认路由到该 family 的系统数:3",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "3"
+            }
+          ]
+        },
+        {
+          "title": "session-token-generic",
+          "summary": "默认路由到该 family 的系统数:3",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "3"
+            }
+          ]
+        },
+        {
+          "title": "authz-bypass-generic",
+          "summary": "默认路由到该 family 的系统数:2",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "2"
+            }
+          ]
+        },
+        {
+          "title": "ssrf-generic",
+          "summary": "默认路由到该 family 的系统数:2",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "2"
+            }
+          ]
+        },
+        {
+          "title": "plugin-extension-generic",
+          "summary": "默认路由到该 family 的系统数:1",
+          "open": false,
+          "fields": [
+            {
+              "label": "系统数量",
+              "value": "1"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "title": "当前生成态与阻塞概览",
+      "summary": "当前 render 后的状态分布、失败摘要与最近可见阻塞。",
+      "open": true,
+      "stats": [
+        {
+          "label": "Run 数",
+          "value": "3"
+        },
+        {
+          "label": "Advisory 数",
+          "value": "89"
+        },
+        {
+          "label": "状态类型",
+          "value": "2"
+        },
+        {
+          "label": "最近失败",
+          "value": "3"
+        }
+      ],
+      "items": [
+        {
+          "title": "状态分布",
+          "summary": "verification_status 当前计数。",
+          "open": false,
+          "items": [
+            {
+              "title": "制品阻塞",
+              "summary": "当前累计 2 条。",
+              "open": false,
+              "fields": [
+                {
+                  "label": "状态编码",
+                  "value": "blocked-artifact"
+                },
+                {
+                  "label": "数量",
+                  "value": "2"
+                }
+              ]
+            },
+            {
+              "title": "人工分诊",
+              "summary": "当前累计 1 条。",
+              "open": false,
+              "fields": [
+                {
+                  "label": "状态编码",
+                  "value": "triage-manual"
+                },
+                {
+                  "label": "数量",
+                  "value": "1"
+                }
+              ]
+            }
+          ]
+        },
+        {
+          "title": "最近失败",
+          "summary": "当前 dashboard 摘要里可见的失败或人工分诊样本。",
+          "open": false,
+          "items": [
+            {
+              "title": "Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea",
+              "summary": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
+              "open": false,
+              "badges": [
+                "制品阻塞"
+              ],
+              "fields": [
+                {
+                  "label": "运行 ID",
+                  "value": "gitea-livecheck-20260316"
+                },
+                {
+                  "label": "漏洞条目",
+                  "value": "gitea--CVE-2025-68939"
+                },
+                {
+                  "label": "状态",
+                  "value": "制品阻塞"
+                },
+                {
+                  "label": "阻塞原因",
+                  "value": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?"
+                }
+              ]
+            },
+            {
+              "title": "Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea",
+              "summary": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?",
+              "open": false,
+              "badges": [
+                "制品阻塞"
+              ],
+              "fields": [
+                {
+                  "label": "运行 ID",
+                  "value": "gitea-gitea--CVE-2025-68939-20260317063330"
+                },
+                {
+                  "label": "漏洞条目",
+                  "value": "gitea--CVE-2025-68939"
+                },
+                {
+                  "label": "状态",
+                  "value": "制品阻塞"
+                },
+                {
+                  "label": "阻塞原因",
+                  "value": "unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running?"
+                }
+              ]
+            },
+            {
+              "title": "Authorization Bypass in Next.js Middleware",
+              "summary": "dry-run only",
+              "open": false,
+              "badges": [
+                "人工分诊"
+              ],
+              "fields": [
+                {
+                  "label": "运行 ID",
+                  "value": "nextjs-nextjs--CVE-2025-29927-20260317063047"
+                },
+                {
+                  "label": "漏洞条目",
+                  "value": "nextjs--CVE-2025-29927"
+                },
+                {
+                  "label": "状态",
+                  "value": "人工分诊"
+                },
+                {
+                  "label": "阻塞原因",
+                  "value": "dry-run only"
+                }
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}
+
+
+ + diff --git a/08-threat-intel/generated/dashboard/docs/authorization-model.html b/08-threat-intel/generated/dashboard/docs/authorization-model.html new file mode 100644 index 00000000..1861e538 --- /dev/null +++ b/08-threat-intel/generated/dashboard/docs/authorization-model.html @@ -0,0 +1,123 @@ + + + + + + 授权模型镜像 + + + +
+
+
+ 返回工作台 +
+

授权模型镜像

+
工作台内置镜像页:目标范围、授权模型、最小化验证建议和记录要求。
+ 
# 授权模型
+
+## 目标分类
+
+| 类型 | 定义 | 允许动作 |
+|------|------|----------|
+| `lab-local` | 本地集群、Docker 靶场、隔离内网实验节点 | 完整实验、漏洞复现、修复对照 |
+| `lab-public` | 你方自建且可公网访问的测试站点、服务器、设备 | 验证性探测、最小化注入、关联面分析 |
+| `authorized-third-party` | 已明确授权的外部验证目标 | 以授权边界为准的最小必要实验 |
+| `out-of-scope` | 无归属证明、无授权、公共知名站点、泛互联网目标 | 不允许使用本仓库内容发起验证 |
+
+## 全局原则
+
+1. 任何公网验证都必须先确认资产归属或授权关系。
+2. 优先采用只读探测、最小化回显验证和低频实验。
+3. 涉及账户、令牌、敏感数据和业务写入时,应选择最小必要动作并保留记录。
+4. 不做泛互联网枚举,不做对无关公共站点的同类操作复用。
+
+## 最小化验证建议
+
+- 注入类: 先做上下文识别,再做无害回显或布尔差异,不直接进入破坏性利用。
+- 认证类: 优先验证限速、锁定和失败处理,不以接管真实账户为目标。
+- 端口与关联面类: 先缩到单主机、单证书、单代理边界,再扩展分析。
+- 前端类: 优先验证敏感数据暴露和保护头缺失,不触碰真实用户数据。
+
+## 记录要求
+
+- 公网实验必须回填 [测试记录模板](/Users/x/websafe/09-scope-and-targeting/test-record-template.md)
+- 目标资产必须登记在 [资产清单模板](/Users/x/websafe/09-scope-and-targeting/asset-inventory-template.md)
+- 新工具和新案例应附带对应元数据模板
+
+
+
+ + diff --git a/08-threat-intel/generated/dashboard/docs/coverage-matrix.html b/08-threat-intel/generated/dashboard/docs/coverage-matrix.html new file mode 100644 index 00000000..ea65eb36 --- /dev/null +++ b/08-threat-intel/generated/dashboard/docs/coverage-matrix.html @@ -0,0 +1,159 @@ + + + + + + 覆盖矩阵镜像 + + + +
+
+
+ 返回工作台 +
+

覆盖矩阵镜像

+
工作台内置镜像页:当前覆盖矩阵生成结果。
+ 
# 覆盖矩阵
+
+| 系统 | 分类 | 覆盖策略 | 历史全量 | 近两年全量 | 全量 registry | 重点案例 Markdown | secure-code 关联 | 自动同步状态 | 本地实证状态 | 浏览器证据 | run bundle | triage | 最近更新 |
+|------|------|----------|----------|------------|--------------|--------------------|------------------|--------------|--------------|------------|-----------|--------|----------|
+| Adminer | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Adobe Commerce | `ecommerce` | `history-full` | `yes` | `yes` | `0` | `0` | `4` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Angular | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Apache HTTP Server | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Apache Tomcat | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| ASP.NET Core | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Astro | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Caddy | `servers` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Directus | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Discourse | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Django | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Drupal | `cms` | `history-full` | `yes` | `yes` | `0` | `0` | `4` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Echo | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| esbuild | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Express | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Fastify | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Flask | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Ghost | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Gin | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Gitea | `platforms` | `rolling-24m` | `-` | `yes` | `37` | `37` | `3` | `seeded` | `real:0/synthetic:0/blocked:1` | `0` | `1` | `0` | `2026-03-03T04:57:57.697708Z` |
+| GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Hapi | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| HAProxy | `servers` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Jenkins | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Joomla | `cms` | `history-full` | `yes` | `yes` | `0` | `0` | `4` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Kibana | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Koa | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Laravel | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Magento Open Source | `ecommerce` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Next.js | `frameworks` | `history-full` | `yes` | `yes` | `26` | `26` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `1` | `0` | `2026-03-13T22:14:13.665535Z` |
+| Nginx | `servers` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Node.js | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Nuxt | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| OpenCart | `ecommerce` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| OpenMage / Mage-OS | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| phpMyAdmin | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| PrestaShop | `ecommerce` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Ruby on Rails | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| React | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Redmine | `platforms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Saleor | `ecommerce` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Shopware | `ecommerce` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Spring Boot | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Spring Framework | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Spring Security | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Strapi | `cms` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `14` | `14` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-14T09:19:54.772219Z` |
+| Vite | `frameworks` | `history-full` | `yes` | `yes` | `12` | `12` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-04T04:37:24.129476Z` |
+| Vue | `frameworks` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| webpack | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| Werkzeug | `frameworks` | `rolling-24m` | `-` | `yes` | `0` | `0` | `2` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| WooCommerce | `ecommerce` | `history-full` | `yes` | `yes` | `0` | `0` | `3` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+| WordPress | `cms` | `history-full` | `yes` | `yes` | `0` | `0` | `4` | `scaffolded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
+
+
+
+ + diff --git a/08-threat-intel/generated/dashboard/docs/design-source.html b/08-threat-intel/generated/dashboard/docs/design-source.html index 8ca93e8f..0b2dc878 100644 --- a/08-threat-intel/generated/dashboard/docs/design-source.html +++ b/08-threat-intel/generated/dashboard/docs/design-source.html @@ -82,10 +82,10 @@
- Back to dashboard + 返回工作台

Lovart 设计来源与本地化清单

-
Local vendor manifest for the Lovart-derived dashboard shell.
+
工作台内置镜像页:Lovart 来源文件、本地 vendor 路径和本地化说明。
{
   "template_id": "lovart-authorized-lab-dashboard",
   "source_url": "https://assets-persist.lovart.ai/agent_images/464011bb-fbbc-4bd4-98f8-90897dd43612.html",
diff --git a/08-threat-intel/generated/dashboard/docs/frontend-dashboard-design.html b/08-threat-intel/generated/dashboard/docs/frontend-dashboard-design.html
index 24033056..8206d285 100644
--- a/08-threat-intel/generated/dashboard/docs/frontend-dashboard-design.html
+++ b/08-threat-intel/generated/dashboard/docs/frontend-dashboard-design.html
@@ -82,10 +82,10 @@
   

     

       

-        Back to dashboard
+        返回工作台
       

       
本地前端工作台设计文档

-      
Dashboard-local mirror of the UI and interaction specification.

+      
工作台内置镜像页:前端交互、展示结构和视觉规范。

       
# 本地前端工作台设计文档
 
 > `LAB ONLY` | `AUTHORIZED TARGETS ONLY`
@@ -134,7 +134,8 @@ flowchart LR
   D --> G["Evidence Explorer"]
   D --> H["Live Log Viewer"]
   D --> I["Sources & Fix Topics"]
-  D --> J["Raw JSON Panels"]
+  D --> J["当前架构库"]
+  D --> K["Raw JSON Panels"]
 ```
 
 ## 4. 页面布局
@@ -207,6 +208,11 @@ flowchart LR
   - secondary sources
   - aliases
   - secure code topics
+- 当前架构库
+  - 项目定位、授权边界、控制面、数据层、地址入口
+  - source-map / repro-map 派生的系统分组与默认复现策略
+  - 当前生成态、状态分布、最近失败
+  - 可折叠查看任意层级信息并打开本地镜像页 / JSON
 - Raw JSON
   - run JSON
   - advisory JSON
diff --git a/08-threat-intel/generated/dashboard/docs/project-features.html b/08-threat-intel/generated/dashboard/docs/project-features.html
index 2389af06..927b0ca4 100644
--- a/08-threat-intel/generated/dashboard/docs/project-features.html
+++ b/08-threat-intel/generated/dashboard/docs/project-features.html
@@ -82,10 +82,10 @@
   

     

       

-        Back to dashboard
+        返回工作台
       

       
项目功能与特性总览

-      
Dashboard-local mirror of the repo feature guide.

+      
工作台内置镜像页:仓库功能、目录和自动化链路说明。

       
# 项目功能与特性总览
 
 > `LAB ONLY` | `AUTHORIZED TARGETS ONLY`
@@ -151,7 +151,8 @@
   - 静态前端工作台
   - `/index.html` 为本地化 Lovart 正式 UI
   - `/legacy/index.html` 为旧版工作台回退入口
-  - `/docs/*.html` 为本地可访问的说明与设计镜像页
+  - `/docs/*.html` 为本地可访问的说明、真值配置与设计镜像页
+  - `architecture.json` 为当前架构库结构化真值
 - `07-framework-security/`
   - 系统级 README、INDEX、案例页,自动显示本地实证状态
 
@@ -244,6 +245,7 @@ python3 /Users/x/websafe/scripts/lab/main.py serve-dashboard --port 8734
 
 - 快速定位系统 / advisory / repro profile
 - 折叠与展开 timeline、evidence、sources、raw JSON
+- 折叠与展开“当前架构库”,查看控制面、数据层、地址入口、授权边界和系统分组
 - 直接查看 compose、JSON、日志、截图、报告
 - 高亮失败原因、当前 blocker、利用思路、成功判据
 - 自动刷新生成数据,适配正在进行中的本地 run
diff --git a/08-threat-intel/generated/dashboard/docs/repro-map.html b/08-threat-intel/generated/dashboard/docs/repro-map.html
new file mode 100644
index 00000000..66f0a0f4
--- /dev/null
+++ b/08-threat-intel/generated/dashboard/docs/repro-map.html
@@ -0,0 +1,838 @@
+
+
+
+  
+  
+  repro-map 真值镜像
+  
+
+
+  

+    

+      

+        返回工作台
+      

+      
repro-map 真值镜像

+      
工作台内置镜像页:默认漏洞家族、浏览器要求和日志策略真值。

+      
systems:
+- system_id: wordpress
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: drupal
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: joomla
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: ghost
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: strapi
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: directus
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: mediawiki
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: moodle
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: discourse
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: adobe-commerce
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: magento-open-source
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: openmage
+  default_repro_family: plugin-extension-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: woocommerce
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: prestashop
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: shopware
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: opencart
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: saleor
+  default_repro_family: session-token-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: medusa
+  default_repro_family: session-token-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: react
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: nextjs
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - official-source
+  - synthetic
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: vue
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - official-source
+  - synthetic
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: nuxt
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - official-source
+  - synthetic
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: vite
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - official-source
+  - synthetic
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: angular
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: sveltekit
+  default_repro_family: session-token-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: astro
+  default_repro_family: authz-bypass-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: express
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: nestjs
+  default_repro_family: ssrf-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: koa
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: fastify
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: hapi
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: nodejs
+  default_repro_family: ssrf-generic
+  provisioning_mode_preference:
+  - official-source
+  - synthetic
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: undici
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: webpack
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: esbuild
+  default_repro_family: file-upload-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: spring-framework
+  default_repro_family: deserialization-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: spring-security
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: spring-boot
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: laravel
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: symfony
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: django
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: flask
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: werkzeug
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: rails
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: aspnet-core
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: gin
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: echo
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: nginx
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: apache-httpd
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: apache-tomcat
+  default_repro_family: authz-bypass-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: caddy
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: traefik
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: haproxy
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: false
+  seed_strategy: minimal-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: phpmyadmin
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: adminer
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: gitea
+  default_repro_family: proxy-boundary-generic
+  provisioning_mode_preference:
+  - official-image
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: gitlab-ce
+  default_repro_family: deserialization-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: jenkins
+  default_repro_family: deserialization-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: grafana
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: kibana
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: mattermost
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+- system_id: redmine
+  default_repro_family: xss-generic
+  provisioning_mode_preference:
+  - synthetic
+  - official-source
+  - synthetic
+  browser_required_default: true
+  seed_strategy: default-seed
+  log_collectors:
+  - docker-logs
+  - http-snapshot
+  report_template: default-lab-report
+

+    

+  

+
+
diff --git a/08-threat-intel/generated/dashboard/docs/root-readme.html b/08-threat-intel/generated/dashboard/docs/root-readme.html
new file mode 100644
index 00000000..4c289908
--- /dev/null
+++ b/08-threat-intel/generated/dashboard/docs/root-readme.html
@@ -0,0 +1,212 @@
+
+
+
+  
+  
+  仓库 README 镜像
+  
+
+
+  

+    

+      

+        返回工作台
+      

+      
仓库 README 镜像

+      
工作台内置镜像页:仓库定位、能力矩阵、入口和自动化入口。

+      
# 授权攻防实验与研究知识库
+
+> `LAB ONLY` | `AUTHORIZED TARGETS ONLY` | `非生产安全基线`
+
+本仓库定位为“授权攻防实验库”,覆盖本地靶场、自建公网测试资产和已明确授权的验证目标。内容允许出现验证性攻击演示、测试性注入、同服务器站点排查、真实漏洞映射和自动化订阅,但所有语境都绑定到自有或授权目标,不面向无关第三方站点或公共知名网站。
+
+## 入口
+
+- [项目文档总览](/Users/x/websafe/docs/README.md)
+- [目标边界与授权模型](/Users/x/websafe/09-scope-and-targeting/authorization-model.md)
+- [主流开源 Web 系统安全总览](/Users/x/websafe/07-framework-security/README.md)
+- [漏洞情报与自动入库总览](/Users/x/websafe/08-threat-intel/README.md)
+- [覆盖矩阵](/Users/x/websafe/08-threat-intel/generated/coverage-matrix.md)
+- [最新同步摘要](/Users/x/websafe/08-threat-intel/generated/latest-ingest.md)
+- [唯一真值配置 `source-map.yaml`](/Users/x/websafe/08-threat-intel/source-map.yaml)
+
+## 仓库结构
+
+```text
+websafe/
+├── 00-environments/          # 系统 catalog、真实版本/当前版本 profile、synthetic 模板
+├── 01-sql-injection/         # SQL 注入实验
+├── 02-xss/                   # XSS 与浏览器端注入实验
+├── 03-authentication/        # 认证、会话与 JWT 实验
+├── 04-server-security/       # 服务器、TLS、暴露面与关联面实验
+├── 05-defense/               # 检测、观测、实验对照与代码修复示例
+├── 06-case-studies/          # 授权案例与 run bundle / 报告归档
+├── 07-framework-security/    # CMS、电商、框架、服务器、平台系统安全
+├── 08-threat-intel/          # source-map、repro-map、registry、dashboard、订阅规则、自动入库
+├── 09-scope-and-targeting/   # 授权模型、资产模板、测试记录模板
+├── docs/                     # 项目功能文档、前端设计文档与展示规范
+├── requirements-intel.txt    # intel + lab 自动化依赖(含 Playwright Python 包)
+├── scripts/intel/            # hotlane / ingest / reconcile / backfill / open-pr CLI
+└── scripts/lab/              # provision / baseline / attack / browser / evidence / render / queue CLI
+```
+
+## 能力矩阵
+
+| 覆盖域 | 历史全量策略 | 近两年策略 | 全量 registry | 重点案例 Markdown | secure-code 关联 | 本地实证状态 | 浏览器证据 | run bundle | 看板展示 | 自动同步状态 |
+|--------|--------------|------------|---------------|--------------------|------------------|--------------|------------|-----------|----------|--------------|
+| CMS / 内容平台 | `WordPress`, `Drupal`, `Joomla` | `Ghost`, `Strapi`, `Directus`, `MediaWiki`, `Moodle`, `Discourse` | `registry/advisories + registry/systems` | `core 全量 + 高价值 extension` | `yes` | `verified-real / verified-synthetic / blocked-* / triage-manual` | `前端类强制` | `06-case-studies/generated-runs` | `dashboard + report` | `render / ingest / hotlane / reconcile ready` |
+| 电商系统 | `Adobe Commerce`, `Magento Open Source`, `WooCommerce`, `PrestaShop`, `Shopware`, `OpenCart` | `OpenMage`, `Saleor`, `Medusa` | `registry/advisories + registry/systems` | `core 全量 + 高价值 module` | `yes` | `同上` | `前台/后台面板类强制` | `run bundle + logs` | `dashboard + report` | `render / ingest / hotlane / reconcile ready` |
+| Web 框架与运行时 | `React`, `Next.js`, `Vue`, `Nuxt`, `Vite`, `Node.js`, `Nginx`, `Apache HTTP Server`, `Apache Tomcat` | 其余主流框架与运行时按 `rolling-24m` | `registry/advisories + registry/systems` | `core 全量 + 高价值 package` | `yes` | `family runner + advisory profile` | `浏览器/HTTP 混合` | `run bundle + timeline` | `dashboard + report` | `render / ingest / hotlane / reconcile ready` |
+| 开源平台与后台系统 | `history-full` 不强制 | `phpMyAdmin`, `Adminer`, `Gitea`, `GitLab CE`, `Jenkins`, `Grafana`, `Kibana`, `Mattermost`, `Redmine` | `registry/advisories + registry/systems` | `高价值案例输出` | `yes` | `真实版本优先` | `Web 面板类强制` | `run bundle + screenshots` | `dashboard + report` | `render / ingest / hotlane / reconcile ready` |
+| 修复示例库 | 不适用 | 不适用 | 不适用 | 由案例页反向链接 | `javascript-typescript`, `nodejs`, `java`, `php`, `python`, `ruby`, `csharp`, `go` | `由案例反向映射` | `不适用` | `不适用` | `索引页` | `render ready` |
+| 自动化入库与实证 | `backfill --tier history-full` | `ingest --since`, `reconcile` | `registry + generated + registry/runs` | `基于 render_policy` | `front matter 反向链接` | `queue + run-case / run-batch` | `Playwright required for browser cases` | `report.md / report.html / timeline.mmd` | `serve-dashboard` | `open-pr / cron ready` |
+
+## 当前覆盖对象
+
+当前 `source-map.yaml` 已纳入 62 个主流开源 Web 系统,分为五组:
+
+- CMS / 内容平台:WordPress、Drupal、Joomla、Ghost、Strapi、Directus、MediaWiki、Moodle、Discourse
+- 电商系统:Adobe Commerce、Magento Open Source、OpenMage / Mage-OS、WooCommerce、PrestaShop、Shopware、OpenCart、Saleor、Medusa
+- Web 框架与运行时:React、Next.js、Vue、Nuxt、Vite、Angular、SvelteKit、Astro、Express、NestJS、Koa、Fastify、Hapi、Node.js、Undici、webpack、esbuild、Spring Framework、Spring Security、Spring Boot、Laravel、Symfony、Django、Flask、Werkzeug、Rails、ASP.NET Core、Gin、Echo
+- 服务器与边界层:Nginx、Apache HTTP Server、Apache Tomcat、Caddy、Traefik、HAProxy
+- 常见开源平台:phpMyAdmin、Adminer、Gitea、GitLab CE、Jenkins、Grafana、Kibana、Mattermost、Redmine
+
+## 自动化入口
+
+```bash
+python3 /Users/x/websafe/scripts/intel/main.py render
+python3 /Users/x/websafe/scripts/intel/main.py validate
+python3 /Users/x/websafe/scripts/intel/main.py hotlane
+python3 /Users/x/websafe/scripts/intel/main.py ingest --since last-success
+python3 /Users/x/websafe/scripts/intel/main.py reconcile
+python3 /Users/x/websafe/scripts/intel/main.py backfill --tier history-full --dry-run
+python3 /Users/x/websafe/scripts/intel/main.py open-pr --dry-run
+python3 /Users/x/websafe/scripts/lab/main.py catalog sync
+python3 /Users/x/websafe/scripts/lab/main.py validate
+python3 /Users/x/websafe/scripts/lab/main.py run-case --case nextjs--CVE-2025-29927 --dry-run
+python3 /Users/x/websafe/scripts/lab/main.py run-batch --only-hotlane --limit 10
+python3 /Users/x/websafe/scripts/lab/main.py serve-dashboard --port 8734
+```
+
+本地 dashboard 路由:
+
+- `/index.html`
+  - 默认正式 UI,使用本地化 Lovart 视觉壳层
+- `/legacy/index.html`
+  - 旧版工作台回退入口
+- `/docs/design-source.html`
+  - 设计来源与本地化说明
+- `/docs/architecture-library.html`
+  - 当前架构库结构化镜像页
+
+计划中的本机 cron 入口:
+
+- [run-hourly.sh](/Users/x/websafe/scripts/intel/run-hourly.sh) 处理 KEV / 在野利用 / 极高优先级更新,并触发 hotlane 实证队列
+- [run-nightly.sh](/Users/x/websafe/scripts/intel/run-nightly.sh) 处理常规增量同步、批量实证、dashboard 渲染和 PR
+- [run-weekly-reconcile.sh](/Users/x/websafe/scripts/intel/run-weekly-reconcile.sh) 对齐最近 30 天更新,并重跑失败/阻塞任务
+
+## 本地实证链路
+
+每条 advisory 的自动链路固定为:
+
+1. `registry/advisories/*.json` 选中 case。
+2. `repro-map.yaml + repro-profiles/` 解析到 repro family / advisory profile。
+3. `00-environments/catalog + profiles` 生成 compose 拓扑和靶站参数。
+4. `scripts/lab/main.py run-case` 拉起环境、收集 baseline、执行受控攻击链。
+5. 前端类 case 强制走 Playwright 浏览器回放,生成截图、DOM、console、network 证据。
+6. 生成 `06-case-studies/generated-runs/<run-id>/` 报告和 `08-threat-intel/registry/runs/<run-id>.json`。
+7. 自动回写 registry、系统 INDEX、案例页和 dashboard。
+
+## 实验边界
+
+- `05-defense/` 下的配置样例用于实验观测、对抗演示、修复映射和反例说明,不应被误当成生产安全基线。
+- `07-framework-security/` 下的系统页默认绑定 `lab-local`、`lab-public`、`authorized-third-party` 三类目标,并明确禁止未授权公网使用。
+- `08-threat-intel/registry/` 是“所有具体 advisory”的正式载体;并非所有记录都强制生成独立 Markdown 页面。
+- `08-threat-intel/generated/` 是人类可读摘要层,实际覆盖和路由以 `source-map.yaml` 与 `registry/` 为准。
+
+## 使用前提
+
+- 在运行任何工具前,先阅读 [授权模型](/Users/x/websafe/09-scope-and-targeting/authorization-model.md)。
+- 对公网目标执行验证性测试时,必须能证明资产归属,或已获得明确授权。
+- 优先采用只读探测、最小化注入、可回滚验证和可审计日志。
+
+## 免责声明
+
+本仓库仅用于授权安全测试、安全研究和教学实验。未经授权对第三方系统执行扫描、注入、爆破、绕过或枚举行为可能违法。
+

+    

+  

+
+
diff --git a/08-threat-intel/generated/dashboard/docs/secure-code-index.html b/08-threat-intel/generated/dashboard/docs/secure-code-index.html
index 1dbffe38..71377da6 100644
--- a/08-threat-intel/generated/dashboard/docs/secure-code-index.html
+++ b/08-threat-intel/generated/dashboard/docs/secure-code-index.html
@@ -82,10 +82,10 @@
   

     

       

-        Back to dashboard
+        返回工作台
       

       
安全编码修复库索引

-      
Dashboard-local mirror of the secure-code library index.

+      
工作台内置镜像页:secure-code 修复主题索引。

       
# 安全编码修复库
 
 > `LAB ONLY` | 修复主题用于把实验发现映射回代码整改,不代表默认生产基线。
diff --git a/08-threat-intel/generated/dashboard/docs/source-map.html b/08-threat-intel/generated/dashboard/docs/source-map.html
new file mode 100644
index 00000000..888c1f85
--- /dev/null
+++ b/08-threat-intel/generated/dashboard/docs/source-map.html
@@ -0,0 +1,2096 @@
+
+
+
+  
+  
+  source-map 真值镜像
+  
+
+
+  

+    

+      

+        返回工作台
+      

+      
source-map 真值镜像

+      
工作台内置镜像页:系统覆盖、来源、输出目录和 secure-code 主题真值。

+      
version: 1
+systems:
+  - system_id: wordpress
+    display_name: WordPress
+    category: cms
+    tier: history-full
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: WordPress Security News
+        kind: html-links
+        url: https://wordpress.org/news/category/security/
+        confidence: official
+        advisory_mode: core
+        keywords: [wordpress, security, release]
+        max_items: 40
+      - name: NVD WordPress
+        kind: nvd-search
+        keyword: WordPress
+        confidence: official
+        advisory_mode: core
+        results_per_page: 50
+    ecosystem_sources:
+      - name: Wordfence Vulnerability Database
+        kind: html-links
+        url: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/
+        confidence: ecosystem-authority
+        advisory_mode: plugin
+        keywords: [wordpress, plugin]
+        max_items: 50
+      - name: Patchstack Database
+        kind: html-links
+        url: https://patchstack.com/database/
+        confidence: ecosystem-authority
+        advisory_mode: plugin
+        keywords: [wordpress, plugin, theme]
+        max_items: 50
+      - name: WPScan Vulnerability Database
+        kind: html-links
+        url: https://wpscan.com/blog/
+        confidence: ecosystem-authority
+        advisory_mode: plugin
+        keywords: [wordpress, plugin, vulnerability]
+        max_items: 50
+    research_sources:
+      - name: PortSwigger Research
+        kind: html-links
+        url: https://portswigger.net/research
+        confidence: research
+        advisory_mode: core
+        keywords: [wordpress]
+        max_items: 20
+    package_names: []
+    cpe_keys: ["wordpress:wordpress"]
+    ghsa_keywords: [wordpress, wp-admin, wp-includes]
+    kev_keywords: [wordpress]
+    output_dir: 07-framework-security/cms/wordpress
+    secure_code_topics: [plugin-extension-trust-policy, xss-output-encoding, file-upload-validation, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: drupal
+    display_name: Drupal
+    category: cms
+    tier: history-full
+    advisory_modes: [core, module]
+    official_sources:
+      - name: Drupal Security Advisories RSS
+        kind: rss-feed
+        url: https://www.drupal.org/security/rss.xml
+        confidence: official
+        advisory_mode: core
+        keywords: [drupal, sa-core, security]
+        max_items: 60
+      - name: NVD Drupal
+        kind: nvd-search
+        keyword: Drupal
+        confidence: official
+        advisory_mode: core
+        results_per_page: 50
+    ecosystem_sources:
+      - name: Drupal Security Advisories Site
+        kind: html-links
+        url: https://www.drupal.org/security
+        confidence: ecosystem-authority
+        advisory_mode: module
+        keywords: [drupal, module, sa-contrib]
+        max_items: 50
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: drupal/core
+    cpe_keys: ["drupal:drupal"]
+    ghsa_keywords: [drupal, drupal core]
+    kev_keywords: [drupal]
+    output_dir: 07-framework-security/cms/drupal
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, file-upload-validation, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: joomla
+    display_name: Joomla
+    category: cms
+    tier: history-full
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: Joomla Security Centre
+        kind: html-links
+        url: https://developer.joomla.org/security-centre.html
+        confidence: official
+        advisory_mode: core
+        keywords: [joomla, security]
+        max_items: 50
+      - name: NVD Joomla
+        kind: nvd-search
+        keyword: Joomla
+        confidence: official
+        advisory_mode: core
+        results_per_page: 50
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["joomla:joomla!"]
+    ghsa_keywords: [joomla]
+    kev_keywords: [joomla]
+    output_dir: 07-framework-security/cms/joomla
+    secure_code_topics: [xss-output-encoding, file-upload-validation, path-traversal-guard, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: ghost
+    display_name: Ghost
+    category: cms
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: Ghost GitHub Advisories
+        kind: html-links
+        url: https://github.com/TryGhost/Ghost/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [ghost]
+        max_items: 50
+      - name: NVD Ghost
+        kind: nvd-search
+        keyword: Ghost CMS
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: ghost
+    cpe_keys: []
+    ghsa_keywords: [ghost]
+    kev_keywords: [ghost]
+    output_dir: 07-framework-security/cms/ghost
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: strapi
+    display_name: Strapi
+    category: cms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Strapi GitHub Advisories
+        kind: html-links
+        url: https://github.com/strapi/strapi/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [strapi]
+        max_items: 50
+      - name: OSV Strapi
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: strapi
+      - ecosystem: npm
+        name: "@strapi/strapi"
+    cpe_keys: []
+    ghsa_keywords: [strapi]
+    kev_keywords: [strapi]
+    output_dir: 07-framework-security/cms/strapi
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: directus
+    display_name: Directus
+    category: cms
+    tier: rolling-24m
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: Directus GitHub Advisories
+        kind: html-links
+        url: https://github.com/directus/directus/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [directus]
+        max_items: 50
+      - name: OSV Directus
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: directus
+    cpe_keys: []
+    ghsa_keywords: [directus]
+    kev_keywords: [directus]
+    output_dir: 07-framework-security/cms/directus
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: mediawiki
+    display_name: MediaWiki
+    category: cms
+    tier: rolling-24m
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: MediaWiki Security Releases
+        kind: html-links
+        url: https://www.mediawiki.org/wiki/Security
+        confidence: official
+        advisory_mode: core
+        keywords: [mediawiki, security]
+        max_items: 50
+      - name: NVD MediaWiki
+        kind: nvd-search
+        keyword: MediaWiki
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["mediawiki:mediawiki"]
+    ghsa_keywords: [mediawiki]
+    kev_keywords: [mediawiki]
+    output_dir: 07-framework-security/cms/mediawiki
+    secure_code_topics: [xss-output-encoding, authz-server-side-recheck, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: moodle
+    display_name: Moodle
+    category: cms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Moodle Security News
+        kind: html-links
+        url: https://moodle.org/security/
+        confidence: official
+        advisory_mode: core
+        keywords: [moodle, security]
+        max_items: 50
+      - name: NVD Moodle
+        kind: nvd-search
+        keyword: Moodle
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["moodle:moodle"]
+    ghsa_keywords: [moodle]
+    kev_keywords: [moodle]
+    output_dir: 07-framework-security/cms/moodle
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: discourse
+    display_name: Discourse
+    category: cms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Discourse Meta Security
+        kind: html-links
+        url: https://meta.discourse.org/c/bug/security/40
+        confidence: official
+        advisory_mode: core
+        keywords: [discourse, security]
+        max_items: 50
+      - name: GitHub Discourse Advisories
+        kind: html-links
+        url: https://github.com/discourse/discourse/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [discourse]
+        max_items: 50
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: rubygems
+        name: discourse
+    cpe_keys: []
+    ghsa_keywords: [discourse]
+    kev_keywords: [discourse]
+    output_dir: 07-framework-security/cms/discourse
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: adobe-commerce
+    display_name: Adobe Commerce
+    category: ecommerce
+    tier: history-full
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: Adobe Security Bulletins
+        kind: html-links
+        url: https://helpx.adobe.com/security/products/magento.html
+        confidence: official
+        advisory_mode: core
+        keywords: [adobe commerce, magento, apsb]
+        max_items: 60
+      - name: NVD Adobe Commerce
+        kind: nvd-search
+        keyword: Adobe Commerce
+        confidence: official
+        advisory_mode: core
+        results_per_page: 50
+    ecosystem_sources:
+      - name: Sansec Research
+        kind: html-links
+        url: https://sansec.io/research
+        confidence: ecosystem-authority
+        advisory_mode: extension
+        keywords: [magento, adobe commerce]
+        max_items: 50
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: magento/product-community-edition
+      - ecosystem: composer
+        name: magento/framework
+    cpe_keys: ["adobe:commerce", "magento:magento"]
+    ghsa_keywords: [magento, adobe commerce]
+    kev_keywords: [magento, adobe commerce]
+    output_dir: 07-framework-security/ecommerce/adobe-commerce
+    secure_code_topics: [authz-server-side-recheck, file-upload-validation, xss-output-encoding, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: magento-open-source
+    display_name: Magento Open Source
+    category: ecommerce
+    tier: history-full
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: Magento GitHub Advisories
+        kind: html-links
+        url: https://github.com/magento/magento2/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [magento]
+        max_items: 50
+      - name: NVD Magento
+        kind: nvd-search
+        keyword: Magento
+        confidence: official
+        advisory_mode: core
+        results_per_page: 50
+    ecosystem_sources:
+      - name: Sansec Research
+        kind: html-links
+        url: https://sansec.io/research
+        confidence: ecosystem-authority
+        advisory_mode: extension
+        keywords: [magento]
+        max_items: 50
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: magento/product-community-edition
+      - ecosystem: composer
+        name: magento/framework
+    cpe_keys: ["magento:magento"]
+    ghsa_keywords: [magento]
+    kev_keywords: [magento]
+    output_dir: 07-framework-security/ecommerce/magento-open-source
+    secure_code_topics: [authz-server-side-recheck, file-upload-validation, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: openmage
+    display_name: OpenMage / Mage-OS
+    category: ecommerce
+    tier: rolling-24m
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: OpenMage GitHub Advisories
+        kind: html-links
+        url: https://github.com/OpenMage/magento-lts/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [openmage, mage]
+        max_items: 50
+      - name: NVD OpenMage
+        kind: nvd-search
+        keyword: OpenMage
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: openmage/magento-lts
+    cpe_keys: []
+    ghsa_keywords: [openmage, mage-os]
+    kev_keywords: [openmage]
+    output_dir: 07-framework-security/ecommerce/openmage
+    secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: woocommerce
+    display_name: WooCommerce
+    category: ecommerce
+    tier: history-full
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: Woo Developer Advisories
+        kind: html-links
+        url: https://developer.woocommerce.com/
+        confidence: official
+        advisory_mode: core
+        keywords: [woocommerce, security]
+        max_items: 50
+      - name: GitHub WooCommerce Advisories
+        kind: html-links
+        url: https://github.com/woocommerce/woocommerce/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [woocommerce]
+        max_items: 50
+    ecosystem_sources:
+      - name: Patchstack Database
+        kind: html-links
+        url: https://patchstack.com/database/
+        confidence: ecosystem-authority
+        advisory_mode: extension
+        keywords: [woocommerce]
+        max_items: 50
+      - name: Wordfence Vulnerability Database
+        kind: html-links
+        url: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/
+        confidence: ecosystem-authority
+        advisory_mode: extension
+        keywords: [woocommerce]
+        max_items: 50
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: "@woocommerce/blocks"
+      - ecosystem: composer
+        name: woocommerce/woocommerce
+    cpe_keys: []
+    ghsa_keywords: [woocommerce]
+    kev_keywords: [woocommerce]
+    output_dir: 07-framework-security/ecommerce/woocommerce
+    secure_code_topics: [plugin-extension-trust-policy, xss-output-encoding, authz-server-side-recheck]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: prestashop
+    display_name: PrestaShop
+    category: ecommerce
+    tier: history-full
+    advisory_modes: [core, module]
+    official_sources:
+      - name: PrestaShop Security Page
+        kind: html-links
+        url: https://build.prestashop-project.org/news/
+        confidence: official
+        advisory_mode: core
+        keywords: [prestashop, security]
+        max_items: 50
+      - name: GitHub PrestaShop Advisories
+        kind: html-links
+        url: https://github.com/PrestaShop/PrestaShop/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [prestashop]
+        max_items: 50
+    ecosystem_sources:
+      - name: Friends Of Presta Security
+        kind: html-links
+        url: https://security.friendsofpresta.org/
+        confidence: ecosystem-authority
+        advisory_mode: module
+        keywords: [prestashop, module]
+        max_items: 50
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: prestashop/prestashop
+    cpe_keys: ["prestashop:prestashop"]
+    ghsa_keywords: [prestashop]
+    kev_keywords: [prestashop]
+    output_dir: 07-framework-security/ecommerce/prestashop
+    secure_code_topics: [plugin-extension-trust-policy, authz-server-side-recheck, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: shopware
+    display_name: Shopware
+    category: ecommerce
+    tier: history-full
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: Shopware Security Advisories
+        kind: html-links
+        url: https://github.com/shopware/shopware/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [shopware]
+        max_items: 50
+      - name: NVD Shopware
+        kind: nvd-search
+        keyword: Shopware
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: shopware/platform
+    cpe_keys: []
+    ghsa_keywords: [shopware]
+    kev_keywords: [shopware]
+    output_dir: 07-framework-security/ecommerce/shopware
+    secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: opencart
+    display_name: OpenCart
+    category: ecommerce
+    tier: history-full
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: OpenCart Releases
+        kind: html-links
+        url: https://github.com/opencart/opencart/releases
+        confidence: official
+        advisory_mode: core
+        keywords: [opencart]
+        max_items: 50
+      - name: NVD OpenCart
+        kind: nvd-search
+        keyword: OpenCart
+        confidence: official
+        advisory_mode: core
+        results_per_page: 50
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: composer
+        name: opencart/opencart
+    cpe_keys: ["opencart:opencart"]
+    ghsa_keywords: [opencart]
+    kev_keywords: [opencart]
+    output_dir: 07-framework-security/ecommerce/opencart
+    secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: saleor
+    display_name: Saleor
+    category: ecommerce
+    tier: rolling-24m
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: GitHub Saleor Advisories
+        kind: html-links
+        url: https://github.com/saleor/saleor/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [saleor]
+        max_items: 50
+      - name: NVD Saleor
+        kind: nvd-search
+        keyword: Saleor
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: pypi
+        name: saleor
+    cpe_keys: []
+    ghsa_keywords: [saleor]
+    kev_keywords: [saleor]
+    output_dir: 07-framework-security/ecommerce/saleor
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: medusa
+    display_name: Medusa
+    category: ecommerce
+    tier: rolling-24m
+    advisory_modes: [core, extension]
+    official_sources:
+      - name: GitHub Medusa Advisories
+        kind: html-links
+        url: https://github.com/medusajs/medusa/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [medusa]
+        max_items: 50
+      - name: OSV Medusa
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: "@medusajs/medusa"
+    cpe_keys: []
+    ghsa_keywords: [medusa]
+    kev_keywords: [medusa]
+    output_dir: 07-framework-security/ecommerce/medusa
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: react
+    display_name: React
+    category: frameworks
+    tier: history-full
+    advisory_modes: [core]
+    official_sources:
+      - name: GitHub React Advisories
+        kind: html-links
+        url: https://github.com/facebook/react/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [react]
+        max_items: 50
+      - name: GHSA React
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV React
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: react
+      - ecosystem: npm
+        name: react-dom
+    cpe_keys: []
+    ghsa_keywords: [react, react-dom]
+    kev_keywords: [react]
+    output_dir: 07-framework-security/frameworks/react
+    secure_code_topics: [xss-output-encoding, dom-sink-hardening, csp-trusted-types]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: nextjs
+    display_name: Next.js
+    category: frameworks
+    tier: history-full
+    advisory_modes: [core]
+    official_sources:
+      - name: GitHub Next.js Advisories
+        kind: html-links
+        url: https://github.com/vercel/next.js/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [next.js, next]
+        max_items: 50
+      - name: GHSA Next.js
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Next.js
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: next
+    cpe_keys: []
+    ghsa_keywords: [next.js, next]
+    kev_keywords: [next]
+    output_dir: 07-framework-security/frameworks/nextjs
+    secure_code_topics: [authz-server-side-recheck, proxy-trust-boundary, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: vue
+    display_name: Vue
+    category: frameworks
+    tier: history-full
+    advisory_modes: [core]
+    official_sources:
+      - name: Vue Security
+        kind: html-links
+        url: https://github.com/vuejs/core/security
+        confidence: official
+        advisory_mode: core
+        keywords: [vue]
+        max_items: 50
+      - name: GHSA Vue
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Vue
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: vue
+      - ecosystem: npm
+        name: "@vue/compiler-sfc"
+    cpe_keys: []
+    ghsa_keywords: [vue, vue compiler]
+    kev_keywords: [vue]
+    output_dir: 07-framework-security/frameworks/vue
+    secure_code_topics: [xss-output-encoding, template-injection-guard, csp-trusted-types]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: nuxt
+    display_name: Nuxt
+    category: frameworks
+    tier: history-full
+    advisory_modes: [core]
+    official_sources:
+      - name: Nuxt Security
+        kind: html-links
+        url: https://github.com/nuxt/nuxt/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [nuxt]
+        max_items: 50
+      - name: GHSA Nuxt
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Nuxt
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: nuxt
+    cpe_keys: []
+    ghsa_keywords: [nuxt]
+    kev_keywords: [nuxt]
+    output_dir: 07-framework-security/frameworks/nuxt
+    secure_code_topics: [authz-server-side-recheck, proxy-trust-boundary, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: vite
+    display_name: Vite
+    category: frameworks
+    tier: history-full
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Vite Security
+        kind: html-links
+        url: https://github.com/vitejs/vite/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [vite]
+        max_items: 50
+      - name: GHSA Vite
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Vite
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: vite
+    cpe_keys: []
+    ghsa_keywords: [vite]
+    kev_keywords: [vite]
+    output_dir: 07-framework-security/frameworks/vite
+    secure_code_topics: [dependency-upgrade-policy, file-upload-validation, proxy-trust-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: angular
+    display_name: Angular
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Angular
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Angular
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: "@angular/core"
+      - ecosystem: npm
+        name: "@angular/compiler"
+    cpe_keys: []
+    ghsa_keywords: [angular]
+    kev_keywords: [angular]
+    output_dir: 07-framework-security/frameworks/angular
+    secure_code_topics: [xss-output-encoding, template-injection-guard, csp-trusted-types]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: sveltekit
+    display_name: SvelteKit
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA SvelteKit
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV SvelteKit
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: "@sveltejs/kit"
+    cpe_keys: []
+    ghsa_keywords: [sveltekit, svelte]
+    kev_keywords: [sveltekit]
+    output_dir: 07-framework-security/frameworks/sveltekit
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: astro
+    display_name: Astro
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Astro
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Astro
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: astro
+    cpe_keys: []
+    ghsa_keywords: [astro]
+    kev_keywords: [astro]
+    output_dir: 07-framework-security/frameworks/astro
+    secure_code_topics: [authz-server-side-recheck, csp-trusted-types]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: express
+    display_name: Express
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Express
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Express
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: express
+    cpe_keys: []
+    ghsa_keywords: [express]
+    kev_keywords: [express]
+    output_dir: 07-framework-security/frameworks/express
+    secure_code_topics: [xss-output-encoding, ssrf-url-validation, proxy-trust-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: nestjs
+    display_name: NestJS
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA NestJS
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV NestJS
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: "@nestjs/core"
+    cpe_keys: []
+    ghsa_keywords: [nestjs]
+    kev_keywords: [nestjs]
+    output_dir: 07-framework-security/frameworks/nestjs
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage, ssrf-url-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: koa
+    display_name: Koa
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Koa
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Koa
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: koa
+    cpe_keys: []
+    ghsa_keywords: [koa]
+    kev_keywords: [koa]
+    output_dir: 07-framework-security/frameworks/koa
+    secure_code_topics: [proxy-trust-boundary, ssrf-url-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: fastify
+    display_name: Fastify
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Fastify
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Fastify
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: fastify
+    cpe_keys: []
+    ghsa_keywords: [fastify]
+    kev_keywords: [fastify]
+    output_dir: 07-framework-security/frameworks/fastify
+    secure_code_topics: [proxy-trust-boundary, ssrf-url-validation, xss-output-encoding]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: hapi
+    display_name: Hapi
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Hapi
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Hapi
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: "@hapi/hapi"
+    cpe_keys: []
+    ghsa_keywords: [hapi]
+    kev_keywords: [hapi]
+    output_dir: 07-framework-security/frameworks/hapi
+    secure_code_topics: [proxy-trust-boundary, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: nodejs
+    display_name: Node.js
+    category: frameworks
+    tier: history-full
+    advisory_modes: [core]
+    official_sources:
+      - name: Node.js Security Releases
+        kind: html-links
+        url: https://nodejs.org/en/blog/vulnerability
+        confidence: official
+        advisory_mode: core
+        keywords: [node.js, security]
+        max_items: 60
+      - name: CISA KEV Node.js
+        kind: kev-json
+        url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+        confidence: official
+        advisory_mode: core
+        keywords: [node.js, nodejs]
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["nodejs:node.js"]
+    ghsa_keywords: [nodejs, node.js]
+    kev_keywords: [nodejs, node.js]
+    output_dir: 07-framework-security/frameworks/nodejs
+    secure_code_topics: [ssrf-url-validation, request-smuggling-boundary, dependency-upgrade-policy]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: undici
+    display_name: Undici
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Undici
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Undici
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: undici
+    cpe_keys: []
+    ghsa_keywords: [undici]
+    kev_keywords: [undici]
+    output_dir: 07-framework-security/frameworks/undici
+    secure_code_topics: [ssrf-url-validation, proxy-trust-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: webpack
+    display_name: webpack
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: GHSA webpack
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV webpack
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: webpack
+    cpe_keys: []
+    ghsa_keywords: [webpack]
+    kev_keywords: [webpack]
+    output_dir: 07-framework-security/frameworks/webpack
+    secure_code_topics: [dependency-upgrade-policy, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: esbuild
+    display_name: esbuild
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA esbuild
+        kind: ghsa-global
+        ecosystem: npm
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV esbuild
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: npm
+        name: esbuild
+    cpe_keys: []
+    ghsa_keywords: [esbuild]
+    kev_keywords: [esbuild]
+    output_dir: 07-framework-security/frameworks/esbuild
+    secure_code_topics: [dependency-upgrade-policy, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: spring-framework
+    display_name: Spring Framework
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: Spring Security Advisories
+        kind: html-links
+        url: https://spring.io/security
+        confidence: official
+        advisory_mode: core
+        keywords: [spring framework, cve]
+        max_items: 50
+      - name: GHSA Spring Framework
+        kind: ghsa-global
+        ecosystem: maven
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Maven
+        name: org.springframework:spring-web
+      - ecosystem: Maven
+        name: org.springframework:spring-core
+    cpe_keys: ["vmware:spring_framework"]
+    ghsa_keywords: [spring framework]
+    kev_keywords: [spring]
+    output_dir: 07-framework-security/frameworks/spring-framework
+    secure_code_topics: [authz-server-side-recheck, path-traversal-guard, deserialization-safety]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: spring-security
+    display_name: Spring Security
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: Spring Security Advisories
+        kind: html-links
+        url: https://spring.io/security
+        confidence: official
+        advisory_mode: core
+        keywords: [spring security]
+        max_items: 50
+      - name: GHSA Spring Security
+        kind: ghsa-global
+        ecosystem: maven
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Maven
+        name: org.springframework.security:spring-security-web
+    cpe_keys: []
+    ghsa_keywords: [spring security]
+    kev_keywords: [spring security]
+    output_dir: 07-framework-security/frameworks/spring-security
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage, proxy-trust-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: spring-boot
+    display_name: Spring Boot
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: Spring Security Advisories
+        kind: html-links
+        url: https://spring.io/security
+        confidence: official
+        advisory_mode: core
+        keywords: [spring boot]
+        max_items: 50
+      - name: GHSA Spring Boot
+        kind: ghsa-global
+        ecosystem: maven
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Maven
+        name: org.springframework.boot:spring-boot
+    cpe_keys: []
+    ghsa_keywords: [spring boot]
+    kev_keywords: [spring boot]
+    output_dir: 07-framework-security/frameworks/spring-boot
+    secure_code_topics: [proxy-trust-boundary, authz-server-side-recheck]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: laravel
+    display_name: Laravel
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Laravel
+        kind: ghsa-global
+        ecosystem: composer
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Laravel
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Packagist
+        name: laravel/framework
+    cpe_keys: []
+    ghsa_keywords: [laravel]
+    kev_keywords: [laravel]
+    output_dir: 07-framework-security/frameworks/laravel
+    secure_code_topics: [xss-output-encoding, authz-server-side-recheck, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: symfony
+    display_name: Symfony
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Symfony
+        kind: ghsa-global
+        ecosystem: composer
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Symfony
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Packagist
+        name: symfony/symfony
+      - ecosystem: Packagist
+        name: symfony/http-kernel
+    cpe_keys: []
+    ghsa_keywords: [symfony]
+    kev_keywords: [symfony]
+    output_dir: 07-framework-security/frameworks/symfony
+    secure_code_topics: [xss-output-encoding, authz-server-side-recheck, path-traversal-guard]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: django
+    display_name: Django
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: Django Security RSS
+        kind: rss-feed
+        url: https://www.djangoproject.com/weblog/feeds/tags/security/
+        confidence: official
+        advisory_mode: core
+        keywords: [django]
+        max_items: 60
+      - name: OSV Django
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: PyPI
+        name: django
+    cpe_keys: ["djangoproject:django"]
+    ghsa_keywords: [django]
+    kev_keywords: [django]
+    output_dir: 07-framework-security/frameworks/django
+    secure_code_topics: [xss-output-encoding, path-traversal-guard, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: flask
+    display_name: Flask
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: OSV Flask
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+      - name: GHSA Flask
+        kind: ghsa-global
+        ecosystem: pip
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: PyPI
+        name: flask
+    cpe_keys: []
+    ghsa_keywords: [flask]
+    kev_keywords: [flask]
+    output_dir: 07-framework-security/frameworks/flask
+    secure_code_topics: [xss-output-encoding, ssrf-url-validation, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: werkzeug
+    display_name: Werkzeug
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: OSV Werkzeug
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+      - name: GHSA Werkzeug
+        kind: ghsa-global
+        ecosystem: pip
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: PyPI
+        name: werkzeug
+    cpe_keys: []
+    ghsa_keywords: [werkzeug]
+    kev_keywords: [werkzeug]
+    output_dir: 07-framework-security/frameworks/werkzeug
+    secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: rails
+    display_name: Ruby on Rails
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GHSA Rails
+        kind: ghsa-global
+        ecosystem: rubygems
+        name: GitHub Global Advisories
+        confidence: official
+        advisory_mode: core
+      - name: OSV Rails
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: RubyGems
+        name: rails
+    cpe_keys: []
+    ghsa_keywords: [rails]
+    kev_keywords: [rails]
+    output_dir: 07-framework-security/frameworks/rails
+    secure_code_topics: [xss-output-encoding, file-upload-validation, authz-server-side-recheck]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: aspnet-core
+    display_name: ASP.NET Core
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: NVD ASP.NET Core
+        kind: nvd-search
+        keyword: ASP.NET Core
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["microsoft:asp.net_core"]
+    ghsa_keywords: [asp.net core]
+    kev_keywords: [asp.net core]
+    output_dir: 07-framework-security/frameworks/aspnet-core
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, file-upload-validation]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: gin
+    display_name: Gin
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: OSV Gin
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Go
+        name: github.com/gin-gonic/gin
+    cpe_keys: []
+    ghsa_keywords: [gin]
+    kev_keywords: [gin]
+    output_dir: 07-framework-security/frameworks/gin
+    secure_code_topics: [proxy-trust-boundary, xss-output-encoding]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: echo
+    display_name: Echo
+    category: frameworks
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: OSV Echo
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Go
+        name: github.com/labstack/echo/v4
+    cpe_keys: []
+    ghsa_keywords: [echo]
+    kev_keywords: [echo]
+    output_dir: 07-framework-security/frameworks/echo
+    secure_code_topics: [proxy-trust-boundary, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: nginx
+    display_name: Nginx
+    category: servers
+    tier: history-full
+    advisory_modes: [server]
+    official_sources:
+      - name: NGINX Security Advisories
+        kind: html-links
+        url: https://nginx.org/en/security_advisories.html
+        confidence: official
+        advisory_mode: server
+        keywords: [nginx, security]
+        max_items: 60
+      - name: NVD NGINX
+        kind: nvd-search
+        keyword: NGINX
+        confidence: official
+        advisory_mode: server
+        results_per_page: 50
+      - name: CISA KEV NGINX
+        kind: kev-json
+        url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+        confidence: official
+        advisory_mode: server
+        keywords: [nginx]
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["f5:nginx", "nginx:nginx"]
+    ghsa_keywords: [nginx]
+    kev_keywords: [nginx]
+    output_dir: 07-framework-security/servers/nginx
+    secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary, csp-trusted-types]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: apache-httpd
+    display_name: Apache HTTP Server
+    category: servers
+    tier: history-full
+    advisory_modes: [server]
+    official_sources:
+      - name: Apache HTTPD Security
+        kind: html-links
+        url: https://httpd.apache.org/security/vulnerabilities_24.html
+        confidence: official
+        advisory_mode: server
+        keywords: [apache, http server, cve]
+        max_items: 80
+      - name: CISA KEV Apache HTTPD
+        kind: kev-json
+        url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+        confidence: official
+        advisory_mode: server
+        keywords: [apache http server]
+      - name: NVD Apache HTTP Server
+        kind: nvd-search
+        keyword: Apache HTTP Server
+        confidence: official
+        advisory_mode: server
+        results_per_page: 50
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["apache:http_server"]
+    ghsa_keywords: [apache http server, httpd]
+    kev_keywords: [apache http server, httpd]
+    output_dir: 07-framework-security/servers/apache-httpd
+    secure_code_topics: [request-smuggling-boundary, proxy-trust-boundary, path-traversal-guard]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: apache-tomcat
+    display_name: Apache Tomcat
+    category: servers
+    tier: history-full
+    advisory_modes: [server]
+    official_sources:
+      - name: Apache Tomcat Security
+        kind: html-links
+        url: https://tomcat.apache.org/security-10.html
+        confidence: official
+        advisory_mode: server
+        keywords: [tomcat, cve]
+        max_items: 80
+      - name: CISA KEV Tomcat
+        kind: kev-json
+        url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+        confidence: official
+        advisory_mode: server
+        keywords: [tomcat]
+      - name: NVD Tomcat
+        kind: nvd-search
+        keyword: Apache Tomcat
+        confidence: official
+        advisory_mode: server
+        results_per_page: 50
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["apache:tomcat"]
+    ghsa_keywords: [tomcat]
+    kev_keywords: [tomcat]
+    output_dir: 07-framework-security/servers/apache-tomcat
+    secure_code_topics: [request-smuggling-boundary, authz-server-side-recheck, path-traversal-guard]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: caddy
+    display_name: Caddy
+    category: servers
+    tier: rolling-24m
+    advisory_modes: [server]
+    official_sources:
+      - name: GitHub Caddy Advisories
+        kind: html-links
+        url: https://github.com/caddyserver/caddy/security/advisories
+        confidence: official
+        advisory_mode: server
+        keywords: [caddy]
+        max_items: 50
+      - name: OSV Caddy
+        kind: osv-batch
+        confidence: official
+        advisory_mode: server
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Go
+        name: github.com/caddyserver/caddy/v2
+    cpe_keys: []
+    ghsa_keywords: [caddy]
+    kev_keywords: [caddy]
+    output_dir: 07-framework-security/servers/caddy
+    secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: traefik
+    display_name: Traefik
+    category: servers
+    tier: rolling-24m
+    advisory_modes: [server]
+    official_sources:
+      - name: GitHub Traefik Advisories
+        kind: html-links
+        url: https://github.com/traefik/traefik/security/advisories
+        confidence: official
+        advisory_mode: server
+        keywords: [traefik]
+        max_items: 50
+      - name: OSV Traefik
+        kind: osv-batch
+        confidence: official
+        advisory_mode: server
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Go
+        name: github.com/traefik/traefik/v3
+    cpe_keys: []
+    ghsa_keywords: [traefik]
+    kev_keywords: [traefik]
+    output_dir: 07-framework-security/servers/traefik
+    secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: haproxy
+    display_name: HAProxy
+    category: servers
+    tier: rolling-24m
+    advisory_modes: [server]
+    official_sources:
+      - name: HAProxy Security Advisories
+        kind: html-links
+        url: https://www.haproxy.org/security/
+        confidence: official
+        advisory_mode: server
+        keywords: [haproxy, security]
+        max_items: 50
+      - name: NVD HAProxy
+        kind: nvd-search
+        keyword: HAProxy
+        confidence: official
+        advisory_mode: server
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["haproxy:haproxy"]
+    ghsa_keywords: [haproxy]
+    kev_keywords: [haproxy]
+    output_dir: 07-framework-security/servers/haproxy
+    secure_code_topics: [proxy-trust-boundary, request-smuggling-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: phpmyadmin
+    display_name: phpMyAdmin
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: phpMyAdmin Security Page
+        kind: html-links
+        url: https://www.phpmyadmin.net/security/
+        confidence: official
+        advisory_mode: core
+        keywords: [phpmyadmin]
+        max_items: 50
+      - name: NVD phpMyAdmin
+        kind: nvd-search
+        keyword: phpMyAdmin
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Packagist
+        name: phpmyadmin/phpmyadmin
+    cpe_keys: ["phpmyadmin:phpmyadmin"]
+    ghsa_keywords: [phpmyadmin]
+    kev_keywords: [phpmyadmin]
+    output_dir: 07-framework-security/platforms/phpmyadmin
+    secure_code_topics: [xss-output-encoding, authz-server-side-recheck, path-traversal-guard]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: adminer
+    display_name: Adminer
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: NVD Adminer
+        kind: nvd-search
+        keyword: Adminer
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["adminer:adminer"]
+    ghsa_keywords: [adminer]
+    kev_keywords: [adminer]
+    output_dir: 07-framework-security/platforms/adminer
+    secure_code_topics: [xss-output-encoding, authz-server-side-recheck]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: gitea
+    display_name: Gitea
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GitHub Gitea Advisories
+        kind: html-links
+        url: https://github.com/go-gitea/gitea/security/advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [gitea]
+        max_items: 50
+      - name: OSV Gitea
+        kind: osv-batch
+        confidence: official
+        advisory_mode: core
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: Go
+        name: code.gitea.io/gitea
+    cpe_keys: []
+    ghsa_keywords: [gitea]
+    kev_keywords: [gitea]
+    output_dir: 07-framework-security/platforms/gitea
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage, proxy-trust-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: gitlab-ce
+    display_name: GitLab CE
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core]
+    official_sources:
+      - name: GitLab Security Releases
+        kind: html-links
+        url: https://about.gitlab.com/releases/categories/releases/
+        confidence: official
+        advisory_mode: core
+        keywords: [security release, gitlab]
+        max_items: 50
+      - name: NVD GitLab
+        kind: nvd-search
+        keyword: GitLab CE
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources:
+      - name: GitLab Advisory Database
+        kind: html-links
+        url: https://gitlab.com/gitlab-org/advisories-community
+        confidence: ecosystem-authority
+        advisory_mode: core
+        keywords: [gitlab]
+        max_items: 50
+    research_sources: []
+    package_names: []
+    cpe_keys: ["gitlab:gitlab"]
+    ghsa_keywords: [gitlab]
+    kev_keywords: [gitlab]
+    output_dir: 07-framework-security/platforms/gitlab-ce
+    secure_code_topics: [authz-server-side-recheck, token-cookie-storage, deserialization-safety]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: jenkins
+    display_name: Jenkins
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Jenkins Security Advisories
+        kind: html-links
+        url: https://www.jenkins.io/security/advisories/
+        confidence: official
+        advisory_mode: core
+        keywords: [jenkins]
+        max_items: 60
+      - name: NVD Jenkins
+        kind: nvd-search
+        keyword: Jenkins
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["jenkins:jenkins"]
+    ghsa_keywords: [jenkins]
+    kev_keywords: [jenkins]
+    output_dir: 07-framework-security/platforms/jenkins
+    secure_code_topics: [plugin-extension-trust-policy, authz-server-side-recheck, deserialization-safety]
+    render_policy:
+      core_always_markdown: true
+      extension_markdown_on_high_value: true
+
+  - system_id: grafana
+    display_name: Grafana
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Grafana Security Advisories
+        kind: html-links
+        url: https://grafana.com/security/security-advisories/
+        confidence: official
+        advisory_mode: core
+        keywords: [grafana]
+        max_items: 60
+      - name: CISA KEV Grafana
+        kind: kev-json
+        url: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
+        confidence: official
+        advisory_mode: core
+        keywords: [grafana]
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["grafana:grafana"]
+    ghsa_keywords: [grafana]
+    kev_keywords: [grafana]
+    output_dir: 07-framework-security/platforms/grafana
+    secure_code_topics: [authz-server-side-recheck, plugin-extension-trust-policy, xss-output-encoding]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: kibana
+    display_name: Kibana
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Elastic Security Announcements
+        kind: html-links
+        url: https://discuss.elastic.co/c/announcements/security-announcements/31
+        confidence: official
+        advisory_mode: core
+        keywords: [kibana, elastic, security]
+        max_items: 60
+      - name: NVD Kibana
+        kind: nvd-search
+        keyword: Kibana
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["elastic:kibana"]
+    ghsa_keywords: [kibana]
+    kev_keywords: [kibana]
+    output_dir: 07-framework-security/platforms/kibana
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, proxy-trust-boundary]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: mattermost
+    display_name: Mattermost
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Mattermost Security Updates
+        kind: html-links
+        url: https://mattermost.com/security-updates/
+        confidence: official
+        advisory_mode: core
+        keywords: [mattermost]
+        max_items: 50
+      - name: NVD Mattermost
+        kind: nvd-search
+        keyword: Mattermost
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names: []
+    cpe_keys: ["mattermost:mattermost"]
+    ghsa_keywords: [mattermost]
+    kev_keywords: [mattermost]
+    output_dir: 07-framework-security/platforms/mattermost
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, token-cookie-storage]
+    render_policy:
+      core_always_markdown: true
+
+  - system_id: redmine
+    display_name: Redmine
+    category: platforms
+    tier: rolling-24m
+    advisory_modes: [core, plugin]
+    official_sources:
+      - name: Redmine Security Advisories
+        kind: html-links
+        url: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
+        confidence: official
+        advisory_mode: core
+        keywords: [redmine]
+        max_items: 50
+      - name: NVD Redmine
+        kind: nvd-search
+        keyword: Redmine
+        confidence: official
+        advisory_mode: core
+        results_per_page: 40
+    ecosystem_sources: []
+    research_sources: []
+    package_names:
+      - ecosystem: RubyGems
+        name: redmine
+    cpe_keys: ["redmine:redmine"]
+    ghsa_keywords: [redmine]
+    kev_keywords: [redmine]
+    output_dir: 07-framework-security/platforms/redmine
+    secure_code_topics: [authz-server-side-recheck, xss-output-encoding, plugin-extension-trust-policy]
+    render_policy:
+      core_always_markdown: true
+

+    

+  

+
+
diff --git a/08-threat-intel/generated/dashboard/index.html b/08-threat-intel/generated/dashboard/index.html
index a7d919a3..58f7a2a2 100644
--- a/08-threat-intel/generated/dashboard/index.html
+++ b/08-threat-intel/generated/dashboard/index.html
@@ -3,7 +3,7 @@
 
   
   
-  Authorized Lab Dashboard
+  授权攻防实验工作台
   
 
 
@@ -17,22 +17,22 @@
         

           

             
-            Authorized Lab Dashboard
+            授权攻防实验工作台
           

           
本地攻防实证工作台

           

             Lovart 设计外壳已本地化并接入真实 run bundle 数据。页面只面向授权实验资产,
-            聚合 advisory、timeline、evidence、logs、sources、raw JSON 与失败原因。
+            聚合漏洞条目、时间线、证据、日志、来源、原始 JSON、当前架构库与失败原因。
           

         

 
         

           
           

@@ -71,38 +75,38 @@
           

             
               
-              Filters
+              筛选器
             
-            0 shown
+            0 条
           

 
           

             
 
             
 
             
 
             
           

@@ -112,7 +116,7 @@
           

             
               
-              Systems
+              系统概览
             
           

           

@@ -122,7 +126,7 @@
           

             
               
-              Recent Failures
+              最近失败
             
           

           

@@ -132,7 +136,7 @@
           

             
               
-              Run Queue
+              运行队列
             
           

           

@@ -142,8 +146,8 @@
       

         

           
-          
Select a run

-          
Pick a run from the left queue to inspect timeline, evidence, logs, sources and raw JSON.

+          
选择一个运行

+          
从左侧队列选择 run,即可查看时间线、证据、日志、来源、原始 JSON 和当前架构库。

         

       

     

@@ -152,13 +156,14 @@
       

         
           
-          UI shell is vendorized from a local Lovart source copy, not an online runtime dependency.
+          当前 UI 壳层来自本地化 Lovart 模板副本,运行期不依赖任何远端 HTML、字体或图标 CDN。
         
       

       

-        Design source
+        设计来源
         Manifest JSON
-        Summary JSON
+        架构 JSON
+        摘要 JSON
       

     
   

diff --git a/08-threat-intel/generated/dashboard/legacy/architecture.json b/08-threat-intel/generated/dashboard/legacy/architecture.json
new file mode 120000
index 00000000..bf9a8d86
--- /dev/null
+++ b/08-threat-intel/generated/dashboard/legacy/architecture.json
@@ -0,0 +1 @@
+../architecture.json
\ No newline at end of file
diff --git a/08-threat-intel/generated/dashboard/runs.json b/08-threat-intel/generated/dashboard/runs.json
index fd5826b6..19f51a90 100644
--- a/08-threat-intel/generated/dashboard/runs.json
+++ b/08-threat-intel/generated/dashboard/runs.json
@@ -197,7 +197,7 @@
     "artifact_groups": [
       {
         "key": "reports",
-        "label": "Reports",
+        "label": "\u62a5\u544a\u4e0e\u8fd0\u884c\u4ea7\u7269",
         "count": 4,
         "items": [
           {
@@ -224,7 +224,7 @@
       },
       {
         "key": "compose",
-        "label": "Compose",
+        "label": "Compose \u7f16\u6392",
         "count": 1,
         "items": [
           {
@@ -378,7 +378,7 @@
     "artifact_groups": [
       {
         "key": "reports",
-        "label": "Reports",
+        "label": "\u62a5\u544a\u4e0e\u8fd0\u884c\u4ea7\u7269",
         "count": 4,
         "items": [
           {
@@ -405,7 +405,7 @@
       },
       {
         "key": "requests",
-        "label": "Request Logs",
+        "label": "\u8bf7\u6c42\u4e0e\u63a2\u6d4b\u65e5\u5fd7",
         "count": 2,
         "items": [
           {
@@ -576,7 +576,7 @@
     "artifact_groups": [
       {
         "key": "reports",
-        "label": "Reports",
+        "label": "\u62a5\u544a\u4e0e\u8fd0\u884c\u4ea7\u7269",
         "count": 4,
         "items": [
           {
@@ -603,7 +603,7 @@
       },
       {
         "key": "baseline",
-        "label": "Baseline Snapshots",
+        "label": "\u57fa\u7ebf\u5feb\u7167",
         "count": 1,
         "items": [
           {
@@ -615,7 +615,7 @@
       },
       {
         "key": "requests",
-        "label": "Request Logs",
+        "label": "\u8bf7\u6c42\u4e0e\u63a2\u6d4b\u65e5\u5fd7",
         "count": 1,
         "items": [
           {
diff --git a/08-threat-intel/generated/dashboard/summary.json b/08-threat-intel/generated/dashboard/summary.json
index e029f8c2..15c4cfdf 100644
--- a/08-threat-intel/generated/dashboard/summary.json
+++ b/08-threat-intel/generated/dashboard/summary.json
@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-17T08:20:30+00:00",
+  "generated_at": "2026-03-17T08:59:56+00:00",
   "advisory_count": 89,
   "run_count": 3,
   "statuses": {
diff --git a/08-threat-intel/generated/latest-ingest.md b/08-threat-intel/generated/latest-ingest.md
index 38790504..a591a71d 100644
--- a/08-threat-intel/generated/latest-ingest.md
+++ b/08-threat-intel/generated/latest-ingest.md
@@ -1,6 +1,6 @@
 # 最新同步摘要
 
-- 渲染时间: `2026-03-17T08:20:30+00:00`
+- 渲染时间: `2026-03-17T08:59:56+00:00`
 - 系统数量: `62`
 - Advisory 数量: `89`
 - 重点 Markdown 数量: `89`
diff --git a/08-threat-intel/generated/run-summary.json b/08-threat-intel/generated/run-summary.json
index 3c1f1250..ff386502 100644
--- a/08-threat-intel/generated/run-summary.json
+++ b/08-threat-intel/generated/run-summary.json
@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-17T08:20:30+00:00",
+  "generated_at": "2026-03-17T08:59:56+00:00",
   "system_count": 62,
   "advisory_count": 89,
   "markdown_count": 89,
diff --git a/README.md b/README.md
index 8174ddd2..dbaedd87 100644
--- a/README.md
+++ b/README.md
@@ -80,6 +80,8 @@ python3 /Users/x/websafe/scripts/lab/main.py serve-dashboard --port 8734
   - 旧版工作台回退入口
 - `/docs/design-source.html`
   - 设计来源与本地化说明
+- `/docs/architecture-library.html`
+  - 当前架构库结构化镜像页
 
 计划中的本机 cron 入口:
 
diff --git a/docs/frontend-dashboard-design.md b/docs/frontend-dashboard-design.md
index e036f9d6..9bec8d81 100644
--- a/docs/frontend-dashboard-design.md
+++ b/docs/frontend-dashboard-design.md
@@ -46,7 +46,8 @@ flowchart LR
   D --> G["Evidence Explorer"]
   D --> H["Live Log Viewer"]
   D --> I["Sources & Fix Topics"]
-  D --> J["Raw JSON Panels"]
+  D --> J["当前架构库"]
+  D --> K["Raw JSON Panels"]
 ```
 
 ## 4. 页面布局
@@ -119,6 +120,11 @@ flowchart LR
   - secondary sources
   - aliases
   - secure code topics
+- 当前架构库
+  - 项目定位、授权边界、控制面、数据层、地址入口
+  - source-map / repro-map 派生的系统分组与默认复现策略
+  - 当前生成态、状态分布、最近失败
+  - 可折叠查看任意层级信息并打开本地镜像页 / JSON
 - Raw JSON
   - run JSON
   - advisory JSON
diff --git a/docs/project-features.md b/docs/project-features.md
index 1655b67c..59807e00 100644
--- a/docs/project-features.md
+++ b/docs/project-features.md
@@ -63,7 +63,8 @@
   - 静态前端工作台
   - `/index.html` 为本地化 Lovart 正式 UI
   - `/legacy/index.html` 为旧版工作台回退入口
-  - `/docs/*.html` 为本地可访问的说明与设计镜像页
+  - `/docs/*.html` 为本地可访问的说明、真值配置与设计镜像页
+  - `architecture.json` 为当前架构库结构化真值
 - `07-framework-security/`
   - 系统级 README、INDEX、案例页,自动显示本地实证状态
 
@@ -156,6 +157,7 @@ python3 /Users/x/websafe/scripts/lab/main.py serve-dashboard --port 8734
 
 - 快速定位系统 / advisory / repro profile
 - 折叠与展开 timeline、evidence、sources、raw JSON
+- 折叠与展开“当前架构库”,查看控制面、数据层、地址入口、授权边界和系统分组
 - 直接查看 compose、JSON、日志、截图、报告
 - 高亮失败原因、当前 blocker、利用思路、成功判据
 - 自动刷新生成数据,适配正在进行中的本地 run
diff --git a/scripts/intel/validators.py b/scripts/intel/validators.py
index 6451699a..d96fd018 100644
--- a/scripts/intel/validators.py
+++ b/scripts/intel/validators.py
@@ -96,6 +96,7 @@ def validate(source_map: Dict[str, Any]) -> List[str]:
         GENERATED_DIR / "dashboard" / "runs.json",
         GENERATED_DIR / "dashboard" / "advisories.json",
         GENERATED_DIR / "dashboard" / "profiles.json",
+        GENERATED_DIR / "dashboard" / "architecture.json",
         GENERATED_DIR / "dashboard" / "assets" / "app.js",
         GENERATED_DIR / "dashboard" / "assets" / "styles.css",
         GENERATED_DIR / "dashboard" / "assets" / "icons.svg",
@@ -105,7 +106,13 @@ def validate(source_map: Dict[str, Any]) -> List[str]:
         GENERATED_DIR / "dashboard" / "docs" / "project-features.html",
         GENERATED_DIR / "dashboard" / "docs" / "frontend-dashboard-design.html",
         GENERATED_DIR / "dashboard" / "docs" / "secure-code-index.html",
+        GENERATED_DIR / "dashboard" / "docs" / "root-readme.html",
+        GENERATED_DIR / "dashboard" / "docs" / "authorization-model.html",
+        GENERATED_DIR / "dashboard" / "docs" / "source-map.html",
+        GENERATED_DIR / "dashboard" / "docs" / "repro-map.html",
+        GENERATED_DIR / "dashboard" / "docs" / "coverage-matrix.html",
         GENERATED_DIR / "dashboard" / "docs" / "design-source.html",
+        GENERATED_DIR / "dashboard" / "docs" / "architecture-library.html",
         ROOT / "08-threat-intel" / "registry" / "source-confidence.md",
     ]:
         if not path.exists():
diff --git a/scripts/lab/dashboard_templates/lovart/assets/app.js b/scripts/lab/dashboard_templates/lovart/assets/app.js
index 519437b9..d9dab9f2 100644
--- a/scripts/lab/dashboard_templates/lovart/assets/app.js
+++ b/scripts/lab/dashboard_templates/lovart/assets/app.js
@@ -4,6 +4,7 @@ const state = {
   systems: [],
   advisories: {},
   profiles: {},
+  architecture: null,
   selectedRunId: null,
   selectedArtifact: null,
   refreshHandle: null,
@@ -21,12 +22,33 @@ const state = {
     evidence: true,
     logs: true,
     sources: true,
+    architecture: true,
     run_json: false,
     advisory_json: false,
     profile_json: false
   }
 };
 
+const STATUS_LABELS = {
+  "verified-real": "真实版本已实证",
+  "verified-synthetic": "合成靶场已实证",
+  "blocked-artifact": "制品阻塞",
+  "blocked-destructive": "破坏性风险阻塞",
+  "triage-manual": "人工分诊",
+  suspected: "仅疑似命中",
+  completed: "已完成",
+  failed: "失败",
+  skipped: "已跳过",
+  planned: "已规划",
+  unknown: "未知"
+};
+
+const ARTIFACT_KIND_LABELS = {
+  image: "图片",
+  text: "文本",
+  link: "链接"
+};
+
 const $ = (id) => document.getElementById(id);
 const icon = (name, className = "icon") =>
   ``;
@@ -37,7 +59,7 @@ const statusClass = (status) => ({
   "blocked-artifact": "status-pill status-blocked-artifact",
   "blocked-destructive": "status-pill status-blocked-destructive",
   "triage-manual": "status-pill status-triage-manual",
-  "suspected": "status-pill status-suspected",
+  suspected: "status-pill status-suspected",
   completed: "status-pill status-verified-real",
   failed: "status-pill status-blocked-artifact",
   skipped: "status-pill status-triage-manual"
@@ -52,21 +74,37 @@ function escapeHtml(value) {
 }
 
 function formatStatus(value) {
-  return String(value || "unknown").replaceAll("-", " ");
+  return STATUS_LABELS[value] || String(value || "unknown").replaceAll("-", " ");
+}
+
+function formatDateTime(value) {
+  if (!value) return "-";
+  const date = new Date(value);
+  if (Number.isNaN(date.getTime())) return String(value);
+  return date.toLocaleString("zh-CN", {
+    hour12: false,
+    year: "numeric",
+    month: "2-digit",
+    day: "2-digit",
+    hour: "2-digit",
+    minute: "2-digit",
+    second: "2-digit"
+  });
 }
 
 function timeAgo(value) {
   if (!value) return "-";
   const diff = Date.now() - new Date(value).getTime();
-  if (Number.isNaN(diff)) return value;
+  if (Number.isNaN(diff)) return String(value);
   const seconds = Math.floor(diff / 1000);
-  if (seconds < 60) return `${seconds}s ago`;
+  if (seconds <= 5) return "刚刚";
+  if (seconds < 60) return `${seconds} 秒前`;
   const minutes = Math.floor(seconds / 60);
-  if (minutes < 60) return `${minutes}m ago`;
+  if (minutes < 60) return `${minutes} 分钟前`;
   const hours = Math.floor(minutes / 60);
-  if (hours < 24) return `${hours}h ago`;
+  if (hours < 24) return `${hours} 小时前`;
   const days = Math.floor(hours / 24);
-  return `${days}d ago`;
+  return `${days} 天前`;
 }
 
 async function fetchJson(url) {
@@ -94,30 +132,30 @@ function metricCards() {
 
   return [
     {
-      label: "Total Runs",
+      label: "运行总数",
       value: state.summary?.run_count || 0,
-      note: `${state.summary?.advisory_count || 0} advisories indexed`,
+      note: `已索引漏洞条目 ${state.summary?.advisory_count || 0} 条`,
       color: "var(--accent-purple)",
       iconName: "report"
     },
     {
-      label: "Success",
+      label: "实证成功",
       value: successCount,
-      note: "verified-real + verified-synthetic",
+      note: "真实版本 + 合成靶场",
       color: "var(--accent-green)",
       iconName: "shield"
     },
     {
-      label: "Blocked",
+      label: "当前阻塞",
       value: blockedCount,
-      note: "artifact or destructive blockers",
+      note: "制品阻塞或破坏性风险阻塞",
       color: "var(--accent-red)",
       iconName: "failure"
     },
     {
-      label: "In Progress",
+      label: "待处理 / 进行中",
       value: inProgressCount,
-      note: "manual review or incomplete verification",
+      note: "人工分诊、待补证据或未完成实证",
       color: "var(--accent-blue)",
       iconName: "timeline"
     }
@@ -149,11 +187,16 @@ function renderSyncState(kind, title, detail) {
   $("syncState").dataset.kind = kind;
 }
 
+function optionLabel(kind, value) {
+  if (kind === "status") return formatStatus(value);
+  return value;
+}
+
 function hydrateFilters() {
   const controls = [
-    ["systemFilter", "system", state.runs.map((item) => item.system_id), "All systems"],
-    ["statusFilter", "status", state.runs.map((item) => item.verification_status), "All statuses"],
-    ["profileFilter", "profile", state.runs.map((item) => item.repro_profile_id), "All profiles"]
+    ["systemFilter", "system", state.runs.map((item) => item.system_id), "全部系统"],
+    ["statusFilter", "status", state.runs.map((item) => item.verification_status), "全部状态"],
+    ["profileFilter", "profile", state.runs.map((item) => item.repro_profile_id), "全部复现档案"]
   ];
 
   for (const [id, key, values, label] of controls) {
@@ -161,7 +204,7 @@ function hydrateFilters() {
     const current = state.filters[key];
     control.innerHTML = ``;
     control.innerHTML += distinct(values)
-      .map((value) => ``)
+      .map((value) => ``)
       .join("");
     control.value = current;
   }
@@ -198,20 +241,20 @@ function renderSystems() {
             

               

                 ${escapeHtml(system.display_name || system.system_id)}
-                ${escapeHtml(system.browser_present || 0)}/${escapeHtml(system.browser_required || 0)} browser
+                ${escapeHtml(system.browser_present || 0)}/${escapeHtml(system.browser_required || 0)} 浏览器证据
               

-              
${escapeHtml(system.system_id)} · latest ${escapeHtml(system.latest_update || "-")}

+              
${escapeHtml(system.system_id)} · 最近更新 ${escapeHtml(formatDateTime(system.latest_update || "-"))}

               

-                real ${escapeHtml(system.verified_real || 0)}
-                synthetic ${escapeHtml(system.verified_synthetic || 0)}
-                blocked ${escapeHtml(system.blocked || 0)}
+                真实 ${escapeHtml(system.verified_real || 0)}
+                合成 ${escapeHtml(system.verified_synthetic || 0)}
+                阻塞 ${escapeHtml(system.blocked || 0)}
               

               

             

           `;
         })
         .join("")
-    : `
No system coverage data.
`;
+    : `
暂无系统覆盖数据。
`;
 }
 
 function renderRecentFailures() {
@@ -226,23 +269,24 @@ function renderRecentFailures() {
                 ${escapeHtml(formatStatus(item.status))}
               

               
${escapeHtml(item.title || item.advisory_id)}

-              
${escapeHtml(item.blocked_reason || "-")}

+              
${escapeHtml(item.blocked_reason || "未提供失败原因。")}

             
           `
         )
         .join("")
-    : `
No recent blockers.
`;
+    : `
当前没有最近失败记录。
`;
 }
 
 function renderRunQueue() {
   const runs = filteredRuns();
-  $("runCount").textContent = `${runs.length} shown`;
+  $("runCount").textContent = `${runs.length} 条`;
   $("runQueue").innerHTML = runs.length
     ? runs
         .map((item) => {
           const active = item.run_id === state.selectedRunId ? "is-active" : "";
-          const browserState = item.browser_evidence?.present ? "ready" : (item.browser_evidence?.required ? "required" : "optional");
+          const browserState = item.browser_evidence?.present ? "已采集" : (item.browser_evidence?.required ? "必需待补" : "可选");
           const lead = item.reasoning_lines?.[0] || item.blocked_reason || item.advisory_meta?.summary || "";
+          const artifactCount = (item.artifact_groups || []).reduce((sum, group) => sum + Number(group.count || 0), 0);
           return `
             
           `;
         })
         .join("")
-    : `
No runs match the current filters.
`;
+    : `
当前筛选条件下没有匹配的运行。
`;
 
   document.querySelectorAll("[data-run-id]").forEach((button) => {
     button.addEventListener("click", () => {
@@ -278,18 +322,18 @@ function renderRunQueue() {
 
 function progressSegments(progress) {
   const order = [
-    ["completed", "Completed", "progress-completed"],
-    ["blocked", "Blocked", "progress-blocked"],
-    ["failed", "Failed", "progress-failed"],
-    ["skipped", "Skipped", "progress-skipped"],
-    ["planned", "Planned", "progress-planned"],
-    ["other", "Other", "progress-other"]
+    ["completed", "已完成", "progress-completed"],
+    ["blocked", "已阻塞", "progress-blocked"],
+    ["failed", "失败", "progress-failed"],
+    ["skipped", "已跳过", "progress-skipped"],
+    ["planned", "已规划", "progress-planned"],
+    ["other", "其他", "progress-other"]
   ];
   const total = order.reduce((sum, [key]) => sum + Number(progress?.[key] || 0), 0);
   if (!total) {
     return {
       bar: `
`,
-      legend: `no progress`
+      legend: `暂无进度`
     };
   }
   const bar = order
@@ -379,7 +423,7 @@ async function openArtifact(href, label, kind) {
     }
     viewer.innerHTML = `
${escapeHtml(formatted)}
`;
   } catch (error) {
-    viewer.innerHTML = `
Artifact load failed: ${escapeHtml(error.message)}
`;
+    viewer.innerHTML = `
加载 artifact 失败:${escapeHtml(error.message)}
`;
   }
 }
 
@@ -396,16 +440,147 @@ function bindPanelToggles() {
   });
 }
 
+function renderArchitectureFields(fields = []) {
+  if (!fields.length) return "";
+  return `
+    

+      ${fields
+        .map(
+          (field) => `
+            

+              ${escapeHtml(field.label || "-")}
+              
${escapeHtml(field.value || "-")}

+            

+          `
+        )
+        .join("")}
+    

+  `;
+}
+
+function renderArchitectureStats(stats = []) {
+  if (!stats.length) return "";
+  return `
+    

+      ${stats
+        .map(
+          (item) => `
+            

+              ${escapeHtml(item.label || "-")}
+              ${escapeHtml(item.value || "-")}
+            

+          `
+        )
+        .join("")}
+    

+  `;
+}
+
+function renderArchitectureLinks(links = []) {
+  if (!links.length) return "";
+  return `
+    

+      ${links
+        .map(
+          (linkItem) => `
+            
+              ${escapeHtml(linkItem.label || "打开链接")}
+              ${escapeHtml(linkItem.description || linkItem.href || "")}
+            
+          `
+        )
+        .join("")}
+    

+  `;
+}
+
+function renderArchitectureNode(node, depth = 0) {
+  if (!node) return "";
+  const children = (node.items || []).map((item) => renderArchitectureNode(item, depth + 1)).join("");
+  const fields = renderArchitectureFields(node.fields || []);
+  const stats = renderArchitectureStats(node.stats || []);
+  const links = renderArchitectureLinks(node.links || []);
+  const badges = (node.badges || [])
+    .map((badge) => `${escapeHtml(badge)}`)
+    .join("");
+  const hasBody = Boolean(children || fields || stats || links || node.summary || badges);
+  const summaryBlock = `
+    

+      ${escapeHtml(node.title || "未命名节点")}
+      ${node.summary ? `${escapeHtml(node.summary)}` : ""}
+    

+    

+      ${node.items?.length ? `${escapeHtml(node.items.length)} 个子项` : ""}
+      ${node.fields?.length ? `${escapeHtml(node.fields.length)} 个字段` : ""}
+      ${node.links?.length ? `${escapeHtml(node.links.length)} 个链接` : ""}
+    

+  `;
+
+  if (!hasBody) {
+    return `
+      

+        ${summaryBlock}
+      

+    `;
+  }
+
+  const openAttr = node.open === false ? "" : "open";
+  return `
+    

+      
+        ${summaryBlock}
+      
+      

+        ${badges ? `
${badges}
` : ""}
+        ${stats}
+        ${fields}
+        ${links}
+        ${children ? `
${children}
` : ""}
+      

+    

+  `;
+}
+
+function renderArchitecturePanel() {
+  const architecture = state.architecture;
+  if (!architecture) {
+    return renderPanel("architecture", "当前架构库", "未生成", "systems", `
尚未找到架构 JSON,请先执行渲染命令。
`);
+  }
+  const sections = architecture.sections || [];
+  const content = `
+    

+      ${escapeHtml(architecture.title || "当前架构库")}
+      
${escapeHtml(architecture.summary || "当前工作台的结构化真值视图。")}

+      

+        生成时间 ${escapeHtml(formatDateTime(architecture.generated_at))}
+        架构 JSON
+        镜像页
+        仓库入口镜像
+      

+    

+    

+      ${sections.length ? sections.map((section) => renderArchitectureNode(section, 0)).join("") : `
架构库目前没有可展示的分区。
`}
+    

+  `;
+  return renderPanel("architecture", "当前架构库", `${sections.length} 个分区`, "systems", content);
+}
+
+function renderEmptyWorkspace() {
+  $("detailWorkspace").innerHTML = `
+    

+      ${icon("shield", "icon icon-xl")}
+      
选择一个运行

+      
左侧队列用于切换 run。即使当前没有选中运行,你也可以直接展开下方“当前架构库”查看仓库控制面、数据层、系统分组、授权边界与本地入口。

+    

+    ${renderArchitecturePanel()}
+  `;
+  bindPanelToggles();
+}
+
 function renderDetail() {
   const run = state.runs.find((item) => item.run_id === state.selectedRunId);
   if (!run) {
-    $("detailWorkspace").innerHTML = `
-      

-        ${icon("shield", "icon icon-xl")}
-        
Select a run

-        
Pick a run from the left queue to inspect timeline, evidence, logs and raw JSON.

-      

-    `;
+    renderEmptyWorkspace();
     return;
   }
 
@@ -413,7 +588,7 @@ function renderDetail() {
   const profile = run.profile_meta || {};
   const screenshotItems = ((run.artifact_groups || []).find((group) => group.key === "browser")?.items || []).filter((item) => item.kind === "image");
   const segments = progressSegments(run.progress || {});
-  const browserStatus = run.browser_evidence?.present ? "Ready" : (run.browser_evidence?.required ? "Required" : "Optional");
+  const browserStatus = run.browser_evidence?.present ? "已采集" : (run.browser_evidence?.required ? "必需待补" : "可选");
   const artifactCount = (run.artifact_groups || []).reduce((sum, group) => sum + Number(group.count || 0), 0);
 
   const timelineContent = `
@@ -426,42 +601,42 @@ function renderDetail() {
             
             

               ${escapeHtml(item.step || "-")}
-              ${escapeHtml(item.at || "-")}
+              ${escapeHtml(formatDateTime(item.at || "-"))}
             

             
${escapeHtml(formatStatus(item.status || "unknown"))}

             
${escapeHtml(item.detail || "-")}

           
         `)
-        .join("") || `
No timeline items recorded.
`}
+        .join("") || `
当前运行没有记录时间线。
`}
`; const reasoningCards = [ { - label: "Summary", - copy: advisory.summary || "No advisory summary available." + label: "概要", + copy: advisory.summary || "当前漏洞条目没有摘要。" }, { - label: "Success Criteria", - copy: (profile.success_criteria || []).join(" | ") || "No success criteria defined." + label: "成功判据", + copy: (profile.success_criteria || []).join(" | ") || "当前 profile 没有定义成功判据。" }, { - label: "Seed / Attack Notes", - copy: (run.reasoning_lines || []).join("\n\n") || "No reasoning lines recorded." + label: "Seed / 攻击思路", + copy: (run.reasoning_lines || []).join("\n\n") || "当前运行没有记录思路说明。" }, { - label: "Allowed Targets", - copy: (profile.allowed_target_types || []).join(", ") || "No target scope declared." + label: "允许目标", + copy: (profile.allowed_target_types || []).join(", ") || "当前 profile 没有声明允许目标类型。" } ]; const reasoningContent = ` - ${run.blocked_reason ? `
Failure reason
${escapeHtml(run.blocked_reason)}
` : ""} + ${run.blocked_reason ? `
失败原因
${escapeHtml(run.blocked_reason)}
` : ""}
- vuln family ${escapeHtml(profile.vuln_family || "unknown")} - cleanup ${escapeHtml(profile.cleanup_policy || "-")} - destructive risk ${escapeHtml(profile.destructive_risk || "-")} - artifact ${escapeHtml(run.artifact_mode || "-")} + 漏洞家族 ${escapeHtml(profile.vuln_family || "未定义")} + 清理策略 ${escapeHtml(profile.cleanup_policy || "-")} + 破坏性风险 ${escapeHtml(profile.destructive_risk || "-")} + 制品模式 ${escapeHtml(run.artifact_mode || "-")}
${reasoningCards @@ -490,7 +665,7 @@ function renderDetail() { (item) => ` ` ) @@ -499,7 +674,7 @@ function renderDetail() { ` ) - .join("") || `
No artifact groups for this run.
`} + .join("") || `
当前运行没有可浏览的产物分组。
`} ${ screenshotItems.length @@ -524,27 +699,31 @@ function renderDetail() {
-
${escapeHtml(state.selectedArtifact?.label || "Select an artifact")}
-
${escapeHtml(state.selectedArtifact?.href || "Artifact preview will appear here.")}
+
${escapeHtml(state.selectedArtifact?.label || "选择一个产物")}
+
${escapeHtml(state.selectedArtifact?.href || "这里会显示 JSON、文本、HTML 报告、截图和其他日志的预览。")}
- ${icon("link")}Open artifact - + ${icon("link")}打开产物 +
- 
Select a report, log, screenshot, JSON or HTML artifact to preview it here.
+ 
选择报告、日志、截图、JSON 或 HTML 产物后,会在这里直接预览。
`; + const sourceLinks = [ + advisory.official_source_url + ? `${escapeHtml(advisory.official_source_url)}` + : `当前漏洞条目没有关联官方来源。`, + ...(advisory.secondary_source_urls || []).map((url) => `${escapeHtml(url)}`) + ].join(""); + const sourcesContent = `
${(advisory.aliases || []).map((alias) => `${escapeHtml(alias)}`).join("")} ${(advisory.secure_code_topics || []).map((topic) => `${escapeHtml(topic)}`).join("")}
-
- ${advisory.official_source_url ? `${escapeHtml(advisory.official_source_url)}` : `No official source linked.`} - ${(advisory.secondary_source_urls || []).map((url) => `${escapeHtml(url)}`).join("")} -
+
${sourceLinks}
`; const rawRunContent = `
${escapeHtml(JSON.stringify(run, null, 2))}
`; @@ -563,42 +742,43 @@ function renderDetail() {

${escapeHtml(advisory.title || run.advisory_id)}

-
${escapeHtml(advisory.summary || "No advisory summary available.")}
+
${escapeHtml(advisory.summary || "当前漏洞条目没有摘要。")}
- ${icon("report")}HTML report - ${icon("markdown")}Markdown - ${icon("json")}Run JSON + ${icon("report")}HTML 报告 + ${icon("markdown")}Markdown 报告 + ${icon("json")}运行 JSON
- Timeline Steps + 时间线步骤 ${escapeHtml(run.timeline?.length || 0)}
- Artifacts + Artifact 数 ${escapeHtml(artifactCount)}
- Browser Evidence + 浏览器证据 ${escapeHtml(browserStatus)}
- Finished + 完成时间 ${escapeHtml(timeAgo(run.finished_at))}
- ${renderPanel("timeline", "Progress Timeline", `${escapeHtml(run.timeline?.length || 0)} steps`, "timeline", timelineContent)} - ${renderPanel("reasoning", "Attack Plan & Reasoning", escapeHtml(profile.vuln_family || "unknown"), "reasoning", reasoningContent)} - ${renderPanel("evidence", "Evidence Explorer", `${escapeHtml(run.artifact_groups?.length || 0)} groups`, "evidence", evidenceContent)} - ${renderPanel("logs", "Live Log Viewer", state.selectedArtifact ? "active" : "idle", "logs", logContent)} - ${renderPanel("sources", "Sources & Fix Topics", `${escapeHtml((advisory.secondary_source_urls || []).length + (advisory.official_source_url ? 1 : 0))} links`, "sources", sourcesContent)} - ${renderPanel("run_json", "Run JSON", "raw", "json", rawRunContent)} - ${renderPanel("advisory_json", "Advisory JSON", "raw", "json", rawAdvisoryContent)} - ${renderPanel("profile_json", "Profile JSON", "raw", "json", rawProfileContent)} + ${renderPanel("timeline", "进度时间线", `${escapeHtml(run.timeline?.length || 0)} 步`, "timeline", timelineContent)} + ${renderPanel("reasoning", "攻击方案与推理", escapeHtml(profile.vuln_family || "未定义"), "reasoning", reasoningContent)} + ${renderPanel("evidence", "证据浏览器", `${escapeHtml(run.artifact_groups?.length || 0)} 组`, "evidence", evidenceContent)} + ${renderPanel("logs", "实时日志查看器", state.selectedArtifact ? "已选产物" : "等待选择", "logs", logContent)} + ${renderPanel("sources", "来源与修复主题", `${escapeHtml((advisory.secondary_source_urls || []).length + (advisory.official_source_url ? 1 : 0))} 条链接`, "sources", sourcesContent)} + ${renderArchitecturePanel()} + ${renderPanel("run_json", "运行 JSON", "原始数据", "json", rawRunContent)} + ${renderPanel("advisory_json", "漏洞条目 JSON", "原始数据", "json", rawAdvisoryContent)} + ${renderPanel("profile_json", "复现档案 JSON", "原始数据", "json", rawProfileContent)} `; bindPanelToggles(); @@ -663,15 +843,16 @@ function startRefreshLoop() { async function loadData(preserveSelection = true) { const previous = state.selectedRunId; - renderSyncState("loading", "Refreshing", new Date().toLocaleTimeString()); + renderSyncState("loading", "刷新中", `本地时间 ${new Date().toLocaleTimeString("zh-CN", { hour12: false })}`); try { - const [summary, runs, systems, advisories, profiles] = await Promise.all([ + const [summary, runs, systems, advisories, profiles, architecture] = await Promise.all([ fetchJson("./summary.json"), fetchJson("./runs.json"), fetchJson("./systems.json"), fetchJson("./advisories.json"), - fetchJson("./profiles.json") + fetchJson("./profiles.json"), + fetchJson("./architecture.json") ]); state.summary = summary; @@ -679,6 +860,7 @@ async function loadData(preserveSelection = true) { state.systems = systems; state.advisories = advisories; state.profiles = profiles; + state.architecture = architecture; hydrateFilters(); const hashRun = location.hash.startsWith("#run=") ? location.hash.replace("#run=", "") : null; @@ -690,11 +872,11 @@ async function loadData(preserveSelection = true) { } renderAll(); - renderSyncState("live", "Live", summary.generated_at || new Date().toISOString()); + renderSyncState("live", "实时同步", `最近生成 ${formatDateTime(summary.generated_at || new Date().toISOString())}`); } catch (error) { - $("runQueue").innerHTML = `
Dashboard load failed: ${escapeHtml(error.message)}
`; - $("detailWorkspace").innerHTML = `

Load failed

${escapeHtml(error.message)}

`; - renderSyncState("error", "Load Failed", error.message); + $("runQueue").innerHTML = `
工作台加载失败:${escapeHtml(error.message)}
`; + $("detailWorkspace").innerHTML = `

加载失败

${escapeHtml(error.message)}

`; + renderSyncState("error", "加载失败", error.message); } } diff --git a/scripts/lab/dashboard_templates/lovart/assets/styles.css b/scripts/lab/dashboard_templates/lovart/assets/styles.css index 4788a321..893eafb6 100644 --- a/scripts/lab/dashboard_templates/lovart/assets/styles.css +++ b/scripts/lab/dashboard_templates/lovart/assets/styles.css @@ -963,6 +963,171 @@ select { text-underline-offset: 3px; } +.architecture-tree { + display: grid; + gap: 14px; +} + +.architecture-callout { + border-color: rgba(77, 141, 255, 0.28); + background: rgba(77, 141, 255, 0.08); +} + +.arch-node, +.arch-leaf { + border: 1px solid rgba(148, 163, 184, 0.14); + border-radius: 16px; + background: rgba(255, 255, 255, 0.025); +} + +.arch-node + .arch-node, +.arch-leaf + .arch-node, +.arch-node + .arch-leaf, +.arch-leaf + .arch-leaf { + margin-top: 12px; +} + +.arch-node summary { + list-style: none; +} + +.arch-node summary::-webkit-details-marker { + display: none; +} + +.arch-summary { + display: flex; + justify-content: space-between; + gap: 14px; + padding: 15px 16px; + cursor: pointer; +} + +.arch-summary::after { + content: ""; + width: 9px; + height: 9px; + margin-top: 6px; + border-right: 2px solid rgba(255, 255, 255, 0.72); + border-bottom: 2px solid rgba(255, 255, 255, 0.72); + transform: rotate(45deg); + transition: transform 0.2s ease; +} + +.arch-node[open] > .arch-summary::after { + transform: rotate(225deg); +} + +.arch-summary-main { + display: grid; + gap: 6px; + min-width: 0; +} + +.arch-title { + font-size: 0.98rem; +} + +.arch-summary-copy { + color: var(--text-secondary); + line-height: 1.5; + font-size: 0.88rem; +} + +.arch-summary-meta { + display: flex; + flex-wrap: wrap; + justify-content: flex-end; + gap: 8px; +} + +.arch-body { + display: grid; + gap: 14px; + padding: 0 16px 16px; +} + +.arch-badges { + margin-top: -2px; +} + +.arch-stat-grid, +.arch-field-grid, +.arch-link-grid { + display: grid; + gap: 12px; +} + +.arch-stat-grid { + grid-template-columns: repeat(auto-fit, minmax(150px, 1fr)); +} + +.arch-stat, +.arch-field, +.arch-link-card { + border: 1px solid rgba(148, 163, 184, 0.14); + border-radius: 14px; + background: rgba(255, 255, 255, 0.03); +} + +.arch-stat, +.arch-field { + padding: 12px 14px; +} + +.arch-stat-label, +.arch-field-label, +.arch-link-label { + display: block; + color: var(--text-secondary); + text-transform: uppercase; + letter-spacing: 0.06em; + font-size: 0.72rem; +} + +.arch-stat-value { + display: block; + margin-top: 8px; + font-size: 1.1rem; +} + +.arch-field-value, +.arch-link-copy { + margin-top: 8px; + color: var(--text-primary); + line-height: 1.58; + white-space: pre-wrap; + word-break: break-word; + font-size: 0.9rem; +} + +.arch-link-grid { + grid-template-columns: repeat(auto-fit, minmax(220px, 1fr)); +} + +.arch-link-card { + display: block; + padding: 12px 14px; + transition: transform 0.18s ease, border-color 0.18s ease, background 0.18s ease; +} + +.arch-link-card:hover { + transform: translateY(-1px); + border-color: rgba(77, 141, 255, 0.42); + background: rgba(77, 141, 255, 0.08); +} + +.arch-children { + display: grid; + gap: 12px; + padding-left: 14px; + border-left: 1px solid rgba(148, 163, 184, 0.12); +} + +.arch-leaf { + padding: 14px 16px; +} + .json-card pre { margin: 0; max-height: 420px; @@ -1050,7 +1215,8 @@ select { .tag-row, .panel-meta, .viewer-toolbar, - .dashboard-footer { + .dashboard-footer, + .arch-summary { flex-direction: column; align-items: stretch; } diff --git a/scripts/lab/dashboard_templates/lovart/index.html b/scripts/lab/dashboard_templates/lovart/index.html index a7d919a3..58f7a2a2 100644 --- a/scripts/lab/dashboard_templates/lovart/index.html +++ b/scripts/lab/dashboard_templates/lovart/index.html @@ -3,7 +3,7 @@ - Authorized Lab Dashboard + 授权攻防实验工作台 @@ -17,22 +17,22 @@
- Authorized Lab Dashboard + 授权攻防实验工作台

本地攻防实证工作台

Lovart 设计外壳已本地化并接入真实 run bundle 数据。页面只面向授权实验资产, - 聚合 advisory、timeline、evidence、logs、sources、raw JSON 与失败原因。 + 聚合漏洞条目、时间线、证据、日志、来源、原始 JSON、当前架构库与失败原因。

@@ -71,38 +75,38 @@
- Filters + 筛选器 - 0 shown + 0 条
@@ -112,7 +116,7 @@
- Systems + 系统概览
@@ -122,7 +126,7 @@
- Recent Failures + 最近失败
@@ -132,7 +136,7 @@
- Run Queue + 运行队列
@@ -142,8 +146,8 @@
-

Select a run

-

Pick a run from the left queue to inspect timeline, evidence, logs, sources and raw JSON.

+

选择一个运行

+

从左侧队列选择 run,即可查看时间线、证据、日志、来源、原始 JSON 和当前架构库。

@@ -152,13 +156,14 @@
- UI shell is vendorized from a local Lovart source copy, not an online runtime dependency. + 当前 UI 壳层来自本地化 Lovart 模板副本,运行期不依赖任何远端 HTML、字体或图标 CDN。
- Design source + 设计来源 Manifest JSON - Summary JSON + 架构 JSON + 摘要 JSON
diff --git a/scripts/lab/render.py b/scripts/lab/render.py index f20a06d6..a8adb032 100644 --- a/scripts/lab/render.py +++ b/scripts/lab/render.py @@ -7,9 +7,9 @@ import shutil from pathlib import Path from typing import Any, Dict, List -from lab.config import ADVISORIES_DIR, CASE_RUNS_DIR, DASHBOARD_DIR, ROOT, RUNS_DIR +from lab.config import ADVISORIES_DIR, CASE_RUNS_DIR, DASHBOARD_DIR, REPRO_MAP_PATH, ROOT, RUNS_DIR, SOURCE_MAP_PATH from lab.repro import load_profiles -from lab.utils import ensure_dir, isoformat, load_json_dir, now_utc, unique, write_json, write_text +from lab.utils import ensure_dir, isoformat, load_json_dir, now_utc, read_yaml, unique, write_json, write_text TEMPLATES_DIR = ROOT / "scripts" / "lab" / "dashboard_templates" @@ -17,21 +17,44 @@ LOVART_TEMPLATE_DIR = TEMPLATES_DIR / "lovart" LEGACY_TEMPLATE_DIR = TEMPLATES_DIR / "legacy" LOVART_VENDOR_MANIFEST = LOVART_TEMPLATE_DIR / "vendor" / "source-manifest.json" ROOT_JSON_FILES = ["summary.json", "runs.json", "systems.json", "advisories.json", "profiles.json"] +ROOT_JSON_FILES.append("architecture.json") + +CATEGORY_LABELS = { + "cms": "CMS / 内容平台", + "ecommerce": "电商系统", + "frameworks": "Web 框架与运行时", + "servers": "服务器与边界层", + "platforms": "开源平台与后台系统", +} + +TIER_LABELS = { + "history-full": "历史全量", + "rolling-24m": "近两年全量", +} + +STATUS_LABELS = { + "verified-real": "真实版本已实证", + "verified-synthetic": "合成靶场已实证", + "blocked-artifact": "制品阻塞", + "blocked-destructive": "破坏性风险阻塞", + "triage-manual": "人工分诊", + "suspected": "仅疑似命中", +} def mermaid_from_steps(run: Dict[str, Any]) -> str: lines = [ "flowchart LR", - 'A["Select Advisory"] --> B["Resolve Repro Profile"]', - 'B --> C["Provision Compose Environment"]', - 'C --> D["Baseline Snapshot"]', - 'D --> E["Controlled Attack Steps"]', - 'E --> F["Browser Replay"]', - 'F --> G["Collect Logs and Evidence"]', - 'G --> H["Update Registry and Reports"]', + 'A["选择 Advisory"] --> B["解析 Repro Profile"]', + 'B --> C["生成 Compose 环境"]', + 'C --> D["采集基线快照"]', + 'D --> E["执行受控攻击步骤"]', + 'E --> F["浏览器回放验证"]', + 'F --> G["收集日志与证据"]', + 'G --> H["回写 Registry 与报告"]', ] if run.get("blocked_reason"): - lines.append(f'H --> I["Blocked: {run["blocked_reason"][:60]}"]') + lines.append(f'H --> I["阻塞: {run["blocked_reason"][:60]}"]') return "\n".join(lines) @@ -157,6 +180,371 @@ def _reasoning_lines(advisory: Dict[str, Any], profile: Dict[str, Any]) -> List[ return unique(notes) +def _display_value(value: Any) -> str: + if value is None or value == "": + return "-" + if isinstance(value, bool): + return "是" if value else "否" + if isinstance(value, (int, float)): + return str(value) + if isinstance(value, list): + return "\n".join(_display_value(item) for item in value if item not in (None, "")) or "-" + if isinstance(value, dict): + return json.dumps(value, ensure_ascii=False, indent=2) + return str(value) + + +def _field(label: str, value: Any) -> Dict[str, str]: + return {"label": label, "value": _display_value(value)} + + +def _stat(label: str, value: Any) -> Dict[str, str]: + return {"label": label, "value": _display_value(value)} + + +def _link(label: str, href: str, description: str) -> Dict[str, str]: + return {"label": label, "href": href, "description": description} + + +def _status_label(value: str | None) -> str: + return STATUS_LABELS.get(value or "", value or "-") + + +def _build_architecture_data(summary: Dict[str, Any], source_map: Dict[str, Any], repro_map: Dict[str, Any]) -> Dict[str, Any]: + source_systems = source_map.get("systems", []) or [] + repro_by_system = {item.get("system_id"): item for item in (repro_map.get("systems", []) or []) if item.get("system_id")} + + route_links = [ + _link("正式工作台", "./index.html", "本地化主 UI,默认入口。"), + _link("旧版工作台", "./legacy/index.html", "保留的 legacy 回退入口。"), + _link("项目功能文档", "./docs/project-features.html", "项目能力、目录结构与自动化链路总览。"), + _link("前端设计文档", "./docs/frontend-dashboard-design.html", "当前本地工作台的交互与视觉规范。"), + _link("安全编码索引", "./docs/secure-code-index.html", "secure-code 修复库本地镜像。"), + _link("README 镜像", "./docs/root-readme.html", "仓库根 README 的本地镜像。"), + _link("授权模型", "./docs/authorization-model.html", "允许目标范围、全局原则与记录要求。"), + _link("source-map 真值", "./docs/source-map.html", "系统覆盖、来源和输出目录真值。"), + _link("repro-map 真值", "./docs/repro-map.html", "复现族路由、浏览器要求和日志策略。"), + _link("覆盖矩阵", "./docs/coverage-matrix.html", "自动生成覆盖摘要的本地镜像。"), + _link("设计来源清单", "./docs/design-source.html", "Lovart 模板本地 vendor manifest。"), + _link("架构库镜像", "./docs/architecture-library.html", "当前架构库的结构化镜像页。"), + ] + + data_links = [ + _link("summary.json", "./summary.json", "全局摘要、状态分布和最近失败。"), + _link("runs.json", "./runs.json", "最近 run 的结构化详情。"), + _link("systems.json", "./systems.json", "系统级覆盖与浏览器证据摘要。"), + _link("advisories.json", "./advisories.json", "advisory 元数据与来源。"), + _link("profiles.json", "./profiles.json", "repro profile 元数据。"), + _link("architecture.json", "./architecture.json", "当前架构库结构化 JSON。"), + ] + + category_items: List[Dict[str, Any]] = [] + family_counts: Dict[str, int] = {} + tier_counts = {"history-full": 0, "rolling-24m": 0} + for system in source_systems: + tier = system.get("tier", "rolling-24m") + tier_counts[tier] = tier_counts.get(tier, 0) + 1 + repro = repro_by_system.get(system.get("system_id"), {}) + family = repro.get("default_repro_family") or "未定义" + family_counts[family] = family_counts.get(family, 0) + 1 + + for category_id in sorted(CATEGORY_LABELS, key=lambda item: CATEGORY_LABELS[item]): + systems_in_category = [item for item in source_systems if item.get("category") == category_id] + if not systems_in_category: + continue + history_full = sum(1 for item in systems_in_category if item.get("tier") == "history-full") + rolling = sum(1 for item in systems_in_category if item.get("tier") == "rolling-24m") + system_nodes: List[Dict[str, Any]] = [] + for system in sorted(systems_in_category, key=lambda item: item.get("display_name", item.get("system_id", ""))): + repro = repro_by_system.get(system.get("system_id"), {}) + official_sources = system.get("official_sources", []) or [] + ecosystem_sources = system.get("ecosystem_sources", []) or [] + research_sources = system.get("research_sources", []) or [] + system_nodes.append( + { + "title": f"{system.get('display_name', system.get('system_id'))} ({system.get('system_id')})", + "summary": f"{TIER_LABELS.get(system.get('tier'), system.get('tier'))} · {', '.join(system.get('advisory_modes', [])) or '未定义模式'}", + "open": False, + "badges": [ + TIER_LABELS.get(system.get("tier"), system.get("tier", "-")), + f"官方源 {len(official_sources)}", + f"生态源 {len(ecosystem_sources)}", + f"研究源 {len(research_sources)}", + ], + "fields": [ + _field("输出目录", system.get("output_dir")), + _field("Advisory 模式", system.get("advisory_modes", [])), + _field("Secure-Code 主题", system.get("secure_code_topics", [])), + _field("CPE 关键字", system.get("cpe_keys", [])), + _field("GHSA 关键字", system.get("ghsa_keywords", [])), + ], + "items": [ + { + "title": "来源配置", + "summary": "官方、生态权威与研究补充来源。", + "open": False, + "fields": [ + _field("官方来源", [entry.get("name") for entry in official_sources]), + _field("生态来源", [entry.get("name") for entry in ecosystem_sources]), + _field("研究来源", [entry.get("name") for entry in research_sources]), + ], + }, + { + "title": "复现默认值", + "summary": "repro-map 中的默认攻击族、浏览器要求和日志策略。", + "open": False, + "fields": [ + _field("默认漏洞家族", repro.get("default_repro_family")), + _field("浏览器默认要求", repro.get("browser_required_default")), + _field("优先制品模式", repro.get("provisioning_mode_preference", [])), + _field("种子策略", repro.get("seed_strategy")), + _field("日志采集器", repro.get("log_collectors", [])), + _field("报告模板", repro.get("report_template")), + ], + }, + ], + } + ) + + category_items.append( + { + "title": CATEGORY_LABELS.get(category_id, category_id), + "summary": f"{len(systems_in_category)} 个系统 · 历史全量 {history_full} · 近两年全量 {rolling}", + "open": False, + "stats": [ + _stat("系统数", len(systems_in_category)), + _stat("历史全量", history_full), + _stat("近两年全量", rolling), + ], + "items": system_nodes, + } + ) + + repro_family_nodes = [ + { + "title": family, + "summary": f"默认路由到该 family 的系统数:{count}", + "open": False, + "fields": [_field("系统数量", count)], + } + for family, count in sorted(family_counts.items(), key=lambda item: (-item[1], item[0])) + ] + + recent_failure_nodes = [ + { + "title": item.get("title") or item.get("advisory_id") or item.get("run_id"), + "summary": item.get("blocked_reason") or "无额外阻塞说明。", + "open": False, + "badges": [_status_label(item.get("status"))], + "fields": [ + _field("运行 ID", item.get("run_id")), + _field("漏洞条目", item.get("advisory_id")), + _field("状态", _status_label(item.get("status"))), + _field("阻塞原因", item.get("blocked_reason")), + ], + } + for item in summary.get("recent_failures", []) + ] + + status_nodes = [ + { + "title": _status_label(status), + "summary": f"当前累计 {count} 条。", + "open": False, + "fields": [ + _field("状态编码", status), + _field("数量", count), + ], + } + for status, count in sorted(summary.get("statuses", {}).items(), key=lambda item: (-item[1], item[0])) + ] + + return { + "generated_at": summary.get("generated_at"), + "title": "当前架构库", + "summary": "工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。", + "sections": [ + { + "title": "仓库定位与当前状态", + "summary": "授权攻防实验与研究知识库;仅适用于自有资产、本地靶场和明确授权目标。", + "open": True, + "badges": ["LAB ONLY", "AUTHORIZED TARGETS ONLY", "非生产安全基线"], + "stats": [ + _stat("纳管系统", len(source_systems)), + _stat("历史全量系统", tier_counts.get("history-full", 0)), + _stat("近两年全量系统", tier_counts.get("rolling-24m", 0)), + _stat("当前运行", summary.get("run_count", 0)), + _stat("当前漏洞条目", summary.get("advisory_count", 0)), + ], + "fields": [ + _field("仓库根目录", str(ROOT)), + _field("默认本地地址", "http://127.0.0.1:8734/"), + _field("自动刷新周期", "5 秒"), + _field("生成时间", summary.get("generated_at")), + ], + "links": route_links[:4], + }, + { + "title": "授权边界与目标模型", + "summary": "所有实验都绑定到本地、自建公网或明确授权目标,不面向无关第三方资产。", + "open": True, + "stats": [ + _stat("允许目标类型", 3), + _stat("禁止类型", 1), + ], + "fields": [ + _field("允许目标", ["lab-local", "lab-public", "authorized-third-party"]), + _field("禁止目标", ["out-of-scope", "无归属证明目标", "公共知名站点", "泛互联网枚举"]), + _field("全局原则", [ + "任何公网验证前先确认资产归属或授权关系。", + "优先只读探测、最小化回显验证和低频实验。", + "涉及账户、令牌、敏感数据和业务写入时采用最小必要动作。", + "不做泛互联网枚举,不对无关公共站点复用同类测试。", + ]), + ], + "links": [ + _link("授权模型镜像", "./docs/authorization-model.html", "目标分类、原则与记录要求。"), + _link("项目 README 镜像", "./docs/root-readme.html", "仓库定位、能力矩阵与自动化入口。"), + ], + }, + { + "title": "控制面与自动化入口", + "summary": "Intel 控制面负责情报入库;Lab 控制面负责本地部署、攻击验证、证据收集和看板生成。", + "open": True, + "items": [ + { + "title": "情报控制面(Intel)", + "summary": "负责 source adapter、规范化、渲染、校验和 PR 流程。", + "open": False, + "fields": [ + _field("CLI 入口", "python3 /Users/x/websafe/scripts/intel/main.py"), + _field("主要命令", [ + "render", + "validate", + "hotlane", + "ingest --since last-success", + "reconcile", + "backfill --tier history-full --dry-run", + "open-pr --dry-run", + ]), + _field("定时入口", [ + "scripts/intel/run-hourly.sh", + "scripts/intel/run-nightly.sh", + "scripts/intel/run-weekly-reconcile.sh", + ]), + ], + }, + { + "title": "实证控制面(Lab)", + "summary": "负责 catalog、compose、seed、baseline、attack、browser、evidence、render 和 queue。", + "open": False, + "fields": [ + _field("CLI 入口", "python3 /Users/x/websafe/scripts/lab/main.py"), + _field("主要命令", [ + "catalog sync", + "validate", + "run-case", + "run-system", + "run-batch", + "render-run", + "serve-dashboard --port 8734", + "cleanup", + "retry-failures", + ]), + _field("关键模块", [ + "catalog/", + "provision/", + "compose/", + "seed/", + "baseline/", + "attack/", + "browser/", + "evidence/", + "render/", + "queue/", + ]), + ], + }, + ], + }, + { + "title": "数据层与本地地址", + "summary": "Registry、生成层、run bundle 与 docs 镜像共同构成工作台的本地数据面。", + "open": True, + "items": [ + { + "title": "真值层", + "summary": "统一的 registry 与 repro/source 配置。", + "open": False, + "fields": [ + _field("漏洞条目 Registry", "08-threat-intel/registry/advisories/*.json"), + _field("系统 Registry", "08-threat-intel/registry/systems/*.json"), + _field("运行 Registry", "08-threat-intel/registry/runs/*.json"), + _field("source-map 真值", "08-threat-intel/source-map.yaml"), + _field("repro-map 真值", "08-threat-intel/repro-map.yaml"), + ], + }, + { + "title": "生成层与展示层", + "summary": "dashboard JSON、run report、docs 镜像与本地静态 UI。", + "open": False, + "links": route_links + data_links, + "fields": [ + _field("工作台根目录", "08-threat-intel/generated/dashboard/"), + _field("运行归档根目录", "06-case-studies/generated-runs//"), + _field("工作台入口", "/index.html"), + _field("旧版入口", "/legacy/index.html"), + ], + }, + ], + }, + { + "title": "系统覆盖分组", + "summary": "基于 source-map 和 repro-map 生成的当前分组视图,可展开查看每个系统的来源、输出目录和复现默认值。", + "open": True, + "items": category_items, + }, + { + "title": "Repro 路由概览", + "summary": "按默认漏洞家族聚合当前系统路由,帮助查看 family runner 覆盖面。", + "open": True, + "items": repro_family_nodes, + }, + { + "title": "当前生成态与阻塞概览", + "summary": "当前 render 后的状态分布、失败摘要与最近可见阻塞。", + "open": True, + "stats": [ + _stat("Run 数", summary.get("run_count", 0)), + _stat("Advisory 数", summary.get("advisory_count", 0)), + _stat("状态类型", len(summary.get("statuses", {}))), + _stat("最近失败", len(summary.get("recent_failures", []))), + ], + "items": [ + { + "title": "状态分布", + "summary": "verification_status 当前计数。", + "open": False, + "items": status_nodes, + }, + { + "title": "最近失败", + "summary": "当前 dashboard 摘要里可见的失败或人工分诊样本。", + "open": False, + "items": recent_failure_nodes or [ + { + "title": "暂无失败样本", + "summary": "当前 summary.json 中没有 recent_failures。", + "open": False, + } + ], + }, + ], + }, + ], + } + + def _dashboard_doc_page(title: str, body: str, description: str) -> str: return f""" @@ -242,7 +630,7 @@ def _dashboard_doc_page(title: str, body: str, description: str) -> str:
- Back to dashboard + 返回工作台

{html.escape(title)}

{html.escape(description)}
@@ -284,7 +672,7 @@ def _copy_tree(source: Path, destination: Path) -> None: shutil.copy2(path, target) -def _write_dashboard_docs() -> None: +def _write_dashboard_docs(architecture: Dict[str, Any]) -> None: docs_dir = DASHBOARD_DIR / "docs" ensure_dir(docs_dir) sources = [ @@ -292,19 +680,49 @@ def _write_dashboard_docs() -> None: "project-features.html", "项目功能与特性总览", (ROOT / "docs" / "project-features.md").read_text(encoding="utf-8"), - "Dashboard-local mirror of the repo feature guide.", + "工作台内置镜像页:仓库功能、目录和自动化链路说明。", ), ( "frontend-dashboard-design.html", "本地前端工作台设计文档", (ROOT / "docs" / "frontend-dashboard-design.md").read_text(encoding="utf-8"), - "Dashboard-local mirror of the UI and interaction specification.", + "工作台内置镜像页:前端交互、展示结构和视觉规范。", ), ( "secure-code-index.html", "安全编码修复库索引", (ROOT / "05-defense" / "secure-code" / "INDEX.md").read_text(encoding="utf-8"), - "Dashboard-local mirror of the secure-code library index.", + "工作台内置镜像页:secure-code 修复主题索引。", + ), + ( + "root-readme.html", + "仓库 README 镜像", + (ROOT / "README.md").read_text(encoding="utf-8"), + "工作台内置镜像页:仓库定位、能力矩阵、入口和自动化入口。", + ), + ( + "authorization-model.html", + "授权模型镜像", + (ROOT / "09-scope-and-targeting" / "authorization-model.md").read_text(encoding="utf-8"), + "工作台内置镜像页:目标范围、授权模型、最小化验证建议和记录要求。", + ), + ( + "source-map.html", + "source-map 真值镜像", + SOURCE_MAP_PATH.read_text(encoding="utf-8"), + "工作台内置镜像页:系统覆盖、来源、输出目录和 secure-code 主题真值。", + ), + ( + "repro-map.html", + "repro-map 真值镜像", + REPRO_MAP_PATH.read_text(encoding="utf-8"), + "工作台内置镜像页:默认漏洞家族、浏览器要求和日志策略真值。", + ), + ( + "coverage-matrix.html", + "覆盖矩阵镜像", + (ROOT / "08-threat-intel" / "generated" / "coverage-matrix.md").read_text(encoding="utf-8"), + "工作台内置镜像页:当前覆盖矩阵生成结果。", ), ] @@ -314,7 +732,15 @@ def _write_dashboard_docs() -> None: "design-source.html", "Lovart 设计来源与本地化清单", manifest_body, - "Local vendor manifest for the Lovart-derived dashboard shell.", + "工作台内置镜像页:Lovart 来源文件、本地 vendor 路径和本地化说明。", + ) + ) + sources.append( + ( + "architecture-library.html", + "当前架构库镜像", + json.dumps(architecture, indent=2, ensure_ascii=False), + "工作台内置镜像页:当前架构库结构化数据镜像。", ) ) @@ -368,11 +794,11 @@ def render_run(run: Dict[str, Any]) -> Dict[str, str]: relative_screenshots = [_relative_ref(run_dir, ref) for ref in screenshot_refs] md_lines = [ - f"# Run {run['run_id']}", + f"# 运行 {run['run_id']}", "", "> `LAB ONLY` | `AUTHORIZED TARGETS ONLY` | 自动生成 run bundle", "", - f"- Advisory: `{run['advisory_id']}`", + f"- 漏洞条目: `{run['advisory_id']}`", f"- 系统: `{run['system_id']}`", f"- Repro Profile: `{run['repro_profile_id']}`", f"- 实证状态: `{run['verification_status']}`", @@ -465,20 +891,20 @@ def render_run(run: Dict[str, Any]) -> Dict[str, str]: html_body = [ "", - "websafe run report", + "websafe 运行报告", "", "", - f"

Run {html.escape(run['run_id'])}

", + f"

运行 {html.escape(run['run_id'])}

", "
", - f"
Advisory
{html.escape(run['advisory_id'])}
", - f"
Status
{html.escape(run['verification_status'])}
", - f"
Profile
{html.escape(run['repro_profile_id'])}
", - f"
Artifact Mode
{html.escape(run['artifact_mode'])}
", + f"
漏洞条目
{html.escape(run['advisory_id'])}
", + f"
实证状态
{html.escape(run['verification_status'])}
", + f"
复现 Profile
{html.escape(run['repro_profile_id'])}
", + f"
Artifact 模式
{html.escape(run['artifact_mode'])}
", "
", - "

Mermaid Timeline

", + "

Mermaid 时间线

", f"
{html.escape(mermaid_from_steps(run))}
", - "

Timeline

", - "", + "

运行时间线

", + "
TimeStepStatusDetail
", ] if run.get("timeline"): for item in run["timeline"]: @@ -490,7 +916,7 @@ def render_run(run: Dict[str, Any]) -> Dict[str, str]: f"" "" ) - html_body.extend(["
时间步骤状态说明
{html.escape(item.get('detail', '') or '-')}
", "

Attack Steps

", ""]) + html_body.extend(["
ToolStatusOutput
", "

攻击步骤

", ""]) if run.get("attack_steps"): for step in run["attack_steps"]: html_body.append( @@ -501,16 +927,16 @@ def render_run(run: Dict[str, Any]) -> Dict[str, str]: "" ) else: - html_body.append("") + html_body.append("") html_body.extend(["
工具状态输出
-skippedno attack steps
-skipped当前没有攻击步骤
"]) if relative_screenshots: - html_body.extend(["

Browser Screenshots

", "
"]) + html_body.extend(["

浏览器截图

", "
"]) for ref in relative_screenshots: html_body.append( f"
{html.escape(Path(ref).stem)}
{html.escape(ref)}
" ) html_body.append("
") - html_body.extend(["

Evidence

    "]) + html_body.extend(["

    证据清单

      "]) for ref in run.get("compose_refs", []) + run.get("browser_refs", []) + run.get("container_log_refs", []) + run.get("request_log_refs", []): html_body.append(f"
    • {html.escape(_relative_ref(run_dir, ref))}
      • ") html_body.extend(["
    ", ""]) @@ -523,6 +949,8 @@ def render_dashboard() -> Dict[str, str]: ensure_dir(DASHBOARD_DIR) advisory_records = load_json_dir(ADVISORIES_DIR) runs = load_json_dir(RUNS_DIR) + source_map = read_yaml(SOURCE_MAP_PATH, default={}) or {} + repro_map = read_yaml(REPRO_MAP_PATH, default={}) or {} advisory_map = {item["canonical_id"]: item for item in advisory_records if item.get("canonical_id")} profile_map = load_profiles() @@ -594,7 +1022,7 @@ def render_dashboard() -> Dict[str, str]: _artifact_group( item, "reports", - "Reports", + "报告与运行产物", [ cloned["dashboard_refs"]["report_html"], cloned["dashboard_refs"]["report_md"], @@ -603,12 +1031,12 @@ def render_dashboard() -> Dict[str, str]: ], use_dashboard_refs=True, ), - _artifact_group(item, "compose", "Compose", item.get("compose_refs", [])), - _artifact_group(item, "baseline", "Baseline Snapshots", item.get("baseline_refs", [])), - _artifact_group(item, "attack", "Attack Outputs", _attack_result_refs(item)), - _artifact_group(item, "browser", "Browser Evidence", item.get("browser_refs", [])), - _artifact_group(item, "container", "Container Logs", item.get("container_log_refs", [])), - _artifact_group(item, "requests", "Request Logs", request_only_refs), + _artifact_group(item, "compose", "Compose 编排", item.get("compose_refs", [])), + _artifact_group(item, "baseline", "基线快照", item.get("baseline_refs", [])), + _artifact_group(item, "attack", "攻击输出", _attack_result_refs(item)), + _artifact_group(item, "browser", "浏览器证据", item.get("browser_refs", [])), + _artifact_group(item, "container", "容器日志", item.get("container_log_refs", [])), + _artifact_group(item, "requests", "请求与探测日志", request_only_refs), ] cloned["artifact_groups"] = [group for group in cloned["artifact_groups"] if group["count"]] decorated_runs.append(cloned) @@ -641,8 +1069,10 @@ def render_dashboard() -> Dict[str, str]: write_json(DASHBOARD_DIR / "systems.json", summary["systems"]) write_json(DASHBOARD_DIR / "advisories.json", {key: _advisory_meta(value) for key, value in advisory_map.items()}) write_json(DASHBOARD_DIR / "profiles.json", {key: _profile_meta(value) for key, value in profile_map.items()}) + architecture = _build_architecture_data(summary, source_map, repro_map) + write_json(DASHBOARD_DIR / "architecture.json", architecture) - _write_dashboard_docs() + _write_dashboard_docs(architecture) _write_design_source_manifest() _render_root_dashboard_shell() _render_legacy_dashboard_shell()