save checkpoint: save features

2026-02-12 10:27:23 +02:00
parent dca86e1248
commit 5bca406787
8837 changed files with 1796879 additions and 5294 deletions
--- a/docs/features/checked/riskengine/cvss-kev-risk-signal-combination.md
+++ b/docs/features/checked/riskengine/cvss-kev-risk-signal-combination.md
@@ -114,3 +114,11 @@ Risk engine combining CVSS scores with KEV (Known Exploited Vulnerabilities) dat
 - **Tier 2 Evidence**: docs/qa/feature-checks/runs/riskengine/cvss-kev-risk-signal-combination/run-013/tier2-api-check.json
 - **Captured Requests**: `/risk-scores/providers`; `/risk-scores/simulations` for KEV bonus (0.95), no-KEV baseline (0.75), and unknown provider error semantics.
 - **Outcome**: CVSS+KEV checked behavior revalidated from live API transactions.
+
+## Recheck (Run-014)
+- **Verified**: 2026-02-11
+- **Method**: Tier 2a live HTTPS API verification with fresh request/response capture.
+- **Tests**: PASS (src/RiskEngine/StellaOps.RiskEngine/StellaOps.RiskEngine.Tests: 94/94).
+- **Tier 2 Evidence**: docs/qa/feature-checks/runs/riskengine/cvss-kev-risk-signal-combination/run-014/tier2-api-check.json
+- **Captured Requests**: `/risk-scores/providers`; `/risk-scores/simulations` for KEV bonus (0.95), no-KEV baseline (0.75), and unknown provider error semantics.
+- **Outcome**: CVSS+KEV checked behavior remains stable with fresh live API replay.
--- a/docs/features/checked/riskengine/epss-risk-band-mapping.md
+++ b/docs/features/checked/riskengine/epss-risk-band-mapping.md
@@ -111,3 +111,11 @@ EPSS provider with bundle loading, fetching, and risk band mapping. Contains two
 - **Tier 2 Evidence**: docs/qa/feature-checks/runs/riskengine/epss-risk-band-mapping/run-013/tier2-api-check.json
 - **Captured Requests**: `/risk-scores/simulations` for EPSS direct score (0.77), CVSS+KEV+EPSS percentile bonus (0.55), and missing-signal fallback (0).
 - **Outcome**: EPSS mapping behavior revalidated from live API transactions.
+
+## Recheck (Run-014)
+- **Verified**: 2026-02-11
+- **Method**: Tier 2a live HTTPS API verification with fresh request/response capture.
+- **Tests**: PASS (src/RiskEngine/StellaOps.RiskEngine/StellaOps.RiskEngine.Tests: 94/94).
+- **Tier 2 Evidence**: docs/qa/feature-checks/runs/riskengine/epss-risk-band-mapping/run-014/tier2-api-check.json
+- **Captured Requests**: `/risk-scores/simulations` for EPSS direct score (0.77), CVSS+KEV+EPSS percentile bonus (0.55), and missing-signal fallback (0).
+- **Outcome**: EPSS mapping checked behavior remains stable with fresh live API replay.
--- a/docs/features/checked/riskengine/exploit-maturity-mapping.md
+++ b/docs/features/checked/riskengine/exploit-maturity-mapping.md
@@ -110,3 +110,11 @@ Dedicated exploit maturity mapping service consolidating EPSS, KEV, and in-the-w
 - **Tier 2 Evidence**: docs/qa/feature-checks/runs/riskengine/exploit-maturity-mapping/run-013/tier2-api-check.json
 - **Captured Requests**: `/exploit-maturity/{cveId}`, `/exploit-maturity/{cveId}/level`, `/exploit-maturity/{cveId}/history`, `/exploit-maturity/batch` (success) and `/exploit-maturity/batch` with empty list (400).
 - **Outcome**: Exploit maturity API contracts revalidated from live API transactions.
+
+## Recheck (Run-014)
+- **Verified**: 2026-02-11
+- **Method**: Tier 2a live HTTPS API verification with fresh request/response capture.
+- **Tests**: PASS (src/RiskEngine/StellaOps.RiskEngine/StellaOps.RiskEngine.Tests: 94/94).
+- **Tier 2 Evidence**: docs/qa/feature-checks/runs/riskengine/exploit-maturity-mapping/run-014/tier2-api-check.json
+- **Captured Requests**: `/exploit-maturity/{cveId}`, `/exploit-maturity/{cveId}/level`, `/exploit-maturity/{cveId}/history`, `/exploit-maturity/batch` (success) and `/exploit-maturity/batch` with empty list (400).
+- **Outcome**: Exploit maturity checked API contracts remain stable with fresh live replay.