more features checks. setup improvements

2026-02-13 02:04:55 +02:00
parent 9911b7d73c
commit 9ca2de05df
675 changed files with 37550 additions and 1826 deletions
--- a/docs/qa/feature-checks/runs/policy/cve-aware-release-policy-gates/run-001/tier1-build-check.json
+++ b/docs/qa/feature-checks/runs/policy/cve-aware-release-policy-gates/run-001/tier1-build-check.json
@@ -0,0 +1,12 @@
+{
+  "feature": "cve-aware-release-policy-gates",
+  "module": "policy",
+  "tier": "tier1-build",
+  "run": "run-001",
+  "date": "2026-02-12",
+  "result": "pass",
+  "project": "StellaOps.Policy.Engine.Tests",
+  "command": "dotnet build src/Policy/__Tests/StellaOps.Policy.Engine.Tests/StellaOps.Policy.Engine.Tests.csproj --no-restore --verbosity quiet",
+  "output": "Build succeeded. 0 Warning(s) 0 Error(s)",
+  "notes": "Engine test project builds cleanly with all new CveAwareReleasePolicyGatesDeepTests"
+}
--- a/docs/qa/feature-checks/runs/policy/cve-aware-release-policy-gates/run-001/tier1-code-review.json
+++ b/docs/qa/feature-checks/runs/policy/cve-aware-release-policy-gates/run-001/tier1-code-review.json
@@ -0,0 +1,29 @@
+{
+  "feature": "cve-aware-release-policy-gates",
+  "module": "policy",
+  "tier": "tier1-code-review",
+  "run": "run-001",
+  "date": "2026-02-12",
+  "result": "pass",
+  "sourceFilesReviewed": [
+    "src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs",
+    "src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGate.cs",
+    "src/Policy/StellaOps.Policy.Engine/Gates/DriftGateEvaluator.cs",
+    "src/Policy/StellaOps.Policy.Engine/Gates/StabilityDampingGate.cs",
+    "src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateDecision.cs",
+    "src/Policy/StellaOps.Policy.Engine/Gates/DriftGateContext.cs"
+  ],
+  "testFilesReviewed": [
+    "src/Policy/__Tests/StellaOps.Policy.Engine.Tests/Gates/PolicyGateEvaluatorTests.cs",
+    "src/Policy/__Tests/StellaOps.Policy.Engine.Tests/Gates/VexTrustGateTests.cs"
+  ],
+  "newTestFile": "src/Policy/__Tests/StellaOps.Policy.Engine.Tests/Gates/CveAwareReleasePolicyGatesDeepTests.cs",
+  "findings": [
+    "PolicyGateEvaluator implements 5-gate pipeline with short-circuit-on-first-Block",
+    "VexTrust gate supports per-environment thresholds (production 0.80, staging 0.60, development 0.40)",
+    "DriftGateEvaluator implements KEV, CVSS threshold, EPSS threshold, affected reachable built-in gates",
+    "StabilityDampingGate implements hysteresis-based verdict suppression with upgrade bypass",
+    "DriftGateContext.HasMaterialDrift is computed property, not settable",
+    "Override requires justification >= 10 chars for DriftGate, >= 20 chars for PolicyGate"
+  ]
+}
--- a/docs/qa/feature-checks/runs/policy/cve-aware-release-policy-gates/run-001/tier2-test-results.json
+++ b/docs/qa/feature-checks/runs/policy/cve-aware-release-policy-gates/run-001/tier2-test-results.json
@@ -0,0 +1,55 @@
+{
+  "feature": "cve-aware-release-policy-gates",
+  "module": "policy",
+  "tier": "tier2-test",
+  "run": "run-001",
+  "date": "2026-02-12",
+  "result": "pass",
+  "project": "StellaOps.Policy.Engine.Tests",
+  "command": "dotnet test src/Policy/__Tests/StellaOps.Policy.Engine.Tests/StellaOps.Policy.Engine.Tests.csproj --no-build -- --report-xunit",
+  "summary": {
+    "total": 1263,
+    "passed": 1262,
+    "failed": 1,
+    "skipped": 0,
+    "duration": "5.7s"
+  },
+  "newTests": {
+    "class": "CveAwareReleasePolicyGatesDeepTests",
+    "total": 26,
+    "passed": 26,
+    "failed": 0
+  },
+  "preExistingFailure": {
+    "name": "CalculateScoreBounds returns valid range",
+    "reason": "Pre-existing: bounds.MinimumScore expected <= 0.3 but was 0.95 (not related to this feature)"
+  },
+  "testsCovered": [
+    "PolicyGate_VexTrustEnabled_LowScore_Blocks",
+    "PolicyGate_VexTrustEnabled_HighScore_Allows",
+    "PolicyGate_VexTrustEnabled_UnverifiedSignature_Blocks",
+    "PolicyGate_VexTrustEnabled_MissingScore_WarnsOrBlocks",
+    "PolicyGate_ContestedLattice_SuggestsTriage",
+    "PolicyGate_CRLattice_SuggestsEvidence",
+    "PolicyGate_RULattice_WithJustification_AllowsWithWarning",
+    "PolicyGate_RULattice_NoJustification_Blocks",
+    "PolicyGate_FixedStatus_AllowsAnyLattice",
+    "PolicyGate_UnderInvestigation_NoEvidenceRequired",
+    "PolicyGate_Override_ValidJustification_Bypasses",
+    "PolicyGate_Override_ShortJustification_Fails",
+    "PolicyGate_ShortCircuit_EvidenceBlock_StopsBeforeLattice",
+    "PolicyGate_100Iterations_Deterministic",
+    "DriftGate_KevReachable_BlocksRelease",
+    "DriftGate_KevNoNewReachable_Passes",
+    "DriftGate_HighCvss_BlocksRelease",
+    "DriftGate_HighEpss_BlocksRelease",
+    "DriftGate_AffectedReachable_Blocks",
+    "DriftGate_NoMaterialDrift_Allows",
+    "DriftGate_Disabled_Allows",
+    "DriftGate_Override_BypassesBlock",
+    "StabilityDamping_FirstVerdict_Surfaces",
+    "StabilityDamping_SameStatusSmallDelta_Suppressed",
+    "StabilityDamping_Disabled_Surfaces",
+    "StabilityDamping_PruneHistory_RemovesEntries"
+  ]
+}