more features checks. setup improvements

docs/qa/feature-checks/runs/policy/exception-recheck-policy-system/run-001/tier1-code-review.json

@@ -0,0 +1,17 @@
+{
+  "tier": 1,
+  "type": "code_review",
+  "capturedAtUtc": "2026-02-12T12:40:00Z",
+  "feature": "exception-recheck-policy-system",
+  "claimsVerified": true,
+  "missingClaims": [],
+  "presentClaims": [
+    "Exceptions/Models/RecheckPolicy.cs - sealed record with PolicyId, Conditions, DefaultAction",
+    "Exceptions/Services/RecheckEvaluationService.cs - sealed class implementing IRecheckEvaluationService",
+    "9 RecheckConditionType values in the enum",
+    "RecheckAction enum: Warn, RequireReapproval, Revoke, Block",
+    "ExceptionObject integration with RecheckPolicy, LastRecheckResult, IsBlockedByRecheck, RequiresReapproval"
+  ],
+  "verdict": "done",
+  "notes": "Full exception recheck policy system. 9 condition types (EPSS, CVSS, KEV, reachability, unknowns, new CVE, expiry, VEX status, package version). 4 actions with priority ordering. Environment-scoped conditions with per-condition action overrides. Integration with ExceptionObject lifecycle."
+}

docs/qa/feature-checks/runs/policy/exception-recheck-policy-system/run-002/tier2-integration-check.json

@@ -0,0 +1,44 @@
+{
+  "type": "integration",
+  "capturedAtUtc": "2026-02-13T03:52:00Z",
+  "testCommand": "dotnet test src/Policy/__Tests/StellaOps.Policy.Exceptions.Tests/StellaOps.Policy.Exceptions.Tests.csproj --no-restore -v normal",
+  "testFilter": "RecheckEvaluationServiceTests, ExceptionObjectTests (recheck properties)",
+  "testsRun": 83,
+  "testsPassed": 83,
+  "testsFailed": 0,
+  "targetedTestMethods": [
+    "RecheckEvaluationServiceTests.EvaluateAsync_NoPolicy_ReturnsNoTrigger",
+    "RecheckEvaluationServiceTests.EvaluateAsync_EpssAbove_Triggers",
+    "RecheckEvaluationServiceTests.EvaluateAsync_EnvironmentScope_FiltersConditions",
+    "RecheckEvaluationServiceTests.EvaluateAsync_ActionPriority_PicksBlock",
+    "RecheckEvaluationServiceTests.EvaluateAsync_ExpiryWithin_UsesThreshold",
+    "ExceptionObjectTests.ExceptionObject_IsBlockedByRecheck_WhenBlockTriggered_ShouldBeTrue",
+    "ExceptionObjectTests.ExceptionObject_RequiresReapproval_WhenReapprovalTriggered_ShouldBeTrue"
+  ],
+  "behaviorVerified": [
+    "RecheckPolicy model: PolicyId, Name, Conditions (ImmutableArray<RecheckCondition>), DefaultAction, IsActive, CreatedAt",
+    "RecheckCondition model: Type (9 enum values), Threshold, EnvironmentScope, per-condition Action override",
+    "9 RecheckConditionTypes: ReachGraphChange, EPSSAbove, CVSSAbove, UnknownsAbove, NewCVEInPackage, KEVFlagged, ExpiryWithin, VEXStatusChange, PackageVersionChange",
+    "RecheckAction enum with priority: Warn(1) < RequireReapproval(2) < Revoke(3) < Block(4)",
+    "RecheckEvaluationService evaluates conditions and returns IsTriggered, TriggeredConditions, RecommendedAction (highest priority)",
+    "Environment scoping: condition scoped to ['prod'] does NOT trigger in 'dev'",
+    "Per-condition action override: condition.Action overrides policy DefaultAction",
+    "Action priority ordering: Block selected over Warn when both triggered",
+    "EPSSAbove condition: triggers when context.EpssScore exceeds threshold",
+    "ExpiryWithin condition: triggers when exception expires within threshold days",
+    "KEVFlagged condition: triggers when context.KevFlagged=true",
+    "ExceptionObject.IsBlockedByRecheck: true when triggered + Block action",
+    "ExceptionObject.RequiresReapproval: true when triggered + RequireReapproval action"
+  ],
+  "assertionTypes": [
+    "condition-evaluation",
+    "action-priority",
+    "environment-scoping",
+    "threshold-comparison",
+    "computed-property"
+  ],
+  "newTestsWritten": [],
+  "bugsFixed": [],
+  "rawOutput": "Exceptions.Tests: 83/83 passed",
+  "verdict": "pass"
+}