up

docs/modules/cli/guides/policy.md

@@ -1,6 +1,7 @@
-# Stella CLI — Policy Commands
-
-> **Audience:** Policy authors, reviewers, operators, and CI engineers using the `stella` CLI to interact with Policy Engine.  
+# Stella CLI — Policy Commands
+
+> **Audience:** Policy authors, reviewers, operators, and CI engineers using the `stella` CLI to interact with Policy Engine.  
+> **Imposed rule:** Submit/approve/publish flows must include lint, simulate, coverage, and shadow evidence; CLI blocks if required attachments are missing.
 > **Supported from:** `stella` CLI ≥ 0.20.0 (Policy Engine v2 sprint line).  
 > **Prerequisites:** Authority-issued bearer token with the scopes noted per command (export `STELLA_TOKEN` or pass `--token`).
 > **2025-10-27 scope update:** CLI/CI tokens issued prior to Sprint 23 (AUTH-POLICY-23-001) must drop `policy:write`/`policy:submit`/`policy:edit` and instead request `policy:read`, `policy:author`, `policy:review`, and `policy:simulate` (plus `policy:approve`/`policy:operate`/`policy:activate` for promotion pipelines).
@@ -218,7 +219,15 @@ Options:
 `stella policy run status <runId>` retrieves run metadata.  
 `stella policy run list --status failed --limit 20` returns recent runs.
 
-### 4.3 Replay & Cancel
+### 4.3 History
+
+``` 
+stella policy history P-7 --limit 20 --format table
+```
+
+Shows version list with status, shadow flag, IR hash, attestation, submission/approval timestamps. Add `--runs` to include last run status per version. Exit code `0` success; `12` on RBAC error.
+
+### 4.4 Replay & Cancel
 
 ```
 stella policy run replay run:P-7:2025-10-26:auto --output bundles/replay.tgz
@@ -315,4 +324,4 @@ All non-zero exits emit structured error envelope on stderr when `--format json`
 
 ---
 
-*Last updated: 2025-10-27 (Sprint 20).*
+*Last updated: 2025-11-26 (Sprint 307).*