@govtechsg/oobee 0.10.20

package/.dockerignore

@@ -0,0 +1,22 @@
+# Node
+**/node_modules/
+**/dist
+.git
+npm-debug.log
+.coverage
+.coverage.*
+.env
+.aws
+
+#MacOS
+**/.DS_Store
+**/thumbs.db
+
+# App-specific
+.github
+screenshots/
+logs/
+results/
+ImageMagick-*/
+errors.txt
+oobee-scan-results.zip

package/.github/pull_request_template.md

@@ -0,0 +1,11 @@
+This PR adds... <!-- A brief description of what your PR does -->
+
+<!-- This checklist is just a guideline.-->
+<!-- If any of the following does not apply to your PR, please leave them unchecked and explain in the PR -->
+
+- [ ] I've kept this PR as small as possible (~500 lines) by splitting it into PRs with manageable chunks of code
+- [ ] I've requested reviews from 1 reviewer
+- [ ] I've tested existing features (website scan, sitemap, custom flow) in both node index and cli
+- [ ] I've synced this fork with GovTechSG repo
+- [ ] I've added/updated unit tests
+- [ ] I've added/updated any necessary dependencies in `package[-lock].json` `npm audit`, portable installation on GitHub Actions

package/.github/workflows/docker-test.yml

@@ -0,0 +1,54 @@
+name: Build Run and Test Docker Container
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - '*.*.*'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Build and run Docker container
+        run: |
+          # Build your Docker image (replace 'oobee' and 'Dockerfile' with your image name and Dockerfile path)
+          docker build -t oobee .
+          # Run the Docker container (adjust any options as needed)
+          docker run -dit --name oobee-container oobee
+        # Ensure the Docker container is running before running the next step
+        continue-on-error: true
+
+      - name: Run Node CLI command inside the Docker container
+        run: |
+          # Execute a webisite crawl
+          docker exec oobee-container npm run cli -- -u "${{ vars.OOBEE_SCAN_URL }}" -c 2 -p "${{ vars.OOBEE_SCAN_MAX_NUM_PAGES }}" -t "${{ vars.OOBEE_SCAN_MAX_CONCURRENCY }}" -k "${{ github.actor }}:${{ github.actor }}@users.noreply.github.com" -b chromium || true
+
+      - name: Print errors
+        run: |
+          docker exec oobee-container cat errors.txt || true
+
+      - name: Print logs
+        run: |
+          docker exec oobee-container cat logs/*/*.txt || true
+      - name: Copy Results from Docker Container
+        run: docker cp oobee-container:/app/results ./results
+
+      - name: Zip Results
+        run: zip -r results.zip ./results
+
+      - name: Upload Zip File
+        uses: actions/upload-artifact@v4
+        with:
+          name: results
+          path: results.zip
+
+      - name: Cleanup Docker container
+        run: |
+          # Stop and remove the Docker container
+          docker stop oobee-container
+          docker rm oobee-container

package/.github/workflows/image.yml

@@ -0,0 +1,107 @@
+name: Push installation image
+
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+
+jobs:
+  windows-install-oobee:
+    runs-on: windows-latest
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v3
+        with:
+          path: oobee
+
+      - name: Copy scripts to parent directory
+        run: |
+          cp ${{github.workspace}}/oobee/scripts/*.ps1 ${{github.workspace}}
+          cp ${{github.workspace}}/oobee/scripts/*.cmd ${{github.workspace}}      
+          cp ${{github.workspace}}/oobee/scripts/*.xml ${{github.workspace}}
+
+      - name: Install Purple dependencies for Windows
+        shell: pwsh
+        run: powershell.exe -NoProfile -ExecutionPolicy Bypass "& ${{github.workspace}}\install_oobee_dependencies.ps1"
+        working-directory: ${{github.workspace}}
+
+      - name: Zip entire Purple folder (Windows)
+        shell: pwsh
+        run: Compress-Archive -Path ${{github.workspace}}/* -DestinationPath oobee-portable-windows.zip
+
+      - name: Upload Windows artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: oobee-portable-windows
+          path: ./oobee-portable-windows.zip
+
+      - name: Release Windows artifact
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          files: |
+            oobee-portable-windows.zip
+
+  mac-install-oobee:
+    runs-on: self-hosted
+    environment: macos
+
+    steps:
+      - name: Clean Workspace Folder
+        run: |
+          rm -rf ./* || true
+          rm -rf ./.??* || true
+
+      - name: Check out repository code
+        uses: actions/checkout@v3
+        with:
+          path: oobee
+
+      - name: Grant execute permissions for user
+        run: chmod ugo+rwx ./scripts/*.command ./scripts/*.sh
+        working-directory: oobee
+
+      - name: Copy scripts to parent directory
+        run: |
+          cp ./oobee/scripts/{*.command,*.sh,*.xml}  ${{ github.workspace }}
+
+      - name: Install Purple dependencies for MacOS
+        run: |
+          ./install_oobee_dependencies.command
+
+      - name: Sign required binaries for MacOS
+        run: |
+          # Find a valid code signing certificate in your keychain for distribution outside Mac App Store
+          CERTIFICATE=$(security find-identity -v -p codesigning -s - | tail -n +2 | grep -o '"Developer ID Application:[^"]*"' | sed 's/"//g')
+
+          # Paths to the binaries you want to sign only ending with .node
+          BINARIES=($(find . -type f \( -name "*.node" -o -name "*.sh" -o -name "*.command" \) ! -path "*.framework/*" ! -path "*.dSYM/*"))
+
+          # Loop through the binary paths and sign each one with a secure timestamp
+          for binary in "${BINARIES[@]}"; do
+            # Check if the binary is already signed
+            codesign --timestamp -f -s "$CERTIFICATE" "$binary"
+            if [ $? -eq 0 ]; then
+              echo "Successfully signed (with secure timestamp): $binary"
+            else
+              echo "Failed to sign: $binary"
+            fi
+          done
+
+      - name: Zip entire Purple folder (Mac)
+        run: |
+          zip oobee-portable-mac.zip -y -r ./
+
+      - name: Upload Mac artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: oobee-portable-mac
+          path: ./oobee-portable-mac.zip
+
+      - name: Release Mac artifact
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          files: |
+            oobee-portable-mac.zip

package/.github/workflows/publish.yml

@@ -0,0 +1,18 @@
+name: Publish Package to npmjs
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      # Setup .npmrc file to publish to npm
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '16.x'
+          registry-url: 'https://registry.npmjs.org'
+      - run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/.idea/modules.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/purple-a11y.iml" filepath="$PROJECT_DIR$/.idea/purple-a11y.iml" />
+    </modules>
+  </component>
+</project>

package/.idea/purple-a11y.iml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="JAVA_MODULE" version="4">
+  <component name="NewModuleRootManager" inherit-compiler-output="true">
+    <exclude-output />
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>

package/.idea/vcs.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="" vcs="Git" />
+  </component>
+</project>

package/.prettierrc.json

@@ -0,0 +1,12 @@
+{
+  "printWidth": 100,
+  "tabWidth": 2,
+  "useTabs": false,
+  "semi": true,
+  "singleQuote": true,
+  "trailingComma": "all",
+  "bracketSpacing": true,
+  "jsxBracketSameLine": false,
+  "arrowParens": "avoid",
+  "endOfLine": "auto"
+}

package/.vscode/extensions.json

@@ -0,0 +1,5 @@
+{
+  "recommendations": [
+    "dbaeumer.vscode-eslint"
+  ]
+}

package/.vscode/settings.json

@@ -0,0 +1,10 @@
+{
+  "editor.codeActionsOnSave": {
+    "source.fixAll.eslint": "explicit"
+  },
+  "eslint.validate": [
+    "javascript",
+    "typescript",
+  ],
+  "editor.formatOnSave": true,
+}

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+accessibility [at] tech.gov.sg.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.

package/DETAILS.md

@@ -0,0 +1,163 @@
+# Scan Issue Details
+
+Details of each issue and severity rating provided by the current scan engine.
+
+## Table Of Contents
+
+1. [Conformance Covered](#conformance-covered)
+2. [WCAG 2.0 Level A](#wcag-20-level-a)
+3. [WCAG 2.0 Level AA](#wcag-20-level-aa)
+4. [WCAG 2.1 Level AA](#wcag-21-level-aa)
+5. [WCAG 2.2 Level AA](#wcag-22-level-aa)
+5. [WCAG 2.x Level AAA](#wcag-2x-level-aaa)
+6. [Best Practice](#best-practice)
+
+## Conformance Covered
+
+| Conformance |
+| ----------- |
+| WCAG 1.1.1  |
+| WCAG 1.2.2  |
+| WCAG 1.3.1  |
+| WCAG 1.3.5  |
+| WCAG 1.4.1  |
+| WCAG 1.4.12 |
+| WCAG 1.4.2  |
+| WCAG 1.4.3  |
+| WCAG 1.4.4  |
+| WCAG 1.4.6  |
+| WCAG 2.1.1  |
+| WCAG 2.2.1  |
+| WCAG 2.2.2  |
+| WCAG 2.2.4  |
+| WCAG 2.4.1  |
+| WCAG 2.4.2  |
+| WCAG 2.4.4  |
+| WCAG 2.4.9  |
+| WCAG 3.1.1  |
+| WCAG 3.1.2  |
+| WCAG 3.3.2  |
+| WCAG 3.2.5  |
+| WCAG 4.1.2  |
+
+## WCAG 2.0 Level A
+
+| Issue ID                    | Issue Description                                                                                                                                     | Severity    | Conformance            |
+| --------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | ---------------------- |
+| area-alt                    | Ensures `<area>` elements of image maps have alternate text                                                                                           | Must Fix    | WCAG 2.4.4, WCAG 4.1.2 |
+| aria-allowed-attr           | Ensures an element's role supports its ARIA attributes                                                                                                | Must Fix    | WCAG 4.1.2             |
+| aria-braille-equivalent     | Ensure aria-braillelabel and aria-brailleroledescription have a non-braille equivalent                                                                | Must Fix    | WCAG 4.1.2             |
+| aria-command-name           | Ensures every ARIA button, link and menuitem has an accessible name                                                                                   | Must Fix    | WCAG 4.1.2             |
+| aria-conditional-attr       | Ensures ARIA attributes are used as described in the specification of the element's role                                                              | Must Fix    | WCAG 4.1.2             |
+| aria-deprecated-role        | Ensures elements do not use deprecated roles                                                                                                          | Good To Fix | WCAG 4.1.2             |
+| aria-hidden-body            | Ensures aria-hidden="true" is not present on the document body.                                                                                       | Must Fix    | WCAG 4.1.2             |
+| aria-hidden-focus           | Ensures aria-hidden elements are not focusable nor contain focusable elements                                                                         | Must Fix    | WCAG 4.1.2             |
+| aria-input-field-name       | Ensures every ARIA input field has an accessible name                                                                                                 | Must Fix    | WCAG 4.1.2             |
+| aria-meter-name             | Ensures every ARIA meter node has an accessible name                                                                                                  | Must Fix    | WCAG 1.1.1             |
+| aria-progressbar-name       | Ensures every ARIA progressbar node has an accessible name                                                                                            | Must Fix    | WCAG 1.1.1             |
+| aria-prohibited-attr        | Ensures ARIA attributes are not prohibited for an element's rolessible name                                                                           | Must Fix    | WCAG 4.1.2             |
+| aria-required-attr          | Ensures elements with ARIA roles have all required ARIA attributes                                                                                    | Must Fix    | WCAG 4.1.2             |
+| aria-required-children      | Ensures elements with an ARIA role that require child roles contain them                                                                              | Must Fix    | WCAG 1.3.1             |
+| aria-required-parent        | Ensures elements with an ARIA role that require parent roles are contained by them                                                                    | Must Fix    | WCAG 1.3.1             |
+| aria-roles                  | Ensures all elements with a role attribute use a valid value                                                                                          | Must Fix    | WCAG 4.1.2             |
+| aria-toggle-field-name      | Ensures every ARIA toggle field has an accessible name                                                                                                | Must Fix    | WCAG 4.1.2             |
+| aria-tooltip-name           | Ensures every ARIA tooltip node has an accessible name                                                                                                | Must Fix    | WCAG 4.1.2             |
+| aria-valid-attr-value       | Ensures all ARIA attributes have valid values                                                                                                         | Must Fix    | WCAG 4.1.2             |
+| aria-valid-attr             | Ensures attributes that begin with aria- are valid ARIA attributes                                                                                    | Must Fix    | WCAG 4.1.2             |
+| blink                       | Ensures `<blink>` elements are not used                                                                                                               | Must Fix    | WCAG 2.2.2             |
+| button-name                 | Ensures buttons have discernible text                                                                                                                 | Must Fix    | WCAG 4.1.2             |
+| bypass                      | Ensures each page has at least one mechanism for a user to bypass navigation and jump straight to the content                                         | Must Fix    | WCAG 2.4.1             |
+| definition-list             | Ensures `<dl>` elements are structured correctly                                                                                                      | Must Fix    | WCAG 1.3.1             |
+| dlitem                      | Ensures `<dt>` and `<dd>` elements are contained by a `<dl>`                                                                                          | Must Fix    | WCAG 1.3.1             |
+| document-title              | Ensures each HTML document contains a non-empty `<title>` element                                                                                     | Must Fix    | WCAG 2.4.2             |
+| duplicate-id-aria           | Ensures every id attribute value used in ARIA and in labels is unique                                                                                 | Must Fix    | WCAG 4.1.2             |
+| form-field-multiple-labels  | Ensures form field does not have multiple label elements                                                                                              | Good to Fix | WCAG 3.3.2             |
+| frame-focusable-content     | Ensures `<frame>` and `<iframe>` elements with focusable content do not have tabindex=-1                                                              | Must Fix    | WCAG 2.1.1             |
+| frame-title-unique          | Ensures `<iframe>` and `<frame>` elements contain a unique title attribute                                                                            | Must Fix    | WCAG 4.1.2             |
+| frame-title                 | Ensures `<iframe>` and `<frame>` elements have an accessible name                                                                                     | Must Fix    | WCAG 4.1.2             |
+| html-has-lang               | Ensures every HTML document has a lang attribute                                                                                                      | Must Fix    | WCAG 3.1.1             |
+| html-lang-valid             | Ensures the lang attribute of the `<html>` element has a valid value                                                                                  | Must Fix    | WCAG 3.1.1             |
+| html-xml-lang-mismatch      | Ensure that HTML elements with both valid lang and xml:lang attributes agree on the base language of the page                                         | Good to Fix | WCAG 3.1.1             |
+| image-alt                   | Ensures `<img>` elements have alternate text or a role of none or presentation                                                                        | Must Fix    | WCAG 1.1.1             |
+| input-button-name           | Ensures input buttons have discernible text                                                                                                           | Must Fix    | WCAG 4.1.2             |
+| input-image-alt             | Ensures `<input type="image">` elements have alternate text                                                                                           | Must Fix    | WCAG 1.1.1, WCAG 4.1.2 |
+| label                       | Ensures every form element has a label                                                                                                                | Must Fix    | WCAG 4.1.2             |
+| link-in-text-block          | Ensure links are distinguished from surrounding text in a way that does not rely on color                                                             | Must Fix    | WCAG 1.4.1             |
+| link-name                   | Ensures links have discernible text                                                                                                                   | Must Fix    | WCAG 2.4.4, WCAG 4.1.2 |
+| list                        | Ensures that lists are structured correctly                                                                                                           | Must Fix    | WCAG 1.3.1             |
+| listitem                    | Ensures `<li>` elements are used semantically                                                                                                         | Must Fix    | WCAG 1.3.1             |
+| marquee                     | Ensures `<marquee>` elements are not used                                                                                                             | Must Fix    | WCAG 2.2.2             |
+| meta-refresh                | Ensures `<meta http-equiv="refresh">` is not used for delayed refresh                                                                                 | Must Fix    | WCAG 2.2.1             |
+| nested-interactive          | Ensures interactive controls are not nested as they are not always announced by screen readers or can cause focus problems for assistive technologies | Must Fix    | WCAG 4.1.2             |
+| no-autoplay-audio           | Ensures `<video>` or `<audio>` elements do not autoplay audio for more than 3 seconds without a control mechanism to stop or mute the audio           | Good to Fix | WCAG 1.4.2             |
+| object-alt                  | Ensures `<object>` elements have alternate text                                                                                                       | Must Fix    | WCAG 1.1.1             |
+| role-img-alt                | Ensures [role="img"] elements have alternate text                                                                                                     | Must Fix    | WCAG 1.1.1             |
+| scrollable-region-focusable | Ensure elements that have scrollable content are accessible by keyboard                                                                               | Must Fix    | WCAG 2.1.1             |
+| select-name                 | Ensures select element has an accessible name                                                                                                         | Must Fix    | WCAG 4.1.2             |
+| server-side-image-map       | Ensures that server-side image maps are not used                                                                                                      | Good to Fix | WCAG 2.1.1             |
+| svg-img-alt                 | Ensures `<svg>` elements with an img, graphics-document or graphics-symbol role have an accessible text                                               | Must Fix    | WCAG 1.1.1             |
+| td-headers-attr             | Ensure that each cell in a table that uses the headers attribute refers only to other cells in that table                                             | Must Fix    | WCAG 1.3.1             |
+| th-has-data-cells           | Ensure that `<th>` elements and elements with role=columnheader/rowheader have data cells they describe                                               | Must Fix    | WCAG 1.3.1             |
+| video-caption               | Ensures `<video>` elements have captions                                                                                                              | Must Fix    | WCAG 1.2.2             |
+
+## WCAG 2.0 Level AA
+
+| Issue ID       | Issue Description                                                                                               | Severity | Conformance |
+| -------------- | --------------------------------------------------------------------------------------------------------------- | -------- | ----------- |
+| color-contrast | Ensures the contrast between foreground and background colors meets WCAG 2 AA minimum contrast ratio thresholds | Must Fix | WCAG 1.4.3  |
+| meta-viewport  | Ensures `<meta name="viewport">` does not disable text scaling and zooming                                      | Must Fix | WCAG 1.4.4  |
+| valid-lang     | Ensures lang attributes have valid values                                                                       | Must Fix | WCAG 3.1.2  |
+
+## WCAG 2.1 Level AA
+
+| Issue ID             | Issue Description                                                                             | Severity | Conformance |
+| -------------------- | --------------------------------------------------------------------------------------------- | -------- | ----------- |
+| autocomplete-valid   | Ensure the autocomplete attribute is correct and suitable for the form field                  | Must Fix | WCAG 1.3.5  |
+| avoid-inline-spacing | Ensure that text spacing set through style attributes can be adjusted with custom stylesheets | Must Fix | WCAG 1.4.12 |
+
+## WCAG 2.2 Level AA
+
+| Issue ID    | Issue Description                                  | Severity | Conformance |
+| ----------- | -------------------------------------------------- | -------- | ----------- |
+| target-size | Ensure touch target have sufficient size and space | Must Fix | WCAG 2.5.8  |
+
+## WCAG 2.x Level AAA
+
+| Issue ID                     | Issue Description                                                                                                | Severity    | Conformance            |
+| ---------------------------- | ---------------------------------------------------------------------------------------------------------------- | ----------- | ---------------------- |
+| color-contrast-enhanced      | Ensure the contrast between foreground and background colors meets WCAG 2 AAA enhanced contrast ratio thresholds | Must Fix    | WCAG 1.4.6             |
+| identical-links-same-purpose | Ensure that links with the same accessible name serve a similar purpose                                          | Good to Fix | WCAG 2.4.9             |
+| meta-refresh-no-exceptions   | Ensure <meta http-equiv="refresh"> is not used for delayed refresh                                               | Good to Fix | WCAG 2.2.4, WCAG 3.2.5 |
+
+## Best Practice
+
+| Issue ID                            | Issue Description                                                                                                                              | Severity    |
+| ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
+| accesskeys                          | Ensures every accesskey attribute value is unique                                                                                              | Must Fix    |
+| aria-allowed-role                   | Ensures role attribute has an appropriate value for the element                                                                                | Good to Fix |
+| aria-dialog-name                    | Ensures every ARIA dialog and alertdialog node has an accessible name                                                                          | Must Fix    |
+| aria-text                           | Ensures role="text" is used on elements with no focusable descendants                                                                          | Must Fix    |
+| aria-treeitem-name                  | Ensures every ARIA treeitem node has an accessible name                                                                                        | Must Fix    |
+| empty-heading                       | Ensures headings have discernible text                                                                                                         | Good to Fix |
+| empty-table-header                  | Ensures table headers have discernible text                                                                                                    | Good to Fix |
+| frame-tested                        | Ensures `<iframe>` and `<frame>` elements contain the axe-core script                                                                          | Must Fix    |
+| heading-order                       | Ensures the order of headings is semantically correct                                                                                          | Good to Fix |
+| image-redundant-alt                 | Ensure image alternative is not repeated as text                                                                                               | Good to Fix |
+| label-title-only                    | Ensures that every form element has a visible label and is not solely labeled using hidden labels, or the title or aria-describedby attributes | Must Fix    |
+| landmark-banner-is-top-level        | Ensures the banner landmark is at top level                                                                                                    | Good to Fix |
+| landmark-complementary-is-top-level | Ensures the complementary landmark or aside is at top level                                                                                    | Good to Fix |
+| landmark-contentinfo-is-top-level   | Ensures the contentinfo landmark is at top level                                                                                               | Good to Fix |
+| landmark-main-is-top-level          | Ensures the main landmark is at top level                                                                                                      | Good to Fix |
+| landmark-no-duplicate-banner        | Ensures the document has at most one banner landmark                                                                                           | Good to Fix |
+| landmark-no-duplicate-contentinfo   | Ensures the document has at most one contentinfo landmark                                                                                      | Good to Fix |
+| landmark-no-duplicate-main          | Ensures the document has at most one main landmark                                                                                             | Good to Fix |
+| landmark-one-main                   | Ensures the document has a main landmark                                                                                                       | Good to Fix |
+| landmark-unique                     | Landmarks should have a unique role or role/label/title (i.e. accessible name) combination                                                     | Good to Fix |
+| meta-viewport-large                 | Ensures `<meta name="viewport">` can scale a significant amount                                                                                | Good to Fix |
+| page-has-heading-one                | Ensure that the page, or at least one of its frames contains a level-one heading                                                               | Good to Fix |
+| presentation-role-conflict          | Elements marked as presentational should not have global ARIA or tabindex to ensure all screen readers ignore them                             | Good to Fix |
+| region                              | Ensures all page content is contained by landmarks                                                                                             | Good to Fix |
+| scope-attr-valid                    | Ensures the scope attribute is used correctly on tables                                                                                        | Good to Fix |
+| skip-link                           | Ensure all skip links have a focusable target                                                                                                  | Good to Fix |
+| tabindex                            | Ensures tabindex attribute values are not greater than 0                                                                                       | Must Fix    |
+| table-duplicate-name                | Ensure the `<caption>` element does not contain the same text as the summary attribute                                                         | Good to Fix |

package/Dockerfile

@@ -0,0 +1,60 @@
+# Use Node LTS alpine distribution
+FROM node:lts-alpine3.18
+
+# Installation of packages for oobee and chromium
+RUN apk add build-base gcompat g++ make python3 zip bash git chromium openjdk11-jre
+
+# Installation of VeraPDF
+RUN echo $'<?xml version="1.0" encoding="UTF-8" standalone="no"?> \n\
+<AutomatedInstallation langpack="eng"> \n\
+    <com.izforge.izpack.panels.htmlhello.HTMLHelloPanel id="welcome"/> \n\
+    <com.izforge.izpack.panels.target.TargetPanel id="install_dir"> \n\
+        <installpath>/opt/verapdf</installpath> \n\
+    </com.izforge.izpack.panels.target.TargetPanel> \n\
+    <com.izforge.izpack.panels.packs.PacksPanel id="sdk_pack_select"> \n\
+        <pack index="0" name="veraPDF GUI" selected="true"/> \n\
+        <pack index="1" name="veraPDF Batch files" selected="true"/> \n\
+        <pack index="2" name="veraPDF Validation model" selected="false"/> \n\
+        <pack index="3" name="veraPDF Documentation" selected="false"/> \n\
+        <pack index="4" name="veraPDF Sample Plugins" selected="false"/> \n\
+    </com.izforge.izpack.panels.packs.PacksPanel> \n\
+    <com.izforge.izpack.panels.install.InstallPanel id="install"/> \n\
+    <com.izforge.izpack.panels.finish.FinishPanel id="finish"/> \n\
+</AutomatedInstallation> ' >> /opt/verapdf-auto-install-docker.xml
+
+RUN wget "https://github.com/GovTechSG/oobee/releases/download/cache/verapdf-installer.zip" -P /opt
+RUN unzip /opt/verapdf-installer.zip -d /opt
+RUN latest_version=$(ls -d /opt/verapdf-greenfield-* | sort -V | tail -n 1) && [ -n "$latest_version" ] && \
+    "$latest_version/verapdf-install" "/opt/verapdf-auto-install-docker.xml"
+RUN rm -rf /opt/verapdf-installer.zip /opt/verapdf-greenfield-*
+
+# Set oobee directory
+WORKDIR /app
+
+# Copy package.json to working directory, perform npm install before copying the remaining files
+COPY package*.json ./
+
+# Environment variables for node and Playwright
+ENV NODE_ENV=production
+ENV PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD="true"
+ENV PLAYWRIGHT_BROWSERS_PATH="/opt/ms-playwright"
+ENV PATH="/opt/verapdf:${PATH}"
+
+# Install dependencies
+RUN npm install --force --omit=dev
+
+# Install Playwright browsers
+RUN npx playwright install chromium webkit
+
+# Add non-privileged user
+RUN addgroup -S oobee && adduser -S -G oobee oobee
+RUN chown -R oobee:oobee ./
+
+# Run everything after as non-privileged user.
+USER oobee
+
+# Copy application and support files
+COPY . .
+
+# Compile TypeScript
+RUN npm run build || true  # true exits with code 0 - temp workaround until errors are resolved