@govtechsg/oobee 0.10.49 → 0.10.50
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/image.yml +54 -1
- package/REPORTS.md +1 -1
- package/package.json +1 -1
- package/src/constants/constants.ts +4 -4
- package/src/mergeAxeResults.ts +5 -0
|
@@ -44,7 +44,11 @@ jobs:
|
|
|
44
44
|
oobee-portable-windows.zip
|
|
45
45
|
|
|
46
46
|
mac-install-oobee:
|
|
47
|
-
runs-on:
|
|
47
|
+
runs-on: macos-latest
|
|
48
|
+
env:
|
|
49
|
+
CER_B64: ${{ secrets.ORG_DEVELOPER_ID_APPLICATION_CERT_CER }}
|
|
50
|
+
P12_B64: ${{ secrets.ORG_DEVELOPER_ID_APPLICATION_PRIVATEKEY_P12 }}
|
|
51
|
+
P12_PASSWORD: ${{ secrets.ORG_DEVELOPER_ID_APPLICATION_PRIVATEKEY_P12_PASSWORD }}
|
|
48
52
|
environment: macos
|
|
49
53
|
|
|
50
54
|
steps:
|
|
@@ -70,6 +74,51 @@ jobs:
|
|
|
70
74
|
run: |
|
|
71
75
|
./install_oobee_dependencies.command
|
|
72
76
|
|
|
77
|
+
- name: Decode & import certs into temporary keychain
|
|
78
|
+
run: |
|
|
79
|
+
# --- prepare tmp dir ---
|
|
80
|
+
mkdir -p /tmp/signing
|
|
81
|
+
|
|
82
|
+
# --- decode into /tmp ---
|
|
83
|
+
echo "$CER_B64" | openssl base64 -d -A > /tmp/signing/developer_id_application.cer
|
|
84
|
+
echo "$P12_B64" | openssl base64 -d -A > /tmp/signing/developer_id_application.p12
|
|
85
|
+
|
|
86
|
+
# --- create & unlock keychain ---
|
|
87
|
+
security create-keychain -p "" build.keychain
|
|
88
|
+
security set-keychain-settings -lut 7200 build.keychain
|
|
89
|
+
security list-keychains -s build.keychain
|
|
90
|
+
security default-keychain -s build.keychain
|
|
91
|
+
security unlock-keychain -p "" build.keychain
|
|
92
|
+
|
|
93
|
+
# --- import cert + key, grant codesign access ---
|
|
94
|
+
security import /tmp/signing/developer_id_application.cer \
|
|
95
|
+
-k build.keychain \
|
|
96
|
+
-T /usr/bin/codesign
|
|
97
|
+
security import /tmp/signing/developer_id_application.p12 \
|
|
98
|
+
-k build.keychain \
|
|
99
|
+
-P "$P12_PASSWORD" \
|
|
100
|
+
-T /usr/bin/codesign
|
|
101
|
+
|
|
102
|
+
# 1) Unlock it (just to be safe)
|
|
103
|
+
security unlock-keychain -p "" build.keychain
|
|
104
|
+
|
|
105
|
+
# 2) Allow codesign to use the key without prompting
|
|
106
|
+
security set-key-partition-list \
|
|
107
|
+
-S apple-tool:,apple: \
|
|
108
|
+
-s -k "" \
|
|
109
|
+
build.keychain
|
|
110
|
+
|
|
111
|
+
# --- delete entire tmp dir ---
|
|
112
|
+
rm -rf -v /tmp/signing/* && rm -rf /tmp/signing
|
|
113
|
+
|
|
114
|
+
- name: Locate signing identity
|
|
115
|
+
id: find_identity
|
|
116
|
+
run: |
|
|
117
|
+
ID=$(security find-identity -v -p codesigning build.keychain \
|
|
118
|
+
| grep "Developer ID Application:" \
|
|
119
|
+
| sed -E 's/^[[:space:]]*[0-9]+\) ([^"]+).*$/\1/')
|
|
120
|
+
echo "id=$ID" >> $GITHUB_OUTPUT
|
|
121
|
+
|
|
73
122
|
- name: Sign required binaries for MacOS
|
|
74
123
|
run: |
|
|
75
124
|
# Find a valid code signing certificate in your keychain for distribution outside Mac App Store
|
|
@@ -89,6 +138,10 @@ jobs:
|
|
|
89
138
|
fi
|
|
90
139
|
done
|
|
91
140
|
|
|
141
|
+
- name: Cleanup keychain
|
|
142
|
+
if: always()
|
|
143
|
+
run: security delete-keychain build.keychain
|
|
144
|
+
|
|
92
145
|
- name: Zip entire Purple folder (Mac)
|
|
93
146
|
run: |
|
|
94
147
|
zip oobee-portable-mac.zip -y -r ./
|
package/REPORTS.md
CHANGED
|
@@ -377,7 +377,7 @@ In scanPagesSummary.json and scanPagesDetail,json, within each `pagesNotScanned`
|
|
|
377
377
|
| 101 | 101 – Switching Protocols |
|
|
378
378
|
| 102 | 102 – Processing |
|
|
379
379
|
| 103 | 103 – Early Hints |
|
|
380
|
-
| 200 |
|
|
380
|
+
| 200 | Oobee was not able to scan the page due to access restrictions or compatibility issues |
|
|
381
381
|
| 204 | 204 – No Content |
|
|
382
382
|
| 205 | 205 – Reset Content |
|
|
383
383
|
| 300 | 300 – Multiple Choices |
|
package/package.json
CHANGED
|
@@ -352,7 +352,7 @@ const wcagLinks = {
|
|
|
352
352
|
'WCAG 1.2.2': 'https://www.w3.org/TR/WCAG22/#captions-prerecorded',
|
|
353
353
|
'WCAG 1.3.1': 'https://www.w3.org/TR/WCAG22/#info-and-relationships',
|
|
354
354
|
// 'WCAG 1.3.4': 'https://www.w3.org/TR/WCAG22/#orientation', - TODO: review for veraPDF
|
|
355
|
-
'WCAG 1.3.5': 'https://www.w3.org/TR/WCAG22/#
|
|
355
|
+
'WCAG 1.3.5': 'https://www.w3.org/TR/WCAG22/#identify-input-purpose',
|
|
356
356
|
'WCAG 1.4.1': 'https://www.w3.org/TR/WCAG22/#use-of-color',
|
|
357
357
|
'WCAG 1.4.2': 'https://www.w3.org/TR/WCAG22/#audio-control',
|
|
358
358
|
'WCAG 1.4.3': 'https://www.w3.org/TR/WCAG22/#contrast-minimum',
|
|
@@ -360,7 +360,7 @@ const wcagLinks = {
|
|
|
360
360
|
'WCAG 1.4.6': 'https://www.w3.org/TR/WCAG22/#contrast-enhanced', // AAA
|
|
361
361
|
// 'WCAG 1.4.10': 'https://www.w3.org/TR/WCAG22/#reflow', - TODO: review for veraPDF
|
|
362
362
|
'WCAG 1.4.12': 'https://www.w3.org/TR/WCAG22/#text-spacing',
|
|
363
|
-
'WCAG 2.1.1': 'https://www.w3.org/TR/WCAG22/#
|
|
363
|
+
'WCAG 2.1.1': 'https://www.w3.org/TR/WCAG22/#keyboard',
|
|
364
364
|
'WCAG 2.2.1': 'https://www.w3.org/TR/WCAG22/#timing-adjustable',
|
|
365
365
|
'WCAG 2.2.2': 'https://www.w3.org/TR/WCAG22/#pause-stop-hide',
|
|
366
366
|
'WCAG 2.2.4': 'https://www.w3.org/TR/WCAG22/#interruptions', // AAA
|
|
@@ -370,7 +370,7 @@ const wcagLinks = {
|
|
|
370
370
|
'WCAG 2.4.9': 'https://www.w3.org/TR/WCAG22/#link-purpose-link-only', // AAA
|
|
371
371
|
'WCAG 2.5.8': 'https://www.w3.org/TR/WCAG22/#target-size-minimum',
|
|
372
372
|
'WCAG 3.1.1': 'https://www.w3.org/TR/WCAG22/#language-of-page',
|
|
373
|
-
'WCAG 3.1.2': 'https://www.w3.org/TR/WCAG22/#
|
|
373
|
+
'WCAG 3.1.2': 'https://www.w3.org/TR/WCAG22/#language-of-parts',
|
|
374
374
|
'WCAG 3.1.5': 'https://www.w3.org/TR/WCAG22/#reading-level', // AAA
|
|
375
375
|
'WCAG 3.2.5': 'https://www.w3.org/TR/WCAG22/#change-on-request', // AAA
|
|
376
376
|
'WCAG 3.3.2': 'https://www.w3.org/TR/WCAG22/#labels-or-instructions',
|
|
@@ -497,7 +497,7 @@ export const STATUS_CODE_METADATA: Record<number,string> = {
|
|
|
497
497
|
599: 'Uncommon Response Status Code Received',
|
|
498
498
|
|
|
499
499
|
// This is Status OK but thrown when the crawler cannot scan the page
|
|
500
|
-
200: '
|
|
500
|
+
200: 'Oobee was not able to scan the page due to access restrictions or compatibility issues',
|
|
501
501
|
|
|
502
502
|
// 1xx - Informational
|
|
503
503
|
100: '100 - Continue',
|
package/src/mergeAxeResults.ts
CHANGED
|
@@ -1532,6 +1532,7 @@ function populateScanPagesDetail(allIssues: AllIssues): void {
|
|
|
1532
1532
|
|
|
1533
1533
|
// Send WCAG criteria breakdown to Sentry
|
|
1534
1534
|
const sendWcagBreakdownToSentry = async (
|
|
1535
|
+
appVersion: string,
|
|
1535
1536
|
wcagBreakdown: Map<string, number>,
|
|
1536
1537
|
ruleIdJson: any,
|
|
1537
1538
|
scanInfo: {
|
|
@@ -1557,6 +1558,9 @@ const sendWcagBreakdownToSentry = async (
|
|
|
1557
1558
|
const tags: Record<string, string> = {};
|
|
1558
1559
|
const wcagCriteriaBreakdown: Record<string, any> = {};
|
|
1559
1560
|
|
|
1561
|
+
// Tag app version
|
|
1562
|
+
tags['version'] = appVersion;
|
|
1563
|
+
|
|
1560
1564
|
// Get dynamic WCAG criteria map once
|
|
1561
1565
|
const wcagCriteriaMap = await getWcagCriteriaMap();
|
|
1562
1566
|
|
|
@@ -2023,6 +2027,7 @@ const generateArtifacts = async (
|
|
|
2023
2027
|
// Always send WCAG breakdown to Sentry, even if no violations were found
|
|
2024
2028
|
// This ensures that all criteria are reported, including those with 0 occurrences
|
|
2025
2029
|
await sendWcagBreakdownToSentry(
|
|
2030
|
+
oobeeAppVersion,
|
|
2026
2031
|
wcagOccurrencesMap,
|
|
2027
2032
|
ruleIdJson,
|
|
2028
2033
|
{
|