npm - @govtechsg/oobee - Versions diffs - 0.10.92 → 0.10.94 - Mend

@govtechsg/oobee 0.10.92 → 0.10.94

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

package/dist/crawlers/crawlSitemap.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import crawlee, { EnqueueStrategy, RequestList } from 'crawlee';
 import { CrawlRateController } from './crawlRateController.js';
-import { createCrawleeSubFolders, getPreLaunchHook, preNavigationHooks, runAxeScript, } from './commonCrawlerFunc.js';
+import { createCrawleeSubFolders, getPreLaunchHook, preNavigationHooks, runAxeScript, splitAuthHeaders, } from './commonCrawlerFunc.js';
 import constants, { STATUS_CODE_METADATA, guiInfoStatusTypes, disallowedListOfPatterns, FileTypes, } from '../constants/constants.js';
 import { getLinksFromSitemap, getPlaywrightLaunchOptions, isSkippedUrl, waitForPageLoaded, isFilePath, } from '../constants/common.js';
 import { areLinksEqual, isFollowStrategy, isWhitelistedContentType, normUrl, register } from '../utils.js';
@@ -13,6 +13,7 @@ const crawlSitemap = async ({ sitemapUrl, randomToken, host, viewportSettings, m
     let durationExceeded = false;
     let isAbortingScan = false;
     const rateController = new CrawlRateController(maxRequestsPerCrawl, specifiedMaxConcurrency || constants.maxConcurrency);
+    const initialNoSuccessFailureAbortThreshold = Math.max(5, Math.min(maxRequestsPerCrawl, 25));
     if (fromCrawlIntelligentSitemap) {
         dataset = datasetFromIntelligent;
         urlsCrawled = urlsCrawledFromIntelligent;
@@ -33,6 +34,7 @@ const crawlSitemap = async ({ sitemapUrl, randomToken, host, viewportSettings, m
     const isScanPdfs = [FileTypes.All, FileTypes.PdfOnly].includes(fileTypes);
     const { playwrightDeviceDetailsObject } = viewportSettings;
     const { maxConcurrency } = constants;
+    const { nonAuthHeaders, httpCredentials } = splitAuthHeaders(extraHTTPHeaders);
     const requestList = await RequestList.open({
         sources: linksFromSitemap,
     });
@@ -53,11 +55,15 @@ const crawlSitemap = async ({ sitemapUrl, randomToken, host, viewportSettings, m
                         ...playwrightDeviceDetailsObject,
                         ...(process.env.OOBEE_USER_AGENT && { userAgent: process.env.OOBEE_USER_AGENT }),
                         ...(process.env.OOBEE_DISABLE_BROWSER_DOWNLOAD && { acceptDownloads: false }),
+                        ...(nonAuthHeaders && { extraHTTPHeaders: nonAuthHeaders }),
+                        ...(httpCredentials && { httpCredentials }),
                     };
                 },
             ],
         },
         requestList,
+        maxRequestRetries: 3,
+        maxSessionRotations: 1,
         postNavigationHooks: [
             async ({ page }) => {
                 try {
@@ -104,6 +110,7 @@ const crawlSitemap = async ({ sitemapUrl, randomToken, host, viewportSettings, m
             },
         ],
         preNavigationHooks: [
+            ...preNavigationHooks(extraHTTPHeaders),
             async ({ request, page }, gotoOptions) => {
                 const url = request.url.toLowerCase();
                 const isNotSupportedDocument = disallowedListOfPatterns.some(pattern => url.startsWith(pattern));
@@ -114,7 +121,6 @@ const crawlSitemap = async ({ sitemapUrl, randomToken, host, viewportSettings, m
                     // console.log(`[SKIP] Not supported: ${request.url}`);
                     return;
                 }
-                preNavigationHooks(extraHTTPHeaders);
             },
         ],
         requestHandlerTimeoutSecs: 90,
@@ -310,6 +316,12 @@ const crawlSitemap = async ({ sitemapUrl, randomToken, host, viewportSettings, m
                 httpStatusCode: typeof status === 'number' ? status : 0,
             });
             crawlee.log.error(`Failed Request - ${request.url}: ${request.errorMessages}`);
+            if (urlsCrawled.scanned.length === 0 &&
+                urlsCrawled.error.length >= initialNoSuccessFailureAbortThreshold) {
+                consoleLogger.info(`Aborting sitemap crawl: ${urlsCrawled.error.length} failed pages with 0 successful scans.`);
+                isAbortingScan = true;
+                crawler.autoscaledPool?.abort();
+            }
         },
         maxRequestsPerCrawl: Infinity,
         maxConcurrency: specifiedMaxConcurrency || maxConcurrency,

package/dist/crawlers/custom/utils.js CHANGED Viewed

@@ -1064,15 +1064,28 @@ export const initNewPage = async (page, pageClosePromises, processPageParams, pa
                 return;
             const allowed = isOverlayAllowed(page.url(), processPageParams.entryUrl);
             if (!allowed) {
-                await Promise.race([
-                    removeOverlayMenu(page),
-                    new Promise((_, reject) => {
-                        setTimeout(() => {
-                            reject(new Error(`removeOverlayMenu timed out after ${OVERLAY_OPERATION_TIMEOUT_MS}ms`));
-                        }, OVERLAY_OPERATION_TIMEOUT_MS);
-                    }),
-                ]);
-                return;
+                // On macOS and Windows the custom flow always runs headful.
+                // The URL guard (urlGuard.ts) intercepts non-http/https navigations
+                // and calls page.goto(safeUrl). Do NOT remove the overlay here —
+                // removing it causes it to stay permanently disabled if the redirect
+                // races ahead of the next reconcile cycle.
+                // Instead, fall through to the hasOverlay / addOverlayMenu block so
+                // the overlay is (re-)injected even on transient non-http/https URLs
+                // (e.g. file://, about:blank) and again after the guard's redirect.
+                const isDesktopHost = process.platform === 'darwin' || process.platform === 'win32';
+                if (!isDesktopHost) {
+                    // On Linux / Docker: remove overlay for non-http/https URLs and stop.
+                    await Promise.race([
+                        removeOverlayMenu(page),
+                        new Promise((_, reject) => {
+                            setTimeout(() => {
+                                reject(new Error(`removeOverlayMenu timed out after ${OVERLAY_OPERATION_TIMEOUT_MS}ms`));
+                            }, OVERLAY_OPERATION_TIMEOUT_MS);
+                        }),
+                    ]);
+                    return;
+                }
+                // Desktop hosts: skip removal and fall through to re-add overlay.
             }
             const hasOverlay = await page.evaluate(() => Boolean(document.querySelector('#oobeeShadowHost')));
             consoleLogger.info(`Overlay state (${trigger}): ${hasOverlay}`);

package/dist/crawlers/guards/urlGuard.js CHANGED Viewed

@@ -30,8 +30,20 @@ export function addUrlGuardScript(context, opts = {}) {
             // page may have closed before addInitScript completed; safe to ignore
         });
         const restoreToSafeUrl = async (page, attemptedUrl) => {
+            const safeUrl = lastAllowedUrlByPage.get(page) || fallbackUrl || 'about:blank';
+            // Only redirect if the safe URL is itself an allowed (http/https) URL.
+            // If the entry URL is file:// (e.g. scanning a local HTML file), the
+            // fallback is also file://, and redirecting would create an infinite loop:
+            //   file:// → restoreToSafeUrl → file:// → framenavigated → restoreToSafeUrl → …
+            try {
+                const safeObj = new URL(safeUrl);
+                if (!ALLOWED_PROTOCOLS.has(safeObj.protocol))
+                    return;
+            }
+            catch {
+                return;
+            }
             try {
-                const safeUrl = lastAllowedUrlByPage.get(page) || fallbackUrl || 'about:blank';
                 await page.goto(safeUrl, { waitUntil: 'domcontentloaded' });
             }
             catch {
@@ -53,6 +65,12 @@ export function addUrlGuardScript(context, opts = {}) {
                 lastAllowedUrlByPage.set(page, urlObj.toString());
                 return;
             }
+            // Skip browser-internal transitional states (about:blank, about:srcdoc, etc.).
+            // page.goto() navigates through about:blank before loading the target URL.
+            // Redirecting from about: creates an infinite loop:
+            //   restoreToSafeUrl → page.goto(safeUrl) → about:blank → restoreToSafeUrl → …
+            if (urlObj.protocol === 'about:')
+                return;
             await restoreToSafeUrl(page, urlStr);
         });
     };

package/dist/crawlers/runCustom.js CHANGED Viewed

@@ -1,5 +1,5 @@
 /* eslint-env browser */
-import { createCrawleeSubFolders } from './commonCrawlerFunc.js';
+import { createCrawleeSubFolders, splitAuthHeaders, addAuthRouteHandler } from './commonCrawlerFunc.js';
 import { cleanUpAndExit, register, registerSoftClose } from '../utils.js';
 import constants, { getIntermediateScreenshotsPath, guiInfoStatusTypes, } from '../constants/constants.js';
 import { initNewPage, log } from './custom/utils.js';
@@ -18,7 +18,7 @@ export class ProcessPageParams {
         this.randomToken = randomToken;
     }
 }
-const runCustom = async (url, randomToken, browserToRun, userDataDirectory, viewportSettings, blacklistedPatterns, includeScreenshots, initialCustomFlowLabel) => {
+const runCustom = async (url, randomToken, browserToRun, userDataDirectory, viewportSettings, blacklistedPatterns, includeScreenshots, initialCustomFlowLabel, extraHTTPHeaders) => {
     // checks and delete datasets path if it already exists
     process.env.CRAWLEE_STORAGE_DIR = randomToken;
     const urlsCrawled = { ...constants.urlsCrawledObj };
@@ -47,6 +47,7 @@ const runCustom = async (url, randomToken, browserToRun, userDataDirectory, view
             ...baseArgs.filter(a => !a.startsWith('--window-size') && a !== '--start-maximized'),
             ...customArgs,
         ];
+        const { authHeader, nonAuthHeaders, httpCredentials } = splitAuthHeaders(extraHTTPHeaders);
         const context = await constants.launcher.launchPersistentContext(userDataDirectory, {
             ...baseLaunchOptions,
             args: mergedArgs,
@@ -56,7 +57,12 @@ const runCustom = async (url, randomToken, browserToRun, userDataDirectory, view
             viewport: null,
             ...(hasCustomViewport ? contextDeviceOptions : {}),
             userAgent: process.env.OOBEE_USER_AGENT || deviceUserAgent,
+            ...(nonAuthHeaders && { extraHTTPHeaders: nonAuthHeaders }),
+            ...(httpCredentials && { httpCredentials }),
         });
+        if (authHeader) {
+            await addAuthRouteHandler(context, url, authHeader);
+        }
         register(context);
         processPageParams.stopAll = async () => {
             try {

package/dist/generateOobeeClientScanner.js CHANGED Viewed

@@ -51,7 +51,7 @@ const SENTRY_NODE_VERSION = (() => {
         return _require('@sentry/node/package.json').version;
     }
     catch {
-        return '9.47.1'; // safe fallback matching currently installed version
+        return '10.58.0'; // safe fallback matching currently installed version
     }
 })();
 // ---------------------------------------------------------------------------

package/dist/mergeAxeResults/itemsStore.js CHANGED Viewed

@@ -1,9 +1,11 @@
 import fs from 'fs-extra';
 import path from 'path';
 import readline from 'readline';
+import { consoleLogger } from '../logs.js';
 export class ItemsStore {
     constructor(storagePath) {
         this.ensuredDirs = new Set();
+        this.fileWriteQueues = new Map();
         this.basePath = path.join(storagePath, 'tmp-items');
     }
     sanitizeRuleId(ruleId) {
@@ -22,8 +24,25 @@ export class ItemsStore {
     async appendPageItems(category, ruleId, entry) {
         await this.ensureDir(category);
         const filePath = this.getRuleFilePath(category, ruleId);
-        const line = JSON.stringify(entry) + '\n';
-        await fs.appendFile(filePath, line, 'utf8');
+        let line = JSON.stringify(entry);
+        // JSON.stringify should never produce literal newlines inside strings, but HTML content
+        // from page evaluation may contain edge-case characters (e.g. unescaped control chars in
+        // non-spec-compliant innerHTML). Strip any embedded \r or \n that would break JSONL format readline parsing.
+        line = line.replace(/[\n\r]/g, (match) => {
+            if (match === '\n')
+                return '\\n';
+            if (match === '\r')
+                return '\\r';
+            return match;
+        });
+        line += '\n';
+        // Serialize writes per rule file to avoid concurrent append interleaving/truncation.
+        const previous = this.fileWriteQueues.get(filePath) ?? Promise.resolve();
+        const next = previous.then(() => fs.appendFile(filePath, line, 'utf8'));
+        this.fileWriteQueues.set(filePath, next.catch(() => {
+            // Keep queue alive for subsequent writes.
+        }));
+        await next;
     }
     async *readRuleItems(category, ruleId) {
         const filePath = this.getRuleFilePath(category, ruleId);
@@ -31,10 +50,19 @@ export class ItemsStore {
             return;
         const fileStream = fs.createReadStream(filePath, { encoding: 'utf8' });
         const rl = readline.createInterface({ input: fileStream, crlfDelay: Infinity });
+        let lineNumber = 0;
         for await (const line of rl) {
-            if (line.trim()) {
+            lineNumber += 1;
+            if (!line.trim())
+                continue;
+            try {
                 yield JSON.parse(line);
             }
+            catch (error) {
+                // Tolerate malformed/truncated JSONL lines (e.g. interrupted append) so report generation can continue.
+                const preview = line.slice(0, 200);
+                consoleLogger.warn(`Skipping malformed itemsStore JSONL line ${lineNumber} in ${filePath}: ${error.message}. Content preview: ${preview}`);
+            }
         }
     }
     async readRuleItemsMap(category, ruleId) {
@@ -46,6 +74,7 @@ export class ItemsStore {
         return map;
     }
     async cleanup() {
+        await Promise.all(this.fileWriteQueues.values());
         await fs.rm(this.basePath, { recursive: true, force: true });
     }
 }

package/dist/static/ejs/partials/components/allIssues/CategoryBadges.ejs CHANGED Viewed

@@ -7,6 +7,7 @@
         <button
           type="button"
           class="category-tooltip-icon"
+          aria-label="About Must Fix category"
           aria-describedby="mustFixTooltip"
         >
           <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14"
@@ -34,6 +35,7 @@
         <button
           type="button"
           class="category-tooltip-icon"
+          aria-label="About Good to Fix category"
           aria-describedby="goodToFixTooltip"
         >
           <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14"
@@ -61,6 +63,7 @@
         <button
           type="button"
           class="category-tooltip-icon"
+          aria-label="About Manual Test category"
           aria-describedby="manualTestTooltip"
         >
           <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14"

package/dist/static/ejs/partials/components/allIssues/IssuesTable.ejs CHANGED Viewed

@@ -2,21 +2,21 @@
   <table class="issues-table" id="issuesTable">
     <thead>
       <tr>
-        <th class="sortable" role="button" tabindex="0" aria-sort="none" style="width: 15%;">
+        <th class="sortable" tabindex="0" aria-sort="none" style="width: 15%;">
           <span>Severity</span>
           <svg class="sort-icon" width="24" height="24" viewBox="0 0 24 24" fill="none" aria-hidden="true">
             <path d="M7 9L12 4L17 9H7Z" fill="currentColor" opacity="1" />
             <path d="M7 15L12 20L17 15H7Z" fill="currentColor" opacity="0.3" />
           </svg>
         </th>
-        <th class="sortable" role="button" tabindex="0" aria-sort="none">
+        <th class="sortable" tabindex="0" aria-sort="none">
           <span>Issue Name</span>
           <svg class="sort-icon" width="24" height="24" viewBox="0 0 24 24" fill="none" aria-hidden="true">
             <path d="M7 9L12 4L17 9H7Z" fill="currentColor" opacity="0.3" />
             <path d="M7 15L12 20L17 15H7Z" fill="currentColor" opacity="1" />
           </svg>
         </th>
-        <th class="sortable" role="button" tabindex="0" aria-sort="descending" style="width: 15%;">
+        <th class="sortable" tabindex="0" aria-sort="descending" style="width: 15%;">
           <span>Occurrence</span>
           <svg class="sort-icon" width="24" height="24" viewBox="0 0 24 24" fill="none" aria-hidden="true">
             <path d="M7 9L12 4L17 9H7Z" fill="currentColor" opacity="0.3" />

package/dist/static/ejs/partials/components/header/aboutScanModal/AboutScanModal.ejs CHANGED Viewed

@@ -1,4 +1,4 @@
-<div id="aboutScanModal" class="modal fade" tabindex="-1" aria-labelledby="aboutScanModalLabel" aria-hidden="true">
+<div id="aboutScanModal" class="modal fade" tabindex="-1" aria-label="About this scan" aria-hidden="true">
   <div class="modal-dialog modal-dialog-centered">
     <div class="modal-content">
       <div class="modal-header">

package/dist/static/ejs/partials/components/header/aboutScanModal/ScanConfiguration.ejs CHANGED Viewed

@@ -5,17 +5,17 @@
     </h2>
     <%- include('../../scannedPagesSegmentedTabs') %>
     <div class="seg-panels">
-      <div id="pages-scanned" role="tabpanel">
+      <div id="pages-scanned" role="tabpanel" aria-labelledby="seg-scanned">
         <ul id="pagesScannedList" class="unbulleted-list">
           <!-- dynamically populated -->
         </ul>
       </div>
-      <div id="pages-not-scanned" role="tabpanel" hidden>
+      <div id="pages-not-scanned" role="tabpanel" aria-labelledby="seg-not-scanned" hidden>
         <ul id="pagesNotScannedList" class="unbulleted-list">
           <!-- dynamically populated -->
         </ul>
       </div>
-      <div id="pages-unsupported" role="tabpanel" hidden>
+      <div id="pages-unsupported" role="tabpanel" aria-labelledby="seg-unsupported" hidden>
         <ul id="unsupportedDocsList" class="unbulleted-list">
           <!-- dynamically populated -->
         </ul>

package/dist/static/ejs/partials/components/header/aboutScanModal/ScanDetails.ejs CHANGED Viewed

@@ -1,5 +1,5 @@
 <aside id="scan-about" class="about-scan-details-left">
-  <h1>About this scan</h1>
+  <h1 id="aboutScanModalLabel">About this scan</h1>
   <ul>
     <li>
       <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
@@ -33,7 +33,9 @@
       </span>
     </li>
-    <hr class="about-scan-divider" />
+    <li class="about-scan-divider-item" aria-hidden="true">
+      <hr class="about-scan-divider" />
+    </li>
     <% if (viewport !== null) { %>
       <li>
@@ -64,7 +66,7 @@
         type="button"
         class="js-view-btn about-scan-toggle"
         aria-controls="view-crawl"
-        aria-selected="true"
+        aria-expanded="true"
       >
         <div class="d-flex">
           <div class="about-scan-link-row">
@@ -82,30 +84,33 @@
         <path d="M13.2346 8.78333C13.2668 8.53333 13.2828 8.275 13.2828 8C13.2828 7.73333 13.2668 7.46667 13.2266 7.21667L14.857 5.9C15.0016 5.78333 15.0418 5.55833 14.9534 5.39167L13.4113 2.625C13.315 2.44167 13.1142 2.38333 12.9375 2.44167L11.0179 3.24167C10.6163 2.925 10.1906 2.65833 9.71675 2.45833L9.42761 0.341667C9.39548 0.141667 9.23485 0 9.04209 0H5.95791C5.76515 0 5.61255 0.141667 5.58042 0.341667L5.29128 2.45833C4.81741 2.65833 4.3837 2.93333 3.99015 3.24167L2.07057 2.44167C1.89387 2.375 1.69308 2.44167 1.5967 2.625L0.0626475 5.39167C-0.0337329 5.56667 -0.00160615 5.78333 0.159028 5.9L1.78946 7.21667C1.7493 7.46667 1.71718 7.74167 1.71718 8C1.71718 8.25833 1.73324 8.53333 1.7734 8.78333L0.142964 10.1C-0.00160614 10.2167 -0.0417645 10.4417 0.0465841 10.6083L1.58867 13.375C1.68505 13.5583 1.88584 13.6167 2.06254 13.5583L3.98212 12.7583C4.3837 13.075 4.80938 13.3417 5.28325 13.5417L5.57239 15.6583C5.61255 15.8583 5.76515 16 5.95791 16H9.04209C9.23485 16 9.39548 15.8583 9.41958 15.6583L9.70872 13.5417C10.1826 13.3417 10.6163 13.075 11.0099 12.7583L12.9294 13.5583C13.1061 13.625 13.3069 13.5583 13.4033 13.375L14.9454 10.6083C15.0418 10.425 15.0016 10.2167 14.849 10.1L13.2346 8.78333ZM7.5 11C5.90972 11 4.60859 9.65 4.60859 8C4.60859 6.35 5.90972 5 7.5 5C9.09028 5 10.3914 6.35 10.3914 8C10.3914 9.65 9.09028 11 7.5 11Z" fill="#686868"/>
       </svg>
-      <div>
-        Advanced scan options enabled
+      <div class="advanced-group-content">
+        <div>
+          Advanced scan options enabled
+        </div>
+        <ul class="advanced-sublist">
+          <% if (advancedScanOptionsSummaryItems.showIncludeScreenshots) { %>
+            <li class="advanced-sublist-li">Include screenshots</li>
+          <% } %>
+          <% if (advancedScanOptionsSummaryItems.showAllowSubdomains) { %>
+            <li class="advanced-sublist-li">Allow subdomains for scans</li>
+          <% } %>
+          <% if (advancedScanOptionsSummaryItems.showEnableCustomChecks) { %>
+            <li class="advanced-sublist-li">Enable custom checks</li>
+          <% } %>
+          <% if (advancedScanOptionsSummaryItems.showEnableWcagAaa) { %>
+            <li class="advanced-sublist-li">Enable WCAG AAA checks</li>
+          <% } %>
+          <% if (advancedScanOptionsSummaryItems.showSlowScanMode) { %>
+            <li class="advanced-sublist-li">Slow scan mode</li>
+          <% } %>
+          <% if (advancedScanOptionsSummaryItems.showAdhereRobots) { %>
+            <li class="advanced-sublist-li">Adhere to robots.txt</li>
+          <% } %>
+        </ul>
       </div>
     </li>
-    <ul class="advanced-sublist">
-      <% if (advancedScanOptionsSummaryItems.showIncludeScreenshots) { %>
-        <li class="advanced-sublist-li">Include screenshots</li>
-      <% } %>
-      <% if (advancedScanOptionsSummaryItems.showAllowSubdomains) { %>
-        <li class="advanced-sublist-li">Allow subdomains for scans</li>
-      <% } %>
-      <% if (advancedScanOptionsSummaryItems.showEnableCustomChecks) { %>
-        <li class="advanced-sublist-li">Enable custom checks</li>
-      <% } %>
-      <% if (advancedScanOptionsSummaryItems.showEnableWcagAaa) { %>
-        <li class="advanced-sublist-li">Enable WCAG AAA checks</li>
-      <% } %>
-      <% if (advancedScanOptionsSummaryItems.showSlowScanMode) { %>
-        <li class="advanced-sublist-li">Slow scan mode</li>
-      <% } %>
-      <% if (advancedScanOptionsSummaryItems.showAdhereRobots) { %>
-        <li class="advanced-sublist-li">Adhere to robots.txt</li>
-      <% } %>
-    </ul>
     <li>
       <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
@@ -115,7 +120,7 @@
         type="button"
         class="js-view-btn about-scan-toggle"
         aria-controls="view-wcag"
-        aria-selected="false"
+        aria-expanded="false"
       >
         <span class="wcag-criteria-label">
           WCAG Automated Testing
@@ -131,7 +136,9 @@
       </button>
     </li>
-    <hr class="about-scan-divider" />
+    <li class="about-scan-divider-item" aria-hidden="true">
+      <hr class="about-scan-divider" />
+    </li>
     <li>
       <span id="oobeeAppVersion" class="oobee-version-text">N/A</span>

package/dist/static/ejs/partials/components/ruleModal/ruleOffcanvas.ejs CHANGED Viewed

@@ -129,6 +129,7 @@
                     <div
                       id="pagesAccordionContent"
                       class="accordion-collapse collapse"
+                      role="region"
                       aria-labelledby="pagesAccordionHeader"
                       data-bs-parent="#pagesAccordion"
                     >

package/dist/static/ejs/partials/components/scannedPagesSegmentedTabs.ejs CHANGED Viewed

@@ -1,9 +1,12 @@
 <div class="segmented-tabs" role="tablist" aria-label="Crawl views">
   <button
     type="button"
+    id="seg-scanned"
     class="seg-pill"
+    role="tab"
     aria-controls="pages-scanned"
     aria-selected="true"
+    tabindex="0"
     data-tab-target="#pages-scanned"
   >
     <span id="totalPagesScannedLabel">
@@ -18,8 +21,10 @@
     type="button"
     id="seg-not-scanned"
     class="seg-pill"
+    role="tab"
     aria-controls="pages-not-scanned"
     aria-selected="false"
+    tabindex="-1"
     data-tab-target="#pages-not-scanned"
   >
     <span id="totalPagesNotScannedLabel">
@@ -34,8 +39,10 @@
     type="button"
     id="seg-unsupported"
     class="seg-pill"
+    role="tab"
     aria-controls="pages-unsupported"
     aria-selected="false"
+    tabindex="-1"
     data-tab-target="#pages-unsupported"
   >
     <span id="totalUnsupportedDocsLabel">

package/dist/static/ejs/partials/components/wcagCoverageDetails.ejs CHANGED Viewed

@@ -1,15 +1,15 @@
 <div id="wcagCoverage" class="my-3">
-  <h5 class="fw-semibold mb-2">
-    <span id="wcagAALabelCount">20</span> (A &amp; AA) WCAG Success Criteria
-  </h5>
+  <h3 class="wcag-criteria-heading fw-semibold mb-2">
+    <span id="wcagAALabelCount">20</span> (A & AA) WCAG Success Criteria
+  </h3>
   <div class="wcag-box">
     <ul id="wcagLinksListAA" class="wcag-grid list-unstyled m-0">
       <!-- dynamically populated -->
     </ul>
   </div>
-  <h5 class="fw-semibold mt-4 mb-2">
+  <h3 class="wcag-criteria-heading fw-semibold mt-4 mb-2">
     <span id="wcagAAALabelCount">6</span> (AAA) WCAG Success Criteria
-  </h5>
+  </h3>
   <div class="wcag-box">
     <ul id="wcagLinksListAAA" class="wcag-grid list-unstyled m-0">
       <!-- dynamically populated -->

package/dist/static/ejs/partials/scripts/header/aboutScanModal/AboutScanModal.ejs CHANGED Viewed

@@ -6,8 +6,8 @@
     function showPane(targetId) {
       // hide all panes
       panes.forEach(p => p.hidden = true);
-      // deselect all buttons
-      btns.forEach(b => b.setAttribute('aria-selected', 'false'));
+      // collapse all buttons
+      btns.forEach(b => b.setAttribute('aria-expanded', 'false'));
       // show the requested pane
       const pane = document.getElementById(targetId);
@@ -16,7 +16,7 @@
         // mark the controlling button active
         const btn = btns.find(b => b.getAttribute('aria-controls') === targetId);
-        if (btn) btn.setAttribute('aria-selected', 'true');
+        if (btn) btn.setAttribute('aria-expanded', 'true');
         // move focus to the pane heading for screen readers/keyboard users
         const h = pane.querySelector('h4, h3, h2, [role="heading"]');

package/dist/static/ejs/partials/scripts/prioritiseIssues/PrioritiseIssues.ejs CHANGED Viewed

@@ -84,11 +84,13 @@
                 : '';
             return `
-              <li class="priority-issue-item d-flex g-one" data-rule-id="${issue.ruleId}" role="button" tabindex="0">
-                <div class="d-flex justify-content-between align-items-center w-90">
-                    <div class="priority-issue-title">${issue.description}</div>
-                    ${disabilityBadges}
-                </div>
+              <li class="priority-issue-item" data-rule-id="${issue.ruleId}">
+                <button type="button" class="priority-issue-action d-flex g-one" aria-pressed="false">
+                  <div class="d-flex justify-content-between align-items-center w-90">
+                      <div class="priority-issue-title">${issue.description}</div>
+                      ${disabilityBadges}
+                  </div>
+                </button>
               </li>
             `;
           })
@@ -122,7 +124,7 @@
               data-bs-parent="#prioritiseIssuesAccordion"
             >
               <div class="accordion-body">
-                <ul class="priority-issues-list">
+                <ul class="priority-issues-list" aria-label="Priority issues">
                   ${issuesListHTML}
                 </ul>
               </div>
@@ -135,19 +137,25 @@
     accordionContainer.innerHTML = accordionHTML;
     document.querySelectorAll('.priority-issue-item').forEach(item => {
+      const actionButton = item.querySelector('.priority-issue-action');
+      if (!actionButton) return;
       const selectIssue = function () {
         const ruleId = item.getAttribute('data-rule-id');
         document.querySelectorAll('.priority-issue-item').forEach(el => {
           el.classList.remove('active');
-          el.setAttribute('aria-selected', 'false');
+          const button = el.querySelector('.priority-issue-action');
+          if (button) {
+            button.setAttribute('aria-pressed', 'false');
+          }
         });
         document.querySelectorAll('.priority-issue-title').forEach(el => {
           el.classList.remove('active');
         });
         item.classList.add('active');
-        item.setAttribute('aria-selected', 'true');
+        actionButton.setAttribute('aria-pressed', 'true');
         const title = item.querySelector('.priority-issue-title');
         if (title) {
           title.classList.add('active');
@@ -167,16 +175,7 @@
         }
       };
-      // Click handler
-      item.addEventListener('click', selectIssue);
-      // Keyboard handler
-      item.addEventListener('keydown', function (event) {
-        if (event.key === 'Enter' || event.key === ' ') {
-          event.preventDefault();
-          selectIssue();
-        }
-      });
+      actionButton.addEventListener('click', selectIssue);
     });
     // Automatically open first accordion and select first issue
@@ -197,7 +196,10 @@
       const firstIssueItem = document.querySelector('.priority-issue-item');
       if (firstIssueItem) {
         firstIssueItem.classList.add('active');
-        firstIssueItem.setAttribute('aria-selected', 'true');
+        const firstIssueButton = firstIssueItem.querySelector('.priority-issue-action');
+        if (firstIssueButton) {
+          firstIssueButton.setAttribute('aria-pressed', 'true');
+        }
         const firstIssueTitle = firstIssueItem.querySelector('.priority-issue-title');
         if (firstIssueTitle) {
           firstIssueTitle.classList.add('active');