@mcptoolshop/accessibility-suite 0.1.0 → 0.2.0

package/docs/rules.md

@@ -0,0 +1,132 @@
+# Accessibility Rule Guidelines
+
+This document provides explanations and remediation steps for common accessibility findings reported by the `a11y-ci` suite.
+
+## Index
+
+- [Image Missing Alt Text](#a11yimgalt)
+- [Form Missing Label](#a11yformlabel)
+- [Duplicate Form Label ID](#a11yformduplicate)
+- [Button Missing Name](#a11ybtnname)
+- [Link Missing Name](#a11ylinkname)
+- [Color Contrast](#a11ycolorcontrast)
+- [Document Title](#a11ydoctitle)
+- [Document Language](#a11yhtmllang)
+- [Area Alt Text](#a11yareaalt)
+- [ARIA Roles](#a11yariaroles)
+- [Heading Order](#a11yheadingorder)
+- [Viewport Zoom](#a11ymetaviewport)
+
+---
+
+### <a id="a11yimgalt"></a>Image Missing Alt Text (A11Y.IMG.ALT)
+
+**Why it matters:**  
+Screen reader users rely on alternative text to understand the content and function of images. Without it, they might hear "image" or a filename, missing context.
+
+**How to fix:**
+- **Informative Images:** Add `alt="Description of image"` covering the visual meaning.
+- **Decorative Images:** Add `alt=""` (empty string) so assistive technology ignores it.
+- **Complex Images:** Use `aria-describedby` or a caption if a short alt text isn't enough.
+
+---
+
+### <a id="a11yformlabel"></a>Form Missing Label (A11Y.FORM.LABEL)
+
+**Why it matters:**  
+Users need to know what data is expected in a form field. Visual labels help everyone; programmatic labels allow screen readers to announce the field's purpose when focused.
+
+**How to fix:**
+- **Best:** Use a visible `<label for="input-id">Label Text</label>`.
+- **Alternative:** Use `aria-label="Label Text"` if no visual label is possible (e.g. search icon).
+- **Alternative:** Use `aria-labelledby="id-of-visible-text"`.
+
+---
+
+### <a id="a11ybtnname"></a>Button Missing Name (A11Y.BTN.NAME)
+
+**Why it matters:**  
+Buttons without names are often announced as just "Button" to screen reader users, providing no clue about what action will occur.
+
+**How to fix:**
+- **Text Content:** Ensure the button has text content inside the `<button>` tag.
+- **Icon Buttons:** If using an icon, add `aria-label="Action Name"` or visually hidden text.
+
+---
+
+### <a id="a11ylinkname"></a>Link Missing Name (A11Y.LINK.NAME)
+
+**Why it matters:**  
+Links must have discernable text so users can understand the destination. "Click here" or empty links are major barriers.
+
+**How to fix:**
+- Ensure the anchor tag `<a>` contains text.
+- If using an icon-only link, use `aria-label` to describe the destination.
+
+---
+
+### <a id="a11ycolorcontrast"></a>Low Color Contrast (A11Y.COLOR.CONTRAST)
+
+**Why it matters:**  
+Low contrast text is difficult or impossible for users with low vision or color blindness to read.
+
+**How to fix:**
+- Ensure a contrast ratio of at least **4.5:1** for normal text.
+- Ensure a contrast ratio of at least **3.0:1** for large text (18pt+ or 14pt+ bold).
+
+---
+
+### <a id="a11ydoctitle"></a>Missing Document Title (A11Y.DOC.TITLE)
+
+**Why it matters:**  
+The page title is the first thing a screen reader user hears. It allows users to orient themselves and distinguish between open tabs.
+
+**How to fix:**
+- Ensure the `<title>` element exists in the `<head>`.
+- Provide a unique, descriptive title for every page (e.g., "Checkout - Store Name").
+
+---
+
+### <a id="clicoloronly"></a>Color-Only Information (CLI.COLOR.ONLY)
+
+**Why it matters:**  
+conveying information only via color (like red for error) excludes users who are colorblind or using text-only interfaces.
+
+**How to fix:**
+- Add text prefixes (e.g., `Error:`, `Warning:`).
+- Use icons or symbols alongside color.
+
+---
+
+### <a id="a11yhtmllang"></a>Document Language (A11Y.HTML.LANG)
+
+**Why it matters:**  
+Screen readers use the page language to select the correct pronunciation and voice. Without it, the reader might read French content with an English accent.
+
+**How to fix:**
+- Add a `lang` attribute to `<html>` (e.g., `<html lang="en">`).
+
+### <a id="a11yareaalt"></a>Area Alt Text (A11Y.AREA.ALT)
+
+**Why it matters:**  
+Image map areas are interactive. Without alt text, keyboard and screen reader users won't know where the link leads.
+
+**How to fix:**
+- Add an `alt` attribute to every `<area>` element.
+
+### <a id="a11yariaroles"></a>Invalid ARIA Roles (A11Y.ARIA.ROLES)
+
+**Why it matters:**  
+Assistive technologies rely on standard role definitions. Made-up roles (e.g., `role="login-button"`) are ignored, leaving the user without context.
+
+**How to fix:**
+- Use only valid WAI-ARIA roles (e.g., `button`, `search`, `navigation`).
+
+### <a id="a11yheadingorder"></a>Heading Order (A11Y.HEADING.ORDER)
+
+**Why it matters:**  
+Headings provide the main navigation structure for screen reader users. Skipping levels (h1 -> h4) creates a confusing mental model.
+
+**How to fix:**
+- Ensure headings increment by one level at a time (h2 follows h1, h3 follows h2).
+

package/docs/unified-artifacts.md

@@ -0,0 +1,52 @@
+# Unified Artifact Strategy (Phase 5.3)
+
+## Objective
+Standardize artifact generation, storage, and consumption across all Accessibility Suite tools (`a11y-lint`, `a11y-assist`, `a11y-ci`).
+
+## Directory Structure
+All tools and CI pipelines must default to using `.a11y_artifacts/` as the root directory for outputs.
+
+```
+.a11y_artifacts/
+├── evidence/                  # Signed/Verifiable Evidence
+│   ├── a11y-lint.json        # Raw lint results (schema: cli.error.v0.1)
+│   ├── a11y-gate.json        # Gate decision results
+│   └── provenance.json       # Build/Environment provenance
+├── reports/                   # Human-Readable Reports
+│   ├── a11y-report.md        # Combined/Summary report
+│   ├── a11y-report.html      # (Optional) HTML visualization
+│   └── pr-comment.md         # Generated PR comment content
+└── logs/                      # Debugging & Audit
+    ├── a11y-lint.log
+    ├── a11y-assist.log
+    └── a11y-ci.log
+```
+
+## Tool Responsibilities
+
+### 1. a11y-lint
+- **Input**: Target text/file.
+- **Output**: `evidence/a11y-lint.json` (Structured findings).
+- **Format**: `cli.error.v0.1` schema.
+
+### 2. a11y-ci
+- **Input**: `evidence/a11y-lint.json`.
+- **Output**: 
+    - `evidence/a11y-gate.json` (Pass/Fail decision).
+    - `reports/a11y-report.md` (Summary).
+    - `reports/pr-comment.md` (Platform-specific comment).
+
+### 3. a11y-assist
+- **Input**: `evidence/a11y-lint.json` (or raw logs).
+- **Output**: `logs/a11y-assist.log` (Recovery steps).
+
+## CI Integration
+CI Pipelines (GitHub Actions, Azure DevOps) must:
+1. Create `.a11y_artifacts/` before execution.
+2. Configure tools to output to this directory.
+3. Publish the entire `.a11y_artifacts/` folder as a build artifact named `a11y-reports`.
+
+## Implementation Plan
+1. Update `a11y-ci` to accept an `--artifact-dir` flag (or default to `.a11y_artifacts`).
+2. Update `a11y-lint` to support structured output to a specific path more easily.
+3. Update CI templates to use this structure.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcptoolshop/accessibility-suite",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "Unified monorepo for accessibility testing, evidence generation, and compliance tooling",
   "keywords": [
     "accessibility",

package/pipelines/templates/a11y-ci.yml

@@ -0,0 +1,135 @@
+# Drop-in template for Azure DevOps pipelines
+parameters:
+  - name: current
+    type: string
+    default: ''
+  - name: baseline
+    type: string
+    default: ''
+  - name: allowlist
+    type: string
+    default: ''
+  - name: failOn
+    type: string
+    default: 'serious'
+  - name: top
+    type: number
+    default: 10
+  - name: emitMcp
+    type: boolean
+    default: true
+  - name: platform
+    type: string
+    default: 'ado'
+  - name: artifactName
+    type: string
+    default: 'a11y-artifacts'
+  - name: postComment
+    type: boolean
+    default: true
+
+steps:
+  - task: PowerShell@2
+    displayName: 'Accessibility Gate'
+    inputs:
+      targetType: 'inline'
+      script: |
+        $scriptPath = "$(Build.SourcesDirectory)/tools/ado/a11y-ci.ps1"
+        if (-not (Test-Path $scriptPath)) {
+            Write-Error "Wrapper script not found at $scriptPath. Ensure repo is checked out."
+            exit 1 # Internal error
+        }
+        
+        # Execute wrapper, pass parameters
+        # Note: PowerShell arguments need care with quotes/spaces
+        $params = @{
+            Current = "${{ parameters.current }}"
+            FailOn = "${{ parameters.failOn }}"
+            Top = ${{ parameters.top }}
+            Platform = "${{ parameters.platform }}"
+            PostComment = [bool]::Parse("${{ parameters.postComment }}")
+        }
+        
+        if ("${{ parameters.baseline }}" -ne "") { $params['Baseline'] = "${{ parameters.baseline }}" }
+        if ("${{ parameters.allowlist }}" -ne "") { $params['Allowlist'] = "${{ parameters.allowlist }}" }
+        
+        & $scriptPath @params
+        exit $LASTEXITCODE
+      
+      failOnStderr: false # Allow stderr (a11y-ci logs) without failing task immediately, check exit code
+      ignoreLASTEXITCODE: false # We handle exit code manually? No, task fails on non-zero.
+      # Wait, task fails if exit code != 0.
+      # Gate failure (3) IS a failure. So task SHOULD fail.
+      # But we want artifacts published even on failure.
+      continueOnError: true # This makes the *pipeline* continue even if task fails (so later steps run)
+    env:
+      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+
+  - task: PublishPipelineArtifact@1
+    displayName: 'Publish Accessibility Artifacts'
+    condition: always()
+
+    inputs:
+      targetPath: 'artifacts/a11y'
+      artifact: '${{ parameters.artifactName }}'
+      publishLocation: 'pipeline'
+
+  - task: PowerShell@2
+    displayName: 'Post PR Comment'
+    condition: and(succeededOrFailed(), eq('${{ parameters.postComment }}', 'true'), eq(variables['Build.Reason'], 'PullRequest'))
+    inputs:
+      targetType: 'inline'
+      script: |
+        $commentPath = "artifacts/a11y/comment.md"
+        if (Test-Path $commentPath) {
+            # Use separate script for posting if needed, or inline REST call
+            # For simplicity, let's keep it minimal here or use a reusable task?
+            # Inline REST call
+            
+            $content = Get-Content -Raw $commentPath
+            $marker = "<!-- a11y-ci-sticky-comment -->"
+            $body = "$marker`n$content"
+            
+            $collectionUri = "$(System.CollectionUri)"
+            $repoId = "$(Build.Repository.ID)"
+            $prId = "$(System.PullRequest.PullRequestId)"
+            $project = "$(System.TeamProject)"
+            
+            $url = "$collectionUri$project/_apis/git/repositories/$repoId/pullRequests/$prId/threads?api-version=6.0"
+            
+            # Auth header
+            $header = @{ Authorization = "Bearer $(System.AccessToken)" }
+            
+            try {
+                # List threads to find existing
+                $threads = Invoke-RestMethod -Uri $url -Method Get -Headers $header
+                $existing = $threads.value | Where-Object { $_.comments[0].content -match "<!-- a11y-ci-sticky-comment -->" }
+                
+                if ($existing) {
+                    # Update (requires finding comment ID inside thread)
+                    $threadId = $existing.id
+                    $commentId = $existing.comments[0].id
+                    $updateUrl = "$collectionUri$project/_apis/git/repositories/$repoId/pullRequests/$prId/threads/$threadId/comments/$commentId?api-version=6.0"
+                    
+                    $payload = @{ content = $body; commentType = "text" } | ConvertTo-Json
+                    Invoke-RestMethod -Uri $updateUrl -Method Patch -Headers $header -Body $payload -ContentType "application/json"
+                    Write-Host "Updated comment on thread $threadId"
+                }
+                else {
+                    # Create new thread
+                    $payload = @{
+                        comments = @(
+                            @{ parentCommentId = 0; content = $body; commentType = "text" }
+                        )
+                        status = "active"
+                    } | ConvertTo-Json -Depth 5
+                    
+                    Invoke-RestMethod -Uri $url -Method Post -Headers $header -Body $payload -ContentType "application/json"
+                    Write-Host "Created new comment thread"
+                }
+            }
+            catch {
+                Write-Warning "Failed to post PR comment: $_"
+                # Do not fail the build for comment issues
+            }
+        }

package/pipelines/test-a11y-ci-template.yml

@@ -0,0 +1,36 @@
+trigger: none # Manual test
+
+pool:
+  vmImage: 'windows-latest'
+
+steps:
+  - checkout: self
+
+  - task: UsePythonVersion@0
+    inputs:
+      versionSpec: '3.11'
+
+  - script: |
+      pip install ./src/a11y-ci
+    displayName: 'Install a11y-ci'
+
+  - powershell: |
+      @{ "meta" = @{ "tool" = "test" }; "findings" = @() } | ConvertTo-Json | Out-File pass.json
+      @{ "meta" = @{ "tool" = "test" }; "findings" = @(@{ "id" = "FAIL"; "severity" = "serious" }) } | ConvertTo-Json | Out-File fail.json
+    displayName: 'Create Fixtures'
+
+  - template: templates/a11y-ci.yml
+    parameters:
+      current: 'pass.json'
+      failOn: 'serious'
+      platform: 'ado'
+      postComment: true
+      artifactName: 'artifacts-pass'
+
+  - template: templates/a11y-ci.yml
+    parameters:
+      current: 'fail.json'
+      failOn: 'serious'
+      platform: 'ado'
+      postComment: true
+      artifactName: 'artifacts-fail'

package/scripts/verify_handbooks.py

@@ -0,0 +1,97 @@
+import os
+import sys
+import re
+
+# Paths relative to the monorepo root
+HANDBOOKS_DIR = "docs/handbooks"
+REQUIRED_HANDBOOKS = [
+    "A11Y-LINT.md",
+    "A11Y-CI.md",
+    "A11Y-MCP-TOOLS.md",
+    "A11Y-ASSIST.md",
+    "A11Y-EVIDENCE-ENGINE.md",
+    "A11Y-DEMO-SITE.md",
+    "ALLY-DEMO-PYTHON.md",
+    "CURSORASSIST.md",
+]
+REDIRECT_REPOS = [
+    "../a11y-lint",
+    "../a11y-ci",
+    "../a11y-assist",
+    "../a11y-mcp-tools",
+    "../a11y-evidence-engine",
+    "../a11y-demo-site",
+    "../ally-demo-python",
+]
+
+def check_file_exists(path):
+    if not os.path.exists(path):
+        print(f"FAILED: File not found: {path}")
+        return False
+    return True
+
+def check_content(path, pattern, description):
+    with open(path, "r", encoding="utf-8") as f:
+        content = f.read()
+        if not re.search(pattern, content, re.IGNORECASE | re.MULTILINE):
+            print(f"FAILED: {path} missing {description} (Pattern: {pattern})")
+            return False
+    return True
+
+def verify_handbooks():
+    success = True
+    print("Verifying Handbooks...")
+
+    # 1. Check Index
+    index_path = os.path.join(HANDBOOKS_DIR, "README.md")
+    if check_file_exists(index_path):
+        print(f"OK: {index_path} exists")
+        # Check for links to required handbooks
+        for hb in REQUIRED_HANDBOOKS:
+            if not check_content(index_path, re.escape(hb), f"link to {hb}"):
+                success = False
+            else:
+                print(f"OK: Index links to {hb}")
+    else:
+        success = False
+
+    # 2. Check Tool Handbooks for Quickstart
+    for hb in REQUIRED_HANDBOOKS:
+        path = os.path.join(HANDBOOKS_DIR, hb)
+        if check_file_exists(path):
+            if not check_content(path, r"^## Quickstart", "Quickstart section"):
+                success = False
+            else:
+                print(f"OK: {hb} has Quickstart")
+        else:
+            success = False
+
+    # 3. Check Redirects (if repos exist in workspace)
+    print("\nVerifying Redirects...")
+    for repo_path in REDIRECT_REPOS:
+        handbook_path = os.path.join(repo_path, "HANDBOOK.md")
+        # Resolve relative to script execution location (assuming repo root)
+        # Note: script will be run from repo root
+        if os.path.exists(repo_path):
+            if check_file_exists(handbook_path):
+                 # Check for the correct redirect link
+                 expected_link = "mcp-tool-shop-org/accessibility-suite"
+                 if not check_content(handbook_path, re.escape(expected_link), "redirect link to monorepo"):
+                     success = False
+                 else:
+                     print(f"OK: {repo_path} redirects correctly")
+            else:
+                print(f"WARNING: {repo_path} exists but HANDBOOK.md missing")
+                # Not necessarily a failure if we haven't migrated everything, but good to know
+        else:
+            print(f"SKIP: Repo {repo_path} not found in workspace (external?)")
+
+    return success
+
+if __name__ == "__main__":
+    # Ensure current directory is accessible
+    # Expected execution: python scripts/verify_handbooks.py from repo root
+    if not verify_handbooks():
+        sys.exit(1)
+    print("\nSUCCESS: All handbook checks passed.")
+    sys.exit(0)

package/src/a11y-assist/README.md

@@ -1,3 +1,8 @@
+
+<p align="center">
+  <img src="../../assets/a11y-logo.png" alt="a11y suite logo" width="150"/>
+</p>
+
 # a11y-assist
 
 ![assist](https://img.shields.io/badge/assist-low--vision--first-blue)

package/src/a11y-ci/.a11y_artifacts_test/current.scorecard.json

@@ -0,0 +1,11 @@
+{
+  "meta": {
+    "tool": "a11y-lint",
+    "version": "0.1.0"
+  },
+  "findings": [
+    { "severity": "serious", "id": "TEST.001", "message": "msg" },
+    { "severity": "serious", "id": "TEST.002", "message": "msg" },
+    { "severity": "serious", "id": "TEST.003", "message": "msg" }
+  ]
+}

package/src/a11y-ci/.a11y_artifacts_test/evidence.json

@@ -0,0 +1,52 @@
+{
+  "tool": "a11y-ci",
+  "tool_version": "0.1.0",
+  "run_id": "0f06f15a-502e-4dbe-a0e7-578d1950bfd9",
+  "timestamp": "2026-02-15T02:22:16.703367+00:00",
+  "repo": null,
+  "commit_sha": null,
+  "workflow": null,
+  "gate": {
+    "decision": "fail",
+    "exit_code": 3,
+    "fail_on": "serious",
+    "counts": {
+      "info": 0,
+      "minor": 0,
+      "moderate": 0,
+      "serious": 3,
+      "critical": 0
+    },
+    "deltas": {}
+  },
+  "blocking": [
+    {
+      "id": "TEST.001",
+      "fingerprint": "7c61e0b75cae921316221a4e5c756285e3e8837086df60a627332fbdf53c7196",
+      "severity": "serious",
+      "message": "msg",
+      "location": null
+    },
+    {
+      "id": "TEST.002",
+      "fingerprint": "ed70b4e75a112074812a72be997ffe074ff9d0eec48fe4b0a7d00fc15d546782",
+      "severity": "serious",
+      "message": "msg",
+      "location": null
+    },
+    {
+      "id": "TEST.003",
+      "fingerprint": "1fb34777b302157e998e8db92c9be20c9e1316649c2edfb825151dcaca45df56",
+      "severity": "serious",
+      "message": "msg",
+      "location": null
+    }
+  ],
+  "artifacts": [
+    {
+      "kind": "scorecard",
+      "path": ".a11y_artifacts_test\\current.scorecard.json",
+      "sha256": "93d6c211476cb614b30e30256c9644d7b7694d0a67ca72bfc0a872cb4fb57196"
+    }
+  ]
+}

package/src/a11y-ci/.a11y_artifacts_test/gate-result.json

@@ -0,0 +1,41 @@
+{
+  "gate": "FAIL",
+  "timestamp": "ISO8601-TODO",
+  "counts": {
+    "info": 0,
+    "minor": 0,
+    "moderate": 0,
+    "serious": 3,
+    "critical": 0
+  },
+  "baseline_counts": null,
+  "reasons": [
+    "Current run has 3 finding(s) at or above 'serious'."
+  ],
+  "blocking": {
+    "current_ids": [
+      "TEST.001",
+      "TEST.002",
+      "TEST.003"
+    ],
+    "details": [
+      {
+        "id": "TEST.001",
+        "help_url": null,
+        "help_hint": null
+      },
+      {
+        "id": "TEST.002",
+        "help_url": null,
+        "help_hint": null
+      },
+      {
+        "id": "TEST.003",
+        "help_url": null,
+        "help_hint": null
+      }
+    ],
+    "new_ids": [],
+    "new_fingerprints": []
+  }
+}

package/src/a11y-ci/.a11y_artifacts_test/report.txt

@@ -0,0 +1,19 @@
+[ERROR] Accessibility gate failed (ID: A11Y.CI.GATE.FAIL)
+
+What:
+  Accessibility policy violations were detected.
+  
+  Summary:
+    Serious: 3
+
+Why:
+  Current run has 3 finding(s) at or above 'serious'.
+
+Fix:
+  Address the listed findings or update the baseline.
+  Run local check: a11y-ci gate --current <path>
+  
+  Blocking IDs (Top 10):
+  - TEST.001
+  - TEST.002
+  - TEST.003