@mcptoolshop/accessibility-suite 0.1.0 → 0.2.0

package/src/a11y-ci/a11y_ci/help.py

@@ -0,0 +1,119 @@
+"""Rule help registry for actionable fixes."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass
+from typing import Dict, Optional
+
+
+@dataclass(frozen=True)
+class HelpInfo:
+    """Help information for a finding."""
+
+    title: str
+    hint: str
+    url: str
+
+
+# Base URL for rule documentation
+DOCS_BASE_URL = "https://github.com/microsoft/accessibility-suite/blob/main/docs/rules.md"
+
+
+def _make_url(anchor: str) -> str:
+    """Generate a URL for a rule anchor."""
+    return f"{DOCS_BASE_URL}#{anchor}"
+
+
+# Static registry of help info
+_REGISTRY: Dict[str, HelpInfo] = {
+    # Images
+    "A11Y.IMG.ALT": HelpInfo(
+        title="Missing Image Alt Text",
+        hint="Add an 'alt' attribute describing the image content, or alt='' if decorative.",
+        url=_make_url("a11yimgalt"),
+    ),
+    
+    # Forms
+    "A11Y.FORM.LABEL": HelpInfo(
+        title="Missing Form Label",
+        hint="Ensure every input has a <label>, aria-label, or aria-labelledby.",
+        url=_make_url("a11yformlabel"),
+    ),
+    "A11Y.FORM.DUPLICATE": HelpInfo(
+        title="Duplicate Form Label ID",
+        hint="Ensure every 'for' attribute points to a unique input ID.",
+        url=_make_url("a11yformduplicate"),
+    ),
+    
+    # Interactive Elements
+    "A11Y.BTN.NAME": HelpInfo(
+        title="Button Missing Name",
+        hint="Buttons must have text content or an aria-label.",
+        url=_make_url("a11ybtnname"),
+    ),
+    "A11Y.LINK.NAME": HelpInfo(
+        title="Link Missing Name",
+        hint="Links must have text content or an aria-label to be navigable.",
+        url=_make_url("a11ylinkname"),
+    ),
+    "A11Y.AREA.ALT": HelpInfo(
+        title="Missing Area Alt Text",
+        hint="<area> elements must have an 'alt' attribute describing the target.",
+        url=_make_url("a11yareaalt"),
+    ),
+    
+    # Structure & ARIA
+    "A11Y.HTML.LANG": HelpInfo(
+        title="Missing Document Language",
+        hint="The <html> element must have a 'lang' attribute (e.g., lang='en').",
+        url=_make_url("a11yhtmllang"),
+    ),
+    "A11Y.ARIA.ROLES": HelpInfo(
+        title="Invalid ARIA Role",
+        hint="Ensure role attributes use valid WAI-ARIA values.",
+        url=_make_url("a11yariaroles"),
+    ),
+    "A11Y.ARIA.ATTR": HelpInfo(
+        title="Invalid ARIA Attribute",
+        hint="Ensure aria-* attributes are valid and allowed on this element.",
+        url=_make_url("a11yariaattr"),
+    ),
+    "A11Y.HEADING.ORDER": HelpInfo(
+        title="Skipped Heading Level",
+        hint="Headings should follow a valid sequence (h1 -> h2 -> h3). Do not skip levels.",
+        url=_make_url("a11yheadingorder"),
+    ),
+    
+    # Perception
+    "A11Y.COLOR.CONTRAST": HelpInfo(
+        title="Low Color Contrast",
+        hint="Ensure text contrast ratio matches WCAG requirements (4.5:1 normal, 3:1 large).",
+        url=_make_url("a11ycolorcontrast"),
+    ),
+    "A11Y.META.VIEWPORT": HelpInfo(
+        title="Zoom Disabled",
+        hint="Do not block user zooming. Remove 'user-scalable=no' or 'maximum-scale' from viewport.",
+        url=_make_url("a11ymetaviewport"),
+    ),
+    "A11Y.DOC.TITLE": HelpInfo(
+        title="Missing Document Title",
+        hint="The <title> element must be present and non-empty.",
+        url=_make_url("a11ydoctitle"),
+    ),
+    # Legacy/Fixture IDs
+    "CLI.COLOR.ONLY": HelpInfo(
+        title="Color-Only Information",
+        hint="Do not rely solely on color to convey meaning; use text or icons too.",
+        url=_make_url("clicoloronly"),
+    ),
+}
+
+
+def get_help(finding_id: str) -> Optional[HelpInfo]:
+    """Get help info for a finding ID (case-insensitive normalization)."""
+    if not finding_id:
+        return None
+    
+    # Normalize: uppercase, trimmed
+    key = finding_id.strip().upper()
+    return _REGISTRY.get(key)

package/src/a11y-ci/a11y_ci/mcp_payload.py

@@ -0,0 +1,124 @@
+"""
+MCP payload generation for accessibility evidence.
+"""
+
+from __future__ import annotations
+
+import datetime
+import hashlib
+import json
+import os
+import uuid
+from typing import Any, Dict, List, Optional
+
+from . import __version__
+from .gate import GateResult
+from .help import get_help
+from .scorecard import Scorecard, compute_fingerprint, finding_id
+
+
+def sha256_file(path: str) -> str | None:
+    """Compute SHA256 hash of a file, returning None if not found."""
+    try:
+        with open(path, "rb") as f:
+            digest = hashlib.sha256()
+            while chunk := f.read(8192):
+                digest.update(chunk)
+            return digest.hexdigest()
+    except (FileNotFoundError, PermissionError):
+        return None
+
+
+def build_mcp_payload(
+    result: GateResult,
+    scorecard: Scorecard,
+    fail_on: str,
+    artifacts: List[Dict[str, str]],
+) -> Dict[str, Any]:
+    """Build the structured MCP evidence payload."""
+    
+    # 1. Environment metadata
+    env_repo = os.environ.get("GITHUB_REPOSITORY")
+    env_sha = os.environ.get("GITHUB_SHA")
+    env_workflow = os.environ.get("GITHUB_WORKFLOW")
+    env_run_id = os.environ.get("GITHUB_RUN_ID")
+
+    # 2. Gate details
+    gate_info = {
+        "decision": "pass" if result.ok else "fail",
+        "exit_code": 0 if result.ok else 3,
+        "fail_on": fail_on,
+        "counts": result.current_counts,
+        "deltas": {},  # Could populate if baseline comparison logic exposed logic for deltas
+    }
+    
+    # Calculate deltas if baseline exists
+    if result.baseline_counts:
+        deltas = {}
+        for severity, count in result.current_counts.items():
+            base_count = result.baseline_counts.get(severity, 0)
+            diff = count - base_count
+            if diff != 0:
+                deltas[severity] = diff
+        gate_info["deltas"] = deltas
+
+    # 3. Blocking findings details
+    blocking_details = []
+    
+    # Create a lookup for blocking status to include help details
+    # We only want to detail findings that are actually blocking, 
+    # but the GateResult only gives us IDs. 
+    # We need to find the full finding objects in the scorecard matching those IDs.
+    
+    blocking_ids_set = set(result.current_blocking_ids)
+    
+    # Optimization: Map IDs to help info once
+    help_map = {}
+    for fid in blocking_ids_set:
+        help_map[fid] = get_help(fid)
+
+    for f in scorecard.findings:
+        fid = finding_id(f)
+        if fid in blocking_ids_set:
+            # Reconstruct details
+            item = {
+                "id": fid,
+                "fingerprint": compute_fingerprint(f),
+                "severity": f.get("severity"),
+                "message": f.get("message"),
+                "location": f.get("location"),
+            }
+            
+            help_data = help_map.get(fid)
+            if help_data:
+                item["help_url"] = help_data.url
+                item["help_hint"] = help_data.hint
+                
+            blocking_details.append(item)
+
+    # 4. Artifacts
+    artifact_list = []
+    for art in artifacts:
+        path = art.get("path")
+        if path:
+            h = sha256_file(path)
+            if h:
+                artifact_list.append({
+                    "kind": art.get("kind"),
+                    "path": path,
+                    "sha256": h
+                })
+
+    # Assemble final payload
+    return {
+        "tool": "a11y-ci",
+        "tool_version": __version__,
+        "run_id": str(uuid.uuid4()),
+        "timestamp": datetime.datetime.now(datetime.timezone.utc).isoformat(),
+        "repo": env_repo,
+        "commit_sha": env_sha,
+        "workflow": env_workflow,
+        "gate": gate_info,
+        "blocking": blocking_details,
+        "artifacts": artifact_list,
+    }

package/src/a11y-ci/a11y_ci/pr_comment.py

@@ -0,0 +1,127 @@
+"""
+PR Comment Formatter for a11y-ci evidence.
+Renders MCP payloads into GitHub or ADO Markdown.
+"""
+
+from __future__ import annotations
+
+from typing import Any, Dict, List
+
+def render_pr_comment(payload: Dict[str, Any], *, platform: str = "github", top: int = 10) -> str:
+    """Render an MCP payload as a Markdown PR comment."""
+    is_github = platform == "github"
+    
+    # 1. Header
+    gate = payload.get("gate", {})
+    decision = gate.get("decision", "unknown").lower()
+    pass_icon = "✅"
+    fail_icon = "❌"
+    
+    if decision == "pass":
+        title = f"{pass_icon} Accessibility Gate: PASS"
+    else:
+        title = f"{fail_icon} Accessibility Gate: FAIL"
+        
+    lines = [f"# {title}", ""]
+
+    # 2. Summary Table
+    counts = gate.get("counts", {})
+    deltas = gate.get("deltas", {})
+    fail_on = gate.get("fail_on", "serious")
+    
+    lines.append("| Metric | Value | Delta |")
+    lines.append("|:---|:---|:---|")
+    lines.append(f"| **Fail Threshold** | `{fail_on}` | - |")
+    
+    # Sort severities for consistent display
+    severities = ["critical", "serious", "moderate", "minor", "info"]
+    has_counts = False
+    for sev in severities:
+        if sev in counts:
+            has_counts = True
+            count = counts[sev]
+            delta = deltas.get(sev, 0)
+            delta_str = f"{delta:+d}" if delta != 0 else "-"
+            # Highlight failing severities
+            # Roughly: if sev >= fail_on and delta > 0 or absolute count issues
+            # For table simplicity, just list them.
+            lines.append(f"| {sev.title()} | {count} | {delta_str} |")
+
+    if not has_counts:
+         lines.append("| Findings | 0 | - |")
+
+    lines.append("")
+    
+    # 3. Blocking Findings (Top N)
+    blocking = payload.get("blocking", [])
+    if blocking and top > 0:
+        lines.append("## 🚫 Blocking Findings")
+        if len(blocking) > top:
+             lines.append(f"_Showing first {top} of {len(blocking)} violations_")
+        
+        # Sort by severity (rank) then ID for stability
+        # We need a rank map
+        severity_rank = {k: i for i, k in enumerate(reversed(severities))}
+        
+        def sort_key(item):
+            s = item.get("severity", "info")
+            r = severity_rank.get(s, 0)
+            return (-r, item.get("id", ""))
+
+        sorted_blocking = sorted(blocking, key=sort_key)
+        
+        for item in sorted_blocking[:top]:
+            fid = item.get("id", "UNKNOWN")
+            severity = item.get("severity", "info").upper()
+            msg = item.get("message", "No message provided")
+            loc = item.get("location") or "Unknown location"
+            hint = item.get("help_hint")
+            url = item.get("help_url")
+            
+            # Formatting
+            if is_github:
+                header = f"### [{severity}] {fid}"
+            else:
+                header = f"### {severity}: {fid}"
+                
+            lines.append(header)
+            lines.append(f"> {msg}")
+            lines.append("")
+            lines.append(f"- **Location**: `{loc}`")
+            if hint:
+                lines.append(f"- **Fix**: {hint}")
+            if url:
+                lines.append(f"- **Docs**: [Read Guidance]({url})")
+            lines.append("")
+
+
+    # 4. Artifacts
+    artifacts = payload.get("artifacts", [])
+    if artifacts:
+        lines.append("## 📦 Artifacts")
+        lines.append("| Kind | SHA256 Hash |")
+        lines.append("|:---|:---|")
+        for art in artifacts:
+            kind = art.get("kind", "unknown")
+            sha = art.get("sha256", "unknown")
+            # Truncate hash for readability
+            short_sha = sha[:12] + "..." if len(sha) > 12 else sha
+            lines.append(f"| {kind} | `{short_sha}` |")
+        lines.append("")
+
+    # 5. Footer
+    tool_ver = payload.get("tool_version", "unknown")
+    repo = payload.get("repo")
+    sha = payload.get("commit_sha")
+    run_id = payload.get("run_id", "").split("-")[-1]  # Short run ID
+    
+    footer_parts = [f"Generated by **a11y-ci v{tool_ver}**"]
+    if sha:
+        footer_parts.append(f"Commit: `{sha[:7]}`")
+    if run_id:
+        footer_parts.append(f"Run: `{run_id}`")
+        
+    lines.append("---")
+    lines.append(" | ".join(footer_parts))
+    
+    return "\n".join(lines)

package/src/a11y-ci/a11y_ci/report.py

@@ -0,0 +1,137 @@
+"""Reporting logic for gate results."""
+
+import json
+from dataclasses import asdict
+from typing import Any, Dict, List
+
+from .gate import GateResult
+from .help import get_help
+from .render import CliMessage, render
+from .severity import SEVERITY_ORDER
+
+
+def _format_counts(counts: Dict[str, int], baseline: Dict[str, int] | None) -> List[str]:
+    """Format counts with optional baseline deltas."""
+    lines = []
+    for sev in reversed(SEVERITY_ORDER):
+        count = counts.get(sev, 0)
+        base_count = baseline.get(sev, 0) if baseline else 0
+        delta = count - base_count
+        
+        delta_str = ""
+        if baseline and delta != 0:
+            sign = "+" if delta > 0 else ""
+            delta_str = f" ({sign}{delta})"
+            
+        if count > 0 or (baseline and base_count > 0):
+            lines.append(f"{sev.title()}: {count}{delta_str}")
+            
+    if not lines:
+        lines.append("No findings.")
+    return lines
+
+
+def render_text_report(result: GateResult, top: int = 10) -> str:
+    """Render human-readable report using CliMessage."""
+    counts_lines = _format_counts(result.current_counts, result.baseline_counts)
+
+    if result.ok:
+        msg = CliMessage(
+            status="OK",
+            id="A11Y.CI.GATE.PASS",
+            title="Accessibility gate passed",
+            what=["No policy violations detected."] + counts_lines,
+            why=["Current findings meet the configured threshold."],
+            fix=["Proceed with merge/release."],
+        )
+        return render(msg)
+
+    # Failure case
+    what_lines = ["Accessibility policy violations were detected."]
+    what_lines.append("")
+    what_lines.append("Summary:")
+    what_lines.extend([f"  {line}" for line in counts_lines])
+
+    why_lines = result.reasons[:]
+
+    fix_lines = [
+        "Address the listed findings or update the baseline.",
+        "Run local check: a11y-ci gate --current <path>",
+    ]
+
+    if result.current_blocking_ids and top > 0:
+        fix_lines.append("")
+        fix_lines.append(f"Blocking IDs (Top {top}):")
+
+        limit = min(len(result.current_blocking_ids), top)
+        for bid in result.current_blocking_ids[:limit]:
+            info = get_help(bid)
+            if info:
+                # Add hint and link
+                fix_lines.append(f"- {bid}")
+                fix_lines.append(f"    Fix: {info.hint}")
+                fix_lines.append(f"    Docs: {info.url}")
+            else:
+                fix_lines.append(f"- {bid}")
+
+        remaining = len(result.current_blocking_ids) - limit
+        if remaining > 0:
+             fix_lines.append(f"... and {remaining} more.")
+
+    if result.new_blocking_ids and top > 0:
+        fix_lines.append("")
+        fix_lines.append(f"New Regression IDs (Top {top}):")
+        fix_lines.extend([f"- {bid}" for bid in result.new_blocking_ids[:top]]) 
+
+
+    msg = CliMessage(
+        status="ERROR",
+        id="A11Y.CI.GATE.FAIL",
+        title="Accessibility gate failed",
+        what=what_lines,
+        why=why_lines if why_lines else ["Gate policy was not satisfied."],     
+        fix=fix_lines,
+    )
+    return render(msg)
+
+
+def print_text_report(result: GateResult, top: int = 10):
+    """Print human-readable report (backward compatibility)."""
+    print(render_text_report(result, top), end="")
+
+
+def get_json_report(result: GateResult) -> Dict[str, Any]:
+    """Get machine-readable JSON report dict."""
+
+    # Enrich blocking findings with help
+    blocking_details = []
+    for bid in result.current_blocking_ids:
+        item = {"id": bid}
+        info = get_help(bid)
+        if info:
+            item["help_url"] = info.url
+            item["help_hint"] = info.hint
+        else:
+            item["help_url"] = None
+            item["help_hint"] = None
+        blocking_details.append(item)
+
+    payload = {
+        "gate": "PASS" if result.ok else "FAIL",
+        "timestamp": "ISO8601-TODO", # or omit
+        "counts": result.current_counts,
+        "baseline_counts": result.baseline_counts,
+        "reasons": result.reasons,
+        "blocking": {
+            "current_ids": result.current_blocking_ids,
+            "details": blocking_details, # enriched list
+            "new_ids": result.new_blocking_ids,
+            "new_fingerprints": result.new_fingerprints if hasattr(result, "new_fingerprints") else [],
+        }
+    }
+    return payload
+
+
+def print_json_report(result: GateResult):
+    """Print machine-readable JSON report."""
+    print(json.dumps(get_json_report(result), indent=2))

package/src/a11y-ci/a11y_ci/schema/scorecard.schema.json

@@ -0,0 +1,89 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "a11y-ci Scorecard",
+  "description": "Standard accessibility finding scorecard for gating",
+  "type": "object",
+  "required": ["meta", "findings"],
+  "properties": {
+    "meta": {
+      "type": "object",
+      "required": ["tool"],
+      "properties": {
+        "tool": {
+          "type": "string",
+          "description": "Name of the tool that generated this scorecard"
+        },
+        "version": {
+          "type": "string",
+          "description": "Version of the tool"
+        },
+        "url": {
+          "type": "string",
+          "format": "uri",
+          "description": "URL to the tool documentation or repository"
+        }
+      }
+    },
+    "summary": {
+      "type": "object",
+      "description": "Optional summary counts by severity",
+      "additionalProperties": {
+        "type": "integer",
+        "minimum": 0
+      }
+    },
+    "findings": {
+      "type": "array",
+      "description": "List of accessibility findings",
+      "items": {
+        "type": "object",
+        "required": ["id", "severity", "message"],
+        "properties": {
+          "id": {
+            "type": "string",
+            "description": "Stable identifier for the rule violated (e.g. 'aria-hidden-body')"
+          },
+          "rule_id": {
+            "type": "string",
+            "description": "Legacy alias for 'id'"
+          },
+          "finding_id": {
+            "type": "string",
+            "description": "Legacy alias for 'id'"
+          },
+          "severity": {
+            "type": "string",
+            "enum": ["info", "minor", "moderate", "serious", "critical"],
+            "description": "Severity level of the finding"
+          },
+          "message": {
+            "type": "string",
+            "description": "Human-readable description of the issue"
+          },
+          "location": {
+            "type": "object",
+            "description": "Location of the issue",
+            "properties": {
+              "path": {
+                "type": "string",
+                "description": "File path or URL"
+              },
+              "line": {
+                "type": "integer",
+                "minimum": 1
+              },
+              "column": {
+                "type": "integer",
+                "minimum": 1
+              }
+            }
+          },
+          "fingerprint": {
+              "type": "string",
+              "description": "Stable hash of the finding for deduping"
+          }
+        }
+      }
+    }
+  }
+}

package/src/a11y-ci/a11y_ci/schemas/allowlist.schema.json

@@ -10,11 +10,20 @@
       "type": "array",
       "items": {
         "type": "object",
-        "required": ["finding_id", "expires", "reason"],
+        "required": ["expires", "reason", "owner"],
+        "oneOf": [
+            { "required": ["finding_id"] },
+            { "required": ["id"] },
+            { "required": ["fingerprint"] }
+        ],
         "properties": {
           "finding_id": { "type": "string", "minLength": 3 },
+          "id": { "type": "string", "minLength": 3 },
+          "fingerprint": { "type": "string", "minLength": 64, "maxLength": 64 },
           "expires": { "type": "string", "pattern": "^\\d{4}-\\d{2}-\\d{2}$" },
-          "reason": { "type": "string", "minLength": 10 }
+          "reason": { "type": "string", "minLength": 10 },
+          "owner": { "type": "string", "minLength": 3 },
+          "ticket": { "type": "string" }
         },
         "additionalProperties": false
       }