npm - @mcptoolshop/accessibility-suite - Versions diffs - 0.1.0 - Mend

@mcptoolshop/accessibility-suite 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (241) hide show

package/.github/workflows/ci.yml +63 -0
package/LICENSE +21 -0
package/README.md +37 -0
package/docs/prov-spec/.github/workflows/ci.yml +68 -0
package/docs/prov-spec/CHANGELOG.md +69 -0
package/docs/prov-spec/CODE_OF_CONDUCT.md +129 -0
package/docs/prov-spec/CONFORMANCE_LEVELS.md +223 -0
package/docs/prov-spec/CONTRIBUTING.md +145 -0
package/docs/prov-spec/IMPLEMENTER_CHECKLIST.md +137 -0
package/docs/prov-spec/LICENSE +21 -0
package/docs/prov-spec/PRESS_RELEASE.md +74 -0
package/docs/prov-spec/README.md +182 -0
package/docs/prov-spec/SETUP.md +135 -0
package/docs/prov-spec/WHY.md +86 -0
package/docs/prov-spec/examples/artifact.example.json +14 -0
package/docs/prov-spec/examples/artifact.ref.example.json +9 -0
package/docs/prov-spec/examples/evidence.example.json +6 -0
package/docs/prov-spec/examples/mcp.envelope.example.json +97 -0
package/docs/prov-spec/examples/mcp.request.example.json +28 -0
package/docs/prov-spec/examples/prov.record.example.json +35 -0
package/docs/prov-spec/interop/PROOF_NODE_ENGINE.md +114 -0
package/docs/prov-spec/spec/MCP_COMPATIBILITY.md +241 -0
package/docs/prov-spec/spec/PROV_METHODS_CATALOG.md +142 -0
package/docs/prov-spec/spec/PROV_METHODS_SPEC.md +397 -0
package/docs/prov-spec/spec/methods.json +213 -0
package/docs/prov-spec/spec/schemas/artifact.ref.schema.v0.1.json +58 -0
package/docs/prov-spec/spec/schemas/artifact.schema.v0.1.json +61 -0
package/docs/prov-spec/spec/schemas/assist.request.schema.v0.1.json +52 -0
package/docs/prov-spec/spec/schemas/assist.response.schema.v0.1.json +70 -0
package/docs/prov-spec/spec/schemas/cli.error.schema.v0.1.json +78 -0
package/docs/prov-spec/spec/schemas/evidence.schema.v0.1.json +37 -0
package/docs/prov-spec/spec/schemas/mcp.envelope.schema.v0.1.json +141 -0
package/docs/prov-spec/spec/schemas/mcp.request.schema.v0.1.json +79 -0
package/docs/prov-spec/spec/schemas/methods.schema.json +93 -0
package/docs/prov-spec/spec/schemas/prov-capabilities.schema.json +122 -0
package/docs/prov-spec/spec/schemas/prov.record.schema.v0.1.json +133 -0
package/docs/prov-spec/spec/vectors/adapter.wrap.envelope_v0_1/expected.json +4 -0
package/docs/prov-spec/spec/vectors/adapter.wrap.envelope_v0_1/input.json +1 -0
package/docs/prov-spec/spec/vectors/adapter.wrap.envelope_v0_1/negative/double_wrapped.json +14 -0
package/docs/prov-spec/spec/vectors/adapter.wrap.envelope_v0_1/negative/wrong_schema_version.json +11 -0
package/docs/prov-spec/spec/vectors/engine.extract.evidence.json_pointer/expected.json +24 -0
package/docs/prov-spec/spec/vectors/engine.extract.evidence.json_pointer/input.json +8 -0
package/docs/prov-spec/spec/vectors/integrity.digest.sha256/expected.json +7 -0
package/docs/prov-spec/spec/vectors/integrity.digest.sha256/input.json +1 -0
package/docs/prov-spec/spec/vectors/integrity.digest.sha256/negative/non_hex_chars.json +16 -0
package/docs/prov-spec/spec/vectors/integrity.digest.sha256/negative/uppercase_hex.json +16 -0
package/docs/prov-spec/spec/vectors/integrity.digest.sha256/negative/wrong_length.json +16 -0
package/docs/prov-spec/spec/vectors/method_id_syntax/negative/hyphen_separator.json +8 -0
package/docs/prov-spec/spec/vectors/method_id_syntax/negative/reserved_namespace.json +8 -0
package/docs/prov-spec/spec/vectors/method_id_syntax/negative/starts_with_digit.json +8 -0
package/docs/prov-spec/spec/vectors/method_id_syntax/negative/uppercase.json +8 -0
package/docs/prov-spec/spec/vectors/method_id_syntax/positive/valid_ids.json +18 -0
package/docs/prov-spec/tools/python/prov_validator.py +428 -0
package/examples/a11y-demo-site/.github/workflows/a11y-artifacts.yml +81 -0
package/examples/a11y-demo-site/.github/workflows/a11y.yml +34 -0
package/examples/a11y-demo-site/CODE_OF_CONDUCT.md +129 -0
package/examples/a11y-demo-site/CONTRIBUTING.md +83 -0
package/examples/a11y-demo-site/LICENSE +21 -0
package/examples/a11y-demo-site/README.md +155 -0
package/examples/a11y-demo-site/html/contact.html +15 -0
package/examples/a11y-demo-site/html/index.html +20 -0
package/examples/a11y-demo-site/scripts/a11y.sh +20 -0
package/package.json +26 -0
package/src/a11y-assist/.github/workflows/publish.yml +52 -0
package/src/a11y-assist/.github/workflows/test.yml +30 -0
package/src/a11y-assist/A11Y_ASSIST_TEST_COVERAGE_REQUIREMENTS.md +104 -0
package/src/a11y-assist/CODE_OF_CONDUCT.md +129 -0
package/src/a11y-assist/CONTRIBUTING.md +98 -0
package/src/a11y-assist/ENGINE.md +363 -0
package/src/a11y-assist/LICENSE +21 -0
package/src/a11y-assist/PRESS_RELEASE.md +71 -0
package/src/a11y-assist/QUICKSTART.md +101 -0
package/src/a11y-assist/README.md +192 -0
package/src/a11y-assist/RELEASE_NOTES.md +319 -0
package/src/a11y-assist/a11y_assist/__init__.py +3 -0
package/src/a11y-assist/a11y_assist/cli.py +599 -0
package/src/a11y-assist/a11y_assist/from_cli_error.py +149 -0
package/src/a11y-assist/a11y_assist/guard.py +444 -0
package/src/a11y-assist/a11y_assist/ingest.py +407 -0
package/src/a11y-assist/a11y_assist/methods.py +137 -0
package/src/a11y-assist/a11y_assist/parse_raw.py +71 -0
package/src/a11y-assist/a11y_assist/profiles/__init__.py +29 -0
package/src/a11y-assist/a11y_assist/profiles/cognitive_load.py +245 -0
package/src/a11y-assist/a11y_assist/profiles/cognitive_load_render.py +86 -0
package/src/a11y-assist/a11y_assist/profiles/dyslexia.py +144 -0
package/src/a11y-assist/a11y_assist/profiles/dyslexia_render.py +77 -0
package/src/a11y-assist/a11y_assist/profiles/plain_language.py +119 -0
package/src/a11y-assist/a11y_assist/profiles/plain_language_render.py +66 -0
package/src/a11y-assist/a11y_assist/profiles/screen_reader.py +348 -0
package/src/a11y-assist/a11y_assist/profiles/screen_reader_render.py +89 -0
package/src/a11y-assist/a11y_assist/render.py +95 -0
package/src/a11y-assist/a11y_assist/schemas/assist.request.schema.v0.1.json +52 -0
package/src/a11y-assist/a11y_assist/schemas/assist.response.schema.v0.1.json +70 -0
package/src/a11y-assist/a11y_assist/schemas/cli.error.schema.v0.1.json +78 -0
package/src/a11y-assist/a11y_assist/storage.py +31 -0
package/src/a11y-assist/pyproject.toml +60 -0
package/src/a11y-assist/tests/__init__.py +1 -0
package/src/a11y-assist/tests/fixtures/base_inputs/cli_error_high.json +18 -0
package/src/a11y-assist/tests/fixtures/base_inputs/cli_error_medium.json +16 -0
package/src/a11y-assist/tests/fixtures/base_inputs/raw_text_low.txt +3 -0
package/src/a11y-assist/tests/fixtures/cli_error_good.json +9 -0
package/src/a11y-assist/tests/fixtures/cli_error_missing_id.json +7 -0
package/src/a11y-assist/tests/fixtures/cli_error_string_format.json +7 -0
package/src/a11y-assist/tests/fixtures/expected/cognitive_load_high.txt +20 -0
package/src/a11y-assist/tests/fixtures/expected/dyslexia_high.txt +20 -0
package/src/a11y-assist/tests/fixtures/expected/lowvision_high.txt +18 -0
package/src/a11y-assist/tests/fixtures/expected/plain_language_high.txt +14 -0
package/src/a11y-assist/tests/fixtures/expected/screen_reader_high.txt +19 -0
package/src/a11y-assist/tests/fixtures/golden_screen_reader_cli_error.txt +16 -0
package/src/a11y-assist/tests/fixtures/golden_screen_reader_raw_no_id.txt +14 -0
package/src/a11y-assist/tests/fixtures/golden_screen_reader_raw_with_id.txt +14 -0
package/src/a11y-assist/tests/fixtures/raw_good.txt +11 -0
package/src/a11y-assist/tests/fixtures/raw_no_id.txt +2 -0
package/src/a11y-assist/tests/test_cognitive_load.py +469 -0
package/src/a11y-assist/tests/test_dyslexia.py +337 -0
package/src/a11y-assist/tests/test_explain.py +74 -0
package/src/a11y-assist/tests/test_golden.py +127 -0
package/src/a11y-assist/tests/test_guard.py +819 -0
package/src/a11y-assist/tests/test_guard_integration.py +457 -0
package/src/a11y-assist/tests/test_ingest.py +311 -0
package/src/a11y-assist/tests/test_methods_metadata.py +236 -0
package/src/a11y-assist/tests/test_plain_language.py +348 -0
package/src/a11y-assist/tests/test_render.py +117 -0
package/src/a11y-assist/tests/test_screen_reader.py +703 -0
package/src/a11y-assist/tests/test_storage_last.py +61 -0
package/src/a11y-assist/tests/test_triage.py +86 -0
package/src/a11y-ci/.github/workflows/ci.yml +43 -0
package/src/a11y-ci/.github/workflows/test.yml +30 -0
package/src/a11y-ci/A11Y_CI_TEST_COVERAGE_REQUIREMENTS.md +94 -0
package/src/a11y-ci/CODE_OF_CONDUCT.md +129 -0
package/src/a11y-ci/CONTRIBUTING.md +142 -0
package/src/a11y-ci/LICENSE +21 -0
package/src/a11y-ci/README.md +105 -0
package/src/a11y-ci/a11y_ci/__init__.py +3 -0
package/src/a11y-ci/a11y_ci/allowlist.py +83 -0
package/src/a11y-ci/a11y_ci/cli.py +145 -0
package/src/a11y-ci/a11y_ci/gate.py +131 -0
package/src/a11y-ci/a11y_ci/render.py +48 -0
package/src/a11y-ci/a11y_ci/schemas/allowlist.schema.json +24 -0
package/src/a11y-ci/a11y_ci/scorecard.py +99 -0
package/src/a11y-ci/npm/package.json +35 -0
package/src/a11y-ci/pyproject.toml +64 -0
package/src/a11y-ci/tests/__init__.py +1 -0
package/src/a11y-ci/tests/fixtures/allowlist_expired.json +10 -0
package/src/a11y-ci/tests/fixtures/allowlist_ok.json +10 -0
package/src/a11y-ci/tests/fixtures/baseline_ok.json +7 -0
package/src/a11y-ci/tests/fixtures/current_fail.json +6 -0
package/src/a11y-ci/tests/fixtures/current_ok.json +6 -0
package/src/a11y-ci/tests/fixtures/current_regresses.json +7 -0
package/src/a11y-ci/tests/test_gate.py +134 -0
package/src/a11y-evidence-engine/.github/workflows/ci.yml +53 -0
package/src/a11y-evidence-engine/CODE_OF_CONDUCT.md +129 -0
package/src/a11y-evidence-engine/CONTRIBUTING.md +128 -0
package/src/a11y-evidence-engine/LICENSE +21 -0
package/src/a11y-evidence-engine/README.md +71 -0
package/src/a11y-evidence-engine/bin/a11y-engine.js +11 -0
package/src/a11y-evidence-engine/fixtures/bad/button-no-name.html +30 -0
package/src/a11y-evidence-engine/fixtures/bad/img-missing-alt.html +19 -0
package/src/a11y-evidence-engine/fixtures/bad/input-missing-label.html +26 -0
package/src/a11y-evidence-engine/fixtures/bad/missing-lang.html +11 -0
package/src/a11y-evidence-engine/fixtures/good/index.html +29 -0
package/src/a11y-evidence-engine/package-lock.json +109 -0
package/src/a11y-evidence-engine/package.json +45 -0
package/src/a11y-evidence-engine/src/cli.js +74 -0
package/src/a11y-evidence-engine/src/evidence/canonicalize.js +52 -0
package/src/a11y-evidence-engine/src/evidence/json_pointer.js +34 -0
package/src/a11y-evidence-engine/src/evidence/prov_emit.js +153 -0
package/src/a11y-evidence-engine/src/fswalk.js +56 -0
package/src/a11y-evidence-engine/src/html_parse.js +117 -0
package/src/a11y-evidence-engine/src/ids.js +53 -0
package/src/a11y-evidence-engine/src/rules/document_missing_lang.js +50 -0
package/src/a11y-evidence-engine/src/rules/form_control_missing_label.js +105 -0
package/src/a11y-evidence-engine/src/rules/img_missing_alt.js +77 -0
package/src/a11y-evidence-engine/src/rules/index.js +37 -0
package/src/a11y-evidence-engine/src/rules/interactive_missing_name.js +129 -0
package/src/a11y-evidence-engine/src/scan.js +128 -0
package/src/a11y-evidence-engine/test/scan.test.js +149 -0
package/src/a11y-evidence-engine/test/vectors.test.js +200 -0
package/src/a11y-lint/.github/workflows/ci.yml +46 -0
package/src/a11y-lint/.github/workflows/test.yml +34 -0
package/src/a11y-lint/CODE_OF_CONDUCT.md +129 -0
package/src/a11y-lint/CONTRIBUTING.md +70 -0
package/src/a11y-lint/GOVERNANCE.md +57 -0
package/src/a11y-lint/LICENSE +21 -0
package/src/a11y-lint/PRESS_RELEASE.md +50 -0
package/src/a11y-lint/README.md +276 -0
package/src/a11y-lint/RELEASE_NOTES.md +57 -0
package/src/a11y-lint/RELEASING.md +57 -0
package/src/a11y-lint/a11y_lint/__init__.py +64 -0
package/src/a11y-lint/a11y_lint/cli.py +319 -0
package/src/a11y-lint/a11y_lint/errors.py +252 -0
package/src/a11y-lint/a11y_lint/render.py +293 -0
package/src/a11y-lint/a11y_lint/report_md.py +289 -0
package/src/a11y-lint/a11y_lint/scan_cli_text.py +434 -0
package/src/a11y-lint/a11y_lint/schemas/cli.error.schema.v0.1.json +83 -0
package/src/a11y-lint/a11y_lint/scorecard.py +244 -0
package/src/a11y-lint/a11y_lint/validate.py +225 -0
package/src/a11y-lint/pyproject.toml +75 -0
package/src/a11y-lint/tests/__init__.py +1 -0
package/src/a11y-lint/tests/test_cli.py +200 -0
package/src/a11y-lint/tests/test_errors.py +188 -0
package/src/a11y-lint/tests/test_render.py +202 -0
package/src/a11y-lint/tests/test_report_md.py +188 -0
package/src/a11y-lint/tests/test_scan_cli_text.py +290 -0
package/src/a11y-lint/tests/test_scorecard.py +195 -0
package/src/a11y-lint/tests/test_validate.py +257 -0
package/src/a11y-mcp-tools/.github/workflows/ci.yml +53 -0
package/src/a11y-mcp-tools/CODE_OF_CONDUCT.md +129 -0
package/src/a11y-mcp-tools/CONTRIBUTING.md +136 -0
package/src/a11y-mcp-tools/LICENSE +21 -0
package/src/a11y-mcp-tools/PROV_METHODS_CATALOG.md +104 -0
package/src/a11y-mcp-tools/README.md +168 -0
package/src/a11y-mcp-tools/bin/cli.js +452 -0
package/src/a11y-mcp-tools/bin/server.js +244 -0
package/src/a11y-mcp-tools/fixtures/requests/a11y.diagnose.ok.json +27 -0
package/src/a11y-mcp-tools/fixtures/requests/a11y.evidence.ok.json +25 -0
package/src/a11y-mcp-tools/fixtures/responses/a11y.diagnose.ok.json +139 -0
package/src/a11y-mcp-tools/fixtures/responses/a11y.diagnose.provenance_fail.json +13 -0
package/src/a11y-mcp-tools/fixtures/responses/a11y.evidence.ok.json +88 -0
package/src/a11y-mcp-tools/package-lock.json +189 -0
package/src/a11y-mcp-tools/package.json +49 -0
package/src/a11y-mcp-tools/src/envelope.js +197 -0
package/src/a11y-mcp-tools/src/index.js +9 -0
package/src/a11y-mcp-tools/src/schemas/artifact.js +85 -0
package/src/a11y-mcp-tools/src/schemas/diagnosis.schema.v0.1.json +137 -0
package/src/a11y-mcp-tools/src/schemas/envelope.schema.v0.1.json +108 -0
package/src/a11y-mcp-tools/src/schemas/evidence.bundle.schema.v0.1.json +129 -0
package/src/a11y-mcp-tools/src/schemas/evidence.js +97 -0
package/src/a11y-mcp-tools/src/schemas/index.js +11 -0
package/src/a11y-mcp-tools/src/schemas/provenance.js +140 -0
package/src/a11y-mcp-tools/src/schemas/tools/a11y.diagnose.request.schema.v0.1.json +77 -0
package/src/a11y-mcp-tools/src/schemas/tools/a11y.diagnose.response.schema.v0.1.json +50 -0
package/src/a11y-mcp-tools/src/schemas/tools/a11y.evidence.request.schema.v0.1.json +120 -0
package/src/a11y-mcp-tools/src/schemas/tools/a11y.evidence.response.schema.v0.1.json +50 -0
package/src/a11y-mcp-tools/src/tools/diagnose.js +597 -0
package/src/a11y-mcp-tools/src/tools/evidence.js +481 -0
package/src/a11y-mcp-tools/src/tools/index.js +10 -0
package/src/a11y-mcp-tools/test/contract.test.mjs +154 -0
package/src/a11y-mcp-tools/test/diagnose.test.js +485 -0
package/src/a11y-mcp-tools/test/evidence.test.js +183 -0
package/src/a11y-mcp-tools/test/schema.test.js +327 -0

package/docs/prov-spec/spec/vectors/integrity.digest.sha256/negative/uppercase_hex.json ADDED Viewed

@@ -0,0 +1,16 @@
+{
+  "_vector_meta": {
+    "id": "integrity.digest.sha256/negative/uppercase_hex",
+    "expect": "fail",
+    "reason": "Digest value uses uppercase hex instead of lowercase"
+  },
+  "artifact": {
+    "schema_version": "artifact.v0.1",
+    "artifact_id": "test-001",
+    "media_type": "application/json",
+    "digest": {
+      "alg": "sha256",
+      "value": "ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890"
+    }
+  }
+}

package/docs/prov-spec/spec/vectors/integrity.digest.sha256/negative/wrong_length.json ADDED Viewed

@@ -0,0 +1,16 @@
+{
+  "_vector_meta": {
+    "id": "integrity.digest.sha256/negative/wrong_length",
+    "expect": "fail",
+    "reason": "Digest value is 32 chars instead of 64"
+  },
+  "artifact": {
+    "schema_version": "artifact.v0.1",
+    "artifact_id": "test-001",
+    "media_type": "application/json",
+    "digest": {
+      "alg": "sha256",
+      "value": "abcdef1234567890abcdef1234567890"
+    }
+  }
+}

package/docs/prov-spec/spec/vectors/method_id_syntax/negative/hyphen_separator.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "_vector_meta": {
+    "id": "method_id_syntax/negative/hyphen_separator",
+    "expect": "fail",
+    "reason": "Method ID uses hyphens instead of dots"
+  },
+  "method_id": "adapter-wrap-envelope"
+}

package/docs/prov-spec/spec/vectors/method_id_syntax/negative/reserved_namespace.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "_vector_meta": {
+    "id": "method_id_syntax/negative/reserved_namespace",
+    "expect": "fail",
+    "reason": "Method ID uses reserved namespace"
+  },
+  "method_id": "policy.access.deny"
+}

package/docs/prov-spec/spec/vectors/method_id_syntax/negative/starts_with_digit.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "_vector_meta": {
+    "id": "method_id_syntax/negative/starts_with_digit",
+    "expect": "fail",
+    "reason": "Method ID starts with a digit"
+  },
+  "method_id": "123.method.name"
+}

package/docs/prov-spec/spec/vectors/method_id_syntax/negative/uppercase.json ADDED Viewed

@@ -0,0 +1,8 @@
+{
+  "_vector_meta": {
+    "id": "method_id_syntax/negative/uppercase",
+    "expect": "fail",
+    "reason": "Method ID contains uppercase letters"
+  },
+  "method_id": "Adapter.Wrap.Envelope"
+}

package/docs/prov-spec/spec/vectors/method_id_syntax/positive/valid_ids.json ADDED Viewed

@@ -0,0 +1,18 @@
+{
+  "_vector_meta": {
+    "id": "method_id_syntax/positive/valid_ids",
+    "expect": "pass",
+    "reason": "All method IDs conform to grammar"
+  },
+  "method_ids": [
+    "adapter.wrap.envelope_v0_1",
+    "integrity.digest.sha256",
+    "engine.extract.evidence.json_pointer",
+    "lineage.parent.link",
+    "simple",
+    "two.segments",
+    "with_underscore.method",
+    "versioned_v1_0",
+    "adapter.provenance.attach_record_v0_1"
+  ]
+}

package/docs/prov-spec/tools/python/prov_validator.py ADDED Viewed

@@ -0,0 +1,428 @@
+"""Provenance Validator Tool.
+Reference implementation for prov-spec validation.
+Validates:
+- Method ID syntax (grammar conformance)
+- Method catalog membership (known IDs)
+- Capability manifest schemas
+- Provenance record semantic contracts
+- Test vectors
+Usage:
+    python prov_validator.py validate-methods record.json
+    python prov_validator.py validate-manifest prov-capabilities.json
+    python prov_validator.py check-vector integrity.digest.sha256
+    python prov_validator.py list-methods
+"""
+from __future__ import annotations
+import argparse
+import hashlib
+import json
+import re
+import sys
+from pathlib import Path
+from typing import Any, Dict, List, Optional, Tuple
+# Spec version
+SPEC_VERSION = "0.1.0"
+# Method ID grammar (from PROV_METHODS_SPEC.md Section 3)
+METHOD_ID_PATTERN = re.compile(
+    r"^[a-z][a-z0-9_]*(\.[a-z][a-z0-9_]*)*(_v[0-9]+_[0-9]+)?$"
+)
+# Known namespaces
+STABLE_NAMESPACES = {"adapter", "engine", "integrity", "lineage"}
+RESERVED_NAMESPACES = {"policy", "attestation", "execution", "audit"}
+def find_spec_root() -> Path:
+    """Find the spec root directory."""
+    # Try relative to this file
+    here = Path(__file__).parent
+    candidates = [
+        here.parent.parent / "spec",  # tools/python/prov_validator.py
+        here.parent / "spec",  # tools/prov_validator.py
+        here / "spec",  # prov_validator.py in root
+        Path.cwd() / "spec",  # current directory
+    ]
+    for path in candidates:
+        if path.exists() and (path / "methods.json").exists():
+            return path
+    return Path.cwd() / "spec"
+def load_json(path: Path) -> Any:
+    """Load JSON from file."""
+    return json.loads(path.read_text(encoding="utf-8"))
+def load_method_catalog() -> Dict[str, Any]:
+    """Load the method catalog from spec/methods.json."""
+    spec_path = find_spec_root() / "methods.json"
+    if spec_path.exists():
+        return load_json(spec_path)
+    return {"methods": [], "namespaces": {}}
+def canonical_json(obj: Any) -> str:
+    """Serialize to canonical JSON for stable hashing.
+    - Sorted keys
+    - No whitespace
+    - UTF-8
+    """
+    return json.dumps(obj, sort_keys=True, separators=(",", ":"), ensure_ascii=False)
+def compute_sha256(data: bytes) -> str:
+    """Compute SHA-256 hex digest."""
+    return hashlib.sha256(data).hexdigest()
+def compute_artifact_digest(content: Any) -> Dict[str, str]:
+    """Compute digest for an artifact's content."""
+    if isinstance(content, bytes):
+        data = content
+    elif isinstance(content, str):
+        data = content.encode("utf-8")
+    else:
+        data = canonical_json(content).encode("utf-8")
+    return {"alg": "sha256", "value": compute_sha256(data)}
+def validate_method_id_syntax(method_id: str) -> Tuple[bool, Optional[str]]:
+    """Validate method ID matches grammar.
+    Returns:
+        (is_valid, error_message)
+    """
+    if not METHOD_ID_PATTERN.match(method_id):
+        return False, f"Method ID '{method_id}' does not match grammar"
+    return True, None
+def validate_method_id_namespace(method_id: str) -> Tuple[bool, Optional[str]]:
+    """Validate method ID uses a known namespace.
+    Returns:
+        (is_valid, error_message)
+    """
+    namespace = method_id.split(".")[0]
+    if namespace in RESERVED_NAMESPACES:
+        return False, f"Method ID '{method_id}' uses reserved namespace '{namespace}'"
+    if namespace not in STABLE_NAMESPACES:
+        return False, f"Method ID '{method_id}' uses unknown namespace '{namespace}'"
+    return True, None
+def validate_method_id_catalog(
+    method_id: str, catalog: Dict[str, Any]
+) -> Tuple[bool, Optional[str]]:
+    """Validate method ID is in the catalog.
+    Returns:
+        (is_valid, error_message)
+    """
+    known_ids = {m["id"] for m in catalog.get("methods", [])}
+    if method_id not in known_ids:
+        return False, f"Method ID '{method_id}' is not in the catalog"
+    return True, None
+def validate_methods_in_record(
+    record: Dict[str, Any], strict: bool = False
+) -> List[Dict[str, Any]]:
+    """Validate all method IDs in a provenance record.
+    Args:
+        record: Provenance record (prov.record.v0.1)
+        strict: If True, require methods to be in catalog
+    Returns:
+        List of validation issues
+    """
+    issues = []
+    catalog = load_method_catalog() if strict else {"methods": []}
+    methods = record.get("methods", [])
+    if not methods:
+        issues.append({
+            "level": "warning",
+            "message": "Provenance record has no methods claimed",
+        })
+        return issues
+    for method_id in methods:
+        # Check syntax
+        valid, error = validate_method_id_syntax(method_id)
+        if not valid:
+            issues.append({"level": "error", "message": error})
+            continue
+        # Check namespace
+        valid, error = validate_method_id_namespace(method_id)
+        if not valid:
+            issues.append({"level": "error", "message": error})
+        # Check catalog membership (strict mode only)
+        if strict:
+            valid, error = validate_method_id_catalog(method_id, catalog)
+            if not valid:
+                issues.append({"level": "warning", "message": error})
+    return issues
+def validate_capability_manifest(manifest: Dict[str, Any]) -> List[Dict[str, Any]]:
+    """Validate a prov-capabilities.json manifest.
+    Args:
+        manifest: Capability manifest
+    Returns:
+        List of validation issues
+    """
+    issues = []
+    catalog = load_method_catalog()
+    # Check schema version
+    if manifest.get("schema") != "prov-capabilities@v0.1":
+        issues.append({
+            "level": "error",
+            "message": f"Invalid schema: {manifest.get('schema')}",
+        })
+    # Validate implemented methods
+    for method_id in manifest.get("implements", []):
+        valid, error = validate_method_id_syntax(method_id)
+        if not valid:
+            issues.append({"level": "error", "message": error})
+        else:
+            valid, error = validate_method_id_catalog(method_id, catalog)
+            if not valid:
+                issues.append({"level": "warning", "message": error})
+    # Validate optional methods
+    for method_id in manifest.get("optional", []):
+        valid, error = validate_method_id_syntax(method_id)
+        if not valid:
+            issues.append({"level": "error", "message": error})
+    return issues
+def check_test_vector(vector_id: str, expect_fail: bool = False) -> List[Dict[str, Any]]:
+    """Run a test vector and check results.
+    Args:
+        vector_id: Method ID for the test vector
+        expect_fail: If True, expect the vector to fail
+    Returns:
+        List of validation issues
+    """
+    issues = []
+    spec_root = find_spec_root()
+    vectors_path = spec_root / "vectors" / vector_id
+    if not vectors_path.exists():
+        issues.append({
+            "level": "error",
+            "message": f"Test vector not found: {vector_id}",
+        })
+        return issues
+    input_path = vectors_path / "input.json"
+    expected_path = vectors_path / "expected.json"
+    if not input_path.exists() or not expected_path.exists():
+        issues.append({
+            "level": "error",
+            "message": f"Missing input.json or expected.json for {vector_id}",
+        })
+        return issues
+    input_data = load_json(input_path)
+    expected = load_json(expected_path)
+    # Check specific vector types
+    if vector_id == "integrity.digest.sha256":
+        # Compute digest and compare
+        computed_canonical = canonical_json(input_data)
+        computed_digest = compute_artifact_digest(input_data)
+        if computed_canonical != expected.get("canonical_form"):
+            issues.append({
+                "level": "error",
+                "message": f"Canonical form mismatch: got {computed_canonical}",
+            })
+        if computed_digest != expected.get("digest"):
+            issues.append({
+                "level": "error",
+                "message": f"Digest mismatch: got {computed_digest}",
+            })
+        if not issues:
+            issues.append({
+                "level": "info",
+                "message": f"Test vector {vector_id} passed",
+            })
+    elif vector_id == "adapter.wrap.envelope_v0_1":
+        # Check envelope wrapping
+        expected_schema = expected.get("schema_version")
+        expected_result = expected.get("result")
+        if expected_schema != "mcp.envelope.v0.1":
+            issues.append({
+                "level": "error",
+                "message": "Expected schema version mismatch",
+            })
+        if input_data != expected_result:
+            issues.append({
+                "level": "error",
+                "message": "Result should equal input (wrapping test)",
+            })
+        if not issues:
+            issues.append({
+                "level": "info",
+                "message": f"Test vector {vector_id} passed",
+            })
+    else:
+        issues.append({
+            "level": "warning",
+            "message": f"No validator implemented for {vector_id}",
+        })
+    return issues
+def main():
+    """CLI entry point."""
+    parser = argparse.ArgumentParser(
+        description=f"prov-spec validator (spec v{SPEC_VERSION})",
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+    )
+    parser.add_argument(
+        "--version", action="version", version=f"prov-spec validator v{SPEC_VERSION}"
+    )
+    subparsers = parser.add_subparsers(dest="command", help="Command to run")
+    # validate-methods command
+    methods_parser = subparsers.add_parser(
+        "validate-methods",
+        help="Validate method IDs in a provenance record",
+    )
+    methods_parser.add_argument("file", type=Path, help="Path to provenance record JSON")
+    methods_parser.add_argument(
+        "--strict",
+        action="store_true",
+        help="Require methods to be in catalog",
+    )
+    # validate-manifest command
+    manifest_parser = subparsers.add_parser(
+        "validate-manifest",
+        help="Validate a capability manifest",
+    )
+    manifest_parser.add_argument("file", type=Path, help="Path to manifest JSON")
+    # check-vector command
+    vector_parser = subparsers.add_parser(
+        "check-vector",
+        help="Run a test vector",
+    )
+    vector_parser.add_argument("vector_id", help="Method ID for test vector")
+    vector_parser.add_argument(
+        "--expect-fail",
+        action="store_true",
+        help="Expect the vector to fail",
+    )
+    # list-methods command
+    subparsers.add_parser(
+        "list-methods",
+        help="List all known method IDs",
+    )
+    # list-vectors command
+    subparsers.add_parser(
+        "list-vectors",
+        help="List all test vectors",
+    )
+    args = parser.parse_args()
+    if args.command == "validate-methods":
+        record = load_json(args.file)
+        # Handle envelope vs raw record
+        if record.get("schema_version") == "mcp.envelope.v0.1":
+            record = record.get("provenance", {})
+        issues = validate_methods_in_record(record, strict=args.strict)
+    elif args.command == "validate-manifest":
+        manifest = load_json(args.file)
+        issues = validate_capability_manifest(manifest)
+    elif args.command == "check-vector":
+        issues = check_test_vector(args.vector_id, expect_fail=getattr(args, "expect_fail", False))
+    elif args.command == "list-methods":
+        catalog = load_method_catalog()
+        print(f"prov-spec v{SPEC_VERSION} - Known method IDs:\n")
+        for method in catalog.get("methods", []):
+            status = method.get("status", "unknown")
+            print(f"  [{status:11}] {method['id']}")
+            print(f"               {method.get('summary', '')}")
+        return 0
+    elif args.command == "list-vectors":
+        spec_root = find_spec_root()
+        vectors_path = spec_root / "vectors"
+        print(f"prov-spec v{SPEC_VERSION} - Test vectors:\n")
+        if vectors_path.exists():
+            for vector_dir in sorted(vectors_path.iterdir()):
+                if vector_dir.is_dir():
+                    has_positive = (vector_dir / "input.json").exists()
+                    has_negative = (vector_dir / "negative").exists()
+                    markers = []
+                    if has_positive:
+                        markers.append("positive")
+                    if has_negative:
+                        markers.append("negative")
+                    print(f"  {vector_dir.name} ({', '.join(markers)})")
+        return 0
+    else:
+        parser.print_help()
+        return 1
+    # Print results
+    has_errors = False
+    for issue in issues:
+        level = issue["level"]
+        msg = issue["message"]
+        if level == "error":
+            print(f"ERROR: {msg}")
+            has_errors = True
+        elif level == "warning":
+            print(f"WARNING: {msg}")
+        else:
+            print(f"INFO: {msg}")
+    if not issues:
+        print("OK: No issues found")
+    return 1 if has_errors else 0
+if __name__ == "__main__":
+    sys.exit(main())

package/examples/a11y-demo-site/.github/workflows/a11y-artifacts.yml ADDED Viewed

@@ -0,0 +1,81 @@
+name: A11y (upload results)
+on:
+  workflow_dispatch:
+  push:
+  pull_request:
+jobs:
+  a11y:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install tools
+        run: |
+          npm install -g a11y-evidence-engine
+          python -m pip install --upgrade pip
+          python -m pip install a11y-assist
+      # Run, but do not stop the workflow on exit code 2 (expected for broken demo).
+      # Still fail for engine/validation failures (exit 3) or unexpected errors.
+      - name: Run scan + ingest (strict + verify)
+        id: run_a11y
+        shell: bash
+        run: |
+          set -euo pipefail
+          chmod +x scripts/a11y.sh
+          # Run and capture exit code without letting "set -e" kill the step.
+          set +e
+          ./scripts/a11y.sh results
+          code=$?
+          set -e
+          echo "exit_code=$code" >> "$GITHUB_OUTPUT"
+          # exit code meanings:
+          # 0 = success, no findings >= fail-on threshold
+          # 2 = success, but findings exist (expected for this demo)
+          # 3 = ingest/validation failure (should fail workflow)
+          if [ "$code" -eq 3 ]; then
+            echo "A11y pipeline failed (exit 3)."
+            exit 3
+          fi
+          # For 0 or 2, continue so artifacts upload.
+          exit 0
+      - name: Upload results artifact
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: a11y-results
+          path: results/
+          if-no-files-found: error
+          retention-days: 7
+      # Now apply the "real" pass/fail status for the demo:
+      # fail the job if findings exist (exit code 2), pass if 0.
+      - name: Enforce fail-on threshold
+        shell: bash
+        run: |
+          code="${{ steps.run_a11y.outputs.exit_code }}"
+          echo "a11y.sh exit code: $code"
+          if [ "$code" -eq 2 ]; then
+            echo "Failing job because findings exist at/above --fail-on threshold."
+            exit 2
+          fi
+          exit 0

package/examples/a11y-demo-site/.github/workflows/a11y.yml ADDED Viewed

@@ -0,0 +1,34 @@
+name: A11y (provenance-verified)
+on:
+  push:
+  pull_request:
+jobs:
+  a11y:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install tools
+        run: |
+          npm install -g a11y-evidence-engine
+          python -m pip install --upgrade pip
+          python -m pip install a11y-assist
+      - name: Run end-to-end scan + ingest (strict + verify)
+        run: |
+          chmod +x scripts/a11y.sh
+          ./scripts/a11y.sh results