@wcag-audit/cli 1.0.0-alpha.11

package/src/commands/scan.js

@@ -0,0 +1,362 @@
+import { readFile, writeFile } from "fs/promises";
+import { join, basename, resolve } from "path";
+import { randomUUID } from "crypto";
+import getPort from "get-port";
+
+import { readGlobalConfig } from "../config/global.js";
+import { readProjectConfig } from "../config/project.js";
+import { validateLicense } from "../license/validate.js";
+import { logUsage } from "../license/log-usage.js";
+import { detectFramework } from "../discovery/registry.js";
+import { loadManualRoutes } from "../discovery/manual.js";
+import { crawlRoutes } from "../discovery/crawl.js";
+import { expandDynamicRoutes } from "../discovery/dynamic-samples.js";
+import { startDevServer, detectDevCommand } from "../devserver/spawn.js";
+import { renderFindingsMarkdown } from "../output/markdown.js";
+import { renderCursorRules } from "../output/cursor-rules.js";
+import { upsertAgentsMd } from "../output/agents-md.js";
+import { writeProjectReport } from "../output/excel-project.js";
+import { hashContent, readCacheEntry, writeCacheEntry } from "../cache/route-cache.js";
+
+const CLI_VERSION = "1.0.0-alpha.11";
+
+export async function runScan({
+  cwd = process.cwd(),
+  dryRun = false,
+  noAi = false,
+  noCache = false,
+  urlMode = null,
+  routesFile = null,
+  crawlDepth = 2,
+  log = console.log,
+  runAuditForRoute,
+} = {}) {
+  // 1. Load global + project config
+  const globalCfg = await readGlobalConfig();
+  if (!globalCfg.licenseKey) {
+    return {
+      ok: false,
+      error: "No license key found. Run `npx wcag-audit init` first.",
+    };
+  }
+  const projectCfg = await readProjectConfig(cwd);
+
+  // 2-3. Detect framework + discover routes.
+  // Priority: --url crawl > --routes file > framework detection.
+  let framework = null;
+  let strategy = null;
+  let routes = [];
+
+  if (urlMode) {
+    framework = "crawl";
+    strategy = "url-crawl";
+    log(`✓ Crawl mode: starting at ${urlMode} (depth ${crawlDepth})`);
+    routes = await crawlRoutes(urlMode, {
+      maxDepth: crawlDepth,
+      excludePaths: projectCfg.excludePaths,
+    });
+  } else if (routesFile) {
+    framework = "manual";
+    strategy = "routes-file";
+    log(`✓ Manual routes: ${routesFile}`);
+    routes = await loadManualRoutes(routesFile, {
+      excludePaths: projectCfg.excludePaths,
+    });
+  } else {
+    const det = await detectFramework(cwd);
+    if (det) {
+      framework = det.framework;
+      strategy = det.strategy;
+      log(`✓ Detected ${framework} (${strategy})`);
+      routes = await det.discoverRoutes(cwd, {
+        excludePaths: projectCfg.excludePaths,
+      });
+      routes = expandDynamicRoutes(routes, projectCfg.dynamicRouteSamples || {});
+    }
+  }
+
+  if (routes.length === 0) {
+    return {
+      ok: false,
+      error:
+        "No routes discovered. Use --url to crawl a deployed site, --routes to provide a manual list, or add dynamicRouteSamples to .wcagauditrc.",
+    };
+  }
+  log(`✓ Discovered ${routes.length} route${routes.length === 1 ? "" : "s"}`);
+
+  // 4. Validate license + credit budget
+  const machineId = randomUUID();
+  const license = await validateLicense(globalCfg.licenseKey, {
+    machineId,
+    source: "cli",
+    version: CLI_VERSION,
+  });
+  if (!license.valid) {
+    return { ok: false, error: `License check failed: ${license.error}` };
+  }
+  const creditsRemaining = license.creditsRemaining?.total ?? Infinity;
+  const creditsNeeded = routes.length;
+
+  log(
+    `✓ License: ${license.tier} plan (${creditsRemaining === Infinity ? "unlimited" : creditsRemaining} credits remaining)`,
+  );
+  log("");
+  log("Scan preview:");
+  log(`  ${routes.length} routes × 1 credit/route = ${creditsNeeded} credits`);
+  if (creditsRemaining !== Infinity) {
+    log(`  Remaining after scan: ${creditsRemaining - creditsNeeded}`);
+  }
+  log("");
+
+  if (license.tier !== "enterprise" && creditsNeeded > creditsRemaining) {
+    return {
+      ok: false,
+      error: `Not enough credits (${creditsNeeded} needed, ${creditsRemaining} remaining). Top up at https://wcagaudit.io/checkout/topup`,
+      creditsNeeded,
+      creditsRemaining,
+      routes,
+      framework,
+    };
+  }
+
+  if (dryRun) {
+    return {
+      ok: true,
+      dryRun: true,
+      framework,
+      routes,
+      creditsNeeded,
+      creditsRemaining,
+      license,
+    };
+  }
+
+  // 5. Spawn dev server
+  const pkgJson = JSON.parse(await readFile(join(cwd, "package.json"), "utf8"));
+  const devCmd = projectCfg.devServer.command
+    ? { cmd: "sh", args: ["-c", projectCfg.devServer.command] }
+    : detectDevCommand(pkgJson);
+  if (!devCmd) {
+    return {
+      ok: false,
+      error: "Could not determine dev server command. Add `dev` script to package.json or set devServer.command in .wcagauditrc.",
+    };
+  }
+
+  const port = projectCfg.devServer.port || (await getPort({ port: 3000 }));
+  log(`Starting dev server on port ${port}...`);
+
+  let server;
+  try {
+    server = await startDevServer({
+      cwd,
+      cmd: devCmd.cmd,
+      args: devCmd.args,
+      port,
+      healthPath: projectCfg.devServer.healthCheck || "/",
+      startupTimeout: projectCfg.devServer.startupTimeout || 60000,
+    });
+    log(`✓ Server ready on ${server.url}`);
+    log("");
+  } catch (err) {
+    return { ok: false, error: err.message };
+  }
+
+  // 6. Audit each route
+  const allFindings = [];
+  const runFn = runAuditForRoute || (await importAuditFn());
+  let newPagesCount = 0;
+  let cachedPagesCount = 0;
+  log("Auditing routes...");
+  for (let i = 0; i < routes.length; i++) {
+    const route = routes[i];
+    const url = `http://localhost:${port}${route.path}`;
+    const label = `[${i + 1}/${routes.length}] ${route.path}`;
+    try {
+      // Fetch the rendered HTML once to compute the cache key. This is
+      // cheap (<100ms) compared to running the full checker pipeline.
+      const cacheHtml = await fetch(url).then((r) => r.text()).catch(() => "");
+      const hash = hashContent(cacheHtml, []);
+      const cached = noCache ? null : await readCacheEntry(cwd, route.path, hash);
+      if (cached) {
+        const tagged = cached.findings.map((f) => ({
+          ...f,
+          route: route.path,
+          sourceFile: route.sourceFile,
+        }));
+        allFindings.push(...tagged);
+        cachedPagesCount++;
+        log(`${label} → ${tagged.length} issues (cached)`);
+        continue;
+      }
+
+      const findings = await runFn({
+        url,
+        wcagVersion: globalCfg.defaults.wcagVersion,
+        levels: globalCfg.defaults.conformanceLevel,
+        // Consistency checker needs multi-page crawl to compare nav/help/
+        // component names across pages. 5 pages balances coverage vs speed.
+        maxPages: 5,
+        aiEnabled: !noAi && globalCfg.ai.enabled,
+        aiProvider: globalCfg.ai.provider,
+        aiModel: globalCfg.ai.model,
+        aiKey: globalCfg.ai.apiKey,
+        headed: false,
+        slowMo: 0,
+      });
+      const tagged = findings.map((f) => ({
+        ...f,
+        route: route.path,
+        sourceFile: route.sourceFile,
+      }));
+      allFindings.push(...tagged);
+      newPagesCount++;
+      // Store the bare findings (without route/sourceFile stamps) so
+      // re-tagging works even if route metadata changes.
+      await writeCacheEntry(cwd, route.path, hash, {
+        findings,
+        auditedAt: Date.now(),
+      });
+      log(`${label} → ${tagged.length} issues`);
+    } catch (err) {
+      log(`${label} → ERROR: ${err.message}`);
+    }
+  }
+
+  // 7. Cleanup dev server
+  await server.dispose();
+
+  // 8. Write outputs
+  const outputs = new Set(projectCfg.outputs || ["excel", "markdown"]);
+  const projectName = basename(cwd);
+
+  if (outputs.has("markdown")) {
+    const md = renderFindingsMarkdown({
+      projectName,
+      generator: `@wcag-audit/cli v${CLI_VERSION}`,
+      totalPages: routes.length,
+      wcagVersion: globalCfg.defaults.wcagVersion,
+      levels: globalCfg.defaults.conformanceLevel,
+      findings: allFindings,
+    });
+    await writeFile(resolve(cwd, "WCAG_FIXES.md"), md, "utf8");
+    log(`✓ WCAG_FIXES.md (${allFindings.length} findings)`);
+  }
+
+  if (outputs.has("json")) {
+    // Structured JSON output for programmatic consumers (custom
+    // dashboards, CI integrations, historical trend tracking).
+    const json = {
+      generator: `@wcag-audit/cli v${CLI_VERSION}`,
+      generatedAt: new Date().toISOString(),
+      projectName,
+      framework,
+      strategy,
+      wcagVersion: globalCfg.defaults.wcagVersion,
+      levels: globalCfg.defaults.conformanceLevel,
+      totalPages: routes.length,
+      newPagesCount,
+      cachedPagesCount,
+      totalIssues: allFindings.length,
+      findings: allFindings,
+    };
+    await writeFile(
+      resolve(cwd, "wcag-report.json"),
+      JSON.stringify(json, null, 2),
+      "utf8",
+    );
+    log(`✓ wcag-report.json`);
+  }
+
+  if (outputs.has("cursor-rules")) {
+    const mdc = renderCursorRules({ projectName, findings: allFindings });
+    const dir = resolve(cwd, ".cursor/rules");
+    const { mkdir } = await import("fs/promises");
+    await mkdir(dir, { recursive: true });
+    await writeFile(resolve(dir, "wcag-fixes.mdc"), mdc, "utf8");
+    log(`✓ .cursor/rules/wcag-fixes.mdc`);
+  }
+
+  if (outputs.has("agents-md")) {
+    // Build a compact bulleted list for AGENTS.md — just the per-file
+    // summary, not the full finding detail (full detail lives in
+    // WCAG_FIXES.md).
+    const byFile = new Map();
+    for (const f of allFindings) {
+      const key = f.sourceFile || "(unknown)";
+      if (!byFile.has(key)) byFile.set(key, []);
+      byFile.get(key).push(f);
+    }
+    let body = "";
+    if (byFile.size === 0) {
+      body = "No outstanding WCAG issues from the last scan.\n";
+    } else {
+      for (const [file, items] of byFile.entries()) {
+        body += `### ${file}\n`;
+        for (const f of items.slice(0, 10)) {
+          const crit = Array.isArray(f.criteria) ? f.criteria.join(", ") : f.criteria || "?";
+          body += `- ${f.description || f.ruleId} — ${crit} (${f.impact || "minor"})\n`;
+        }
+        body += "\n";
+      }
+    }
+    await upsertAgentsMd(cwd, body);
+    log(`✓ AGENTS.md WCAG section updated`);
+  }
+
+  if (outputs.has("excel")) {
+    await writeProjectReport({
+      findings: allFindings,
+      meta: {
+        projectName,
+        generator: `@wcag-audit/cli v${CLI_VERSION}`,
+        framework,
+        strategy,
+        wcagVersion: globalCfg.defaults.wcagVersion,
+        levels: globalCfg.defaults.conformanceLevel,
+        totalPages: routes.length,
+        newPagesCount,
+        cachedPagesCount,
+      },
+      outPath: resolve(cwd, "wcag-report.xlsx"),
+    });
+    log(`✓ wcag-report.xlsx`);
+  }
+
+  // 9. Log usage for billing
+  await logUsage({
+    licenseKey: globalCfg.licenseKey,
+    pagesCount: routes.length,
+    newPagesCount,
+    cachedPagesCount,
+    issuesFound: allFindings.length,
+    source: "cli",
+    cliVersion: CLI_VERSION,
+    framework,
+  });
+
+  log("");
+  log(`✓ Scan complete — ${allFindings.length} issues across ${routes.length} pages (${newPagesCount} audited, ${cachedPagesCount} cached)`);
+  return {
+    ok: true,
+    framework,
+    routes,
+    findings: allFindings,
+    creditsUsed: creditsNeeded,
+  };
+}
+
+async function importAuditFn() {
+  // runAuditCore returns { findings, meta } without writing any files.
+  // runAudit (the legacy wrapper) writes a per-page Excel and returns
+  // void, which loses the findings.
+  const { runAuditCore } = await import("../audit.js");
+  return async (opts) => {
+    const tmpScreens = `/tmp/wcag-screens-${Math.random().toString(36).slice(2)}`;
+    const result = await runAuditCore({
+      ...opts,
+      screenshotsDir: tmpScreens,
+    });
+    return result?.findings || [];
+  };
+}

package/src/commands/scan.test.js

@@ -0,0 +1,139 @@
+import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
+import { mkdtemp, rm, mkdir, writeFile } from "fs/promises";
+import { tmpdir } from "os";
+import { join } from "path";
+import { runScan } from "./scan.js";
+
+let tmpHome;
+let projDir;
+
+async function touch(relPath) {
+  const abs = join(projDir, relPath);
+  await mkdir(join(abs, ".."), { recursive: true });
+  await writeFile(abs, "// test", "utf8");
+}
+
+beforeEach(async () => {
+  tmpHome = await mkdtemp(join(tmpdir(), "wcagscan-home-"));
+  projDir = await mkdtemp(join(tmpdir(), "wcagscan-proj-"));
+  process.env.HOME = tmpHome;
+  global.fetch = vi.fn();
+});
+
+afterEach(async () => {
+  await rm(tmpHome, { recursive: true, force: true });
+  await rm(projDir, { recursive: true, force: true });
+  vi.restoreAllMocks();
+});
+
+describe("runScan — dry run preview", () => {
+  it("fails when no config is found", async () => {
+    const result = await runScan({ cwd: projDir, dryRun: true, log: () => {} });
+    expect(result.ok).toBe(false);
+    expect(result.error).toMatch(/init/i);
+  });
+
+  it("reports discovered routes and credit cost", async () => {
+    await writeFile(
+      join(tmpHome, ".wcagauditrc"),
+      JSON.stringify({
+        licenseKey: "WCAG-TEST-AAAA-BBBB-CCCC",
+        ai: { enabled: false, provider: "anthropic", apiKey: null },
+      }),
+      "utf8"
+    );
+
+    await writeFile(
+      join(projDir, "package.json"),
+      JSON.stringify({ dependencies: { next: "15.0.0" }, scripts: { dev: "next dev" } }),
+      "utf8"
+    );
+    await touch("app/page.tsx");
+    await touch("app/about/page.tsx");
+    await touch("app/pricing/page.tsx");
+
+    global.fetch.mockResolvedValueOnce({
+      ok: true,
+      json: async () => ({
+        valid: true,
+        tier: "pro",
+        creditsRemaining: { total: 200 },
+      }),
+    });
+
+    const logs = [];
+    const result = await runScan({
+      cwd: projDir,
+      dryRun: true,
+      log: (m) => logs.push(m),
+    });
+
+    expect(result.ok).toBe(true);
+    expect(result.framework).toBe("nextjs-app");
+    expect(result.routes.map((r) => r.path).sort()).toEqual([
+      "/",
+      "/about",
+      "/pricing",
+    ]);
+    expect(result.creditsNeeded).toBe(3);
+    expect(result.creditsRemaining).toBe(200);
+    const joined = logs.join("\n");
+    expect(joined).toMatch(/Detected nextjs-app/);
+    expect(joined).toMatch(/3 routes/);
+    expect(joined).toMatch(/3 credits/);
+  });
+
+  it("fails when credits insufficient", async () => {
+    await writeFile(
+      join(tmpHome, ".wcagauditrc"),
+      JSON.stringify({
+        licenseKey: "WCAG-TEST-AAAA-BBBB-CCCC",
+        ai: { enabled: false, provider: "anthropic", apiKey: null },
+      }),
+      "utf8"
+    );
+    await writeFile(
+      join(projDir, "package.json"),
+      JSON.stringify({ dependencies: { next: "15.0.0" } }),
+      "utf8"
+    );
+    await touch("app/page.tsx");
+    await touch("app/a/page.tsx");
+    await touch("app/b/page.tsx");
+    await touch("app/c/page.tsx");
+    await touch("app/d/page.tsx");
+
+    global.fetch.mockResolvedValueOnce({
+      ok: true,
+      json: async () => ({
+        valid: true,
+        tier: "pro",
+        creditsRemaining: { total: 2 },
+      }),
+    });
+
+    const result = await runScan({ cwd: projDir, dryRun: true, log: () => {} });
+    expect(result.ok).toBe(false);
+    expect(result.error).toMatch(/not enough credits/i);
+  });
+
+  it("returns error when framework not detected", async () => {
+    await writeFile(
+      join(tmpHome, ".wcagauditrc"),
+      JSON.stringify({
+        licenseKey: "WCAG-TEST-AAAA-BBBB-CCCC",
+        ai: { enabled: false },
+      }),
+      "utf8"
+    );
+
+    global.fetch.mockResolvedValueOnce({
+      ok: true,
+      json: async () => ({ valid: true, tier: "pro", creditsRemaining: { total: 100 } }),
+    });
+
+    const result = await runScan({ cwd: projDir, dryRun: true, log: () => {} });
+    expect(result.ok).toBe(false);
+    expect(result.error).toMatch(/routes discovered|framework/i);
+  });
+});

package/src/commands/watch.js

@@ -0,0 +1,89 @@
+import { watch } from "fs";
+import { join } from "path";
+import { runScan } from "./scan.js";
+
+// Watch mode: rescan every time a source file changes. Debounced so a
+// burst of saves (prettier-on-save, hot reload) only triggers one scan.
+//
+// The watcher only fires on changes to /src, /app, /pages, /components
+// — not node_modules or .next. Ignores .wcag-audit/cache so cache
+// writes don't re-trigger scans.
+export async function runWatch({
+  cwd = process.cwd(),
+  debounceMs = 2000,
+  log = console.log,
+} = {}) {
+  const watchDirs = ["src", "app", "pages", "components"]
+    .map((d) => join(cwd, d));
+
+  log("");
+  log("wcag-audit watch — rescanning on source changes");
+  log(`Watched dirs: ${watchDirs.map((d) => d.replace(cwd + "/", "")).join(", ")}`);
+  log("Press Ctrl+C to stop.");
+  log("");
+
+  // Run once on startup so the first report lands before any edits.
+  await runScan({ cwd, log });
+
+  let pending = null;
+  let running = false;
+  let needsRerun = false;
+
+  const trigger = (reason) => {
+    if (pending) clearTimeout(pending);
+    pending = setTimeout(async () => {
+      pending = null;
+      if (running) {
+        needsRerun = true;
+        return;
+      }
+      running = true;
+      log("");
+      log(`─── change detected (${reason}) — rescanning ───`);
+      try {
+        await runScan({ cwd, log });
+      } catch (err) {
+        log(`✗ Scan failed: ${err.message}`);
+      }
+      running = false;
+      if (needsRerun) {
+        needsRerun = false;
+        trigger("queued changes");
+      }
+    }, debounceMs);
+  };
+
+  const watchers = [];
+  for (const dir of watchDirs) {
+    try {
+      const w = watch(dir, { recursive: true }, (_event, filename) => {
+        if (!filename) return;
+        // Ignore cache writes so our own output doesn't loop
+        if (filename.startsWith(".wcag-audit")) return;
+        if (filename.includes("node_modules")) return;
+        trigger(filename);
+      });
+      watchers.push(w);
+    } catch {
+      // Directory doesn't exist — skip silently
+    }
+  }
+
+  if (watchers.length === 0) {
+    log("! No source directories found to watch. Tried: " + watchDirs.join(", "));
+    return { ok: false, error: "No source directories to watch" };
+  }
+
+  // Keep the process alive until SIGINT
+  return new Promise((resolve) => {
+    const cleanup = () => {
+      for (const w of watchers) w.close();
+      if (pending) clearTimeout(pending);
+      log("");
+      log("Watcher stopped.");
+      resolve({ ok: true });
+    };
+    process.on("SIGINT", cleanup);
+    process.on("SIGTERM", cleanup);
+  });
+}

package/src/config/global.js

@@ -0,0 +1,60 @@
+import { readFile, writeFile, chmod } from "fs/promises";
+import { homedir } from "os";
+import { join } from "path";
+
+export const DEFAULT_GLOBAL_CONFIG = {
+  licenseKey: null,
+  ai: {
+    enabled: false,
+    provider: "anthropic",
+    apiKey: null,
+    model: null,
+    groups: ["visual", "structure", "language"],
+  },
+  defaults: {
+    conformanceLevel: ["A", "AA"],
+    wcagVersion: "2.2",
+    includeBestPractices: false,
+  },
+};
+
+function configPath() {
+  return join(process.env.HOME || homedir(), ".wcagauditrc");
+}
+
+export async function readGlobalConfig() {
+  try {
+    const raw = await readFile(configPath(), "utf8");
+    const parsed = JSON.parse(raw);
+    return deepMerge(DEFAULT_GLOBAL_CONFIG, parsed);
+  } catch {
+    return structuredClone(DEFAULT_GLOBAL_CONFIG);
+  }
+}
+
+export async function writeGlobalConfig(config) {
+  const path = configPath();
+  const merged = deepMerge(DEFAULT_GLOBAL_CONFIG, config);
+  await writeFile(path, JSON.stringify(merged, null, 2), "utf8");
+  await chmod(path, 0o600);
+}
+
+export async function mergeGlobalConfig(patch) {
+  const current = await readGlobalConfig();
+  const next = deepMerge(current, patch);
+  await writeGlobalConfig(next);
+}
+
+function deepMerge(base, override) {
+  if (override == null) return structuredClone(base);
+  if (typeof base !== "object" || typeof override !== "object") return override;
+  if (Array.isArray(base) || Array.isArray(override)) return override;
+  const out = { ...base };
+  for (const key of Object.keys(override)) {
+    out[key] =
+      key in base && typeof base[key] === "object" && !Array.isArray(base[key])
+        ? deepMerge(base[key], override[key])
+        : override[key];
+  }
+  return out;
+}

package/src/config/global.test.js

@@ -0,0 +1,58 @@
+import { describe, it, expect, beforeEach, afterEach } from "vitest";
+import { mkdtemp, rm, readFile, stat } from "fs/promises";
+import { tmpdir } from "os";
+import { join } from "path";
+import {
+  readGlobalConfig,
+  writeGlobalConfig,
+  mergeGlobalConfig,
+  DEFAULT_GLOBAL_CONFIG,
+} from "./global.js";
+
+let tmpHome;
+
+beforeEach(async () => {
+  tmpHome = await mkdtemp(join(tmpdir(), "wcagrc-"));
+  process.env.HOME = tmpHome;
+});
+
+afterEach(async () => {
+  await rm(tmpHome, { recursive: true, force: true });
+});
+
+describe("global config", () => {
+  it("returns defaults when no file exists", async () => {
+    const cfg = await readGlobalConfig();
+    expect(cfg).toEqual(DEFAULT_GLOBAL_CONFIG);
+  });
+
+  it("persists config and chmods to 600", async () => {
+    await writeGlobalConfig({
+      licenseKey: "WCAG-TEST-AAAA-BBBB-CCCC",
+      ai: { enabled: true, provider: "anthropic", apiKey: "sk-ant-x" },
+    });
+    const cfg = await readGlobalConfig();
+    expect(cfg.licenseKey).toBe("WCAG-TEST-AAAA-BBBB-CCCC");
+    expect(cfg.ai.provider).toBe("anthropic");
+    const s = await stat(join(tmpHome, ".wcagauditrc"));
+    expect(s.mode & 0o777).toBe(0o600);
+  });
+
+  it("mergeGlobalConfig overlays new fields onto existing", async () => {
+    await writeGlobalConfig({ licenseKey: "WCAG-A-B-C-D", ai: { enabled: false } });
+    await mergeGlobalConfig({ ai: { enabled: true, provider: "openai" } });
+    const cfg = await readGlobalConfig();
+    expect(cfg.licenseKey).toBe("WCAG-A-B-C-D");
+    expect(cfg.ai.enabled).toBe(true);
+    expect(cfg.ai.provider).toBe("openai");
+  });
+
+  it("corrupt JSON falls back to defaults", async () => {
+    await writeGlobalConfig({ licenseKey: "WCAG-X" });
+    const path = join(tmpHome, ".wcagauditrc");
+    const { writeFile } = await import("fs/promises");
+    await writeFile(path, "{ not json ");
+    const cfg = await readGlobalConfig();
+    expect(cfg).toEqual(DEFAULT_GLOBAL_CONFIG);
+  });
+});