bmad-plus 0.8.0 → 0.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +45 -1
- package/LICENSE +21 -21
- package/README.md +107 -85
- package/osint-agent-package/README.md +88 -88
- package/osint-agent-package/SETUP_KEYS.md +108 -108
- package/osint-agent-package/agents/osint-investigator.md +80 -80
- package/osint-agent-package/install.ps1 +87 -87
- package/osint-agent-package/install.sh +76 -76
- package/osint-agent-package/skills/bmad-osint-investigate/SKILL.md +147 -147
- package/osint-agent-package/skills/bmad-osint-investigate/osint/references/enrichment-databases-fr.md +148 -148
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/_http.py +101 -101
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/apify.py +266 -266
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/brightdata.py +101 -101
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/diagnose.py +141 -141
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/exa.py +79 -79
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/jina.py +71 -71
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/parallel.py +85 -85
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/perplexity.py +102 -102
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/tavily.py +72 -72
- package/osint-agent-package/skills/bmad-osint-investigate/osint/scripts/volley.py +208 -208
- package/osint-agent-package/skills/bmad-osint-investigator/SKILL.md +15 -15
- package/package.json +30 -3
- package/readme-international/README.de.md +18 -5
- package/readme-international/README.es.md +40 -12
- package/readme-international/README.fr.md +36 -8
- package/src/bmad-plus/agents/agent-architect-dev/SKILL.md +96 -96
- package/src/bmad-plus/agents/agent-architect-dev/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-maker/SKILL.md +201 -201
- package/src/bmad-plus/agents/agent-maker/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-orchestrator/SKILL.md +137 -137
- package/src/bmad-plus/agents/agent-orchestrator/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-quality/SKILL.md +83 -83
- package/src/bmad-plus/agents/agent-quality/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-shadow/SKILL.md +71 -71
- package/src/bmad-plus/agents/agent-shadow/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/agents/agent-strategist/SKILL.md +80 -80
- package/src/bmad-plus/agents/agent-strategist/bmad-skill-manifest.yaml +13 -13
- package/src/bmad-plus/data/role-triggers.yaml +209 -209
- package/src/bmad-plus/module-help.csv +10 -10
- package/src/bmad-plus/packs/pack-memory/README.md +106 -106
- package/src/bmad-plus/packs/pack-memory/memory-orchestrator.md +79 -79
- package/src/bmad-plus/packs/pack-memory/shared/karpathy-guardrails.md +86 -86
- package/src/bmad-plus/packs/pack-memory/shared/memory-protocol.md +143 -143
- package/src/bmad-plus/packs/pack-memory/templates/context.md +39 -39
- package/src/bmad-plus/packs/pack-memory/templates/decisions.md +25 -25
- package/src/bmad-plus/packs/pack-memory/templates/identity.yaml +39 -39
- package/src/bmad-plus/packs/pack-memory/templates/lessons.md +31 -31
- package/src/bmad-plus/packs/pack-memory/templates/patterns.md +24 -24
- package/src/bmad-plus/packs/pack-memory/templates/session-handoff.md +25 -25
- package/src/bmad-plus/packs/pack-memory/zecher-agent.md +157 -157
- package/src/bmad-plus/packs/pack-seo/bmad-skill-manifest.yaml +13 -0
- package/src/bmad-plus/packs/pack-shield/README.md +110 -110
- package/src/bmad-plus/packs/pack-shield/SKILL.md +82 -0
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/csrd-agent.md +251 -251
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/section508-agent.md +168 -168
- package/src/bmad-plus/packs/pack-shield/categories/accessibility-esg/wcag-agent.md +190 -190
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/eu-ai-act-agent.md +86 -86
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/iso42001-agent.md +240 -240
- package/src/bmad-plus/packs/pack-shield/categories/ai-governance/nist-ai-rmf-agent.md +122 -122
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/cis-controls-agent.md +210 -210
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/ism-agent.md +139 -139
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/iso27001-agent.md +156 -156
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nis2-agent.md +72 -72
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-800-53-agent.md +239 -239
- package/src/bmad-plus/packs/pack-shield/categories/cybersecurity/nist-csf-agent.md +207 -207
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/ccpa-agent.md +94 -94
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/dpdpa-agent.md +136 -136
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/gdpr-agent.md +296 -296
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/iso27701-agent.md +134 -134
- package/src/bmad-plus/packs/pack-shield/categories/data-privacy/lgpd-agent.md +129 -129
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/cmmc-agent.md +116 -116
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/ear-agent.md +261 -261
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/itar-agent.md +191 -191
- package/src/bmad-plus/packs/pack-shield/categories/defense-export/tsa-agent.md +356 -356
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/dora-agent.md +499 -499
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/fedramp-agent.md +236 -236
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/hipaa-agent.md +162 -162
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/pci-dss-agent.md +228 -228
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/soc2-agent.md +255 -255
- package/src/bmad-plus/packs/pack-shield/categories/industry-compliance/swift-csp-agent.md +153 -153
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-classifier.md +131 -131
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-fria.md +155 -155
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-incidents.md +187 -187
- package/src/bmad-plus/packs/pack-shield/categories/workflows/ai-act-roles.md +113 -113
- package/src/bmad-plus/packs/pack-shield/categories/workflows/breach-sentinel.md +197 -197
- package/src/bmad-plus/packs/pack-shield/categories/workflows/cookie-policy-gen.md +180 -180
- package/src/bmad-plus/packs/pack-shield/categories/workflows/dpia-sentinel.md +235 -235
- package/src/bmad-plus/packs/pack-shield/categories/workflows/legitimate-interest.md +159 -159
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-advisor.md +133 -133
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-notice-gen.md +160 -160
- package/src/bmad-plus/packs/pack-shield/categories/workflows/privacy-policy-gen.md +135 -135
- package/src/bmad-plus/packs/pack-shield/references/ccpa/ccpa-gdpr-comparison.md +117 -117
- package/src/bmad-plus/packs/pack-shield/references/ccpa/consumer-rights-workflows.md +177 -177
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/framework-mappings.md +162 -162
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/implementation-guidance.md +235 -235
- package/src/bmad-plus/packs/pack-shield/references/cis-controls/safeguards-detail.md +252 -252
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-assessment.md +170 -170
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-levels.md +113 -113
- package/src/bmad-plus/packs/pack-shield/references/cmmc/cmmc-practices.md +211 -211
- package/src/bmad-plus/packs/pack-shield/references/csrd/compliance-program.md +281 -281
- package/src/bmad-plus/packs/pack-shield/references/csrd/double-materiality.md +253 -253
- package/src/bmad-plus/packs/pack-shield/references/csrd/esrs-standards.md +401 -401
- package/src/bmad-plus/packs/pack-shield/references/dora/article-reference.md +441 -441
- package/src/bmad-plus/packs/pack-shield/references/dora/incident-classification.md +297 -297
- package/src/bmad-plus/packs/pack-shield/references/dora/rts-its-guide.md +306 -306
- package/src/bmad-plus/packs/pack-shield/references/dora/third-party-risk.md +349 -349
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/gdpr-comparison.md +173 -173
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/rights-and-obligations.md +426 -426
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/rules-2025.md +599 -599
- package/src/bmad-plus/packs/pack-shield/references/dpdpa/sections-reference.md +319 -319
- package/src/bmad-plus/packs/pack-shield/references/ear/ccl-eccn-guide.md +250 -250
- package/src/bmad-plus/packs/pack-shield/references/ear/compliance-program.md +280 -280
- package/src/bmad-plus/packs/pack-shield/references/ear/license-exceptions.md +207 -207
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/gpai-governance.md +267 -267
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/obligations-high-risk.md +287 -287
- package/src/bmad-plus/packs/pack-shield/references/eu-ai-act/risk-classification.md +182 -182
- package/src/bmad-plus/packs/pack-shield/references/fedramp/appendices-guide.md +209 -209
- package/src/bmad-plus/packs/pack-shield/references/fedramp/control-families.md +281 -281
- package/src/bmad-plus/packs/pack-shield/references/fedramp/poam-guide.md +93 -93
- package/src/bmad-plus/packs/pack-shield/references/fedramp/readiness-checklist.md +134 -134
- package/src/bmad-plus/packs/pack-shield/references/fedramp/sap-sar-guide.md +86 -86
- package/src/bmad-plus/packs/pack-shield/references/fedramp/ssp-guide.md +129 -129
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/documents.md +192 -192
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/dpa-template.md +121 -121
- package/src/bmad-plus/packs/pack-shield/references/gdpr-compliance/privacy-notice.md +87 -87
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/breach-notification.md +293 -293
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/privacy-rule.md +276 -276
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/security-rule.md +299 -299
- package/src/bmad-plus/packs/pack-shield/references/hipaa-compliance/templates.md +568 -568
- package/src/bmad-plus/packs/pack-shield/references/ism/control-applicability.md +181 -181
- package/src/bmad-plus/packs/pack-shield/references/ism/guidelines-overview.md +183 -183
- package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2013.md +203 -203
- package/src/bmad-plus/packs/pack-shield/references/iso27001/annex-a-2022.md +132 -132
- package/src/bmad-plus/packs/pack-shield/references/iso27001/control-mapping.md +153 -153
- package/src/bmad-plus/packs/pack-shield/references/iso27701/annex-a-controls.md +195 -195
- package/src/bmad-plus/packs/pack-shield/references/iso27701/regulatory-mapping.md +229 -229
- package/src/bmad-plus/packs/pack-shield/references/iso27701/transition-guide.md +219 -219
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-ai-risk-assessment.md +258 -258
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-clauses-requirements.md +279 -279
- package/src/bmad-plus/packs/pack-shield/references/iso42001/iso42001-controls-annex-a.md +155 -155
- package/src/bmad-plus/packs/pack-shield/references/itar/compliance-program.md +174 -174
- package/src/bmad-plus/packs/pack-shield/references/itar/licensing-guide.md +146 -146
- package/src/bmad-plus/packs/pack-shield/references/itar/usml-categories.md +93 -93
- package/src/bmad-plus/packs/pack-shield/references/lgpd/anpd-enforcement.md +147 -147
- package/src/bmad-plus/packs/pack-shield/references/lgpd/compliance-program.md +272 -272
- package/src/bmad-plus/packs/pack-shield/references/lgpd/lgpd-articles.md +271 -271
- package/src/bmad-plus/packs/pack-shield/references/nis2/article-21-measures.md +153 -153
- package/src/bmad-plus/packs/pack-shield/references/nis2/iso27001-nis2-mapping.md +68 -68
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/assessment-rmf.md +349 -349
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/baselines-tailoring.md +277 -277
- package/src/bmad-plus/packs/pack-shield/references/nist-800-53/control-families.md +450 -450
- package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-core.md +361 -361
- package/src/bmad-plus/packs/pack-shield/references/nist-ai-rmf/rmf-profiles.md +192 -192
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-10-to-20-mapping.md +143 -143
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-20-functions-categories.md +278 -278
- package/src/bmad-plus/packs/pack-shield/references/nist-csf/csf-implementation-tiers.md +135 -135
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-requirements.md +366 -366
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-saq-guide.md +217 -217
- package/src/bmad-plus/packs/pack-shield/references/pci-compliance/pci-dss-v4-changes.md +190 -190
- package/src/bmad-plus/packs/pack-shield/references/section-508/wcag-mapping.md +160 -160
- package/src/bmad-plus/packs/pack-shield/references/soc2/controls.md +241 -241
- package/src/bmad-plus/packs/pack-shield/references/soc2/evidence.md +236 -236
- package/src/bmad-plus/packs/pack-shield/references/soc2/policies.md +254 -254
- package/src/bmad-plus/packs/pack-shield/references/soc2/vendor.md +276 -276
- package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-assessment.md +202 -202
- package/src/bmad-plus/packs/pack-shield/references/swift-csp/swift-controls.md +545 -545
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-crmp-requirements.md +359 -359
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-directives-overview.md +187 -187
- package/src/bmad-plus/packs/pack-shield/references/tsa-compliance/tsa-incident-reporting.md +187 -187
- package/src/bmad-plus/packs/pack-shield/references/wcag/criteria-detail.md +510 -510
- package/src/bmad-plus/packs/pack-shield/shared/audit-report-template.md +103 -103
- package/src/bmad-plus/packs/pack-shield/shared/cross-framework-mapper.md +103 -103
- package/src/bmad-plus/packs/pack-shield/shared/gap-analysis-template.md +83 -83
- package/src/bmad-plus/packs/pack-shield/shield-orchestrator.md +229 -229
- package/src/bmad-plus/packs/pack-shield/upstream-sync.yaml +68 -68
- package/src/bmad-plus/skills/bmad-plus-autopilot/SKILL.md +99 -99
- package/src/bmad-plus/skills/bmad-plus-parallel/SKILL.md +93 -93
- package/src/bmad-plus/skills/bmad-plus-sync/SKILL.md +69 -69
- package/tools/bmad-plus-npx.js +3 -5
- package/tools/cli/bmad-plus-cli.js +5 -3
- package/tools/cli/commands/autoconfig.js +18 -61
- package/tools/cli/commands/doctor.js +30 -31
- package/tools/cli/commands/install.js +33 -343
- package/tools/cli/commands/memory.js +1 -0
- package/tools/cli/commands/scan.js +61 -74
- package/tools/cli/commands/uninstall.js +7 -4
- package/tools/cli/commands/update.js +15 -72
- package/tools/cli/i18n.js +92 -10
- package/tools/cli/lib/ide-config.js +259 -0
- package/tools/cli/lib/memory-init.js +113 -0
- package/tools/cli/lib/pack-copy.js +84 -0
- package/tools/cli/lib/packs.js +114 -0
- package/tools/cli/lib/stack-detect.js +102 -0
- package/tools/cli/lib/validate.js +45 -0
- package/src/bmad-plus/agents/pack-animated/animated-website-agent.md +0 -325
- package/src/bmad-plus/agents/pack-animated/templates/animated-website-workflow.md +0 -55
- package/src/bmad-plus/agents/pack-backup/backup-agent.md +0 -71
- package/src/bmad-plus/agents/pack-backup/templates/backup-workflow.md +0 -51
- package/src/bmad-plus/agents/pack-seo/SKILL.md +0 -171
- package/src/bmad-plus/agents/pack-seo/checklist.md +0 -140
- package/src/bmad-plus/agents/pack-seo/pagespeed-playbook.md +0 -320
- package/src/bmad-plus/agents/pack-seo/ref/audit-schema.json +0 -187
- package/src/bmad-plus/agents/pack-seo/ref/cwv-thresholds.md +0 -87
- package/src/bmad-plus/agents/pack-seo/ref/eeat-criteria.md +0 -123
- package/src/bmad-plus/agents/pack-seo/ref/geo-signals.md +0 -167
- package/src/bmad-plus/agents/pack-seo/ref/hreflang-rules.md +0 -153
- package/src/bmad-plus/agents/pack-seo/ref/quality-gates.md +0 -133
- package/src/bmad-plus/agents/pack-seo/ref/schema-catalog.md +0 -91
- package/src/bmad-plus/agents/pack-seo/ref/schema-templates.json +0 -356
- package/src/bmad-plus/agents/pack-seo/seo-chief.md +0 -294
- package/src/bmad-plus/agents/pack-seo/seo-judge.md +0 -241
- package/src/bmad-plus/agents/pack-seo/seo-scout.md +0 -171
- package/src/bmad-plus/agents/pack-seo/templates/seo-audit-workflow.md +0 -241
|
@@ -1,160 +1,160 @@
|
|
|
1
|
-
# Section 508 / WCAG 2.0 AA — Detailed Reference
|
|
2
|
-
|
|
3
|
-
## Section 508 Provision Map
|
|
4
|
-
|
|
5
|
-
| 508 Provision | Scope | WCAG Equivalent |
|
|
6
|
-
|---------------|-------|-----------------|
|
|
7
|
-
| E205.2 | Web content | WCAG 2.0 Level A and AA |
|
|
8
|
-
| E205.3 | Electronic documents | WCAG 2.0 Level A and AA (as applicable) |
|
|
9
|
-
| E205.4 | Software (user interface) | WCAG 2.0 Level A and AA |
|
|
10
|
-
| E204 | Authoring tools | WCAG 2.0 Level A and AA |
|
|
11
|
-
| Chapter 3 | Functional Performance Criteria | Without visual, colour, hearing, speech, fine motor, cognitive limitations |
|
|
12
|
-
| Chapter 4 | Hardware | Physical ICT accessible controls, display, clearance |
|
|
13
|
-
| Chapter 6 | Support docs and services | Documentation and help in accessible formats |
|
|
14
|
-
|
|
15
|
-
---
|
|
16
|
-
|
|
17
|
-
## WCAG 2.0 Level A Success Criteria — Common Failures
|
|
18
|
-
|
|
19
|
-
### 1.1.1 Non-text Content
|
|
20
|
-
- **Failure:** `<img>` missing `alt` attribute, or `alt=""` on informative image
|
|
21
|
-
- **Failure:** Icon buttons with no accessible name (`aria-label` or `aria-labelledby`)
|
|
22
|
-
- **Failure:** Charts and graphs with no text alternative describing data
|
|
23
|
-
- **Testing:** Automated (axe, WAVE) + manual screen reader review
|
|
24
|
-
- **Fix:** Add meaningful `alt` text; use `alt=""` only for decorative images; use `aria-label` on icon-only buttons
|
|
25
|
-
|
|
26
|
-
### 1.3.1 Info and Relationships
|
|
27
|
-
- **Failure:** Visual headings not marked up with `<h1>`–`<h6>` (styled `<div>` or `<span>` used instead)
|
|
28
|
-
- **Failure:** Data tables with no `<th>` or `scope` attributes
|
|
29
|
-
- **Failure:** Form fields with visual label not programmatically associated (missing `<label for="">` or `aria-labelledby`)
|
|
30
|
-
- **Failure:** Required fields indicated only by colour or asterisk with no screen-reader-accessible text
|
|
31
|
-
- **Testing:** DOM inspection, NVDA/JAWS, automated (partial)
|
|
32
|
-
- **Fix:** Semantic HTML first; `aria-*` attributes only when semantic HTML insufficient
|
|
33
|
-
|
|
34
|
-
### 2.1.1 Keyboard
|
|
35
|
-
- **Failure:** Custom dropdowns, date pickers, modal dialogs not operable by keyboard
|
|
36
|
-
- **Failure:** Mouse-only event handlers (`onclick` on non-interactive elements, `mouseover` without `focus` equivalent)
|
|
37
|
-
- **Failure:** Drag-and-drop with no keyboard alternative
|
|
38
|
-
- **Failure:** Keyboard trap in modal — Tab cycles only within modal but no way to close it
|
|
39
|
-
- **Testing:** Tab through entire page; activate all controls; open/close modals
|
|
40
|
-
- **Fix:** Use native HTML controls where possible; for custom widgets, implement ARIA keyboard patterns (ARIA Authoring Practices Guide)
|
|
41
|
-
|
|
42
|
-
### 1.4.1 Use of Colour
|
|
43
|
-
- **Failure:** Form validation errors shown only by red border with no text or icon
|
|
44
|
-
- **Failure:** Required field indicator is colour-only (red asterisk with no "required" text)
|
|
45
|
-
- **Failure:** Link text colour is the only differentiator from surrounding body text (no underline or other visual cue)
|
|
46
|
-
|
|
47
|
-
### 4.1.2 Name, Role, Value
|
|
48
|
-
- **Failure:** Custom checkboxes/radio buttons styled with CSS, no ARIA role or checked state
|
|
49
|
-
- **Failure:** Tab panels with no `role="tab"`, `role="tablist"`, `aria-selected`
|
|
50
|
-
- **Failure:** Toggle buttons with no `aria-pressed` attribute
|
|
51
|
-
- **Failure:** Expanded/collapsed accordions with no `aria-expanded`
|
|
52
|
-
- **Testing:** Inspect ARIA properties in browser accessibility tree; test with NVDA/JAWS
|
|
53
|
-
- **Fix:** Follow WAI-ARIA Authoring Practices Guide patterns for each widget type
|
|
54
|
-
|
|
55
|
-
---
|
|
56
|
-
|
|
57
|
-
## WCAG 2.0 Level AA Success Criteria — Common Failures
|
|
58
|
-
|
|
59
|
-
### 1.4.3 Contrast (Minimum)
|
|
60
|
-
- Normal text (< 18pt or < 14pt bold): **4.5:1** minimum contrast ratio against background
|
|
61
|
-
- Large text (≥ 18pt or ≥ 14pt bold): **3:1** minimum
|
|
62
|
-
- **Failure:** Light grey text on white background (e.g., #767676 on #FFFFFF = 4.48:1 — fails AA)
|
|
63
|
-
- **Failure:** Placeholder text in input fields (often fails; placeholder is not a label substitute)
|
|
64
|
-
- **Exception:** Text in logos, inactive UI components, decorative text
|
|
65
|
-
- **Tool:** WebAIM Contrast Checker, Colour Contrast Analyser (desktop app), browser DevTools
|
|
66
|
-
|
|
67
|
-
### 1.4.4 Resize Text
|
|
68
|
-
- **Failure:** Text rendered in `px` units inside CSS `@media` queries that prevent browser zoom from scaling text
|
|
69
|
-
- **Failure:** Fixed-height containers that clip text when zoomed to 200%
|
|
70
|
-
- **Fix:** Use relative units (`rem`, `em`) for font sizes and container heights; test at 200% browser zoom
|
|
71
|
-
|
|
72
|
-
### 2.4.5 Multiple Ways
|
|
73
|
-
- **Requirement:** Provide at least two ways to find content: search + navigation, OR sitemap + navigation
|
|
74
|
-
- **Exception:** Pages that are the result of a process (e.g., checkout confirmation page) are excluded
|
|
75
|
-
|
|
76
|
-
### 2.4.7 Focus Visible
|
|
77
|
-
- **Failure:** CSS `outline: none` or `outline: 0` removing the default focus ring with no replacement
|
|
78
|
-
- **Failure:** Focus ring present but invisible against background colour
|
|
79
|
-
- **Fix:** Never remove focus styling without replacing it; use `focus-visible` CSS pseudo-class
|
|
80
|
-
|
|
81
|
-
### 3.3.3 Error Suggestion
|
|
82
|
-
- **Failure:** Form validation says "invalid input" without specifying what is wrong or how to fix it
|
|
83
|
-
- **Fix:** "Please enter a date in MM/DD/YYYY format" — specific, actionable suggestion
|
|
84
|
-
|
|
85
|
-
### 3.3.4 Error Prevention
|
|
86
|
-
- **Requirement:** For legal, financial, or data deletion transactions: provide a review-and-confirm step, OR allow the submission to be reversed/cancelled
|
|
87
|
-
|
|
88
|
-
---
|
|
89
|
-
|
|
90
|
-
## Functional Performance Criteria (Chapter 3) — Section 508
|
|
91
|
-
|
|
92
|
-
| Criterion | Requirement |
|
|
93
|
-
|-----------|-------------|
|
|
94
|
-
| 302.1 Without Vision | At least one mode operable without vision (screen reader support) |
|
|
95
|
-
| 302.2 With Limited Vision | At least one mode with features that accommodate limited vision (zoom, high contrast) |
|
|
96
|
-
| 302.3 Without Perception of Colour | Colour not the only means to convey information |
|
|
97
|
-
| 302.4 Without Hearing | At least one mode operable without hearing (captions, transcripts, visual alerts) |
|
|
98
|
-
| 302.5 With Limited Hearing | At least one mode with features for limited hearing (volume control, captioning) |
|
|
99
|
-
| 302.6 Without Speech | At least one mode operable without speech |
|
|
100
|
-
| 302.7 With Limited Manipulation | At least one mode operable without fine motor control (no simultaneous key presses, no timed actions) |
|
|
101
|
-
| 302.8 With Limited Reach and Strength | At least one mode for limited reach (reachable controls) |
|
|
102
|
-
| 302.9 With Limited Language, Cognitive, and Learning | At least one mode that accommodates limited cognitive ability |
|
|
103
|
-
|
|
104
|
-
---
|
|
105
|
-
|
|
106
|
-
## Assistive Technology Testing Matrix
|
|
107
|
-
|
|
108
|
-
| AT + Browser | Primary Use Case | Notes |
|
|
109
|
-
|--------------|-----------------|-------|
|
|
110
|
-
| JAWS + Chrome | Federal agency standard; most common screen reader in US gov | Test all interactive widgets, form flows, dynamic content (ARIA live regions) |
|
|
111
|
-
| NVDA + Chrome or Firefox | Open-source; widely used for testing; required for VPAT testing | Free; good for broad coverage |
|
|
112
|
-
| VoiceOver + Safari (macOS) | Mac users; required if product targets Mac/iOS | Keyboard shortcut: Cmd+F5 |
|
|
113
|
-
| VoiceOver + Safari (iOS) | Mobile web and native iOS apps | Swipe navigation; activate with triple-click Home/Side button |
|
|
114
|
-
| TalkBack + Chrome (Android) | Android web and native apps | Swipe navigation; activate in Accessibility settings |
|
|
115
|
-
| Dragon NaturallySpeaking | Voice control users | Test all link text and button labels are speakable |
|
|
116
|
-
| Keyboard only | Most impactful test; catches most 2.1.x failures | Tab, Shift-Tab, Enter, Space, Arrow keys |
|
|
117
|
-
| High Contrast Mode (Windows) | OS-level contrast override | Ensure no information lost; images must not disappear |
|
|
118
|
-
| Browser Zoom 200% | SC 1.4.4 | Check for horizontal scroll, content overlap, clipped text |
|
|
119
|
-
| ZoomText / Magnifier | Low-vision users | Test with 4x magnification |
|
|
120
|
-
|
|
121
|
-
---
|
|
122
|
-
|
|
123
|
-
## PDF Accessibility Checklist
|
|
124
|
-
|
|
125
|
-
| Requirement | How to Verify | Tool |
|
|
126
|
-
|-------------|---------------|------|
|
|
127
|
-
| Document is tagged | File → Properties → Description tab: "Tagged PDF: Yes" | Acrobat Pro |
|
|
128
|
-
| Tag tree structure correct | Accessibility → Reading Order; Tags panel | Acrobat Pro |
|
|
129
|
-
| Reading order = visual order | View → Read Out Loud; or Articles panel | Acrobat Pro |
|
|
130
|
-
| Images have Alt text | Right-click image tag → Properties → Alternate Text | Acrobat Pro |
|
|
131
|
-
| Form fields have Tooltip/name | Open Form Editor; check Tooltip field for each control | Acrobat Pro |
|
|
132
|
-
| Table tags with TH/Scope | Tags panel; Table Inspector | Acrobat Pro |
|
|
133
|
-
| Document language set | File → Properties → Advanced → Reading Options | Acrobat Pro |
|
|
134
|
-
| Document title set | File → Properties → Description → Title | Acrobat Pro |
|
|
135
|
-
| No flicker/motion (if any) | Review any embedded multimedia | Manual |
|
|
136
|
-
| Passes automated check | Accessibility → Full Check → Run | Acrobat Pro |
|
|
137
|
-
|
|
138
|
-
---
|
|
139
|
-
|
|
140
|
-
## Common Procurement Deficiencies in VPATs
|
|
141
|
-
|
|
142
|
-
1. **Outdated template** — using VPAT 1.x instead of VPAT 2.x (WCAG Edition). Reject and require resubmission.
|
|
143
|
-
2. **"Supports" without evidence** — vendor claims support with no remarks. Require explanation for each "Supports" claim.
|
|
144
|
-
3. **"Not Applicable" overuse** — vendor marks criteria N/A without justification. Challenge: almost no product has 100% N/A for interactive criteria.
|
|
145
|
-
4. **Missing functional performance criteria** — vendors skip Chapter 3 entirely. Required for all ICT.
|
|
146
|
-
5. **No testing methodology disclosed** — VPAT must state how testing was conducted (automated tools, AT + browser combinations, dates).
|
|
147
|
-
6. **Version mismatch** — VPAT covers version 1.0 but agency is procuring version 2.0. Require VPAT for the exact version being procured.
|
|
148
|
-
|
|
149
|
-
---
|
|
150
|
-
|
|
151
|
-
## Key Legal References
|
|
152
|
-
|
|
153
|
-
- **29 U.S.C. § 794d** — Section 508 statutory text
|
|
154
|
-
- **36 CFR Part 1194** — Access Board's Revised Section 508 Standards (effective 18 January 2018)
|
|
155
|
-
- **FAR Subpart 39.2** — Federal Acquisition Regulation provisions on Section 508
|
|
156
|
-
- **FAR clause 52.239-2** — Section 508 contract clause (mandatory for ICT procurement)
|
|
157
|
-
- **OMB Memorandum M-24-08** — "Strengthening Digital Accessibility and the Management of Section 508 of the Rehabilitation Act" (January 2024)
|
|
158
|
-
- **Section508.gov** — GSA's official guidance, VPAT templates, testing resources
|
|
159
|
-
- **WCAG 2.0** — W3C Recommendation (11 December 2008) — the incorporated technical standard
|
|
160
|
-
- **WCAG 2.1** — W3C Recommendation (5 June 2018) — supersedes 2.0; additional mobile/cognitive criteria (not yet mandated by 508 but recommended)
|
|
1
|
+
# Section 508 / WCAG 2.0 AA — Detailed Reference
|
|
2
|
+
|
|
3
|
+
## Section 508 Provision Map
|
|
4
|
+
|
|
5
|
+
| 508 Provision | Scope | WCAG Equivalent |
|
|
6
|
+
|---------------|-------|-----------------|
|
|
7
|
+
| E205.2 | Web content | WCAG 2.0 Level A and AA |
|
|
8
|
+
| E205.3 | Electronic documents | WCAG 2.0 Level A and AA (as applicable) |
|
|
9
|
+
| E205.4 | Software (user interface) | WCAG 2.0 Level A and AA |
|
|
10
|
+
| E204 | Authoring tools | WCAG 2.0 Level A and AA |
|
|
11
|
+
| Chapter 3 | Functional Performance Criteria | Without visual, colour, hearing, speech, fine motor, cognitive limitations |
|
|
12
|
+
| Chapter 4 | Hardware | Physical ICT accessible controls, display, clearance |
|
|
13
|
+
| Chapter 6 | Support docs and services | Documentation and help in accessible formats |
|
|
14
|
+
|
|
15
|
+
---
|
|
16
|
+
|
|
17
|
+
## WCAG 2.0 Level A Success Criteria — Common Failures
|
|
18
|
+
|
|
19
|
+
### 1.1.1 Non-text Content
|
|
20
|
+
- **Failure:** `<img>` missing `alt` attribute, or `alt=""` on informative image
|
|
21
|
+
- **Failure:** Icon buttons with no accessible name (`aria-label` or `aria-labelledby`)
|
|
22
|
+
- **Failure:** Charts and graphs with no text alternative describing data
|
|
23
|
+
- **Testing:** Automated (axe, WAVE) + manual screen reader review
|
|
24
|
+
- **Fix:** Add meaningful `alt` text; use `alt=""` only for decorative images; use `aria-label` on icon-only buttons
|
|
25
|
+
|
|
26
|
+
### 1.3.1 Info and Relationships
|
|
27
|
+
- **Failure:** Visual headings not marked up with `<h1>`–`<h6>` (styled `<div>` or `<span>` used instead)
|
|
28
|
+
- **Failure:** Data tables with no `<th>` or `scope` attributes
|
|
29
|
+
- **Failure:** Form fields with visual label not programmatically associated (missing `<label for="">` or `aria-labelledby`)
|
|
30
|
+
- **Failure:** Required fields indicated only by colour or asterisk with no screen-reader-accessible text
|
|
31
|
+
- **Testing:** DOM inspection, NVDA/JAWS, automated (partial)
|
|
32
|
+
- **Fix:** Semantic HTML first; `aria-*` attributes only when semantic HTML insufficient
|
|
33
|
+
|
|
34
|
+
### 2.1.1 Keyboard
|
|
35
|
+
- **Failure:** Custom dropdowns, date pickers, modal dialogs not operable by keyboard
|
|
36
|
+
- **Failure:** Mouse-only event handlers (`onclick` on non-interactive elements, `mouseover` without `focus` equivalent)
|
|
37
|
+
- **Failure:** Drag-and-drop with no keyboard alternative
|
|
38
|
+
- **Failure:** Keyboard trap in modal — Tab cycles only within modal but no way to close it
|
|
39
|
+
- **Testing:** Tab through entire page; activate all controls; open/close modals
|
|
40
|
+
- **Fix:** Use native HTML controls where possible; for custom widgets, implement ARIA keyboard patterns (ARIA Authoring Practices Guide)
|
|
41
|
+
|
|
42
|
+
### 1.4.1 Use of Colour
|
|
43
|
+
- **Failure:** Form validation errors shown only by red border with no text or icon
|
|
44
|
+
- **Failure:** Required field indicator is colour-only (red asterisk with no "required" text)
|
|
45
|
+
- **Failure:** Link text colour is the only differentiator from surrounding body text (no underline or other visual cue)
|
|
46
|
+
|
|
47
|
+
### 4.1.2 Name, Role, Value
|
|
48
|
+
- **Failure:** Custom checkboxes/radio buttons styled with CSS, no ARIA role or checked state
|
|
49
|
+
- **Failure:** Tab panels with no `role="tab"`, `role="tablist"`, `aria-selected`
|
|
50
|
+
- **Failure:** Toggle buttons with no `aria-pressed` attribute
|
|
51
|
+
- **Failure:** Expanded/collapsed accordions with no `aria-expanded`
|
|
52
|
+
- **Testing:** Inspect ARIA properties in browser accessibility tree; test with NVDA/JAWS
|
|
53
|
+
- **Fix:** Follow WAI-ARIA Authoring Practices Guide patterns for each widget type
|
|
54
|
+
|
|
55
|
+
---
|
|
56
|
+
|
|
57
|
+
## WCAG 2.0 Level AA Success Criteria — Common Failures
|
|
58
|
+
|
|
59
|
+
### 1.4.3 Contrast (Minimum)
|
|
60
|
+
- Normal text (< 18pt or < 14pt bold): **4.5:1** minimum contrast ratio against background
|
|
61
|
+
- Large text (≥ 18pt or ≥ 14pt bold): **3:1** minimum
|
|
62
|
+
- **Failure:** Light grey text on white background (e.g., #767676 on #FFFFFF = 4.48:1 — fails AA)
|
|
63
|
+
- **Failure:** Placeholder text in input fields (often fails; placeholder is not a label substitute)
|
|
64
|
+
- **Exception:** Text in logos, inactive UI components, decorative text
|
|
65
|
+
- **Tool:** WebAIM Contrast Checker, Colour Contrast Analyser (desktop app), browser DevTools
|
|
66
|
+
|
|
67
|
+
### 1.4.4 Resize Text
|
|
68
|
+
- **Failure:** Text rendered in `px` units inside CSS `@media` queries that prevent browser zoom from scaling text
|
|
69
|
+
- **Failure:** Fixed-height containers that clip text when zoomed to 200%
|
|
70
|
+
- **Fix:** Use relative units (`rem`, `em`) for font sizes and container heights; test at 200% browser zoom
|
|
71
|
+
|
|
72
|
+
### 2.4.5 Multiple Ways
|
|
73
|
+
- **Requirement:** Provide at least two ways to find content: search + navigation, OR sitemap + navigation
|
|
74
|
+
- **Exception:** Pages that are the result of a process (e.g., checkout confirmation page) are excluded
|
|
75
|
+
|
|
76
|
+
### 2.4.7 Focus Visible
|
|
77
|
+
- **Failure:** CSS `outline: none` or `outline: 0` removing the default focus ring with no replacement
|
|
78
|
+
- **Failure:** Focus ring present but invisible against background colour
|
|
79
|
+
- **Fix:** Never remove focus styling without replacing it; use `focus-visible` CSS pseudo-class
|
|
80
|
+
|
|
81
|
+
### 3.3.3 Error Suggestion
|
|
82
|
+
- **Failure:** Form validation says "invalid input" without specifying what is wrong or how to fix it
|
|
83
|
+
- **Fix:** "Please enter a date in MM/DD/YYYY format" — specific, actionable suggestion
|
|
84
|
+
|
|
85
|
+
### 3.3.4 Error Prevention
|
|
86
|
+
- **Requirement:** For legal, financial, or data deletion transactions: provide a review-and-confirm step, OR allow the submission to be reversed/cancelled
|
|
87
|
+
|
|
88
|
+
---
|
|
89
|
+
|
|
90
|
+
## Functional Performance Criteria (Chapter 3) — Section 508
|
|
91
|
+
|
|
92
|
+
| Criterion | Requirement |
|
|
93
|
+
|-----------|-------------|
|
|
94
|
+
| 302.1 Without Vision | At least one mode operable without vision (screen reader support) |
|
|
95
|
+
| 302.2 With Limited Vision | At least one mode with features that accommodate limited vision (zoom, high contrast) |
|
|
96
|
+
| 302.3 Without Perception of Colour | Colour not the only means to convey information |
|
|
97
|
+
| 302.4 Without Hearing | At least one mode operable without hearing (captions, transcripts, visual alerts) |
|
|
98
|
+
| 302.5 With Limited Hearing | At least one mode with features for limited hearing (volume control, captioning) |
|
|
99
|
+
| 302.6 Without Speech | At least one mode operable without speech |
|
|
100
|
+
| 302.7 With Limited Manipulation | At least one mode operable without fine motor control (no simultaneous key presses, no timed actions) |
|
|
101
|
+
| 302.8 With Limited Reach and Strength | At least one mode for limited reach (reachable controls) |
|
|
102
|
+
| 302.9 With Limited Language, Cognitive, and Learning | At least one mode that accommodates limited cognitive ability |
|
|
103
|
+
|
|
104
|
+
---
|
|
105
|
+
|
|
106
|
+
## Assistive Technology Testing Matrix
|
|
107
|
+
|
|
108
|
+
| AT + Browser | Primary Use Case | Notes |
|
|
109
|
+
|--------------|-----------------|-------|
|
|
110
|
+
| JAWS + Chrome | Federal agency standard; most common screen reader in US gov | Test all interactive widgets, form flows, dynamic content (ARIA live regions) |
|
|
111
|
+
| NVDA + Chrome or Firefox | Open-source; widely used for testing; required for VPAT testing | Free; good for broad coverage |
|
|
112
|
+
| VoiceOver + Safari (macOS) | Mac users; required if product targets Mac/iOS | Keyboard shortcut: Cmd+F5 |
|
|
113
|
+
| VoiceOver + Safari (iOS) | Mobile web and native iOS apps | Swipe navigation; activate with triple-click Home/Side button |
|
|
114
|
+
| TalkBack + Chrome (Android) | Android web and native apps | Swipe navigation; activate in Accessibility settings |
|
|
115
|
+
| Dragon NaturallySpeaking | Voice control users | Test all link text and button labels are speakable |
|
|
116
|
+
| Keyboard only | Most impactful test; catches most 2.1.x failures | Tab, Shift-Tab, Enter, Space, Arrow keys |
|
|
117
|
+
| High Contrast Mode (Windows) | OS-level contrast override | Ensure no information lost; images must not disappear |
|
|
118
|
+
| Browser Zoom 200% | SC 1.4.4 | Check for horizontal scroll, content overlap, clipped text |
|
|
119
|
+
| ZoomText / Magnifier | Low-vision users | Test with 4x magnification |
|
|
120
|
+
|
|
121
|
+
---
|
|
122
|
+
|
|
123
|
+
## PDF Accessibility Checklist
|
|
124
|
+
|
|
125
|
+
| Requirement | How to Verify | Tool |
|
|
126
|
+
|-------------|---------------|------|
|
|
127
|
+
| Document is tagged | File → Properties → Description tab: "Tagged PDF: Yes" | Acrobat Pro |
|
|
128
|
+
| Tag tree structure correct | Accessibility → Reading Order; Tags panel | Acrobat Pro |
|
|
129
|
+
| Reading order = visual order | View → Read Out Loud; or Articles panel | Acrobat Pro |
|
|
130
|
+
| Images have Alt text | Right-click image tag → Properties → Alternate Text | Acrobat Pro |
|
|
131
|
+
| Form fields have Tooltip/name | Open Form Editor; check Tooltip field for each control | Acrobat Pro |
|
|
132
|
+
| Table tags with TH/Scope | Tags panel; Table Inspector | Acrobat Pro |
|
|
133
|
+
| Document language set | File → Properties → Advanced → Reading Options | Acrobat Pro |
|
|
134
|
+
| Document title set | File → Properties → Description → Title | Acrobat Pro |
|
|
135
|
+
| No flicker/motion (if any) | Review any embedded multimedia | Manual |
|
|
136
|
+
| Passes automated check | Accessibility → Full Check → Run | Acrobat Pro |
|
|
137
|
+
|
|
138
|
+
---
|
|
139
|
+
|
|
140
|
+
## Common Procurement Deficiencies in VPATs
|
|
141
|
+
|
|
142
|
+
1. **Outdated template** — using VPAT 1.x instead of VPAT 2.x (WCAG Edition). Reject and require resubmission.
|
|
143
|
+
2. **"Supports" without evidence** — vendor claims support with no remarks. Require explanation for each "Supports" claim.
|
|
144
|
+
3. **"Not Applicable" overuse** — vendor marks criteria N/A without justification. Challenge: almost no product has 100% N/A for interactive criteria.
|
|
145
|
+
4. **Missing functional performance criteria** — vendors skip Chapter 3 entirely. Required for all ICT.
|
|
146
|
+
5. **No testing methodology disclosed** — VPAT must state how testing was conducted (automated tools, AT + browser combinations, dates).
|
|
147
|
+
6. **Version mismatch** — VPAT covers version 1.0 but agency is procuring version 2.0. Require VPAT for the exact version being procured.
|
|
148
|
+
|
|
149
|
+
---
|
|
150
|
+
|
|
151
|
+
## Key Legal References
|
|
152
|
+
|
|
153
|
+
- **29 U.S.C. § 794d** — Section 508 statutory text
|
|
154
|
+
- **36 CFR Part 1194** — Access Board's Revised Section 508 Standards (effective 18 January 2018)
|
|
155
|
+
- **FAR Subpart 39.2** — Federal Acquisition Regulation provisions on Section 508
|
|
156
|
+
- **FAR clause 52.239-2** — Section 508 contract clause (mandatory for ICT procurement)
|
|
157
|
+
- **OMB Memorandum M-24-08** — "Strengthening Digital Accessibility and the Management of Section 508 of the Rehabilitation Act" (January 2024)
|
|
158
|
+
- **Section508.gov** — GSA's official guidance, VPAT templates, testing resources
|
|
159
|
+
- **WCAG 2.0** — W3C Recommendation (11 December 2008) — the incorporated technical standard
|
|
160
|
+
- **WCAG 2.1** — W3C Recommendation (5 June 2018) — supersedes 2.0; additional mobile/cognitive criteria (not yet mandated by 508 but recommended)
|