An axe-core reporter that outputs axe scan results in SARIF format (http://sarifweb.azurewebsites.net/)
Перейти к файлу
dependabot[bot] fafcbda8ce
chore(deps-dev): Bump @axe-core/puppeteer from 4.9.1 to 4.10.0 (#1397)
Bumps [@axe-core/puppeteer](https://github.com/dequelabs/axe-core-npm)
from 4.9.1 to 4.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dequelabs/axe-core-npm/releases"><code>@​axe-core/puppeteer</code>'s
releases</a>.</em></p>
<blockquote>
<h2>Release 4.10.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(playwright): Add missing await on page.evaluate by <a
href="https://github.com/KuSh"><code>@​KuSh</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1063">dequelabs/axe-core-npm#1063</a></li>
<li>chore: update to support eslint 9 flat config by <a
href="https://github.com/michael-siek"><code>@​michael-siek</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1064">dequelabs/axe-core-npm#1064</a></li>
<li>chore: merge master into develop by <a
href="https://github.com/attest-team-ci"><code>@​attest-team-ci</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1071">dequelabs/axe-core-npm#1071</a></li>
<li>chore: bump puppeteer from 21.7.0 to 22.10.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1073">dequelabs/axe-core-npm#1073</a></li>
<li>chore: bump sinon from 17.0.1 to 18.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1076">dequelabs/axe-core-npm#1076</a></li>
<li>chore: bump chromedriver from 121.0.0 to 125.0.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1075">dequelabs/axe-core-npm#1075</a></li>
<li>chore: fix eslint errors and warnings by <a
href="https://github.com/straker"><code>@​straker</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1079">dequelabs/axe-core-npm#1079</a></li>
<li>chore: bump typescript-eslint from 8.0.0-alpha.12 to 8.0.0-alpha.26
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1078">dequelabs/axe-core-npm#1078</a></li>
<li>chore: bump the npm-low-risk group across 1 directory with 22
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1077">dequelabs/axe-core-npm#1077</a></li>
<li>chore: use updated browser-driver-manager by <a
href="https://github.com/scottmries"><code>@​scottmries</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1080">dequelabs/axe-core-npm#1080</a></li>
<li>chore: bump the npm-low-risk group with 27 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1081">dequelabs/axe-core-npm#1081</a></li>
<li>chore: bump chromedriver from 125.0.3 to 126.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1082">dequelabs/axe-core-npm#1082</a></li>
<li>feat: Update axe-core to v4.10.0 by <a
href="https://github.com/attest-team-ci"><code>@​attest-team-ci</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1088">dequelabs/axe-core-npm#1088</a></li>
<li>chore: downgrade lerna to resolve ESM requirement by <a
href="https://github.com/michael-siek"><code>@​michael-siek</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1098">dequelabs/axe-core-npm#1098</a></li>
<li>fix(cli): include <code>dotenv</code> dep by <a
href="https://github.com/michael-siek"><code>@​michael-siek</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1103">dequelabs/axe-core-npm#1103</a></li>
<li>chore: RC v4.10.0 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1108">dequelabs/axe-core-npm#1108</a></li>
<li>Release 4.10.0 by <a
href="https://github.com/dequejenn"><code>@​dequejenn</code></a> in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1110">dequelabs/axe-core-npm#1110</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/KuSh"><code>@​KuSh</code></a> made their
first contribution in <a
href="https://redirect.github.com/dequelabs/axe-core-npm/pull/1063">dequelabs/axe-core-npm#1063</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dequelabs/axe-core-npm/compare/v4.9.1...v4.10.0">https://github.com/dequelabs/axe-core-npm/compare/v4.9.1...v4.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dequelabs/axe-core-npm/blob/develop/CHANGELOG.md"><code>@​axe-core/puppeteer</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/dequelabs/axe-core-npm/compare/v4.9.1...v4.10.0">4.10.0</a>
(2024-08-16)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>cli:</strong> include <code>dotenv</code> dep (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1103">#1103</a>)
(<a
href="5d34355066">5d34355</a>),
closes <a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1102">#1102</a></li>
<li><strong>playwright:</strong> Add missing await on page.evaluate (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1063">#1063</a>)
(<a
href="20b8bbffdd">20b8bbf</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>Update axe-core to v4.10.0 (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1088">#1088</a>)
(<a
href="bb94776ff6">bb94776</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ce9a6a0386"><code>ce9a6a0</code></a>
Release 4.10.0 (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1110">#1110</a>)</li>
<li><a
href="3b471d1341"><code>3b471d1</code></a>
chore: RC v4.10.0 (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1108">#1108</a>)</li>
<li><a
href="d393db67ea"><code>d393db6</code></a>
chore: RC v4.10.0</li>
<li><a
href="5d34355066"><code>5d34355</code></a>
fix(cli): include <code>dotenv</code> dep (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1103">#1103</a>)</li>
<li><a
href="c871221700"><code>c871221</code></a>
chore: downgrade lerna to resolve ESM requirement (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1098">#1098</a>)</li>
<li><a
href="bb94776ff6"><code>bb94776</code></a>
feat: Update axe-core to v4.10.0 (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1088">#1088</a>)</li>
<li><a
href="3864c91aa7"><code>3864c91</code></a>
chore: bump chromedriver from 125.0.3 to 126.0.4 (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1082">#1082</a>)</li>
<li><a
href="68067261aa"><code>6806726</code></a>
chore: bump the npm-low-risk group with 27 updates (<a
href="https://redirect.github.com/dequelabs/axe-core-npm/issues/1081">#1081</a>)</li>
<li><a
href="09977352fe"><code>0997735</code></a>
Update issue templates</li>
<li><a
href="3ab9e3a9ca"><code>3ab9e3a</code></a>
Create feature request template</li>
<li>Additional commits viewable in <a
href="https://github.com/dequelabs/axe-core-npm/compare/v4.9.1...v4.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@axe-core/puppeteer&package-manager=npm_and_yarn&previous-version=4.9.1&new-version=4.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 16:23:16 -04:00
.github
.vscode
.yarn/releases
pipelines
src
.eslintrc.js
.gitattributes
.gitignore
.prettierignore
.releaserc.json
.yarnrc.yml
CONTRIBUTING.md
LICENSE
README.md
SECURITY.md
copyright-header.config.json
copyright-header.txt
jest.config.js
package.json
prettier.config.js
tsconfig.eslint.json
tsconfig.json
yarn.lock chore(deps-dev): Bump @axe-core/puppeteer from 4.9.1 to 4.10.0 (#1397) 2024-10-25 16:23:16 -04:00

README.md

axe-sarif-converter

Build status Code coverage npm semantic-release

Convert axe-core accessibility scan results to the SARIF format. Provides both a TypeScript API and a CLI tool.

Use this with the Sarif Viewer Build Tab Azure DevOps Extension to visualize accessibility scan results in the build results of an Azure Pipelines build.

Usage

Before using axe-sarif-converter, you will need to run an axe accessibility scan to produce some axe results to convert. Typically, you would do this by using an axe integration library for your favorite browser automation tool (@axe-core/puppeteer, @axe-core/webdriverjs, cypress-axe).

axe-sarif-converter exports a single function, named convertAxeToSarif. Use it like this:

import * as Axe from 'axe-core';
import * as AxePuppeteer from '@axe-core/puppeteer';
import * as fs from 'fs';
import * as Puppeteer from 'puppeteer';
import * as util from 'util';

import { convertAxeToSarif, SarifLog } from 'axe-sarif-converter';

test('my accessibility test', async () => {
    // This example uses @axe-core/puppeteer, but you can use any axe-based
    // library that outputs axe scan results in the default axe output format
    const testPage: Puppeteer.Page = /* ... set up your test page ... */;
    const axeResults: Axe.AxeResults = await new AxePuppeteer(testPage).analyze();

    // Perform the conversion
    const sarifResults: SarifLog = convertAxeToSarif(axeResults);

    // Output a SARIF file, perhaps for use with a Sarif Viewer tool
    await util.promisify(fs.writeFile)(
        './test-results/my-accessibility-test.sarif',
        JSON.stringify(sarifResults),
        { encoding: 'utf8' });
}

You can also use axe-sarif-converter as a command line tool:

# @axe-core/cli is used here for example purposes only; you could also run axe-core
# using your library of choice and JSON.stringify the results.
npx @axe-core/cli https://accessibilityinsights.io --save ./sample-axe-results.json

npx axe-sarif-converter --input-files ./sample-axe-results.json --output-file ./sample-axe-results.sarif

See npx axe-sarif-converter --help for full command line option details.

Samples

The microsoft/axe-pipelines-samples project contains full sample code that walks you through integrating this library into your project, from writing a test to seeing results in Azure Pipelines.

Version numbers

The version number of this library is independent from the version numbers of the axe-core inputs and SARIF outputs it supports.

  • axe-sarif-converter version 2.x supports input from version ^3.2.0 || ^4.0.0 of axe-core (tested with 3.2.2, 3.3.2, 3.4.1, 3.4.2, 3.5.1, 3.5.2, 3.5.3, 3.5.4, 3.5.5, 4.0.1, 4.0.2, 4.1.1, 4.2.0, 4.3.2, 4.4.1, and 4.6.3) and outputs SARIF v2.1
  • axe-sarif-converter version 1.x supports input from version >= 3.2.0 < 3.3.0 of axe-core (tested with 3.2.2) and outputs SARIF v2.0

Note that the SARIF format does not use semantic versioning, and there are breaking changes between the v2.0 and v2.1 SARIF formats. If you need compatibility with a SARIF viewer that only supports v2.0, you should use version 1.x of this library.

Contributing

All contributions are welcome! To get started, please read through our CONTRIBUTING guidelines for this project.

Contributor License Agreement

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For more details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.