🏠 Overview ✅ Implementation Tasks ✅ epic-screen-reader-support-complex-widgets-task-015

Integrate WCAGComplianceChecker into CI build pipeline

epic-screen-reader-support-complex-widgets-task-015 — Wire the WCAGComplianceChecker into the CI build pipeline so that it runs automatically on every pull request. Configure the runner to fail the build on critical violations (missing labels, contrast < 4.5:1) and emit warnings for non-critical issues. Produce a machine-readable JSON report and a human-readable summary comment on the pull request.

high priority medium complexity deployment pending devops specialist Tier 3

Acceptance Criteria

A CI job named 'wcag-compliance' runs on every pull request targeting main/master and on every push to main/master
The job executes 'flutter test --tags wcag' (or equivalent) to run only WCAG-tagged tests and the WCAGComplianceChecker scan
The job exits with a non-zero code (failing the build) when any critical violations are detected (missing interactive widget labels, missing image alt text, contrast ratio < 4.5:1 for normal text or < 3:1 for large text)
The job exits with code 0 (passing) when only warning-level violations are present, but still emits them in the report
A JSON report file (wcag-report.json) is uploaded as a CI artifact on every run, conforming to the WCAGReport schema with fields: run_timestamp, commit_sha, total_violations, critical_count, warning_count, violations[]
A human-readable Markdown summary is posted as a pull request comment (or appended to the CI job summary) showing: pass/fail status, count of critical and warning violations, and a table of the top 10 critical violations with widget path and WCAG criterion
The CI step caches Flutter SDK and pub packages to avoid redundant downloads on repeat runs
Re-running the CI job on the same commit produces identical results (deterministic output)

Technical Requirements

frameworks
Flutter
flutter_test
apis
GitHub Actions (or existing CI platform) workflow YAML API
GitHub Pull Request Comments API (via gh CLI or actions/github-script)
WCAGComplianceChecker internal API
data models
WCAGReport (JSON)
WCAGViolation (JSON)
performance requirements
Total CI job duration must not exceed 10 minutes on a standard runner
Flutter pub get must use cached dependencies when lock file is unchanged
security requirements
CI job must not have write access to the repository beyond posting PR comments
No secrets or API keys required for the WCAG scan itself — only for the PR comment posting step
CI artifacts (wcag-report.json) must not contain user PII — only widget paths and violation metadata

Execution Context

Execution Tier
Tier 3

Tier 3 - 413 tasks

Can start after Tier 2 completes

Implementation Notes

Use flutter test --tags wcag to scope the run to accessibility tests only — avoids running the full suite and keeps the job fast. The WCAGComplianceChecker scan should be invoked from a dedicated Dart script (tool/wcag_scan.dart) that can be run headlessly without a device; use flutter test with a WidgetTester rather than requiring a simulator. For the PR comment, use the GitHub Actions job summary (echo '...' >> $GITHUB_STEP_SUMMARY) as the primary output — it requires no extra token permissions. Only fall back to posting a PR comment if a GITHUB_TOKEN with pull-requests: write is available.

Structure the CI YAML with three steps: (1) setup Flutter + cache, (2) run wcag scan + write report artifact, (3) post summary. Keep the fail/warn threshold configurable via a wcag_config.yaml file at the repo root so teams can adjust severity rules without editing the workflow.

Testing Requirements

Validate the CI integration with three test scenarios executed manually before merging: (1) Open a PR containing a widget with a known missing label — confirm the job fails and the PR comment shows the violation. (2) Fix the violation and push — confirm the job passes and the PR comment updates to 'No critical violations'. (3) Introduce a warning-level violation only — confirm the job passes but the warning appears in the PR comment summary. Additionally, add a dry-run CI mode (WCAG_DRY_RUN=true) that always exits 0 but still produces the report, used in the CI config tests themselves.

Component
WCAG 2.2 AA Compliance Checker
infrastructure medium
Dependencies (1)
Implement the semantic completeness validation module in WCAGComplianceChecker. Detect interactive widgets that are missing Semantics labels, images that lack descriptions, form fields without associated labels, and buttons with no accessible names. Integrate with the AccessibilityAuditService dependency for widget-tree traversal. Output a WCAG criterion reference for each violation. epic-screen-reader-support-complex-widgets-task-014
Epic Risks (3)
high impact high prob integration

Flutter does not natively enforce a focus trap within a bottom sheet or modal dialog in the semantic tree — VoiceOver and TalkBack can navigate outside the sheet to background content. Implementing a reliable focus trap requires overriding the semantic tree, which may conflict with the existing modal helper infrastructure in the app and require changes to shared components beyond this feature's scope.

Mitigation & Contingency

Mitigation: Prototype the focus trap on the first modal sheet implementation before building the remaining sheets. Evaluate Flutter's ExcludeSemantics and BlockSemantics widgets as the trap mechanism, and coordinate with the team owning the shared modal helpers to agree on a non-breaking integration point before writing production code.

Contingency: If a complete semantic focus trap cannot be implemented without breaking existing modal patterns, implement a partial solution using FocusScope with autofocus on the modal's first element and a prominent 'Return to main content' semantic action, documenting the deviation from WCAG 2.4.3 with a scheduled remediation item.

high impact medium prob technical

The activity wizard uses BLoC state management and the UI rebuilds the entire step widget subtree on transition. If the semantic tree is traversed by VoiceOver before the build cycle settles, focus may land on a stale or partially rendered step, causing the wrong step label or progress value to be announced. This is particularly problematic for blind users who cannot visually verify the announcement against the screen.

Mitigation & Contingency

Mitigation: Coordinate ActivityWizardStepSemantics with FocusManagementService (from the core services epic) to delay focus placement until the post-build callback confirms the new step's semantic tree is complete. Write integration tests using the AccessibilityTestHarness that assert the full announcement sequence across all five wizard steps.

Contingency: If post-build focus delay is insufficient due to async BLoC emission timing, add an explicit semantic notification barrier in the wizard cubit that emits a 'step ready' event only after the new widget tree has been marked as built, decoupling the announcement trigger from the raw state transition.

medium impact medium prob scope

Automated WCAG contrast ratio checking on widget tree snapshots may produce false positives for gradient backgrounds, dark-mode overrides, or design token overrides that are resolved at runtime but appear as unresolvable colours at static analysis time. Excessive false positives would erode team trust in the CI gate, leading to suppression rules that also mask real violations.

Mitigation & Contingency

Mitigation: Scope the WCAGComplianceChecker to check only solid-colour backgrounds in the first iteration, explicitly excluding gradients from contrast checks with documented rationale. Design the check output to distinguish 'undetermined' (gradient/unknown) from 'fail' (solid colour below threshold) so the team can take targeted action on genuine failures only.

Contingency: If false positive rates exceed 20% of reported violations during initial CI runs, switch the CI gate from a hard build failure to a warning annotation on the pull request, combined with a mandatory manual review step, until the checker's rule set has been tuned to match actual design token values.

Quick Links
All Tasks Execution Plan