Gathering detailed insights and metrics for expect-axe-playwright
Gathering detailed insights and metrics for expect-axe-playwright
Installations
npm install expect-axe-playwrightDeveloper
Widen
Developer Guide
BETA
Module System
ESM
Min. Node Version
>=18.0.0
Typescript Support
Yes
Node Version
18.20.4
NPM Version
10.7.0
Statistics
21 Stars
52 Commits
5 Forks
10 Watching
1 Branches
10 Contributors
Updated on 11 Oct 2024
Languages
TypeScript (97.35%)
HTML (1.62%)
Shell (1.03%)
Total Downloads
Cumulative downloads
Total Downloads
155,551
Last day
-5.1%
860
Compared to previous day
Last week
-0.2%
5,140
Compared to previous week
Last month
164.4%
20,975
Compared to previous month
Last year
34.8%
74,566
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
expect-axe-playwright
Expect matchers to perform Axe accessibility tests in your Playwright tests.
Installation
npm
1npm install expect-axe-playwright
Yarn
yarn add expect-axe-playwright
Usage
1// playwright.config.ts 2import { expect } from '@playwright/test' 3import matchers from 'expect-axe-playwright' 4 5expect.extend(matchers)
Why do I need it?
This project was inspired by
axe-playwright which did a
great job of integrating the axe-core
library with some simple wrapper functions. However, the API is not as elegant
for testing as would be preferred. That's where expect-axe-playwright comes to
the rescue with the following features.
- Direct integration with the
expectAPI for simplicity and better error messaging. - Automatic Axe script injection.
- Auto-retry until timeout.
- Works with pages, frames, and locators.
- HTML report with full violation details.
- Project-level option configuration.
Here are a few examples:
1await expect(page).toPassAxe() // Page 2await expect(page.locator('#foo')).toPassAxe() // Locator 3await expect(page.frameLocator('iframe')).toPassAxe() // Frame locator
API Documentation
toPassAxe
This function checks if a given page, frame, or element handle passes a set of accessibility checks.
You can test the entire page:
1await expect(page).toPassAxe()
Or pass a locator to test part of the page:
1await expect(page.locator('#my-element')).toPassAxe()
You can also pass an Axe results object to the matcher:
1import { waitForAxeResults } from 'expect-axe-playwright' 2 3test('should pass common accessibility checks', async ({ page }) => { 4 const { results } = await waitForAxeResults(page) 5 await expect(results).toPassAxe() 6})
Word of Caution: Limitations to Accessibility Tests
1toPassAxe() !== toBeAccessible()It's important to keep in mind that if your page passes the set of accessibility checks that you've configured for Axe, that does not mean that your page is free of all accessibility barriers.
In fact, automated testing can only catch a fraction of the most common kinds of accessibility errors.
Accessibility is analogous in ways to security. Imagine the following code:
1expect(myApp).toBeSecure()
It's very hard to say that anything is secure because you never know when someone is going to uncover a security vulnerability in your code. Similarly, it's very hard to say that anything you've built is totally accessible because you never know when somebody will uncover a barrier you didn't know was there.
Furthermore, of the commonly known accessibility barriers, only some can be found through automated testing, which is then further subject to the effectiveness of the checker being used. A 2017 study on the effectiveness of automated accessibility testing tools by the UK's Government Digital Service confirms this.
To echo jest-axe, tools like Axe are similar to code linters and spell checkers: they can find common issues but cannot guarantee that what you build works for users.
You'll also need to:
- test your interface with the assistive technologies that real users use (see also WebAIM's survey results).
- include disabled people in user research.
Axe run options
You can configure options that should be passed to aXe at the project or assertion level.
To configure a single assertion to use a different set of options, pass an object with the desired arguments to the matcher.
1await expect(page).toPassAxe({ 2 rules: { 3 'color-contrast': { enabled: false }, 4 }, 5})
To configure the entire project to use a different set of options, specify
options in use.axeOptions in your Playwright config file.
1// playwright.config.ts 2import { PlaywrightTestConfig } from '@playwright/test' 3 4const config: PlaywrightTestConfig = { 5 use: { 6 axeOptions: { 7 rules: { 8 'color-contrast': { enabled: false }, 9 }, 10 }, 11 }, 12} 13 14export default config
Report options
You can configure options that should be passed to the aXe HTML reporter at the assertion level.
1await expect(page.locator('#my-element')).toPassAxe({ 2 filename: 'my-report.html', 3})
This is particularly useful if you need to produce multiple aXe reports within the same test as it would otherwise keep replacing the same report every time you run the assertion.
Thanks
- axe-playwright for the inspiration and groundwork laid for using Axe with Playwright.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: ISC License: LICENSE:0
Reason
Found 11/19 approved changesets -- score normalized to 5
Reason
8 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/Widen/expect-axe-playwright/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/Widen/expect-axe-playwright/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/Widen/expect-axe-playwright/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/Widen/expect-axe-playwright/build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/Widen/expect-axe-playwright/build.yml/main?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 22 are checked with a SAST tool
Score
3.5
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More