feat(chrome-scans): Add mechanism for excluding elements from scans

[sfoslund]

Details

This PR is 2/2 of addressing #836. #871 added the ChromiumComponentsShouldUseWebScanner rule and this PR adds logic to exclude elements that fail this rule from further scanning. It also includes logic to ensure that only the top level chrome element reports a ChromiumComponentsShouldUseWebScanner rule violation.

Motivation

Addresses issue #836

Pull request checklist

• Addresses an existing issue: [Feature Request] Make scans against Chromium-based UIs more actionable #836

[codecov-commenter]

Codecov Report

Merging #873 (3759f92) into main (4fc19c3) will increase coverage by 1.21%.
The diff coverage is 80.70%.

@@            Coverage Diff             @@
##             main     #873      +/-   ##
==========================================
+ Coverage   73.70%   74.91%   +1.21%     
==========================================
  Files         398      422      +24     
  Lines       12046    13108    +1062     
==========================================
+ Hits         8878     9820     +942     
- Misses       3168     3288     +120     

Impacted Files	Coverage Δ
src/Actions/Actions/ControlPatternAction.cs	0.00% <0.00%> (ø)
src/Actions/Actions/CustomUIAAction.cs	0.00% <0.00%> (ø)
src/Actions/Actions/ListenAction.cs	0.00% <0.00%> (ø)
src/Actions/Actions/PrivacyExtensions.cs	100.00% <ø> (ø)
src/Actions/Actions/SetDataAction.cs	0.00% <0.00%> (ø)
...rc/Actions/Attributes/InteractionLevelAttribute.cs	0.00% <0.00%> (ø)
src/Actions/Misc/ExtensionMethods.cs	7.46% <0.00%> (-31.60%)	⬇️
src/Actions/Resources/ErrorMessages.Designer.cs	0.00% <ø> (-55.56%)	⬇️
src/Automation/AxeWindowsAutomationException.cs	33.33% <ø> (-33.34%)	⬇️
src/Automation/Data/OutputFile.cs	88.88% <ø> (ø)
... and 430 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[codeofdusk]

Verified that this works in MS Teams using the CLI and the code changes look good to me but given the size of the change I'd like a second reviewer.

[codeofdusk]

Debugging code (did you intend to check this in)?

[sfoslund]

I was patterning off the existing run logic (see https://github.com/microsoft/axe-windows/blob/main/src/RuleSelection/RuleRunner.cs#L31), but happy to remove this if we don't think this is necessary.

[DaveTryon]

Can you comment on why this method is called "Unsafe" ? I'm not quite following the logic of the naming

[sfoslund]

I was patterning off the existing run set up: https://github.com/microsoft/axe-windows/blob/main/src/RuleSelection/RuleRunner.cs#L39

[DaveTryon]

Taking a big step back, could we include this check directly in ChronmiumComponentsShouldUseWebScanner.CreateCondition ? I think that would avoid the whole concept of included and excluded rules, leading to simpler code.

Something like this, perhaps:

protected override Condition CreateCondition()
{
    return Chrome
        & (NoParentExists | ~Parent(Chrome));
}

[sfoslund]

We could definitely do that, but I originally went with this approach because if we just updated the condition then we will continue to scan the chrome elements for all the other rules, which results in a lot of failures that aren't really reliable. One alternative is we could do the normal scan with the updated condition logic you're suggesting and then find some way to exclude all the failures from all the elements that fail the chrome rule after the fact, but that would mean running tests on many elements just to exclude them later, which felt wasteful to me.

[DaveTryon]

I'm fairly sure that we can do this more easily, just by updating the condition for the rule that we're trying to exclude. Please see this comment for more info

[sfoslund]

Per windows triage: Closing this for now as we're still undecided as to how best to approach this change. We plan to treat this as a full feature going forward.