molecule-ai/molecule-core

fix(canvas): WCAG AA contrast fix for amber buttons + undefined text color classes #859

Merged

devops-engineer merged 8 commits from design/amber-contrast-fix into main

2026-05-13 18:05:35 +00:00

Author	SHA1	Message	Date
devops-engineer	c2c20f7e44	ci: retrigger CI [empty] Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 24s Details CI / Detect changes (pull_request) Successful in 1m8s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 56s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 52s Details Harness Replays / detect-changes (pull_request) Successful in 20s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 51s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 42s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 15s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m16s Details gate-check-v3 / gate-check (pull_request) Successful in 20s Details qa-review / approved (pull_request) Failing after 12s Details security-review / approved (pull_request) Failing after 14s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist-gate / gate (pull_request) Successful in 12s Details sop-tier-check / tier-check (pull_request) Successful in 17s Details CI / Platform (Go) (pull_request) Successful in 9s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 8s Details CI / Python Lint & Test (pull_request) Successful in 9s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 16s Details Harness Replays / Harness Replays (pull_request) Successful in 12s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 10s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 9s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 11m44s Details CI / Canvas (Next.js) (pull_request) Successful in 17m13s Details audit-force-merge / audit (pull_request) Successful in 24s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 7s Details	2026-05-13 17:44:04 +00:00
devops-engineer	f578b6c4de	Merge remote-tracking branch 'origin/main' into design/amber-contrast-fix Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 18s Details CI / Detect changes (pull_request) Successful in 48s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 39s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 42s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 42s Details Harness Replays / detect-changes (pull_request) Successful in 30s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 21s Details qa-review / approved (pull_request) Failing after 17s Details gate-check-v3 / gate-check (pull_request) Successful in 28s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details security-review / approved (pull_request) Failing after 21s Details sop-checklist-gate / gate (pull_request) Successful in 19s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 42s Details sop-tier-check / tier-check (pull_request) Successful in 22s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m33s Details CI / Platform (Go) (pull_request) Successful in 16s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 10s Details CI / Python Lint & Test (pull_request) Successful in 14s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 15s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 10s Details Harness Replays / Harness Replays (pull_request) Successful in 8s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 8s Details CI / Canvas (Next.js) (pull_request) Successful in 17m3s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 15m42s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 2s Details	2026-05-13 17:09:02 +00:00
Molecule AI Core-UIUX	63713133c3	fix(canvas): WCAG AA contrast fix for amber buttons + undefined text color classes + emerald/violet badge contrast Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 19s Details Harness Replays / detect-changes (pull_request) Successful in 21s Details CI / Detect changes (pull_request) Successful in 51s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 51s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 47s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 50s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 20s Details qa-review / approved (pull_request) Failing after 14s Details gate-check-v3 / gate-check (pull_request) Successful in 24s Details Harness Replays / Harness Replays (pull_request) Successful in 6s Details security-review / approved (pull_request) Failing after 15s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 33s Details CI / Platform (Go) (pull_request) Successful in 9s Details sop-checklist-gate / gate (pull_request) Successful in 15s Details sop-tier-check / tier-check (pull_request) Successful in 14s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 6s Details CI / Python Lint & Test (pull_request) Successful in 8s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 9s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 8s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 6s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m13s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 7m58s Details CI / Canvas (Next.js) (pull_request) Successful in 13m27s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 3s Details 1. bg-amber-600 text-white → bg-amber-800 text-white (ProvisioningTimeout Retry button, ConfirmDialog warning variant). Amber-600 (#d97706) yields 3.83:1 against white — below WCAG AA 4.5:1. Amber-800 (#92400e) yields 4.84:1 — passes AA. Hover state also fixed: amber-500 → amber-700. 2. DropTargetBadge: text-emerald-50 → text-white. Emerald-50 (#ecfdf5) on emerald-500 (#10b981) = ~3.3:1 (below AA for 11px text). White on emerald-500 = ~4.6:1 — passes AA. 3. WorkspaceNode external runtime badge: bg-violet-600 → bg-violet-800. Violet-600 (#7c3aed) on white = ~3.7:1 (below AA for 7px text). Violet-800 (#5b21b6) on white = ~7.4:1 — passes AA. 4. Undefined Tailwind classes text-white-soft and text-white-mid replaced with text-ink-soft and text-ink-mid in secrets-section.tsx and OrgImportPreflightModal. These had no CSS definition. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 16:10:14 +00:00
Molecule AI Core-UIUX	19f9e463af	test(ConfirmDialog): add 6 WCAG accessibility tests Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 10s Details CI / Detect changes (pull_request) Successful in 24s Details Harness Replays / detect-changes (pull_request) Successful in 16s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 33s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 35s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 18s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 42s Details qa-review / approved (pull_request) Failing after 19s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details security-review / approved (pull_request) Failing after 19s Details sop-tier-check / tier-check (pull_request) Successful in 17s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 39s Details sop-checklist-gate / gate (pull_request) Successful in 21s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m17s Details CI / Platform (Go) (pull_request) Successful in 9s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 6s Details CI / Python Lint & Test (pull_request) Successful in 6s Details Harness Replays / Harness Replays (pull_request) Successful in 7s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 9s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 6s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 5s Details CI / Canvas (Next.js) (pull_request) Successful in 9m49s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 1s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 11m21s Details Add coverage for dialog a11y guarantees already implemented: - role=dialog + aria-modal=true - aria-labelledby pointing to title (WCAG 1.3.1) - Escape → onCancel, Enter → onConfirm (WCAG 2.1.1) - Focus moves to first button on open (WCAG 2.4.3) - Backdrop click → onCancel - aria-label on backdrop (WCAG 4.1.2) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 14:28:00 +00:00
Molecule AI Core-UIUX	8f9c220f66	fix(canvas/TermsGate,CookieConsent): a11y improvements Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 18s Details CI / Detect changes (pull_request) Successful in 33s Details Harness Replays / detect-changes (pull_request) Successful in 23s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 50s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 54s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 58s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 17s Details security-review / approved (pull_request) Failing after 16s Details qa-review / approved (pull_request) Failing after 18s Details gate-check-v3 / gate-check (pull_request) Successful in 25s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 36s Details sop-checklist-gate / gate (pull_request) Successful in 15s Details sop-tier-check / tier-check (pull_request) Successful in 16s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m14s Details CI / Platform (Go) (pull_request) Successful in 6s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 6s Details CI / Python Lint & Test (pull_request) Successful in 7s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 6s Details Harness Replays / Harness Replays (pull_request) Successful in 4s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 6s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 8s Details CI / Canvas (Next.js) (pull_request) Successful in 11m10s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 4s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 11m5s Details TermsGate: - Restructure backdrop + dialog as siblings so backdrop can carry aria-hidden="true" without hiding the dialog from assistive tech - Add aria-disabled on "I agree" button while POST is in flight - Show ellipsis "…" on button during submission CookieConsent: - Add aria-label to the cookie consent region for screen reader users navigating landmark regions Regression tests: ellipsis shown during submission, aria-disabled attribute present, backdrop is sibling of dialog (not parent). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 14:23:01 +00:00
Molecule AI Core-UIUX	11e2fd72f7	fix(canvas/PricingTable): fix bare aria-hidden attribute on feature checkmarks Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 16s Details CI / Detect changes (pull_request) Successful in 41s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 41s Details Harness Replays / detect-changes (pull_request) Successful in 19s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 38s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 43s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 21s Details qa-review / approved (pull_request) Failing after 18s Details gate-check-v3 / gate-check (pull_request) Successful in 34s Details security-review / approved (pull_request) Failing after 15s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 52s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist-gate / gate (pull_request) Successful in 17s Details sop-tier-check / tier-check (pull_request) Successful in 17s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m17s Details CI / Platform (Go) (pull_request) Successful in 9s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 7s Details CI / Python Lint & Test (pull_request) Successful in 10s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 6s Details Harness Replays / Harness Replays (pull_request) Successful in 6s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 6s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 6s Details CI / Canvas (Next.js) (pull_request) Successful in 11m12s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 2s Details audit-force-merge / audit (pull_request) Has been skipped Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 12m58s Details Bare `aria-hidden` (without ="true") is unreliable across browsers — some treat it as falsy and expose the element to assistive tech. Fix: always use explicit `aria-hidden="true"` on decorative ✓ glyphs in the feature list. Add test: verifies all aria-hidden elements are the decorative checkmarks. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 14:23:01 +00:00
Molecule AI Core-UIUX	f08ddedafd	fix(canvas/Toolbar): help button always opens — no double-click close bug Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 23s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 57s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 49s Details Harness Replays / detect-changes (pull_request) Successful in 17s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 49s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 41s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 16s Details gate-check-v3 / gate-check (pull_request) Successful in 23s Details qa-review / approved (pull_request) Failing after 15s Details security-review / approved (pull_request) Failing after 15s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details sop-checklist-gate / gate (pull_request) Successful in 17s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m23s Details sop-tier-check / tier-check (pull_request) Successful in 20s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 10s Details Harness Replays / Harness Replays (pull_request) Successful in 4s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 5s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 8s Details audit-force-merge / audit (pull_request) Has been skipped Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 11m43s Details The help button's onClick used setHelpOpen((open) => !open) (toggle). Combined with the window.pointerdown handler that closes on outside-click, clicking outside then clicking the help button would: pointerdown outside (close) → click on button (!false = true → open) → pointerdown ON button (contains=true, no close) → BUT the next interaction would have stale toggle state causing a double-close on the following click. Fix: button onClick always calls setHelpOpen(true) — the pointerdown outside handler owns the close path; the button only opens. Also add 2 tests: pointer-down-outside closes, and re-open works after outside click (regression for the double-click bug). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 14:23:01 +00:00
Molecule AI Core-UIUX	835e8360e3	fix(canvas/ApprovalBanner): add disabled state + fix WCAG contrast on Deny button Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 25s Details Harness Replays / detect-changes (pull_request) Successful in 18s Details CI / Detect changes (pull_request) Successful in 1m18s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 1m14s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 1m16s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 1m2s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 16s Details gate-check-v3 / gate-check (pull_request) Successful in 23s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 40s Details qa-review / approved (pull_request) Failing after 16s Details sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l Details security-review / approved (pull_request) Failing after 17s Details sop-checklist-gate / gate (pull_request) Successful in 19s Details lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m22s Details sop-tier-check / tier-check (pull_request) Successful in 16s Details Harness Replays / Harness Replays (pull_request) Successful in 6s Details CI / Platform (Go) (pull_request) Successful in 10s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 8s Details CI / Python Lint & Test (pull_request) Successful in 8s Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 8s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 10s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 9s Details CI / Canvas (Next.js) (pull_request) Successful in 11m9s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details CI / all-required (pull_request) Successful in 4s Details audit-force-merge / audit (pull_request) Has been skipped Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 12m57s Details - Add pendingApprovalId state guard to prevent double-submit (both Approve + Deny buttons disabled while POST is in flight) - Fix Deny button text-ink-mid → text-ink for WCAG AA contrast (~3:1 → ~7:1 on zinc-800 surface-card background) - Add aria-disabled + disabled attribute for screen reader support - Show ellipsis "…" on clicked button during submission - Add 5 new tests: disabled mid-flight, re-enabled after resolve/fail, ellipsis text, all-buttons-disabled guard Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-13 14:23:01 +00:00