chore(atomic-a11y): add shared foundation, and delta audit validation

[y-lakhdar]

Context

This is PR facilitate the validation and merge of manual audit (done by human and or AI).
It introduces the delta workflow that validates and merges automated manual-audit input into baseline files.

• QA workflow (already in place): edit baseline files directly (a11y/reports/manual-audit-{category}.json) .
• Automation workflow (new): AI/scripts output deltas in a11y/reports/deltas/, then merge into baselines.

What it validates
Delta JSON files (human-authored and AI-authored manual audit entries) |

When it runs
Before merge. This is a QA gate for human and AI input

Purpose
Is this manual audit input well-formed?

What this PR does

Manual audit delta workflow (manual-audit-delta.ts):

• validate <delta-file> — Schema-validate a delta JSON file
• merge [--dry-run] — Fold all deltas into baseline audit files
• status — Report pending deltas and audit coverage

Try it

cd packages/atomic-a11y && pnpm build

# Manual audit delta
node scripts/manual-audit-delta.mjs status

PR Chain (5a of 7)

#	PR	Branch	Description
1	#7111	feat/a11y-package-scaffold	Package scaffolding
2	#7122	feat/a11y-shared-foundation	Shared types, constants, utilities
3	#7123	feat/a11y-reporter	VitestA11yReporter
4	#7124	feat/a11y-openacr	OpenACR report generator
5a	#7187	feat/a11y-delta-workflow	Shared foundation + delta workflow + issue generator ← this PR
5b	#7188	feat/a11y-browser-llm	Browser capture + LLM client modules
5c	#7189	feat/a11y-audit-orchestrator	AI WCAG audit orchestrator + prompts
6	#7126	feat/a11y-reporter-wiring	Wire reporter into atomic vitest config
7	#7117	feat/a11y-ci-integration	Weekly a11y scan workflow

Replaces #7125 (split into 5a/5b/5c)

KIT-5471

[github-actions]

🔗 Scratch Orgs ready to test this PR:

• ✅ LWS Enabled: Open Org
• ✅ LWS Disabled: Open Org

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7832c84726

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Parse baseline JSON arrays instead of rejecting them

loadBaselines() reads manual-audit-*.json files as BaselineEntry[], but readJsonFile throws unless the parsed value is a non-array record (isRecord explicitly rejects arrays). Since baseline audit files are array-shaped, merge/status will fail as soon as a real baseline file exists, which breaks the new delta workflow in normal usage.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Reject non-object wcag22Criteria values during validation

Validation only iterates wcag22Criteria when it is a record, but it never errors when the field is present with the wrong type (for example [] or a string). Those invalid deltas are treated as valid and then merged, which can silently drop criterion updates or write malformed criterion keys for newly added components, undermining the intended “well-formed delta” QA gate.

Useful? React with 👍 / 👎.