Close audit follow-ups B + E + F (Annex I split, art. 50(4) §2, art. 50(5))

[abk1969]

Summary

Stacks on top of #4. Closes the 3 remaining audit follow-ups not addressed in #3 or #4.

Item B — Annex I split (art. 6(1) cumulative test)

art. 6(1) requires BOTH (i) Annex I harmonisation coverage AND (ii) third-party conformity assessment under that regime. The previous single `annexI: 'oui' | 'non'` allowed false-positive `HAUT_RISQUE_ANNEXE_I` when only (i) was true.

• Replace `annexI` field with `annexICoverage` + `annexI3rdPartyCA`.
• `computeCategory` triggers Annex-I high-risk only when BOTH are `'oui'`.
• Step 4 UI: two-part question; sub-question 2 appears only when coverage is `'oui'`. Picking `'oui'` resets sub-question 2 to `null` so the user must answer it explicitly.
• 4 new tests cover the truth table (both / coverage-only / CA-only / neither). 3 pre-existing tests using the old field shape updated.

Item E — art. 50(4) §2 human-edit exemption

art. 50(4) second subparagraph exempts AI-generated public-interest text from the labelling obligation when the content is under human review / editorial responsibility. The audit flagged that the previous UI gave no path to declare this — any `'genai_text'` selection auto-triggered RISQUE_LIMITE.

• Add `answers.art50TextHumanEdit: 'oui' | 'non' | null`.
• `computeCategory`: when `'oui'` is claimed and `'genai_text'` is in `art50`, emit a carve-out justification (`ref: 'art. 50(4) §2 carve-out'`) and remove that trigger from RISQUE_LIMITE contribution. Other art. 50 triggers remain active.
• UI: Step 6 surfaces the carve-out sub-question only when `'genai_text'` is selected; sub-question state is cleared when `'genai_text'` is deselected.
• 5 new tests: standard fires, carve-out removes RISQUE_LIMITE alone, other triggers still produce RISQUE_LIMITE, French label, orphan claim is no-op.

Item F — art. 50(5) accessibility caveat

art. 50(5) requires transparency information to be clear, distinguishable, provided at the latest at first interaction/exposure, and compliant with accessibility requirements under Directive 2019/882/EU (European Accessibility Act).

• One new entry in `CHECKLIST.RISQUE_LIMITE` Transparency pillar.
• Cites Directive 2019/882/EU explicitly (replaced an initial WCAG reference per code-review feedback — the regulation cites the EAA, not WCAG).

Tests

• 82 tests pass (+8 across the three items in 4 commits)
• Build green, 278 kB / 84 kB gzip

Stacking note

Targets `feat/annex-iii-5-subitems` (#4) as base. When #3 and #4 merge, GitHub will auto-rebase this PR onto main.

Test plan

• Step 4: pick coverage "Yes", then 3rd-party CA "Yes" → HAUT_RISQUE_ANNEXE_I
• Step 4: pick coverage "Yes", then 3rd-party CA "No" → NOT HAUT_RISQUE_ANNEXE_I
• Step 4: pick coverage "No" → advances immediately (3rd-party CA auto-set to "non")
• Step 4: pick coverage "No" then change to "Yes" → sub-question 2 is empty (not pre-selected)
• Step 6: tick "genai_text", claim human-edit "oui" → verdict is NOT RISQUE_LIMITE (assuming no other triggers); carve-out ref present in justifications
• Step 6: tick "genai_text" + "interaction", claim human-edit "oui" → RISQUE_LIMITE via interaction only; carve-out ref present, genai_text ref absent
• Step 6: deselect "genai_text" after claiming carve-out → carve-out state cleared in answers
• RISQUE_LIMITE verdict checklist: art. 50(5) entry visible in screen + PDF + clipboard report
• French UI: art. 50(5) checklist line cites "directive 2019/882/UE"

🤖 Generated with Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
ai_act_compass	Ready	Preview, Comment	May 15, 2026 2:05pm

[abk1969]

Merged into main via rebase fast-forward (commits applied via stack rebase, see main's history). Branch deleted.