-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deploy RC 187 to Production #6224
Commits on Apr 11, 2022
-
Bump identity-style-guide from 6.4.0 to 6.4.1 (#6181)
* Bump identity-style-guide from 6.4.0 to 6.4.1 Bumps [identity-style-guide](https://github.com/18F/identity-style-guide) from 6.4.0 to 6.4.1. - [Release notes](https://github.com/18F/identity-style-guide/releases) - [Changelog](https://github.com/18F/identity-style-guide/blob/main/CHANGELOG.md) - [Commits](18F/identity-design-system@v6.4.0...v6.4.1) --- updated-dependencies: - dependency-name: identity-style-guide dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Add changelog changelog: Internal, Dependencies, Update Login.gov Design System to v6.4.1 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
Configuration menu - View commit details
-
Copy full SHA for df59969 - Browse repository at this point
Copy the full SHA df59969View commit details
Commits on Apr 12, 2022
-
Bump nokogiri from 1.13.3 to 1.13.4 (#6184)
* Bump nokogiri from 1.13.3 to 1.13.4 Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.3 to 1.13.4. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.13.4/CHANGELOG.md) - [Commits](sparklemotion/nokogiri@v1.13.3...v1.13.4) --- updated-dependencies: - dependency-name: nokogiri dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> * Add changelog changelog: Internal, Dependencies, Update dependencies to address security advisories Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
Configuration menu - View commit details
-
Copy full SHA for 8b8ec06 - Browse repository at this point
Copy the full SHA 8b8ec06View commit details -
Adapt StepIndicator script to custom element (#6180)
* Adapt StepIndicator script to custom element **Why**: So it's more easily implemented in the context of a React component * Ensure component removal clean-up * Add changelog [skip changelog]
Configuration menu - View commit details
-
Copy full SHA for 6ca7d7e - Browse repository at this point
Copy the full SHA 6ca7d7eView commit details -
LG-5925 Document analytics 7 (#6182)
* email deletion requested * email language visited * email language updated * event disavowal visited * event disavowal password reset * Add changelog changelog: Internal, Documentation, Document additional analytics events
Configuration menu - View commit details
-
Copy full SHA for 2d65f6c - Browse repository at this point
Copy the full SHA 2d65f6cView commit details -
Revert tab placement change for password toggle checkbox (#6185)
**Why**: Since it may have a negative impact on form usability, revert until we have a chance to think about this more holistically. [skip changelog]
Configuration menu - View commit details
-
Copy full SHA for 22c3d73 - Browse repository at this point
Copy the full SHA 22c3d73View commit details -
Drop unused users columns (#6164)
changelog: Internal, Optimization, Drop unused user columns
Configuration menu - View commit details
-
Copy full SHA for cdf4ca4 - Browse repository at this point
Copy the full SHA cdf4ca4View commit details -
LG-5927-document-analytic-events-no-9 (#6186)
Co-authored-by: ManishMShah <manishmshah@fcoh2j-k1b3hv2f.fios-router.home>
Configuration menu - View commit details
-
Copy full SHA for 6d2cdc0 - Browse repository at this point
Copy the full SHA 6d2cdc0View commit details -
LG-6066: Extract form-steps package from document-capture (#6179)
* Extract form-steps package from document-capture **Why**: Because, as part of ongoing IDV API work, we'll want form steps outside the context of document capture. [skip changelog] * Remove redundant field property on FormError * Revert unnecessary revisions to FormError
Configuration menu - View commit details
-
Copy full SHA for 522f388 - Browse repository at this point
Copy the full SHA 522f388View commit details
Commits on Apr 13, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 98dd970 - Browse repository at this point
Copy the full SHA 98dd970View commit details -
Remove classlist-polyfill from app scripts (#6193)
**Why**: - Because polyfills are intended to be confined to the polyfill package (#6060) - So that it's not included in modern browsers (#6068, -0.9kb gzipped) - To reduce surface area of dependencies shared with USWDS (related to 18F/identity-design-system#312 (comment)) changelog: Internal, Optimization, Reduce size of JavaScript for modern browsers
Configuration menu - View commit details
-
Copy full SHA for b381b84 - Browse repository at this point
Copy the full SHA b381b84View commit details -
Remove visually-disabled effect from FormStepsContinueButton (#6191)
* Remove visually-disabled effect from FormStepsContinueButton **Why**: For consistency with other submit buttons, which are always shown as enabled and validate upon submission. Since this button will be used as part of ongoing identity verification work (LG-4159), changing this default behavior ensures we don't exacerbate the inconsistency. * Add changelog changelog: Improvements, Identity Proofing, Show document capture submit button as enabled by default for consistency
Configuration menu - View commit details
-
Copy full SHA for 402f116 - Browse repository at this point
Copy the full SHA 402f116View commit details -
LG-5988: Support routing users to next MFA method when they select mu…
…ltiple MFA methods. (#6138) * Add setup router * delete authenticator service * LG-5988: work on routing for multiple selections * LG-5988: remove uneeded helper * changelog: New Feature, Allow Users to add more than one MFA method on account creation, LG-5988 * LG-5988: spec * LG-5988: address comments * rubocop * Refactor how were doing user updating otp method * rubocop * LG-5988: change method name * redirect fix * LG-5988: use index * use dig to reduce errors * rubocop * Ensure next url * LG-5988: rubocop * LG-5988: use shift for now
Configuration menu - View commit details
-
Copy full SHA for 1e5396f - Browse repository at this point
Copy the full SHA 1e5396fView commit details -
In-Person-Proofing "Beta" Tag (LG-6073) (#6192)
* Add "New Feature" badge for in-person proofing Co-authored-by: Andrew Duthie <aduth@users.noreply.github.com> changelog: Upcoming Features, In-Person Proofing, Add "new features" badge for links
Configuration menu - View commit details
-
Copy full SHA for 7b7be84 - Browse repository at this point
Copy the full SHA 7b7be84View commit details -
Remove unused string interpolation for personal key text (#6196)
* Remove unused string interpolation for personal key text **Why**: Since there is no "accent" interpolation key in the "instructions.personal_key.info_html" string. changelog: Internal, Localization, Remove unused locale strings * Remove unnecessary _html suffix * Remove double-spaces after sentence Consistency
Configuration menu - View commit details
-
Copy full SHA for e583e88 - Browse repository at this point
Copy the full SHA e583e88View commit details -
Remove IPP links from "failures" page (#6200)
**Why**: We think this error page is shown when identity resolution fails, which means IPP is not a viable option to get verified [skip changelog]
Configuration menu - View commit details
-
Copy full SHA for bc6db9e - Browse repository at this point
Copy the full SHA bc6db9eView commit details
Commits on Apr 14, 2022
-
LG-6066: Stub out React entry-point for new IdV API routes (#6177)
* Stub out React entry-point for new IdV API routes * Create new VerifyController for IdV API * Clean-up IdvController * Bring back FeatureFlaggedConcern by popular demand * Create feature_flagged_concern_spec.rb * Create verify_controller_spec.rb * Create basic React root element * Disable idv_api_enabled for all environments by default **Why**: Until it's ready to at least be remotely functional in local development * Route personal_key instead of password **Why**: Because that's the goal of LG-6066 * Add README for verify-flow package **Why**: So that someone unfamiliar can have a basic understanding of its purpose * Always define config value context for specs **Why**: Avoid issues with environment-specific configuration * Always draw route in spec * Replace FeatureFlaggedConcern with RenderConditionConcern **Why**: Less magical and open with forwarding of config keys, more explicit with callable behavior * Inline before_action block * Add changelog [skip changelog] * Namespace new IdV flow routes as "v2" * Remove unnecessary route drawing Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Rename "render_if" to "check_or_render_not_found' https: //github.com//pull/6177#discussion_r849771392 Co-Authored-By: Zach Margolis <zbmargolis@gmail.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Zach Margolis <zbmargolis@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6a64ed3 - Browse repository at this point
Copy the full SHA 6a64ed3View commit details -
Add basic FormSteps flow for IdV React implementation (#6195)
* Move PageHeading to components package For reuse in verify-flow * Add basic FormSteps flow for IdV React implementation **Why**: So that we can start implementing step screens for the new, React-based identity verification flow. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Initialize React I18nContext with global locale data * Add basic personal key step content * Fix imports * Update test default i18n context * Set default I18nContext value to shared i18n instance * Import t directly Moving toward potential future removal of useI18n * Remove unnecessary string interpolation https://github.com/18F/identity-idp/pull/6195/files#r849653819 * Update usage for I18nContext.Provider Previously receives strings object, now receives I18n instance * Update personal_key info string key Changed in #6196 * Reorder props Bit easier to read with className last
Configuration menu - View commit details
-
Copy full SHA for 7b0a171 - Browse repository at this point
Copy the full SHA 7b0a171View commit details -
LG-5225 validation error IAL2 (#6190)
* add flash error for phone step in rails * Add changelog changelog: Bug Fixes, Identity Proofing, Fixed missing error message for invalid phone step submission- like non US number * updated relevant rspec test * Update spec/controllers/idv/phone_controller_spec.rb specify exact error message we are expecting (us country code) Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> * added more precise test for invalid phone number * Fix spec to test U.S. country code Co-authored-by: Nadya Primak <nadyaprimak@Nadyas-MacBook-Pro.local> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
Configuration menu - View commit details
-
Copy full SHA for 8aa2e98 - Browse repository at this point
Copy the full SHA 8aa2e98View commit details -
Remove sms_resubscribe_enabled feature flag (#6201)
**Why**: It's been enabled for a few weeks with no major issues [skip changelog]
Configuration menu - View commit details
-
Copy full SHA for 6891d1c - Browse repository at this point
Copy the full SHA 6891d1cView commit details
Commits on Apr 15, 2022
-
LG-6066: Initialize personal key value and render badge content (#6206)
* LG-6066: Initialize personal key value and render badge content **Why**: As an incremental step toward getting actual personal key initialized into the page, for feature parity with existing step. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Remove optional format argument * Avoid prompt on navigate for VerifyFlow We probably won't need it, since we'll be persisting values client-side * Use string keys for nonstandard hash key casing Should be camelCase for JavaScript app, but avoid camelCase symbols in Ruby See: #6206 (comment) Co-Authored-By: Zach Margolis <zbmargolis@gmail.com> Co-authored-by: Zach Margolis <zbmargolis@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for f671553 - Browse repository at this point
Copy the full SHA f671553View commit details -
LG-6066: Implement clipboard button on FSMv2 Personal Key step (#6204)
* Typescript-ify ClipboardButton * Move ClipboardButton to dedicated file Make room in index for React implementation * Restore index * Rename ClipboardButton to ClipboardButtonElement * Typescript-ify clipboard_button_component * Define custom element from implementation * Add global tag definition for lg-clipboard-button * Add React ClipboardButton implementation * LG-6066: Implement functional clipboard button on FSMv2 Personal Key step **Why**: So that we can retain feature parity with the existing screen. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Create README.md * Rename links.copy string to components.clipboard_button.label Associate with the component * Render default "Copy" text for button For consistency with server-side implementation * Change ClipboardButtonElement as default export Consistency * Add optional React peer dependency * Fix default import type * Fix name for ClipboardButtonElement in spec * Use personalKey text for ClipboardButton * Use index for personal key segment Avoid React warnings for duplicate content * Appease linter
Configuration menu - View commit details
-
Copy full SHA for c3f6119 - Browse repository at this point
Copy the full SHA c3f6119View commit details -
Reduce limit for RemoveOldThrottlesJob (#6199)
* Longer timeout for remove old throttles job * reduce limits rather than increase timeout changelog: Internal, Maintenance, Reduce limit for background job that cleans up old Throttle database rows
Configuration menu - View commit details
-
Copy full SHA for 6b733cf - Browse repository at this point
Copy the full SHA 6b733cfView commit details -
LG-6066: Implement print button on FSMv2 Personal Key step (#6205)
* LG-6066: Implement print button on FSMv2 Personal Key step **Why**: - So that we can retain feature parity with the existing screen. - To reduce size and scope of common application bundle - To create a more rigid connection between print JavaScript functionality and server-side render logic - To improve test coverage for existing print button behavior changelog: Upcoming Features, Identity Verification, Add personal key step screen * Create README.md
Configuration menu - View commit details
-
Copy full SHA for b8db75b - Browse repository at this point
Copy the full SHA b8db75bView commit details -
Bump async from 2.6.3 to 2.6.4 (#6208)
* Bump async from 2.6.3 to 2.6.4 Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) --- updated-dependencies: - dependency-name: async dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Add changelog changelog: Internal, Dependencies, Update dependencies to address security advisories Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
Configuration menu - View commit details
-
Copy full SHA for 5a8af56 - Browse repository at this point
Copy the full SHA 5a8af56View commit details -
Use Webpack manifest to associate asset references per pack (#6198)
* Create manifest to associate asset references per Webpack pack **Why**: Since our current approach to list assets required per pack is not scalable, and does not account. changelog: Internal, Build, Generate asset manifest during JavaScript build * Emit as assets.json * Retrieve assets from asset.json manifest output * Use existing manifest to append assets * Omit nil values from AssetSources.get_assets Because there's nil-safe navigation, so possible nil values * Add getAssetPath specs * Add specs for AssetsWebpackPlugin * Clean up unused references * Remove more remnants of asset-checker * Add specs for AssetSources.get_assets * Stub CSP method for test * Render JavaScript tag with script text argument * Add specs for render_javascript_pack_once_tags assets behavior * Avoid polluting global namespace with content_security_policy_nonce https: //github.com//pull/6198#discussion_r850804108 Co-Authored-By: Zach Margolis <zbmargolis@gmail.com> * Add inline comment describing publicPath customization #6198 (comment) * Emit asset map as JSON **Why**: Avoid risks and complication of dealing with executable script tag * bump circleci * Add type signature for getAssetPath 1. Parameter not typed (any) 2. Inferred return value is "string", when it can be undefined Co-authored-by: Zach Margolis <zbmargolis@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5a83a82 - Browse repository at this point
Copy the full SHA 5a83a82View commit details -
Background job to log psql table bloat stats (#6203)
changelog: Internal, Database, Background job to log psql table bloat stats Co-authored-by: Zach Margolis <zachary.margolis@gsa.gov>, Mitchell Henke <mitchell.henke@gsa.gov>
Configuration menu - View commit details
-
Copy full SHA for 53f8ca3 - Browse repository at this point
Copy the full SHA 53f8ca3View commit details -
Add a background job encryptor (#6211)
* Add a background job encryptor **Why**: Currently we use the session encryptor to encrypt args for async proofing activities and sessions. This adds a complication to modifying the way sessions are encrypted because it is coupled to the way background job arguments are encrypted. Adding this new encryptor (which is a clone of the session encryptor) decouples them and enables us to make changes to the session encryptor. changelog: Internal, Encryption, A new encryptor was added for handling encrypted background job arguments
Configuration menu - View commit details
-
Copy full SHA for 7e8d36d - Browse repository at this point
Copy the full SHA 7e8d36dView commit details -
Use URL-safe base64 encoding of SHA256 digest in examples (#6210)
**Why**: adheres to OIDC spec better Fixes #5991 changelog: Internal, Encoding, Use URL-safe encoding of SHA256 digests to better match OIDC spec
Configuration menu - View commit details
-
Copy full SHA for e03a691 - Browse repository at this point
Copy the full SHA e03a691View commit details
Commits on Apr 18, 2022
-
LG-6066: Add personal key confirmation modal to IDV v2 app (#6209)
* Add support for className for FormStepsContinueButton Sometimes we don't render content after it, we don't need bottom margin * Remove bottom margin from PersonalKeyStep continue button * Implement basic React modal component * Move useInstanceId to react-hooks package For reuse * LG-6066: Add personal key confirmation modal to IDV v2 app **Why**: So that a user can proceed from the personal key step to confirm their personal key and complete the proofing process. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Accept code with dashes for PersonalKeyInput See: #6209 (review)
Configuration menu - View commit details
-
Copy full SHA for aabf6ab - Browse repository at this point
Copy the full SHA aabf6abView commit details -
LG-6066: Create StepIndicator React component for proofing flow (#6187)
* Rename StepIndicator as StepIndicatorElement named export Make room for React implementation * Add global typings for lg-step-indicator **Why**: For compatibility with React usage * Define StepIndicator as side effect of import **Why**: While impure, this is the easiest way to ensure it's defined in time for the React component, is pretty common practice, and avoids inconsistency with augmented global, where registered name name is assumed. * Implement React StepIndicator, StepIndicatorStep components * Render VerifyFlow step indicator * Add documentation * Add specs for StepIndicator * Add specs for StepIndicatorStep * Take advantage of global typing for tag name definition * Add changelog changelog: Upcoming Features, Identity Verification, Add personal key step screen * Import StepIndicatorElement as type Ensure import statement is side-effecty for step-indicator-element
Configuration menu - View commit details
-
Copy full SHA for 1b1d6db - Browse repository at this point
Copy the full SHA 1b1d6dbView commit details -
LG-6066: Implement download button for personal key step (IdV app) (#…
…6215) * Button: Add support for link styled as button * Add DownloadButton component * LG-6066: Implement download button for personal key step (IdV app) **Why**: So that a user can download their personal key to their computer. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Remove unused import * Use fileName from props See: https://github.com/18F/identity-idp/pull/6215/files#r852255628 Co-Authored-By: Zach Margolis <zbmargolis@gmail.com> * Use type narrowing to avoid any-cast See: https://github.com/18F/identity-idp/pull/6215/files#r852258951 Co-Authored-By: Zach Margolis <zbmargolis@gmail.com> * Use URI encoding for download data URI consistency with server implementation see: https://github.com/18F/identity-idp/pull/6215/files#r852251328 Co-Authored-By: Zach Margolis <zbmargolis@gmail.com> * Add specs for hasProprietarySaveBlob Co-authored-by: Zach Margolis <zbmargolis@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 9c87395 - Browse repository at this point
Copy the full SHA 9c87395View commit details -
Fix Webpack asset manifest generation for production exports (#6214)
* Fix Webpack asset manifest generation for production exports **Why**: So that the asset manifest plugin correctly identifies all assets. * Handle multiple letters see: https://github.com/webpack/webpack/blob/a72548f97037c941db3320397392a329f52db66a/lib/Template.js#L149 changelog: Internal, Build, Generate asset manifest during JavaScript build * Fix typo "mangled"
Configuration menu - View commit details
-
Copy full SHA for 07ebc6e - Browse repository at this point
Copy the full SHA 07ebc6eView commit details -
Enhance FormSteps to manage history using path fragment (#6213)
* Remove query parameter style history navigation for hash fragment * Remove initialValue support from useHistoryParam YAGNI! * FormSteps: Add support for path-based history * Add basePath for VerifyFlow FormSteps * Add routes for base and personal_key_confirm * DRY common step path for IdV app routing Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Update type handling for possibly-undefined step * Fix specs * Remove step clearing logic from form completion Should be responsibility of consumer to deal with lingering path fragment upon completion if necessary changelog: Upcoming Features, Identity Verification, Add client-side application path routing * Pass basePath as data property to VerifyFlow app **Why**: Because it will be necessary to reliably create step URLs #6213 (comment) * Rename getCurrentQueryParam to getCurrentValue We're not using a query parameter format * Improve trailing slash handling for useHistoryParam Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 57da841 - Browse repository at this point
Copy the full SHA 57da841View commit details
Commits on Apr 19, 2022
-
LG-6159: Add icons for personal key buttons (#6212)
* TypeScript-ify Icon component * Add support for design system icons to Icon component * Add support for icon prop to Button component For consistency with ButtonComponent ViewComponent * Add icons for personal key buttons * Serve icon sprite asset from same origin * Add changelog changelog: Upcoming Features, Identity Verification, Add personal key step screen * Skip Rails env stubbing Not necessary, since the condition considers the config value, not env * Freeze, use set for same origin assets Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Add spec for DownloadButton icon Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 24f06a5 - Browse repository at this point
Copy the full SHA 24f06a5View commit details -
LG-6114: Use Cleave.js to format personal key (IdV app) (#6217)
* LG-6114: Use Cleave.js to format personal key (IdV app) **Why**: So that the value is more readable as the user types, and to ensure feature parity with the existing experience. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Remove explicit maxLength As confirmed via integration specs, Cleave handles this * Rename formatted-fields to ts Fix type errors * Fix formatted-fields TypeScript errors
Configuration menu - View commit details
-
Copy full SHA for 883e767 - Browse repository at this point
Copy the full SHA 883e767View commit details -
Rate limit phone confirmation attempts (#6216)
changelog: Feature, Account Management, Rate limit phone confirmation attempts
Configuration menu - View commit details
-
Copy full SHA for a682e95 - Browse repository at this point
Copy the full SHA a682e95View commit details -
fix redirect in phone throttle (#6223)
changelog: Feature, Account Management, Rate limit phone confirmation attempts
Configuration menu - View commit details
-
Copy full SHA for 6cdeec9 - Browse repository at this point
Copy the full SHA 6cdeec9View commit details
Commits on Apr 20, 2022
-
Use secure_compare for OIDC code_challenge (#6226)
**Why**: Good security practice to avoid timing attacks [skip changelog]
Configuration menu - View commit details
-
Copy full SHA for 80c903a - Browse repository at this point
Copy the full SHA 80c903aView commit details