Releases: 18F/identity-idp
Releases · 18F/identity-idp
RC 385
User-Facing Improvements
- Authentication: Translation updates from previous sprint (#10669)
Internal
- CI: Handle multiple kube contexts (#10715) (#10715)
- Code Quality: Remove unused analytics methods (#10718)
- OIDC: Remove gate allowing backward compatabilty for x509:presented attr value (#10701)
- Reporting: Refine Protocols report (#10699)
- Reporting: Key metrics count (#10710)
- Source code: Update RuboCop lint rules (#10716)
- Source code: Unify related classes (#10720)
RC 384
RC 384 is a redo of RC 383
Bug Fixes
- Code Revert: Revert changes introduced in fb74d7b (#10627)
- Code Revert: Revert changes introduced in 30cb0f3 (#10629)
- Code Revert: Revert changes introduced in 6c16f7a
Internal
- Analytics: Remove track_mfa_submit analytics pass-through method (#10679)
- Code Quality: Remove unused code (#10705, #10706)
- Code Quality: Remove unused feature flags (#10693)
- Dependencies: Update dependencies to latest versions (#10698)
- Document Authentication: Add zipcode to analytics events (#10696)
- FormObject normalization: Updates the HowToVerify flow (#10682)
- Performance: Reduce size of application stylesheet (#10703)
- Reporting: Key metrics count (#10691)
RC 383
Warning
This release was rolled back
User-Facing Improvements
- SAML: Validate requested NameID formats and return appropriate response (#10629)
Internal
- Analytics: Remove track_mfa_submit analytics pass-through method (#10679)
- Code Quality: Remove unused code (#10705)
- Code Quality: Remove unused feature flags (#10693)
- Dependencies: Update dependencies to latest versions (#10698)
- FormObject normalization: Updates the HowToVerify flow (#10682)
- Performance: Reduce size of application stylesheet (#10703)
- Reporting: Key metrics count (#10691)
RC 382
User-Facing Improvements
- Account Management: Prompt user to confirm setting up backup codes from account page (#10685)
- Authentication: Translations fixing for DOS (#10642)
- Authentication: Update translations (#10651)
- Doc Auth: Simpliefied Chinese translations (#10557)
- IdV: Update translations for agreement step screen (#10675)
- In-person proofing: Update translations for Opt-in IPP non-biometric (#10428)
Bug Fixes
- Code Revert: Revert changes introduced in 97e5c06 (#10689)
- Selfie: Fix problem with focus jumping for screenreader while capturing selfie (#10668)
Internal
- Code Quality: Remove unused Step Indicator component styles (#10661)
- Continuous Integration: Fix command for review app configuration in GitLab job (#10667)
- Design System: Use design system centered variant for banner (#10663)
- Doc Auth: Add tests for resubmit h1 and body copy (#10674)
- Document Authentication: TrueIDReponse successful if transaction status passes (#10427)
- FormObject: Fix usage in AgreementController (#10652)
- Identity verification: Send issue + expiry date to AAMVA (#10653)
- In-Person Proofing: Prevent get usps proofing results job spec to pass when enrollment status by email is enabled (#10671)
- Logging: Log whether the state ID issue/exp dates are present. (#10658)
- Performance: Verify and consume backup code in single database transaction (#10687)
- Performance: Optimize size of fonts to include only content character data (#10655)
- Performance: Reduce path size for static assets (#10677)
- Performance: Delete and regenerate backup codes in a single transaction (#10686)
- Performance: Avoid outputting font-face for unused light font weight (#10673)
- Reporting: Added new billing report fields (#10683)
- Source code: Remove unused scripts (#10579)
- in-person-proofing: Rename skip_doc_auth (#10672)
Upcoming Features
RC 381
User-Facing Improvements
- Doc Auth: Fix error messaging for case of multiple errors (#10635)
- GPO verify: Improved letter enqueued language (#10611)
- IdV: Remove Get Help CTA from non fraud screens (#10639)
- Layout: Error message on IdV code entry now is full width. (#10643)
Internal
- Automated Testing: Remove unused spec user factory traits (#10645)
- Build Tooling: Use SHA256 for JavaScript subresource integrity (#10647)
- CI: Set env for reviewapp deployment (#10657) (#10657)
- Internationalization: Fix language picker when displaying in Chinese (Simplified) (#10656)
- Maintenance: Update rexml gem (#10641)
- Rate Limiting: Use configured locales when building path-based rate limits (#10636)
- Reporting: Fix the date range nil check for both billing reports (#10634)
- Security: Add subresource integrity for design system initializer script (#10648)
- Translations: Update translations for language pickers (#10640)
Upcoming Features
- Chinese Language: Fix content for Chinese verified text (#10654)
RC 380
Internal
- Authentication Funnel Report: Remove AAL2 lines from Auth Funnel report (#10622)
- Code Quality: Improve readability of view form code (#10610)
- Continuous Integration: Upgrade to Ruby 3.3.1 (#10609)
- Dropoff Report: Make Dropoff Report able to be sent automatically (#10399, #10630, #10631)
Upcoming Features
- Biometrics: Modified UX/Content on How to Verify view conditionally for biometrics (#10524)
RC 379
User-Facing Improvements
- Authentication: Update language to DoS standards (#10461)
- Please call email: Add zh translation (#10588)
Bug Fixes
- Forms: Disable autocomplete consistently for all forms (#10604)
- New Device Detection: Extend duration of permanent device cookie on every user event (#10606)
- Security: Support POST for OIDC RP-Initiated Logout 1.0 (#10573)
- Sign In: Fix typo for error message on exceeded sign-in attempts (#10590)
- State id: Check ssn so view is not changed to update erroneously (#10567)
Internal
- Analytics: Adds property to SP redirect initiated event (#10560)
- Analytics: Include user_id in piv_cac_login event (#10584)
- Automated Testing: Fail build on unnecessary allowed_extra_analytics (#10571, #10617)
- Continuous Integration: Upgrade to Ruby 3.3.1 (#10609)
- Doc Auth: Clean up exit survey (#10572)
- DocAuth: Remove outdated Acuant SDK version (#10582)
- IdV: Fix error Identity report job with empty email array (#10577)
- Internationalization: Add consistency checks for whitespace in internationalization (#10583)
- OpenID Connect: Respect openid_connect_content_security_form_action_enabled configuration on client-side redirects (#10603)
- Performance: Optimize preload response headers to prioritize critical assets (#10612)
- Post office search spec: Remove unused arcgis test (#10607)
- Reporting: New billing_report_v2 with partner (#10613)
- Reporting: Update specs and unique partner helper (#10556)
- Reporting: Create protocols report (#10537)
- Reporting: Create LOA ACR requests report (#10562)
- Security Tooling: Configure Dependabot for security updates, major Stylelint releases (#10576, #10585, #10589, #10601)
- Source code: Reformat i18n files to simplify merges (#10503)
- Source code: Update internationalization specs (#10580)
- Spam Mitigation: Add resource hints to improve load speed for reCAPTCHA (#10616)
- Tech Debt: Renames CaptureDocStatusController to LinkSentPollController (#10615)
- Tests: Improve test message for unused allowed untranslated keys (#10574)
- in-person-proofing: Add new skip_doc_auth name (#10586) (#10586)
- in-person-proofing: Add new skip_doc_auth name (#10605)
RC 378
User-Facing Improvements
- Identity Verification: Updates the step indicator on all IdV paths. (#10353)
- redirect: Redirect user when canceling after first method setup (#10405)
Internal
- Build Tooling: Resolve nested selectors with Stylelint selector-class-pattern configuration (#10563)
- Build Tools: Replace stylelint-config-recommended-scss with stylelint-config-standard-scss (#10564)
- Dependencies: Update dependencies to latest versions (#10559, #10569, #10570)
- Document Authentication: Remove implementation of document escrow (#10561)
- Documentation: Document additional analytics events properties (#10548)
- IdV: Add Proofing Rate Metrics to IdentityVerificationReport and rename metrics names (#10566)
- In-Person Proofing: Remove hardcoded prod block for selfie feature (#10516)
- Spam Mitigation: Annotate reCAPTCHA assessments with MFA results (#10522)
- State id: Update route for controller version (#10507)
- Vector of Trust: Removed use of sp_session[:biometric_comparison_required] (#10531)
RC 377
User-Facing Improvements
- Identity verification: Update spanish LQA translation on agreement step (#10558)
- Identity verification: Don't tell users to request a new verify by mail letter when they can't. (#10534)
- Selfie: Fix inline error text above selfie box (#10513)
- Identity Verification, A/B test to try out 10-digit OTP for Identity Verification (#10480)
Internal
- CI: Fix typo in .gitlab-ci.yml for pivcac address (#10547)
- Code Quality: Remove unused method (#10553)
- Code Quality: Fix typos in code naming (#10554)
- Code Quality: Remove unused code (#10544)
- Component Previews: Support localization for component previews (#10542)
- Database: Drop unused column (#10551)
- Dependencies: Update dependencies to latest versions (#10550)
- Logging: Adding dn uuid to logging dn configuration for easier cross pki logging (#10512)
- Translations: Update existing translations for French and Spanish (#10191)
- UspsAuthTokenRefreshJob: Rescue Faraday::ServerError (#10533)
- reCAPTCHA: Refactor reCAPTCHA validator as form model (#10540, #10549)
- reCAPTCHA: Configure reCAPTCHA score threshold for local development (#10543)
- reviewapps: Remove postgres creds to make latest version of (#10539)
RC 376
User-Facing Improvements
- Doc Auth: Camera permission messages. (#10379)
- MFA: Remove backup code pre-warning from setup flow (#10088)
Internal
- Continuous Integration: Fix Pinpoint Maintenance Script (#10532)
- Dependencies: Update dependencies to latest versions (#10535)
- Doc Auth: Analytics log for birth year (#10511)
- IdV: Rename letter_reminder and gpo_reminder (#10528)
- Identity verification: Remove biometric_comparison_required query param (#10526)
- Reporting: Add new columns to spreturnlogs (#10510)
- reviewapps: Update env to use new helm chart config format (#10525)