Releases: 18F/identity-idp
Releases · 18F/identity-idp
RC 434
Bug Fixes
- Code Revert: Revert changes introduced in 7621932 (#11510)
- Code Revert: Revert changes introduced in a419d8c (#11457)
- In-person proofing: Fixes redirect for put for state id routes renaming (#11545)
Internal
- A/B Tests: Fix logging for A/B test to recommend platform authenticator to SMS users (#11549)
- Analytics: Upgrade Digital Analytics Program to v8.4 release (#11539)
- Analytics: Add tracking for sha256 change (#11552)
- Analytics: Document analytics event parameters (#11536, #11537)
- Documentation: Document usage of Lookbook for ViewComponents (#11540)
- Facial Match: Clean up config post-GA (#11533)
- Logging: Log requesting signing and certificate serial in SAML Auth Request event (#11558)
- Performance: Add preload headers for all style, script assets (#11504)
- Reporting: Do not return User UUID in requesting_issuer_uuid when generating user report (#11553)
- Reporting: Update MKMR to split verified useres by facial matching (#11557)
- Scripts: Update DataRequest script to compute requesting issuer and have configurable depth (#11541)
RC 433
Bug Fixes
- Authentication Apps: Fix error code for invalid format mentioning code sent to phone (#11521)
Internal
RC 432
2024-11-19T184527
This tag was signed with the committer’s verified signature.
aduth
Andrew Duthie
User-Facing Improvements
- F/T Unlock passkeys: Prefer residentKey for webauthn platform authenticators (#11489)
Bug Fixes
- Socure: Redirect to the capture complete page on success. (#11522)
Internal
- Dependencies: Update NPM dependencies to resolve security advisories (#11517)
- In-person proofing: Remove IPP+GPO scenario from step indicator concern (#11519)
- In-person proofing: Small cleanup related to removing dav_flag (#11508)
- Maintenance: Update postgres versions used in CI (#11518)
- Maintenance: Update knapsack testing report (#11505)
Upcoming Features
- Identity Verification: Handle Socure handoff. (#11473)
RC 431
User-Facing Improvements
- In-Person Proofing: Update the translations for the IPP option on the doc auth error page. (#11483)
- In-person proofing: Add optional results section heading pro for FullAddressSearch component (#11424)
- Localization: Improve Spanish translation for reCAPTCHA disclosure (#11493)
Bug Fixes
- Accessibility: Avoid focus loss on submit button when submitting form (#11482)
- Data Warehouse: Only export stats for tables with integer id columns (#11502)
Internal
- A/B Tests: Log A/B test buckets for Face/Touch recommend visited (#11496)
- Analytics: Add identifier for explicit frontend error logging (#11481)
- Anti-Fraud: Avoid setting reCAPTCHA token on failed execute (#11503)
- Automated Tooling: Exclude telephony strings from font glyph scraper (#11487)
- Containerization: Adding nginx image for k8s deployment (#11480)
- Dependencies: Replace Webpack dev server with zero-dependency alternative (#11485)
- Doc Auth Socure: Configure upload_disabled for socure (#11464)
- Documentation: Update port forwarding instructions for Android (#11495)
- IdV resolution: Error routing for vendor API exceptions (#11459)
- In-person Proofing: Adding graceful error handling and analytics in public usps locations controller (#11470)
- Maintenance: Remove review-app image build (#11501)
- Maintenance: Update identity-hostdata and redis-session-store to support Rails 8 (#11497)
- reCAPTCHA: Improve race condition handling for slow reCAPTCHA load (#11451)
Upcoming Features
- Document Authentication: Socure webhook event attribute updates (#11490)
- Partner Email Selection: Reset selected email session value on email deletion (#11492)
- Partner Email Selection: Fix HTML escaping for partner email sharing (#11491)
- socure: Reset socure docv url (#11498)
- socure: Remove customerUserID from document request to socure (#11486)
RC 430
User-Facing Improvements
- In-person proofing: Fix barcode page due date format for spanish, french, and chinese translations; Improve spanish translation for information alert. (#11398)
- Partner account: Confirm link leads to partner sign-in (#11439)
- Translations: Fix errant piv/cac capitalization (#11478)
Bug Fixes
- Code Revert: Revert changes introduced in 4e8a421 (#11430)
- Threatmetrix Account creation: Fixes issue with resubmission with TMX enabled for Account creation (#11471)
- Translations: Updates Simplified Chinese strings (#11461)
Internal
- Analytics: Fix duplicate logging for successful email confirmation (#11466)
- Automated Testing: Fail static analysis linting when warning messages emitted (#11458)
- Form Validation: Alias FormResponse#to_hash to #to_h (#11476)
- Performance: Remove unused email styles (#11484)
- Performance: Extract shared email confirmation behavior as needed (#11467)
- Upcoming Features: Ensure user can't switch IdV vendors while capturing. (#11425)
Upcoming Features
- Account creation: Threat metrix addiition (#11340)
- Email Sharing: Update email sharing content to be clearer to users (#11468)
- Fraud Mitigation: Add UI to simulate ThreatMetrix result in authentication (#11469)
- Identity Verification: Handle Socure handoff. (#11463)
- socure: Implement handle_connection_error for socure requests (#11430, #11477)
- socure vendor: Setting socure capture app url in document sessions table (#11475)
RC 429
User-Facing Improvements
- Automated Reports: Add color class to the recently added HRs (#11465)
Internal
- Analytics: Include FormResponse error details for reCAPTCHA at sign-in (#11456)
- CI: Testing out using the same image as everything else (#11452) (#11452)
- Identity Proofing: Send state ID type to AAMVA (#11428)
- In-person proofing: Update address search interface to remove obsolete is_pilot field (#11440)
- Reporting: S3 Bucket Name change (#11462)
- reCAPTCHA: Add error handling for failed reCAPTCHA execute (#11449)
Upcoming Features
- Email Selection feature: Add new message for email confirmation (#11443)
RC 428
User-Facing Improvements
- Email Reports: Add Login.gov colors to resport tables (LG-14431) (#11410)
- Facial Match: Configuration for releasing GA (#11418)
- In-person proofing: Update mobile layout for how to verify (#11431)
- Localization: Improve Spanish for reCAPTCHA disclosure and partner selected email (#11448)
- Reports: Add Login.gov branding to automated email reports (#11444)
Bug Fixes
- Doc Auth: Fix screenreader saying No File Chosen on inputs (#11422)
Internal
- AAMVA: Update Montana's maintenance window (#11426)
- Analytics: Track visits from "You verified your identity" email (#11413)
- Analytics: Add logging property for unchanged password reset of verified account (#11423)
- Analytics: Fix bug in protocols report (#11447) (#11447)
- Automated Testing: Use shared examples for mailer preview specs (#11446)
- Dependencies: Update Login.gov Design System from v9.3.0 to v9.4.0 (#11435)
- Dependencies: Integrate and remove dependency on Airbnb ESLint rules (#11445)
- Doc Auth: Add feature flag to enable standard socure doc capture in lower environments (#11438)
- Documentation: Clarify usage of kubernetes configurations and files (#11450)
- Fraud review: Attribute fraud review analytics events to SPs. (#11390)
- Maintenance: Update premailer and zxcvbn (#11437, #11442)
- Reporting: Add new daily sensitive job (#11405)
- Reporting: Naming improvements for table stats export (#11419)
- Upcoming Features: Create A/B test to recommend platform authenticator to SMS users (#11402)
Upcoming Features
RC 427
Bug Fixes
- In-person proofing: Fix missing success banner on phone page (#11412)
Internal
- Analytics: Fix weekly protocols report (#11406)
- Automated Testing: Improve documentation (#11417)
- Automated Testing: Improve error message when asserting logged event without stubbing analytics (#11414)
- Dependencies: Update dependencies to resolve security advisory (#11409)
- Documentation: Update local development documentation for working with PKI (#11408)
Upcoming Features
RC 426
User-Facing Improvements
- GPO flow: UI tweaks (#11346)
- IdV notifications: Redesign verify-by-mail 'letter requested' email notification (#11351)
- Integration Experience: Allowing and ignoring unknown authn_context values (#11362)
Internal
- Analytics: Add id_token_hint usage tracking (#11404)
- Analytics: Log action name with reCAPTCHA assessment result received (#11407)
- Automated Testing: Refactor 2FA setup controller specs (#11399)
- CI: Changing LOGIN_ENV to match review app environment (#11401)
- In-person Proofing: Remove same_address_as_id from analytics (#11400)
- In-person proofing: Remove old skip_doc_auth variable (#11338)
- In-person proofing: Rename state id controller routes (#11379)
- In-person proofing: Cancel enrollments with deactivated profiles during the proofing job (#11363)
- In-person proofing: Remove deprecated method that is no longer needed for backwards compatibility (#11403)
- Maintenance: Upgrade to good_job v4 (#11377)
- Performance: Enable rubocop rule to disallow OpenStruct usage (#11397)
- Reporting: Set up DataWarehouse Stale Data Check (#11386)
- Tech debt: Rename session key (#11395)
RC 425
2024-10-24T182430
This tag was signed with the committer’s verified signature.
mitchellhenke
Mitchell Henke
User-Facing Improvements
- PIV/CAC: Add PIV/CAC replacement workflow for mismatched PIV authentication (#11368)
Bug Fixes
- Database: Fix migration check method call arguments (#11388)
Internal
- Browser Support: Update browserslist database (#11387)
- Dependencies: Update to Rails 7.2 (#11357)
- In-person Proofing: Remove in_person_public_address_search_endabled variable usage (#11370) (#11370)
- In-person proofing: Delete state id FSM step files (#11324)
- MFA setup: Add attempt count to MFA setup analytics event (#11293)
- add db column: Adding socure capture app url to db (#11389)