Skip to content

r10

Latest
Latest
Compare
Choose a tag to compare
@dtisza1 dtisza1 released this 21 May 18:09
· 11 commits to master since this release
r10
This tag was signed with the committer’s verified signature.
dtisza1 David Tisza
GPG key ID: 628B06A11EB4AAD8
Verified
Learn about vigilant mode.
2134e09
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

r10 - 2021-05-21

  • fix missing authtoken in sls_token log entry. (CMSgov#921)
  • BB2-536-EOB-Hospice-Profile-Test-PR (CMSgov#915)
  • bump django to 2.2.22 to address 1 high vuln (CMSgov#919)
  • BB2-432-Fix-JSON-SERIALIZATION-IN-SLSXTokenResponse (CMSgov#912)
  • BB2-549-V2-Post-deploy-code-cleanup. (CMSgov#900)
  • BB2-608-Add-signout-to-MSLSX (CMSgov#914)
  • BB2-544 Disable redirects for /sso/signout GET request (CMSgov#917)
  • remove implicit from OIDC Discovery response. (CMSgov#918)
  • BB2-544 SLSx Sign Out (CMSgov#911)
  • BB2-469-Update-local-MSLS-service-to-simulate-SLSX (CMSgov#905)
  • BB2-591-Upgrade-Django-to-2.2.20-Pillow-to-8.2.0-etc-Address-Vulns (CMSgov#909)
  • BB2-595-Testclient-PaginationInfo-Inaccurate-On-Edgecases (CMSgov#908)
  • BB2-547-Testclient-FHIR-Response-Navigation (CMSgov#907)
  • BB-506 DASG Metrics - Adding logging to gain count information (CMSgov#906)
  • added integration tests covering EOB and Coverage search result pagination and page navigation and expected resource stats for Sample A. (CMSgov#902)
  • BB2-555 Disable the implicit auth flow options (CMSgov#901)
  • BB2-499: Replace python debugger ptvsd (deprecated) with debugpy (CMSgov#891)
  • BB2-554 Add implicit flow warning message on authenticated home (CMSgov#899)
  • BB2-397 Post-SLSX-migration-code-cleanup (CMSgov#898)
  • BB2-530-bump-pillow-and-django-versions-to-address-security-vulnerabilities (CMSgov#895)
  • BB2-494 Add FHIR payload items to logging (CMSgov#897)
  • BB2-291 Create V2 related migration files (CMSgov#896)
  • BB2-291-Support-BFD-V2-Impl-2 (CMSgov#869)
  • Have underlying boto3 library look up AWS credentials from instance role rather than manual IAM user (CMSgov#892)
  • BB2-491 Create Splunk dashboard for DASG metrics (CMSgov#890)
  • Crazy Egg lib was no longer being used. (CMSgov#888)
  • fix request logging not to choke on binary content in request.body.decode (CMSgov#887)
  • BB2-448 Create multi stage PR checks for continuous-integration/jenkins/pr-merge (CMSgov#886)
  • Add python 3.7 specific wheel of pyyaml (CMSgov#884)
  • add local mode which uses local bfd as backend, enable remote debug option. (CMSgov#883)
  • BB2-342 Improve token and request_logging (CMSgov#878)
  • BB2-21: Package upgrade, vulnerability remediation, SES signature fix (CMSgov#877)
  • BB2-451-Fix-integration-test-script-for-localmode-Windows (CMSgov#876)
  • BB2-124 Re-engineer integration tests (CMSgov#872)
  • fix unittests when ran from different context: tox after bash to container, docker-compose exec web python runtests.py (CMSgov#873)
  • BB2-391 SLSx implementation and migration (CMSgov#866)
  • BB2-312 Create audit logging regression tests (CMSgov#867)
  • BB2-349 Test Client Improvements (CMSgov#865)
  • BB2-223-ADMIN-TOOLS-BENE-DASHBOARD (CMSgov#848)
  • BB2-368: Replace BlueButton-OriginatingIpAddress with X-Forwarded-For header (CMSgov#862)
  • BB2-374 - Remediate 508 Compliance Findings Part I (CMSgov#863)
  • BB2-354 Update step description in auth flow dashboard (CMSgov#860)
  • BB2-15 Separate FHIR resource endpoints (CMSgov#857)
  • remove (revert) migration.completed from repo base dir. (CMSgov#858)
  • BB2-62: Adjust password policy to meet requirements (CMSgov#859)
  • add active to django admin filter list and display list. (CMSgov#856)
  • BB2-345 Update PKCE tests (CMSgov#855)
  • BB2-62-Strengthen-Acct-Password-Auth-No3RD-Party (CMSgov#854)
  • BB2-237 Replace asserts with exception handling (CMSgov#852)
  • BB2-149-Block-App-With-Active-Reqs-PR-2 (CMSgov#850)
  • BB2-190-fix-and-improve-sls-logger-and-sls-audit-events (CMSgov#841)
  • BB2-277 Update BB2 Splunk Authorization Flow Dashboard (CMSgov#849)
  • BB2-181 Phase-2 scopes (CMSgov#843)
  • BB2-280 Improvements from P1 Scopes logging review (CMSgov#842)
  • BB2-279-add-header-includeAddressFields-to-fhir-requests (CMSgov#838)
  • Release r54 hot fix (CMSgov#837)
  • BB2-264 Update P1 scopes to disable past access tokens (CMSgov#835)
  • BB2-276 Improve Beneficiary Authorization Flow Log Tracing (CMSgov#834)
  • BB2-132 Use stored MBIs with patient resource lookups (CMSgov#813)
  • BB2-224 Delete auth_uuid from session when done using it (CMSgov#830)
  • BB2-224 Beneficiary Authorization Flow Log Tracing (CMSgov#823)
  • add fhir id to fhir data log event. (CMSgov#828)
  • fix app form phone number field initvalue validation, re-created PR for cleaner commits history. (CMSgov#827)
  • BB2-254-improve-enhance-localdev-container (CMSgov#824)
  • BB2-251-upgrade-pillow-to-7.1.0-to-remediate-vulnerabilities (CMSgov#826)
  • BB2-218 BB2-Fail-to-log-AccessToken-Revoke-AuditEvent (CMSgov#817)
  • BB2-249 Update runtests.py to take command line args (CMSgov#821)
  • Update local docker compose file to use new domain (CMSgov#818)
  • Update PR template to use DASG template (CMSgov#815)
  • jfuqian/BB2-220 Sandbox-App-Edit-Page-Not-Show-PhoneNumber (CMSgov#816)
  • BB2-66 Fix-logo-display-in-Published-Applications-API (CMSgov#812)
  • Release-50 Hot Fix - SLS MBI empty string return bug for hash logging (CMSgov#810)
  • BB2-54 Store MBI hash in crosswalk for use with patient resource lookups. (CMSgov#806)
  • BB2-128 BUGFIX Result code 500 for invalid pattern Coverage/EOB read requests (CMSgov#804)
  • BB2-126: Update MSLS container to include MBI for local development - msls service (CMSgov#809)
  • bump Pillow to 6.2.2 and Django to 2.2.13 (CMSgov#808)
  • BB2-12 Update local docker setup and instruction (CMSgov#801)
  • BLUEBUTTON-1914 Upgrade Django to 2.2.12 (CMSgov#797)
  • BLUEBUTTON-1893 Fix issue in crosswalk admin search. (CMSgov#798)
  • Correct admin url prepend conf (CMSgov#796)
  • BLUEBUTTON-1927 Modify response when bene does not have data. (CMSgov#794)
  • BLUEBUTTON-1893 Remove resource router (CMSgov#789)
  • Update query_schema to match multi type values (CMSgov#790)
  • BLUEBUTTON-1860 Allow list the _lastUpdated parameter for FHIR resource requests (CMSgov#791)
  • Remove patient requirement in test eob function (CMSgov#792)
  • BLUEBUTTON-1647 Demographic filter scopes phase1 (CMSgov#788)
  • BLUEBUTTON-1526 Format User Account Settings Page (CMSgov#786)
  • BLUEBUTTON-1729 applications admin metrics 500-error (CMSgov#785)
  • BLUEBUTTON-1794 add warning to test client (CMSgov#783)
  • BLUEBUTTON-1728 Crosswalk ADMIN search 500-error (CMSgov#784)
  • Assert consistent fhir-id (CMSgov#780)
  • Explicitly log app approvals (CMSgov#777)
  • Filter admin list of users by type (CMSgov#776)
  • Require a fhir_id to be set on a crosswalk (CMSgov#779)
  • BLUEBUTTON-1685 Immutable crosswalk (CMSgov#772)
  • Do not set default crosswalk values for dev users (CMSgov#775)
  • BLUEBUTTON-1665 Clarify the flow of sls based identification (CMSgov#771)
  • BLUEBUTTON-1682 Reference SLS workflow docs (CMSgov#773)
  • BLUEBUTTON-1665 Remove SLS uuid truncation (CMSgov#769)
  • Update vendor file for Pillow version (CMSgov#767)
  • Bump pillow from 5.4.1 to 6.2.0 in /requirements (CMSgov#758)
  • BLUEBUTTON-1600 Updates bootstrap and jquery versions from audit results (CMSgov#766)
  • Mark the session cookie as secure (CMSgov#763)
  • Remove references to tealium (CMSgov#764)
  • Migrate database to allow mfa relation to be nulll (CMSgov#761)
  • Fixes link to developer resorces image (CMSgov#762)
  • Removes forEach for IE compatibility and speed (CMSgov#759)
  • Adds a string to autocomplete so the browser wont suggest users names for their application name (CMSgov#757)
  • Adds error message functionality back to app registration form (CMSgov#756)
  • BLUEBUTTON-1337 Sandbox UI - Accessibility Improvements (CMSgov#755)
  • Implement recommended changes from lgtm.com (CMSgov#753)
  • configure lgtm.com tool for this project. (CMSgov#754)
  • Public applications (CMSgov#752)
  • Claim type filter (CMSgov#751)
  • Bluebutton 1254 - Sandbox UI Updates (CMSgov#750)
  • change system value in smart-on-FHIR section of capability statement (CMSgov#748)
  • ensure health endpoints are from the root (CMSgov#749)
  • A template to follow when creating a PR in github (CMSgov#747)
  • BLUEBUTTON-1203 Independant health checks (CMSgov#746)
  • BLUEBUTTON-771 Remove MFA (CMSgov#745)
  • Bump Django from 2.1.10 to 2.1.11 (CMSgov#744)
  • Correct order of userinfo authorization checking (CMSgov#743)
  • BLUEBUTTON-1067 Hash hicn once (CMSgov#741)
  • Create Permissions class for ProtectedCapabilities (CMSgov#738)
  • BLUEBUTTON-1077 Change to set DEFAULT_SAMPLE_FHIR_ID from ENV var (CMSgov#740)
  • RELEASE-38 FIX Remove migrate crosswalks for DPR cutover code (CMSgov#739)
  • BLUEBUTTON-938 dpr switch in test pr-2 (CMSgov#737)
  • Update django 2.1.10 and drf 3.9.1 (CMSgov#736)
  • BLUEBUTTON-938 dpr switch in test (CMSgov#735)
  • BLUEBUTTON-970 Add identification label to developers endpoint (CMSgov#734)
  • Passthrough query params (CMSgov#732)
  • Hot fix r37 for login template messages (CMSgov#733)
  • BLUEBUTTON-934 New User Self-Identification (CMSgov#730)
  • BLUEBUTTON-937 Disable email field in AccountSettingsForm (CMSgov#731)
  • BLUEBUTTON-919 Remove app description validations from ADMIN (CMSgov#729)
  • Apply change from release 36 fix (CMSgov#727)
  • Removes Slack reference from email template (CMSgov#728)
  • BLUEBUTTON-891 Update urllib3 package (CMSgov#726)
  • Remove dead code (CMSgov#725)
  • BLUEBUTTON-900 Create labels filter on application list endpoint (CMSgov#724)
  • BLUEBUTTON-903 Create app category labels endpoint (CMSgov#723)
  • BLUEBUTTON-864 Remove secret questions and update forgot pass flow to Django builtins (CMSgov#722)
  • Resove log errors when objects are None (CMSgov#721)
  • BLUEBUTTON-659 Welcome email to confirm account (CMSgov#718)
  • Create waffle switches for local development testing (CMSgov#720)
  • Add waffle switch for applications list endpoint (CMSgov#719)
  • BLUEBUTTON-773 Use the built in Django authorization tools (CMSgov#717)
  • BLUEBUTTON-772 remove user invite code and add feature flags (CMSgov#716)
  • BLUEBUTTON-776 Add logo upload to application ADMIN (CMSgov#715)
  • BLUEBUTTON-774 remove unused files (CMSgov#714)
  • BLUEBUTTON-749 Serve OpenAPI doc at /v1/openapi.<json, yaml> (CMSgov#713)
  • BLUEBUTTON-769 Fix bug in application NEW_RELEASE_HISTORY user delete (CMSgov#712)
  • Add list display/filter to app label admin (CMSgov#711)
  • BLUEBUTTON-746 Package upgrades (CMSgov#710)
  • BLUEBUTTON-669 Remove text message MFA (CMSgov#708)
  • BLUEBUTTON-522 application list (CMSgov#707)
  • BLUEBUTTON-737 Updates help text. (CMSgov#705)
  • BLUEBUTTON-608 Robust userinfo logic in testclient (CMSgov#702)
  • Fix setup issue (CMSgov#703)
  • Revert STATIC_URL setting back to original (CMSgov#701)
  • Fix location of IS_MEDIA_URL_LOCAL setting (CMSgov#700)
  • BLUEBUTTON-192 Developer uploads logo in Register App view (CMSgov#697)
  • BLUEBUTTON-738 Label Applications (CMSgov#699)
  • BLUEBUTTON-720 R29 patch (CMSgov#698)
  • BLUEBUTTON-646 Application support contacts (CMSgov#696)
  • Revert Pass paging off to the fhir data-server (CMSgov#683) (CMSgov#688)
  • Bluebutton 638 more descriptive 404 reason (CMSgov#685)
  • Pass paging off to the fhir data-server (CMSgov#683)
  • BLUEBUTTON-666 Add login using email address in addition to username (CMSgov#684)
  • BLUEBUTTON-464 Allow unknown schemes in application redirects (CMSgov#682)
  • BLUEBUTTON-572 Require an active Grant for data access (CMSgov#680)
  • Fix grant migration (CMSgov#681)
  • BLUEBUTTON-633 Remaining Bootstrap Removal Fixes (CMSgov#679)
  • BLUEBUTTON-640 Add additional fields to app admin metrics view (CMSgov#678)
  • BLUEBUTTON-630 add application description (CMSgov#677)
  • BLUEBUTTON-573 Revoke Grants (CMSgov#674)
  • Sandbox Nav Update and Bootstrap Removal (CMSgov#676)
  • BLUEBUTTON-634 add field app website (CMSgov#675)
  • 609: Adding Crazy Egg script (CMSgov#673)
  • Adding bucket details for collectstatic s3 storage. (CMSgov#672)
  • Adds bluebutton-css to gitignore and updates the README (CMSgov#671)
  • BLUEBUTTON-571 Data Access Grant (CMSgov#670)
  • Reference bluebutton-css in collectstatic pipeline (CMSgov#669)
  • Bluebutton-590 Add synthetic beneficiaries to application endpoint (CMSgov#667)
  • Render and filter a list of archived tokens (CMSgov#668)
  • Clean old vendor package files (CMSgov#666)
  • Update requests lib to 2.20.0 (CMSgov#664)
  • Record deleted access tokens in an archive (CMSgov#663)
  • Removing leading / from static and appending / to URL reference. (CMSgov#662)
  • Bluebutton-502 update Django version to 2.1.2 (CMSgov#652)
  • Set streaming serialization separately from many (CMSgov#661)
  • 520 - Adds CrazyEgg Script to template (CMSgov#660)
  • Fix Crosswalk admin list to handle Null fhir_source (CMSgov#659)
  • Update migrations files. (CMSgov#658)
  • BLUEBUTTON-457 Streaming CSV Download (CMSgov#657)
  • BLUEBUTTON-363 BLUEBUTTON-364 Get info on devs for Group2/3 (CMSgov#656)
  • Updates URL to match new s3 deployment (CMSgov#655)
  • Change resource router refs baseDstu3 to v1/fhir (CMSgov#653)
  • BLUEBUTTON-501 Return 404 on token not found durring refresh (CMSgov#649)
  • BLUEBUTTON-455 Add pagination to developer metrics (CMSgov#650)
  • BLUEBUTTON-491 Fix links in activation email templates (CMSgov#648)
  • Fix sqlparse requirement. (CMSgov#646)
  • Require pkce for native reidrect uri scheme (CMSgov#645)
  • BLUEBUTTON-447 PKCE exchange and validation (CMSgov#643)
  • Adds updates to Blue Button login page and other improvements (CMSgov#644)
  • BLUEBUTTON-358 Validate and transform request params to serach ep (CMSgov#642)
  • BLUEBUTTON-448 Allow Applications to have custom redirect schemes (CMSgov#638)
  • BLUEBUTTON-426 Add dependencies for djangorestframework-csv (CMSgov#640)
  • BLUEBUTTON-426 Output dev groups as csv (CMSgov#639)
  • Bluebutton 427 unique app names case insensitive (CMSgov#637)
  • BLUEBUTTON-229 Unique app names (CMSgov#636)
  • BLUEBUTTON-362 List devs by date joined and apps created (CMSgov#635)
  • Adds significant updates to authorization page/custom scss (CMSgov#634)
  • Remove conditional around signup link (CMSgov#633)
  • Correct unicode symbol in signup link (CMSgov#632)
  • BLUEBUTTON-372: NAVBAR needs edit for PROD (CMSgov#631)
  • BLUEBUTTON-371: Bad link shows up on api.bluebutton.cms.gov home page when not logged in. (CMSgov#630)
  • BLUEBUTTON-188 add items to bene consent view (CMSgov#629)
  • BLUEBUTTON-206 Updated authorization view content (CMSgov#628)
  • [WIP] Pass X-Forwarded headers and remove post-processing logic (CMSgov#623)
  • Correct medicare_login_uri config (CMSgov#625)
  • Fix format value in CapabilityStatement (CMSgov#624)
  • BLUEBUTTON-303 Include developers organization name in logs (CMSgov#622)
  • BLUEBUTTON-285 Include env (dev,prod, etc.) in json log formatter (CMSgov#620)
  • BLUEBUTTON-291 Make sure we use env-specific logging configs (CMSgov#621)
  • BLUEBUTTON-214 Serialize and log interactions with SLS (CMSgov#619)
  • BLUEBUTTON-291 Refactor app configuration management (CMSgov#618)
  • Python34 compat (CMSgov#617)
  • BLUEBUTTON-213 Log FHIR data requests (CMSgov#616)
  • BLUEBUTTON-301: (CMSgov#614)
  • BLUEBUTTON-215 Log access token creation and deletion (CMSgov#615)
  • BLUEBUTTON-208 Add data and unique bene counts to application view (CMSgov#612)
  • BLUEBUTTON-209 Add admin endpoints for count metrics (CMSgov#611)
  • BLUEBUTTON-162 Upgrade django-oauth-toolkit to 1.1.2 main release (CMSgov#608)
  • BLUEBUTTON-274 Create /health endpoint (CMSgov#610)
  • Add dependency on requests_oauthlib for testclient (CMSgov#609)
  • BLUEBUTTON-170 Remove unused scope-authorize path (CMSgov#607)
  • BLUEBUTTON-168 Remove broken reissue api keys logic (CMSgov#606)
  • BLUEBUTTON-167 Remove broken display api keys logic (CMSgov#605)
  • BLUEBUTTON-166 Remove unused social-auth behavior (CMSgov#604)
  • BLUEBUTTON-207 Audit log request/response pairs. (CMSgov#602)
  • BLUEBUTTON-198 Modularize request processing flow (CMSgov#599)
  • BLUEBUTTON-242 Stateless authorization (CMSgov#603)
  • Tweaks to ops/build_release.sh (CMSgov#601)
  • Handle the search request case with no entry (CMSgov#600)
  • Return application/json on 4xx/5xx errors (CMSgov#597)
  • Recheck fhir_id on any request if it is empty (CMSgov#596)
  • [CBBP-986] Push release info to github to annotate tags with release notes (CMSgov#595)
  • Merge pull request CMSgov#594 from CMSgov/release-12
  • scrap RELEASE.txt
  • Update release notes for r12
  • [CBBP-986] Generate release notes based on commit message (CMSgov#593)
  • Test for explicit URL structure (CMSgov#592)
  • Raise exception for failure response from backend (CMSgov#591)
  • Merge pull request CMSgov#590 from CMSgov/develop
  • Merge pull request CMSgov#589 from CMSgov/python-reqs-vendor
  • edits to requirements/README.md
  • add a makefile w/ tasks to manage python requirements, update the requirements docsgs
  • Merge branch develop into python-reqs-vendor
  • Merge pull request CMSgov#588 from whytheplatypus/data-server-comms
  • use requirements.txt consistently
  • add a vendor dir for python reqs, add requirements/README.md describing how to use vendored python reqs
  • Look into class based views for fhir resources
  • Expose highlevel behavior in view functions Allows us to conceptualize all steps without exposing the nitty gritty
  • Merge pull request CMSgov#587 from CMSgov/delete-empty-folder
  • Delete unused file
  • Merge pull request CMSgov#586 from CMSgov/add-client-id-to-admin
  • Re-add scopes column
  • Add client ID to admin
  • Merge pull request CMSgov#585 from dtisza1/CBBP-1021_remove_email_bounce_endpoint
  • Remove email_bounce endpoint per CBBP-1021
  • Merge pull request CMSgov#584 from CMSgov/delete-future-headers-2
  • Merge branch develop into delete-future-headers-2
  • Merge pull request CMSgov#583 from whytheplatypus/sls-oidc
  • Remove future headers
  • Test directory for mymedicare_cb
  • Authenticate BB with SLS durring token exchange
  • Merge pull request CMSgov#581 from CMSgov/clean-mymedicare_cb-updates
  • Update mymedicare_cb views
  • Merge pull request CMSgov#580 from CMSgov/revert-578-cbbp-1023_pass_server_info_with_hard_coding
  • Revert Cbbp 1023 pass server info with hard coding
  • Merge pull request CMSgov#575 from CMSgov/header-cleanup-part-1
  • Merge branch develop into header-cleanup-part-1
  • Merge pull request CMSgov#578 from CMSgov/cbbp-1023_pass_server_info_with_hard_coding
  • CBBP-1023: Flake8 fix
  • CBBP-1023: Flake8 fix
  • Merge remote-tracking branch origin/develop into cbbp-1023_pass_server_info_to_backend
  • CBBP-1023: pass server protocol + hostname + fhir_inbound base_uri to back-end Part of prep to eliminate need to search and replace in json returned from back-end.
  • CBBP-1023: pass server protocol + hostname + fhir_inbound base_uri to back-end Part of prep to eliminate need to search and replace in json returned from back-end.
  • Merge pull request CMSgov#576 from whytheplatypus/fix-leaky-db-setting
  • Remove leaky database setting Enter database setting via env with sane default directly into djangos standard setting var.
  • Merge pull request CMSgov#570 from whytheplatypus/app-sls-auth
  • Improve naming for SLS auth functions
  • Remove extra loggers
  • Header Cleanup Part 1
  • Add interface to manage a users tokens
  • Default values for scopes
  • Add an auth method using app creds and sls uuid
  • Merge pull request CMSgov#574 from whytheplatypus/backend-keep-alive
  • CBBP-1018: Add keep-alive value via set_default_header using value from base.py.
  • CBBP-1018: fix EOB Timeout While testing for the hicnHash issue I found a problem with retrieving the EOB. Testing identified the need for a keep-alive value in the header. This PR adds a setting to base.py and then uses the value to set the keep-alive value in the headers in apps.fhir.bluebutton.utils request_call and request_get_with_params functions.
  • Merge pull request CMSgov#571 from CMSgov/CBBP-975
  • Fix spelling
Assets 2
Loading