Deploy RC 367 to Production#10325
Merged
zachmargolis merged 33 commits intostages/prodfrom Mar 27, 2024
Merged
Conversation
changelog: Internal, Dependencies, Update cbor gem
changelog: Internal, Assets, Remove unused and redundant alert icons
* Remove custom lock icon changelog: Bug Fixes, Layout, Use design system asset for government banner lock icon * Remove other banner icons
* Updated content on IdV Welcome screen changelog: User-facing Improvements,Identity Verification,Improved welcome screen text Co-authored by: Andrew Duthie<andrew.duthie@gsa.gov>
* changelog: Internal, Doc Auth, download files needed for selfie capture in script When testing the new Acuant SDK v11.9.3, I found parts of the selfie functionality didn't work. After research, I realized that was because we had missing files. Our `download_acuant_sdk` script only copied over `.min.js` and `.wasm` files. We found after talking with Matt Hinz that this was because previously we only needed the document capture files. With this change, we should get everything that's needed - there is currently one file we aren't downloading - and that's the `AcuantCamera.js`. There are two reasons I chose not to download that. 1. the same code is already in place and used in `AcuantCamera.min.js`. 2. it seems like it'd be easier to just download everything, but we do want to be mindful of not including more files than we need. There is a chance that this may come up again in a future upgrade, but that is why I am updating our `docs/sdk-upgrade.md` as well. --------- Co-authored-by: Eileen McFarland <eileen.mcfarland@gsa.gov>
* Hide the hint text box when there's no text * Remove padding to hide the box when there is no text * Restyle to match document capture hint text * Minor fixes for CSS variables * Remove opacity * changelog: Bug Fixes, Selfie, Rework the selfie hint text display
On the step counter, the following titles are changed: - from `Secure your account` to `Re-enter your password` - from `Verify phone or address` to `Verify your phone number` changelog: User-Facing Improvements, Identity Verification, Step-indicator step descriptions have been revised.
) * LG-12618: log the sp request components for enhanced idv events. This change logs the resolved authn context in CloudWatch events under the key `sp_request` and provides a hash with the following keys: - `aal2?` - `biometric_comparison?` - `component_values` - array of hash: `{name:, description:}` - `hspd12?` - `ialmax?` - `identity_proofing?` - `phishing_resistant?` changelog: Internal, Logging, Includes the authn context in IdV events * Analytics#sp is the issuer, not the full ServiceProvider * Apply sp_request to all events, not just IdV * only include the component_values name * skip if parser exception * Given that these attributes are to be added to all events, we only include them if they are true * strips the trailing `?` off the keys * Much cleaner renaming of the keys * Reduce the component_values to a hash of `value: 1` key/value pairs * Cleaner conversion of component_values to hash * Replace legacy component values with L1, L2 and L0 (ialmax) * Make the legacy component values of the form `ial/n` --------- Co-authored-by: Zach Margolis <zachary.margolis@gsa.gov>
…ML (#10276) * active non biometric user can sign in to non biometric sp SAML changelog: Internal, IdV, Active non biometric user sign in to non biometric sp SAML If a user has an active non biometric profile and a pending biometric profile, they will be redirected to the SP with the non biometric attributes if the SP does not request biometrics. * replace user_has_pending_profile with user_has_usable_pending_profile? * move pending_profile_policy creation into verify_profile_concern * #user_has_usable_pending_profile? -> #user_has_pending_profile?
* add prometheus_exporter gem and feature flag * use test config stanza * changelog: Internal, Metrics, Add prometheus metrics export --------- Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov>
* Don't use stale document capture user ids for effective_user If the user deletes their account, it is possible that the user id stored in the session for document capture will not be valid. This results in analytics events being improperly attributed to `anonymous-uuid`. changelog: Bug Fixes, Identity verification, Fix log attribute issue associated with hybrid handoff. Co-authored-by: Doug Price <douglas.price@gsa.gov> * Update spec/controllers/concerns/effective_user_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> --------- Co-authored-by: Doug Price <douglas.price@gsa.gov> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* LG-12120: change translations. changelog: User-Facing Improvements, Doc Auth, Selfie errors. * LG-12120: formatting.
* Add Pending GPO to report * rename the letter event * Use the correct event * Add USPS event to spec changelog: Internal, Data Reporting, Adds the IdV: USPS address letter enqueued event to the drop-off report * Not sure why I removed these * Remove legacy percentages again
* Remove unused step indicator styles * Split account navigation styles to separate stylesheet * Move collection styles to document capture * Move modal styles to modal component * Reduce application stylesheet budget changelog: Internal, Performance, Reduce size of common application stylesheet * Revert "Move modal styles to modal component" This reverts commit 9275e2e. * Bump stylesheet size budget After reverting modal changes, will address separately * Rename nav as header
changelog: Internal, Metrics, Remove prometheus_exporter from Procfile
* Change robots to deny by default with allowlist changelog: Bug Fixes, Robots, Improve consistency of robots.txt crawling directives * Remove redundant robots meta tag * Update specs * Dynamically generate robots.txt * Remove unused disallow_all_web_crawlers config See: https://github.com/18F/identity-idp/pull/10292/files#r1537583288 * Add specs for RobotsController
* Upgrade Login.gov Design System to 9.1.0 changelog: Internal, Dependencies, Update dependencies to latest versions * Reconcile upstream merged button icon styles * Reconcile upstream merged segmented button group styles * Include design system initializer script * Remove style override Looks closer to original without the override
changelog: Internal, Code Quality, Remove unused script helper method
…10298) * Update selfie face match fail headings & body copy * Changelog: User-Facing Improvements, DocAuth, update selfie face match fail translations * normalize yaml file and fix spec drift
[See details on the reason for this change in this PR](#10283) [skip changelog]
* Refactor AssetSources class to be thread-safe changelog: Internal, Performance, Refactor AssetSources class to be thread-safe * freeze strings in TMX helper * Update spec/lib/asset_sources_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* Refactor ScriptHelper class to be thread-safe changelog: Internal, Performance, Refactor ScriptHelper class to be thread-safe * add request_store to Gemfile * remove rubocop exception
…y page (#10302) * LG-12061: All step indicator steps are shown completed on Personal Key page In #10280 we reworded the `secure_account` step to "Re-enter your password" so it no longer makes sense to have the final step be current once the user has re-entered their password. The PR adds a new current_step of `ALL_STEPS_COMPLETED` which can be used to force all steps to render as completed. changelog: User-Facing Improvements, Identity verification, On personal key screen the step indicator shows all steps complete. * Update spec/features/idv/end_to_end_idv_spec.rb Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com> * fixes failing specs --------- Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com>
Uses the same strategy that a `rails new project` would employ.
* Update Idv::CancellationsController spec to use have_logged_event * Update Idv::PhoneOtpRateLimitable spec to use have_logged_event * Update Idv::ForgotPasswordController spec to use have_logged_event * Update Idv::SessionsController spec to use have_logged_event * Update Idv::PhoneErrorsController spec to use have_logged_event * Update Idv::PleaseCallController spec to use have_logged_event * Update Idv::OtpVerificationController spec to use have_logged_event * Update Idv::ResendOtpController spec to use have_logged_event * Update Idv::ByMail::LetterEnqueuedController spec to use have_logged_event * Set allowed_extra_analytics for Idv::ByMail::RequestLetterController spec * Update allowed_extra_analytics for Idv::PersonalKeyController spec * Update Idv::PhoneController spec to use have_logged_event * Update Idv cancel spec Limit some analytics assertions using hash_including. I feel like the spirit of the assertions is still being captured, despite not exhaustively checking every argument. * [skip changelog]
* Order two_factor_enabled short-circuiting by usage changelog: Internal, Performance, Optimize check for two-factor enabled account * Move two_factor_enabled tests to MfaContext spec
* LG-12280: send image file name as metadata. changelog: Internal, Doc Auth, Log image file name. * LG-12280: update test. * LG-12280: clean up test.
changelog: User-Facing Improvements, IdV, update how verifying your identity works copy
* LG-12494: WIP. * LG-12494: Refactor generate_doc_auth_errors method for easier understanding. changelog: Internal, Doc Auth, Refactor doc auth error generation. * LG-12494: rename some local variables. * LG-12494: rename function to avoid confusion. * LG-12494: minor updates on style and naming.
changelog: Internal, Geocoder, Initialize geocoder in local development if data file present
* change error copy for selfie face match failure * Changelog: User-Facing Improvements, DocAuth, fix bug in facematch fail error copy
mitchellhenke
approved these changes
Mar 27, 2024
jmdembe
approved these changes
Mar 27, 2024
Contributor
Author
|
CI failing due to code coverage, I think it's a flake, will merge anyways |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
14 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal