Merged
Conversation
- Code that leveraged this never landed on main (#7790) * Comment out postgis extension migration because postgis was removed from CI image changelog: Internal, Source code, Remove PostGIS references
changelog: Internal, Source code, Remove PostGIS references
* Update cssbundling-rails to resolve redundant Yarn install changelog: Internal, Build Tooling, Update cssbundling-rails to resolve redundant Yarn install * Bump CodeClimate
[skip changelog]
* Shift header styles to navigation (account) stylesheet changelog: Internal, Optimization, Reduce size of common application stylesheet * Render mobile nav in nav_auth partial Stronger guarantees of associated style and JavaScript being loaded where needed Avoids extra computational considerations in application layout More consistent with USWDS-documented markup for header component occurring after banner Ensures consistent header appearance on event detail page * Load application stylesheet last Prevent conflicts with equal specificity where utility classes in application stylesheet should be assumed to "win" See: #10394 (comment) * Reduce stylesheet size budget
changelog: Internal, Spam Mitigation, Remove exceptions for client-side reCAPTCHA execute
…gn-in (#10370) * LG-12294: Send single aggregated email notification for new device sign-in changelog: Upcoming Features, Sign In, Send single aggregated email notification for new device sign-in * Handle incrementing email_sent based on result * Sync sign_in_new_device_at to event creation Avoid race conditions between Time.zone.now occurring after the creation of the event and therefore later querying would not include the event * Update UserEventCreator specs * Only send new device notification for new device * Add specs for new device notification upon MFA * Create event for lapsed sign in notification window * Maintain plaintext disavowal token for calling new device alert * Optimize to avoid device query on new device notification * Update specs for send_alert call * Update specs for UserEventCreator calls to AlertUserAboutNewDevice * Update AlertUserAboutNewDevice specs to pass * Add AlertUserAboutNewDevice specs * Normalize YAML * Eagerly load device Avoid unoptimized query error, since email template events table groups by device location * Compare time ignoring Ruby vs. Postgres microseconds precision * Add feature specs for disavowing sign-in * Send new device notification for PIV/CAC sign-in * Fix Ruby Postgres precision microseconds * Limit device creation to sign-in notification spec Causes lots of unrelated spec failures * Update personal key sign-in test to reflect email sent * Add strings for notification timeframe expired * Add failing regression spec for alert on existing device * Check new device when assigning sign_in_new_device_at * Check new session before sending alert * Send alert unless session value explicitly false Shouldn't happen in the real-world, but not all tests correctly stub the session value * Add missing period for failed times message * Use singular "failed to authenticate" when no MFA events Avoid "failed to authenticate 0 times" * Add coverage for disavow second email after delayed MFA * Assert expectations prior to completing MFA * Normalize YAML
changelog: Internal, Performance, Reduce size of common application stylesheet
changelog: Internal, Performance, Reduce size of common application stylesheet
changelog: Internal, Local Development, Remove "fast" versions of setup and test tasks
It hasn't been maintained and causes more harm than good. changelog: Internal, local development, Remove Docker for local development
changelog: Internal, Dependencies, Update Redis gems
#10421) * Fix asynchronous email delivery for aggregated sign-in email changelog: Upcoming Features, Sign In, Send single aggregated email notification for new device sign-in * Add exclusion for current sync-only mailers * Default synchronous_only to false
changelog: Internal, Dependencies, Update dependencies to resolve security advisories
changelog: Internal, Database, Remove unused column from users table
…10432) * Remove short_term_phone_otp_rate_limiter_enabled configuration key changelog: Internal, Configuration, Remove short_term_phone_otp_rate_limiter_enabled configuration key * fix tests
* add latest DoS translations to hybrid handoff page [skip changelog] * happy linting * fix punctuation
* add conditional links for selfie help center articles changelog: Upcoming Features, Document Authentication, Add help center articles assisting user failing selfie match * add fr and es translation * use the hash attr in URL to implement the anchor onthe help page * happy linting
changelog: Upcoming Features, Sign In, Send single aggregated email notification for new device sign-in
…ng user (#10434) * LG-13054: Remove account creation from password reset changelog: Bug Fixes, Forgot Password, Preserve service provider metadata through password reset unrecognized email * Always deliver_now for AnonymousMailer * Fix typo asynchronously * Add spec AnonymousMailerPreview To ensure all mail methods have corresponding preview methods, and that they don't raise an error when rendered See: #10434 (comment) * Fix the other "asynchronously" typo
Adds the delivery_method (:sms or :voice) to the `IdV: phone confirmation otp submitted` event. changelog: Internal, Analytics, Track the delivery method for phone OTP codes.
changelog: User-Facing Improvements, Biometrics, Improved language on getting started page. String updates per the new LQA process and UX; also a little bit of internal cleanup on the template.
In #10385 we started writing the address the user provides in the `Idv::AddressController` to `idv_session.updated_user_address_data`. This commit starts reading the address from there so that we can eventually stop overwriting the address in `pii_from_doc`. [skip changelog]
Contributor
Contributor
Author
aduth
approved these changes
Apr 16, 2024
Renames `delivery_method` to `otp_delivery_preference` for consistency with other events. [skip changelog] Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
zachmargolis
approved these changes
Apr 16, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal
Upcoming Features