Deploy RC 372

.gitlab-ci.yml

@@ -187,7 +187,7 @@ specs:
     POSTGRES_HOST_AUTH_METHOD: trust
     RAILS_ENV: test
   services:
-    - name: postgis/postgis:13-3.3
+    - name: postgres:13.9
       alias: db-postgres
       command: ['--fsync=false', '--synchronous_commit=false', '--full_page_writes=false']
     - name: redis:7.0

Brewfile

@@ -1,5 +1,4 @@
 brew 'postgresql@14'
-brew 'postgis'
 brew 'redis'
 brew 'node@20'
 brew 'yarn'

Gemfile

@@ -5,7 +5,6 @@ ruby "~> #{File.read(File.join(__dir__, '.ruby-version')).strip}"
 
 gem 'rails', '~> 7.1.3'
 
-gem 'activerecord-postgis-adapter', '~> 9.0'
 gem 'ahoy_matey', '~> 3.0'
 gem 'aws-sdk-kms', '~> 1.4'
 gem 'aws-sdk-cloudwatchlogs', require: false
@@ -24,7 +23,7 @@ gem 'caxlsx', require: false
 gem 'concurrent-ruby'
 gem 'connection_pool'
 gem 'csv'
-gem 'cssbundling-rails'
+gem 'cssbundling-rails', '1.0.0'
 gem 'devise', '~> 4.8'
 gem 'dotiw', '>= 4.0.1'
 gem 'faraday', '~> 2'

Gemfile.lock

@@ -136,9 +136,6 @@ GEM
       activemodel (= 7.1.3.2)
       activesupport (= 7.1.3.2)
       timeout (>= 0.4.0)
-    activerecord-postgis-adapter (9.0.1)
-      activerecord (~> 7.1.0)
-      rgeo-activerecord (~> 7.0.0)
     activestorage (7.1.3.2)
       actionpack (= 7.1.3.2)
       activejob (= 7.1.3.2)
@@ -226,7 +223,7 @@ GEM
       erubi (~> 1.4)
       parser (>= 2.4)
       smart_properties
-    bigdecimal (3.1.6)
+    bigdecimal (3.1.7)
     bindata (2.4.15)
     bootsnap (1.17.0)
       msgpack (~> 1.2)
@@ -300,8 +297,7 @@ GEM
     dotiw (5.3.2)
       activesupport
       i18n
-    drb (2.2.0)
-      ruby2_keywords
+    drb (2.2.1)
     dumb_delegator (1.0.0)
     email_spec (2.2.2)
       htmlentities (~> 4.3.3)
@@ -360,7 +356,7 @@ GEM
     htmlbeautifier (1.4.2)
     htmlentities (4.3.4)
     http_accept_language (2.1.1)
-    i18n (1.14.1)
+    i18n (1.14.4)
       concurrent-ruby (~> 1.0)
     i18n-tasks (1.0.12)
       activesupport (>= 4.0.2)
@@ -374,10 +370,10 @@ GEM
       rainbow (>= 2.2.2, < 4.0)
       terminal-table (>= 1.5.1)
     ice_nine (0.11.2)
-    io-console (0.7.1)
-    irb (1.11.0)
+    io-console (0.7.2)
+    irb (1.12.0)
       rdoc
-      reline (>= 0.3.8)
+      reline (>= 0.4.2)
     jmespath (1.6.2)
     jsbundling-rails (1.1.2)
       railties (>= 6.0.0)
@@ -428,7 +424,7 @@ GEM
     mini_histogram (0.3.1)
     mini_mime (1.1.5)
     mini_portile2 (2.8.5)
-    minitest (5.22.2)
+    minitest (5.22.3)
     msgpack (1.7.2)
     multiset (0.5.3)
     mutex_m (0.2.0)
@@ -448,7 +444,7 @@ GEM
     net-ssh (6.1.0)
     newrelic_rpm (9.7.0)
     nio4r (2.7.0)
-    nokogiri (1.16.3)
+    nokogiri (1.16.4)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
     openssl (3.0.2)
@@ -498,7 +494,7 @@ GEM
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.7.3)
-    rack (3.0.9.1)
+    rack (3.0.10)
     rack-cors (2.0.2)
       rack (>= 2.0.0)
     rack-headers_filter (0.0.1)
@@ -554,20 +550,20 @@ GEM
       thor (~> 1.0, >= 1.2.2)
       zeitwerk (~> 2.6)
     rainbow (3.1.1)
-    rake (13.1.0)
+    rake (13.2.1)
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rdoc (6.6.2)
+    rdoc (6.6.3.1)
       psych (>= 4.0.0)
     redacted_struct (2.0.0)
     redcarpet (3.6.0)
-    redis (5.0.6)
-      redis-client (>= 0.9.0)
-    redis-client (0.14.1)
+    redis (5.1.0)
+      redis-client (>= 0.17.0)
+    redis-client (0.22.0)
       connection_pool
     regexp_parser (2.9.0)
-    reline (0.4.1)
+    reline (0.5.1)
       io-console (~> 0.5)
     request_store (1.5.1)
       rack (>= 1.4)
@@ -576,10 +572,6 @@ GEM
       railties (>= 5.0)
     retries (0.0.5)
     rexml (3.2.6)
-    rgeo (3.0.0)
-    rgeo-activerecord (7.0.1)
-      activerecord (>= 5.0)
-      rgeo (>= 1.0.0)
     rotp (6.3.0)
     rouge (4.2.0)
     rqrcode (2.1.0)
@@ -686,7 +678,7 @@ GEM
     tableparser (1.0.1)
     terminal-table (3.0.2)
       unicode-display_width (>= 1.1.1, < 3)
-    thor (1.3.0)
+    thor (1.3.1)
     thread_safe (0.3.6)
     timeout (0.4.1)
     tpm-key_attestation (0.11.0)
@@ -740,7 +732,7 @@ GEM
     xpath (3.2.0)
       nokogiri (~> 1.8)
     yard (0.9.36)
-    zeitwerk (2.6.12)
+    zeitwerk (2.6.13)
     zlib (3.0.0)
     zonebie (0.6.1)
     zxcvbn (0.1.9)
@@ -749,7 +741,6 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  activerecord-postgis-adapter (~> 9.0)
   ahoy_matey (~> 3.0)
   aws-sdk-cloudwatchlogs
   aws-sdk-kms (~> 1.4)
@@ -773,7 +764,7 @@ DEPENDENCIES
   caxlsx
   concurrent-ruby
   connection_pool
-  cssbundling-rails
+  cssbundling-rails (= 1.0.0)
   csv
   derailed_benchmarks
   devise (~> 4.8)

Makefile

@@ -19,10 +19,7 @@ ARTIFACT_DESTINATION_FILE ?= ./tmp/idp.tar.gz
 	clobber_assets \
 	clobber_logs \
 	watch_events \
-	docker_setup \
 	download_acuant_sdk \
-	fast_setup \
-	fast_test \
 	help \
 	lint \
 	lint_analytics_events \
@@ -59,12 +56,6 @@ all: check
 setup $(CONFIG): config/application.yml.default ## Runs setup scripts (updates packages, dependencies, databases, etc)
 	bin/setup
 
-fast_setup: ## Abbreviated setup script that skips linking some files
-	bin/fast_setup
-
-docker_setup: ## Setup script for Docker development
-	bin/docker_setup
-
 check: lint test ## Runs lint tests and spec tests
 
 lint: ## Runs all lint tests
@@ -126,7 +117,7 @@ lint_asset_bundle_size: ## Lints JavaScript and CSS compiled bundle size
 	@# and you have no options to split that from the common bundles. If you need to increase this
 	@# budget and accept the fact that this will force end-users to endure longer load times, you
 	@# should set the new budget to within a few thousand bytes of the production-compiled size.
-	find app/assets/builds/application.css -size -220000c | grep .
+	find app/assets/builds/application.css -size -185000c | grep .
 	find public/packs/js/application-*.digested.js -size -5000c | grep .
 
 lint_migrations:
@@ -190,10 +181,6 @@ test_serial: export RAILS_ENV := test
 test_serial: $(CONFIG) ## Runs RSpec and yarn tests serially
 	bundle exec rake spec && yarn test
 
-fast_test: export RAILS_ENV := test
-fast_test: ## Abbreviated test run, runs RSpec tests without accessibility specs
-	bundle exec rspec --exclude-pattern "**/features/accessibility/*_spec.rb"
-
 tmp/$(HOST)-$(PORT).key tmp/$(HOST)-$(PORT).crt: ## Self-signed cert for local HTTPS development
 	mkdir -p tmp
 	openssl req \

README.md

@@ -18,7 +18,6 @@ Refer to the [_Local Development_ documentation](./docs/local-development.md) to
 ## Documentation
 
 - [Back-end Architecture](docs/backend.md)
-- [Docker](docs/Docker.md)
 - [Front-end Architecture](docs/frontend.md)
 - [Local Development](docs/local-development.md)
 - [Mobile local development](docs/mobile.md)

app/assets/stylesheets/_uswds.scss

@@ -6,8 +6,6 @@
 @forward 'usa-alert';
 @forward 'usa-banner';
 @forward 'usa-button';
-@forward 'usa-form';
-@forward 'usa-header';
 @forward 'usa-layout-grid';
 @forward 'usa-link';
 @forward 'usa-list';

app/assets/stylesheets/application.css.scss

@@ -4,4 +4,3 @@
 @forward 'design-system-waiting-room';
 @forward 'components';
 @forward 'utilities';
-@forward 'print';

app/assets/stylesheets/navigation.css.scss

@@ -1,5 +1,6 @@
 @use 'uswds-core' as *;
 
+@forward 'usa-header/src/styles/usa-header';
 @forward 'usa-nav/src/styles';
 @forward 'usa-sidenav/src/styles';
 

app/assets/stylesheets/print.css.scss

@@ -0,0 +1,7 @@
+nav,
+footer,
+.usa-button,
+.usa-radio__input--bordered,
+.usa-checkbox__input--bordered {
+  display: none;
+}

app/components/phone_input_component.html.erb

@@ -4,7 +4,6 @@
       data: {
         delivery_methods:,
         translated_country_code_names:,
-        captcha_exempt_countries:,
       },
     ) do %>
   <%= content_tag(

app/components/phone_input_component.rb

@@ -6,7 +6,6 @@ class PhoneInputComponent < BaseComponent
               :required,
               :allowed_countries,
               :delivery_methods,
-              :captcha_exempt_countries,
               :tag_options
 
   alias_method :f, :form
@@ -17,15 +16,13 @@ def initialize(
     allowed_countries: nil,
     delivery_methods: [:sms, :voice],
     required: false,
-    captcha_exempt_countries: nil,
     **tag_options
   )
     @allowed_countries = allowed_countries
     @confirmed_phone = confirmed_phone
     @form = form
     @required = required
     @delivery_methods = delivery_methods
-    @captcha_exempt_countries = captcha_exempt_countries
     @tag_options = tag_options
   end
 

app/controllers/concerns/two_factor_authenticatable_methods.rb

@@ -10,6 +10,26 @@ def auth_methods_session
     @auth_methods_session ||= AuthMethodsSession.new(user_session:)
   end
 
+  def handle_valid_verification_for_authentication_context(auth_method:)
+    mark_user_session_authenticated(auth_method:, authentication_type: :valid_2fa)
+    disavowal_event, disavowal_token = create_user_event_with_disavowal(:sign_in_after_2fa)
+
+    if IdentityConfig.store.feature_new_device_alert_aggregation_enabled &&
+       user_session[:new_device] != false
+      if current_user.sign_in_new_device_at.blank?
+        current_user.update(sign_in_new_device_at: disavowal_event.created_at)
+      end
+
+      UserAlerts::AlertUserAboutNewDevice.send_alert(
+        user: current_user,
+        disavowal_event:,
+        disavowal_token:,
+      )
+    end
+
+    reset_second_factor_attempts_count
+  end
+
   private
 
   def authenticate_user
@@ -163,13 +183,6 @@ def handle_valid_verification_for_confirmation_context(auth_method:)
     reset_second_factor_attempts_count
   end
 
-  def handle_valid_verification_for_authentication_context(auth_method:)
-    mark_user_session_authenticated(auth_method:, authentication_type: :valid_2fa)
-    create_user_event(:sign_in_after_2fa)
-
-    reset_second_factor_attempts_count
-  end
-
   def reset_second_factor_attempts_count
     UpdateUser.new(user: current_user, attributes: { second_factor_attempts_count: 0 }).call
   end