Merged
Conversation
* Remove unreachable blank config lockout default logic changelog: Internal, Code Quality, Remove unreachable code paths * Replace references for removed constant * Use Rails ActiveSupport for "time ago" Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
This commit adds tooling for encrypting documents and writing them to S3 after upload. This is an addition to the attempts API. Eventually a reference for the image and an encryption key will be shared with IRS via the attmepts API. IRS will be able to use that reference and key to request the images associated with a document upload event. The changes to add those values to the attempts API are out of scope for this change and will follow in another commit. The images are encrypted first with AES-256 using a randomnly generated key. The images are then uploaded to an S3 bucket with KMS encryption enabled. This offers protection that matches our current approach to PII storage, but with a partner controlled key instead of the user's password. This implementation is partner specific. Since the images are only available to service providers that are using the attempts API it should only be enabled when the attempts API is also enabled. [skip changelog]
* LG-8139: Increase max OTP confirmation attempts changelog: Improvements, Multi-factor Authentication, Increase number of allowed MFA confirmation attempts before lock-out * Replace hard-coded max OTP attempts in specs * Fix specs, split by max attempts bucket
* changelog: Improvements, Authentication, Disable new registering of platform auth accounts * default webauthn off for now * disable webauthn * change naming convention for feature toggle * change naming convention * update webauthn platform * add feature spec for sign in * add test to ensure users dont see unneeded adding of platform auth in their account page * fix html * update spec and yml file * remove unneeded spec * dont show if u dont have face/touch unlock * update to split up webauthn platform and romaing * switch roaming and platform
[skip changelog]
* update strings and links * update failed fraud to include correct strings and links * changelog: Improvements, Results emails, update text * update reset pw link
[skip changelog]
changelog: Internal, Automated Testing, Improve reliability of successful automated tests
* Fix flakey IPP sample data rake spec changelog: Internal, Automated Testing, Improve reliability of successful automated tests * Call / stub Kernel.sleep See: #7363 (comment) Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
changelog: Improvements, Phone Registration, Add configurable phone carrier registration blocklist
- Remove associated API code, basically a revert of #5054 changelog: Internal, Reporting, Remove unused reporting code
* Prepare build-sass package for publish [skip changelog] * Re-add private field Required by linter * Add README.md * Add more package.json metadata * Add LICENSE.md
[skip changelog]
Contributor
This was included in the release notes for Friday's patch deploy RC 228.1, so we should be able to leave it out of this changelog. |
aduth
approved these changes
Nov 21, 2022
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Improvements
Internal