Merged
Conversation
* Remove unreachable blank config lockout default logic changelog: Internal, Code Quality, Remove unreachable code paths * Replace references for removed constant * Use Rails ActiveSupport for "time ago" Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
This commit adds tooling for encrypting documents and writing them to S3 after upload. This is an addition to the attempts API. Eventually a reference for the image and an encryption key will be shared with IRS via the attmepts API. IRS will be able to use that reference and key to request the images associated with a document upload event. The changes to add those values to the attempts API are out of scope for this change and will follow in another commit. The images are encrypted first with AES-256 using a randomnly generated key. The images are then uploaded to an S3 bucket with KMS encryption enabled. This offers protection that matches our current approach to PII storage, but with a partner controlled key instead of the user's password. This implementation is partner specific. Since the images are only available to service providers that are using the attempts API it should only be enabled when the attempts API is also enabled. [skip changelog]
* LG-8139: Increase max OTP confirmation attempts changelog: Improvements, Multi-factor Authentication, Increase number of allowed MFA confirmation attempts before lock-out * Replace hard-coded max OTP attempts in specs * Fix specs, split by max attempts bucket
* changelog: Improvements, Authentication, Disable new registering of platform auth accounts * default webauthn off for now * disable webauthn * change naming convention for feature toggle * change naming convention * update webauthn platform * add feature spec for sign in * add test to ensure users dont see unneeded adding of platform auth in their account page * fix html * update spec and yml file * remove unneeded spec * dont show if u dont have face/touch unlock * update to split up webauthn platform and romaing * switch roaming and platform
[skip changelog]
* update strings and links * update failed fraud to include correct strings and links * changelog: Improvements, Results emails, update text * update reset pw link
[skip changelog]
changelog: Internal, Automated Testing, Improve reliability of successful automated tests
* Fix flakey IPP sample data rake spec changelog: Internal, Automated Testing, Improve reliability of successful automated tests * Call / stub Kernel.sleep See: #7363 (comment) Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
changelog: Improvements, Phone Registration, Add configurable phone carrier registration blocklist
- Remove associated API code, basically a revert of #5054 changelog: Internal, Reporting, Remove unused reporting code
* Prepare build-sass package for publish [skip changelog] * Re-add private field Required by linter * Add README.md * Add more package.json metadata * Add LICENSE.md
[skip changelog]
…odes (#7356) * Fix confirmation OTP text * fix test * normalize english yaml changelog: Improvements, accessibility, announce voice OTP three times * Add final english language text * clea up en yml file * fix test (again) * add translated text
* changelog: Improvements, In-Person Proofing, switch USPS locations query to POST method Changes from a GET to a POST so that it does not leak PII addresses into logs when it will be used for querying * wip respond to feedback * fix routes error * Extract fetcher into reusable method * Less confusing * Avoid double-stringifying * New and clearer naming * Remove unnecessary complexity in fetch options and rename func to something more consistent * Update app/javascript/packages/document-capture/components/in-person-location-step.tsx Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Eileen McFarland <eileenmcfarland@navapbc.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
changelog: Internal, Automated Testing, Improve reliability of successful automated tests
mitchellhenke
approved these changes
Nov 23, 2022
Gemfile
Outdated
| gem 'aws-sdk-sns' | ||
| gem 'barby', '~> 0.6.8' | ||
| gem 'base32-crockford' | ||
| gem 'blueprinter', '~> 0.25.3' |
Contributor
There was a problem hiding this comment.
Confused how this diff is here since it was also in #7376 🤔
Contributor
Author
There was a problem hiding this comment.
I. dont know. i noticed that as well.
[skip changelog]
…l Service (SES) support (#7380) * Validate email domains are ASCII to better align with AWS Simple Email Service (SES) support changelog: Bug Fixes, Email, Validate email domains are ASCII to better align with AWS Simple Email Service (SES) support * Update app/validators/form_email_validator.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * rescue email parsing exception * add domain validation to AddUserEmailForm Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
[skip changelog]
* Updating to Acuant SDK 11.7.1 * Add changelog changelog: Internal, Updates, Updating to Acuant SDK 11.7.1 * Removing unused 11.5.0 Acuant SDK files changelog: Internal,SDK Upgrade, removing unused Acuant SDK 11.5.0 files * Update spec/javascripts/packages/document-capture/components/acuant-sdk-spec.js Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> * Fixing test assumption about window scope -- What In the 11.7.0 update, the Acuant SDK was available in the global scope, but not on the window object -- and we tested for this specific case since it broke many previous assumptions. With the 11.7.1 this inconsistency has been fixed (and is even noted in the release notes here: https://github.com/Acuant/JavascriptWebSDKV11/releases/tag/11.7.1) changelog: Internal, SDK Upgrade, Upgrading Acuant SDK to 11.7.1 Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
mitchellhenke
force-pushed
the
stages/rc-2022-11-23
branch
from
3296c3c to
47d0e2c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Improvements
Bug Fixes
Internal