Deploy RC 241 to Production

.erb-lint.yml

@@ -23,3 +23,5 @@ linters:
         suggestion: 'Rename classes that are known to be hidden by the Hush plugin'
   SpaceAroundErbTag:
     enabled: true
+  CommentSyntax:
+    enabled: true

.rubocop.yml

@@ -636,7 +636,7 @@ Metrics/BlockLength:
   CountComments: false
   Enabled: true
   Max: 25
-  IgnoredMethods:
+  AllowedMethods:
     - Struct.new
     - RedactedStruct.new
   Exclude:
@@ -1080,7 +1080,7 @@ Style/LineEndConcatenation:
 
 Style/MethodCallWithoutArgsParentheses:
   Enabled: true
-  IgnoredMethods: []
+  AllowedMethods: []
 
 Style/MethodDefParentheses:
   Enabled: true

CONTRIBUTING.md

@@ -4,7 +4,7 @@ We’re so glad you’re thinking about contributing to a Technology Transformat
 
 TTS is committed to building a safe, welcoming, harassment-free culture for everyone. We expect everyone on the TTS team and everyone within TTS spaces, including contributors to our projects, to follow the [TTS Code of Conduct](https://github.com/18F/code-of-conduct/blob/master/code-of-conduct.md).
 
-We encourage you to read this project’s CONTRIBUTING policy (you are here), its [LICENSE](LICENSE.md), [README](README.md)
+We encourage you to read this project’s CONTRIBUTING policy (you are here), its [LICENSE](LICENSE.md), and its [README](README.md). When you are ready to make a pull request, read our [pull request process](https://handbook.login.gov/articles/pull-request-review.html), which is a part of [the Login.gov Handbook](https://handbook.login.gov/).
 
 If you have any questions or want to read more, check out the [18F Open Source Policy GitHub repository]( https://github.com/18f/open-source-policy), or [send us an email](mailto:18f@gsa.gov).
 

Gemfile

@@ -93,7 +93,7 @@ group :development, :test do
   gem 'bullet', '~> 7.0'
   gem 'capybara-webmock', git: 'https://github.com/hashrocket/capybara-webmock.git', ref: '63d790a0'
   gem 'data_uri', require: false
-  gem 'erb_lint', '~> 0.1.0', require: false
+  gem 'erb_lint', '~> 0.3.0', require: false
   gem 'i18n-tasks', '>= 0.9.31'
   gem 'knapsack'
   gem 'nokogiri', '~> 1.13.10'
@@ -104,9 +104,9 @@ group :development, :test do
   gem 'pry-rails'
   gem 'psych'
   gem 'puma'
-  gem 'rspec-rails', '6.0.0.rc1'
-  gem 'rubocop', '~> 1.29.1', require: false
-  gem 'rubocop-performance', '~> 1.14.0', require: false
+  gem 'rspec-rails', '~> 6.0'
+  gem 'rubocop', '~> 1.42.0', require: false
+  gem 'rubocop-performance', '~> 1.15.0', require: false
   gem 'rubocop-rails', '>= 2.5.2', require: false
 end
 

Gemfile.lock

@@ -177,23 +177,22 @@ GEM
       coderay (>= 1.0.0)
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
-    better_html (1.0.16)
-      actionview (>= 4.0)
-      activesupport (>= 4.0)
+    better_html (2.0.1)
+      actionview (>= 6.0)
+      activesupport (>= 6.0)
       ast (~> 2.0)
       erubi (~> 1.4)
-      html_tokenizer (~> 0.0.6)
       parser (>= 2.4)
       smart_properties
     bindata (2.4.10)
     binding_of_caller (1.0.0)
       debug_inspector (>= 0.0.1)
-    bootsnap (1.9.3)
+    bootsnap (1.9.4)
       msgpack (~> 1.0)
-    brakeman (5.2.1)
+    brakeman (5.4.0)
     browser (5.3.1)
     builder (3.2.4)
-    bullet (7.0.1)
+    bullet (7.0.7)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     bundler-audit (0.9.0.1)
@@ -260,16 +259,15 @@ GEM
       htmlentities (~> 4.3.3)
       launchy (~> 2.1)
       mail (~> 2.7)
-    erb_lint (0.1.1)
+    erb_lint (0.3.1)
       activesupport
-      better_html (~> 1.0.7)
-      html_tokenizer
+      better_html (>= 2.0.1)
       parser (>= 2.7.1.4)
       rainbow
       rubocop
       smart_properties
     errbase (0.2.1)
-    erubi (1.11.0)
+    erubi (1.12.0)
     et-orbi (1.2.7)
       tzinfo
     execjs (2.8.1)
@@ -328,7 +326,6 @@ GEM
     heapy (0.2.0)
       thor
     highline (2.0.3)
-    html_tokenizer (0.0.7)
     htmlbeautifier (1.4.2)
     htmlentities (4.3.4)
     http_accept_language (2.1.1)
@@ -352,6 +349,7 @@ GEM
     jmespath (1.6.1)
     jsbundling-rails (1.0.0)
       railties (>= 6.0.0)
+    json (2.6.3)
     jwe (0.4.0)
     jwt (2.4.1)
     knapsack (4.0.0)
@@ -395,9 +393,9 @@ GEM
     method_source (1.0.0)
     mini_histogram (0.3.1)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.0)
-    minitest (5.16.3)
-    msgpack (1.4.2)
+    mini_portile2 (2.8.1)
+    minitest (5.17.0)
+    msgpack (1.6.0)
     multiset (0.5.3)
     nenv (0.3.0)
     net-imap (0.2.3)
@@ -436,7 +434,7 @@ GEM
     parallel (1.22.1)
     parallel_tests (3.7.3)
       parallel
-    parser (3.1.2.1)
+    parser (3.2.0.0)
       ast (~> 2.4.1)
     pg (1.4.5)
     pg_query (2.2.0)
@@ -467,8 +465,8 @@ GEM
     puma (5.6.4)
       nio4r (~> 2.0)
     raabro (1.4.0)
-    racc (1.6.1)
-    rack (2.2.4)
+    racc (1.6.2)
+    rack (2.2.5)
     rack-attack (6.5.0)
       rack (>= 1.0, < 3)
     rack-cors (1.1.1)
@@ -535,7 +533,7 @@ GEM
     redis-session-store (0.11.4)
       actionpack (>= 3, < 8)
       redis (>= 3, < 5)
-    regexp_parser (2.6.0)
+    regexp_parser (2.6.1)
     reline (0.2.7)
       io-console (~> 0.5)
     request_store (1.5.0)
@@ -557,13 +555,13 @@ GEM
       rspec-mocks (~> 3.11.0)
     rspec-core (3.11.0)
       rspec-support (~> 3.11.0)
-    rspec-expectations (3.11.0)
+    rspec-expectations (3.11.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
-    rspec-mocks (3.11.1)
+    rspec-mocks (3.11.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
-    rspec-rails (6.0.0.rc1)
+    rspec-rails (6.0.1)
       actionpack (>= 6.1)
       activesupport (>= 6.1)
       railties (>= 6.1)
@@ -573,21 +571,22 @@ GEM
       rspec-support (~> 3.11)
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
-    rspec-support (3.11.0)
+    rspec-support (3.11.1)
     rspec_junit_formatter (0.6.0)
       rspec-core (>= 2, < 4, != 2.12.0)
-    rubocop (1.29.1)
+    rubocop (1.42.0)
+      json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.1.0.0)
+      parser (>= 3.1.2.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.17.0, < 2.0)
+      rubocop-ast (>= 1.24.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.21.0)
+    rubocop-ast (1.24.1)
       parser (>= 3.1.1.0)
-    rubocop-performance (1.14.3)
+    rubocop-performance (1.15.2)
       rubocop (>= 1.7.0, < 2.0)
       rubocop-ast (>= 0.4.0)
     rubocop-rails (2.12.4)
@@ -664,8 +663,8 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.8)
-    unicode-display_width (2.3.0)
-    uniform_notifier (1.14.2)
+    unicode-display_width (2.4.0)
+    uniform_notifier (1.16.0)
     uuid (2.3.9)
       macaddr (~> 1.0)
     valid_email (0.1.4)
@@ -747,7 +746,7 @@ DEPENDENCIES
   devise (~> 4.8)
   dotiw (>= 4.0.1)
   email_spec
-  erb_lint (~> 0.1.0)
+  erb_lint (~> 0.3.0)
   factory_bot_rails (>= 6.2.0)
   faker
   faraday (~> 2)
@@ -804,11 +803,11 @@ DEPENDENCIES
   retries
   rotp (~> 6.1)
   rqrcode
-  rspec-rails (= 6.0.0.rc1)
+  rspec-rails (~> 6.0)
   rspec-retry
   rspec_junit_formatter
-  rubocop (~> 1.29.1)
-  rubocop-performance (~> 1.14.0)
+  rubocop (~> 1.42.0)
+  rubocop-performance (~> 1.15.0)
   rubocop-rails (>= 2.5.2)
   ruby-progressbar
   ruby-saml

Makefile

@@ -113,7 +113,7 @@ lint_yarn_lock: package.json yarn.lock
 
 lint_lockfiles: lint_gemfile_lock lint_yarn_lock ## Lints to ensure lockfiles are in sync
 
-lintfix: ## Try to automatically fix any ruby, ERB, javascript, or CSS lint errors
+lintfix: ## Try to automatically fix any Ruby, ERB, JavaScript, YAML, or CSS lint errors
 	@echo "--- rubocop fix ---"
 	bundle exec rubocop -a
 	@echo "--- erblint fix ---"
@@ -122,6 +122,8 @@ lintfix: ## Try to automatically fix any ruby, ERB, javascript, or CSS lint erro
 	yarn lint --fix
 	@echo "--- stylelint fix ---"
 	yarn lint:css --fix
+	@echo "--- normalize yaml ---"
+	make normalize_yaml
 
 brakeman: ## Runs brakeman
 	bundle exec brakeman

README.md

@@ -9,6 +9,8 @@ This repository contains the core code base and documentation for the identity m
 
 Thank you for your interest in contributing to the Login.gov IdP! For complete instructions on how to contribute code, please read through our [CONTRIBUTING.md](CONTRIBUTING.md) documentation.
 
+You may also want to read the [the Login.gov team Handbook](https://handbook.login.gov/).
+
 ## Creating your local development environment
 
 ### Installing on your local machine

app/controllers/concerns/phone_confirmation.rb

@@ -1,8 +1,10 @@
 module PhoneConfirmation
   def prompt_to_confirm_phone(id:, phone:, selected_delivery_method: nil,
-                              selected_default_number: nil)
+                              selected_default_number: nil, phone_type: nil)
+
     user_session[:unconfirmed_phone] = phone
     user_session[:context] = 'confirmation'
+    user_session[:phone_type] = phone_type.to_s
 
     redirect_to otp_send_url(
       otp_delivery_selection_form: {

app/controllers/idv/in_person/usps_locations_controller.rb

@@ -13,25 +13,25 @@ class UspsLocationsController < ApplicationController
 
       # retrieve the list of nearby IPP Post Office locations with a POST request
       def index
-        usps_response = []
+        response = []
+
         begin
           if IdentityConfig.store.arcgis_search_enabled
             candidate = UspsInPersonProofing::Applicant.new(
               address: search_params['street_address'],
               city: search_params['city'], state: search_params['state'],
               zip_code: search_params['zip_code']
             )
-            usps_response = proofer.request_facilities(candidate)
+            response = proofer.request_facilities(candidate)
           else
-            usps_response = proofer.request_pilot_facilities
+            response = proofer.request_pilot_facilities
           end
-        rescue ActionController::ParameterMissing
-          usps_response = proofer.request_pilot_facilities
-        rescue Faraday::ConnectionFailed => _error
-          nil
+        rescue => err
+          Rails.logger.warn(err)
+          response = proofer.request_pilot_facilities
         end
 
-        render json: usps_response.to_json
+        render json: response.to_json
       end
 
       def proofer

app/controllers/idv/personal_key_controller.rb

@@ -19,7 +19,10 @@ def show
     def update
       user_session[:need_personal_key_confirmation] = false
 
-      analytics.idv_personal_key_submitted(address_verification_method: address_verification_method)
+      analytics.idv_personal_key_submitted(
+        address_verification_method: address_verification_method,
+        deactivation_reason: idv_session.profile&.deactivation_reason,
+      )
       redirect_to next_step
     end
 

app/controllers/idv/review_controller.rb

@@ -58,8 +58,14 @@ def create
 
       redirect_to next_step
 
-      analytics.idv_review_complete(success: true)
-      analytics.idv_final(success: true)
+      analytics.idv_review_complete(
+        success: true,
+        deactivation_reason: idv_session.profile.deactivation_reason,
+      )
+      analytics.idv_final(
+        success: true,
+        deactivation_reason: idv_session.profile.deactivation_reason,
+      )
 
       return unless FeatureManagement.reveal_gpo_code?
       session[:last_gpo_confirmation_code] = idv_session.gpo_otp

app/controllers/two_factor_authentication/otp_verification_controller.rb

@@ -13,6 +13,7 @@ class OtpVerificationController < ApplicationController
     def show
       analytics.multi_factor_auth_enter_otp_visit(**analytics_properties)
 
+      @landline_alert = landline_warning?
       @presenter = presenter_for_two_factor_authentication_method
     end
 
@@ -56,6 +57,10 @@ def phone_enabled?
       TwoFactorAuthentication::PhonePolicy.new(current_user).enabled?
     end
 
+    def landline_warning?
+      user_session[:phone_type] == 'landline' && two_factor_authentication_method == 'sms'
+    end
+
     def confirm_voice_capability
       return if two_factor_authentication_method == 'sms'
 

app/controllers/users/phone_setup_controller.rb

@@ -11,7 +11,10 @@ class PhoneSetupController < ApplicationController
     helper_method :in_multi_mfa_selection_flow?
 
     def index
-      @new_phone_form = NewPhoneForm.new(current_user)
+      @new_phone_form = NewPhoneForm.new(
+        current_user,
+        setup_voice_preference: setup_voice_preference?,
+      )
       track_phone_setup_visit
     end
 
@@ -45,6 +48,10 @@ def set_setup_presenter
       )
     end
 
+    def setup_voice_preference?
+      params[:otp_delivery_preference].to_s == 'voice'
+    end
+
     def user_opted_remember_device_cookie
       cookies.encrypted[:user_opted_remember_device_preference]
     end
@@ -55,6 +62,7 @@ def handle_create_success(phone)
           id: nil,
           phone: @new_phone_form.phone,
           selected_delivery_method: @new_phone_form.otp_delivery_preference,
+          phone_type: @new_phone_form.phone_info&.type,
         )
       else
         flash[:error] = t('errors.messages.phone_duplicate')