Merged
Conversation
* LG-10660: Consolidate MFA setup controllers changelog: Internal, Code Quality, Consolidate code paths for MFA setup * Fix YARD
The GPO reminder job currently has a query that sends an email to users who are GPO pending. Unfortunately it is configured to send an email to every user who has ever been GPO pending. As a result every pending user from all of history will receive an email once it is merged. This commit temporarily disables the job while we figure that problem out. [skip changelog]
* remove extend_timeout_using_meta_refresh before action * remove extend_timeout_using_meta_refresh before action from link sent controller changelog: Internal, Identity Verification, Remove no longer needed timeout extension for link sent * remove meta refresh from link_sent show template * Co-authored-by: Sonia Connolly<sonia.connolly@gsa.gov> * Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov> * Remove doc_auth_extend_timeout_by_minutes config -- no longer used
…guage (#9045) * send sms in selected email language changelog: User-Facing Improvements, In-person Proofing, Send sms notification in selected email language
These rake tasks were added as part of the profile state work. They were used to backfill new columns that were added to track the state of a profile with regards to fraud review. The backfills have been successfully completed so we do not need these rake tasks any longer. [skip changelog]
#9059) * changelog: Internal, add test, add test to check for sorted front end log events * lintfix * fix syntax fail
changelog: Internal, Dependencies, Enable Dependabot updates for phone metadata dependencies
Bumps [phonelib](https://github.com/daddyz/phonelib) from 0.8.2 to 0.8.3. - [Release notes](https://github.com/daddyz/phonelib/releases) - [Changelog](https://github.com/daddyz/phonelib/blob/master/CHANGELOG.md) - [Commits](daddyz/phonelib@v0.8.2...v0.8.3) --- updated-dependencies: - dependency-name: phonelib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [libphonenumber-js](https://gitlab.com/catamphetamine/libphonenumber-js) from 1.10.39 to 1.10.41. - [Changelog](https://gitlab.com/catamphetamine/libphonenumber-js/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/catamphetamine/libphonenumber-js/compare/v1.10.39...v1.10.41) --- updated-dependencies: - dependency-name: libphonenumber-js dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* changelog: User-Facing Improvements, Phone setup, Initial pr to direct users to phone single phone setup page * change routes * update to reuse phone setup controller * rubocop * update spec and styling * use new phone name title * remove unused translation * fix spec * fix factor * rubocop * make sure to add maximum account check * set up to nil * update spec * change to continue * update phone setup spec * address comments, get rid of useless feature toggle
changelog: Internal, Security, Update Rails to patch vulnerability
We are in the midst of a migration to a new KMS key that support multi-region operations. This migration involves the following steps: 1. Start writing to new columns with the new key 2. Start reading from the new columns if they have a value and using the new key to decrypt them 3. Go through and convert old rows to the new key 4. Drop the old column This commit adds code and a feature flag to allow step 2. When then flag is enabled the IDP will try to use the multi-region column's ciphertext instead of the single-region ciphertext. Note that KMS does not require a key ID for decryption. It can determine that based on the KMS ciphertext it receives for decrypt. As a result the multi-region KMS client can be used to decrypt multi-region and single-region cihpertexts. [skip changelog]
So that we can check where users clicked during an A/B test. changelog: Upcoming Features, Identity Verification Getting Started A B test, Mark new welcome template links with welcome_new
* Add skip_hybrid_handoff to analytics We want to track when users skip the HybridHandoff step because they are using a mobile device changelog: Internal, Logging, add skip_hybrid_handoff to analytics * Add skip_hybrid_handoff to ab_test_analytics_buckets So that it will show up downstream of document_capture. Also removed .compact from some analytics args so that nil values still show up. This will add redo_document_capture: nil to hybrid_handoff and document_capture analytics args. * Update analytics_spec * Allow idv_session to be undefined in ab_test_analytics_concern (hybrid flow) --------- Co-authored-by: Amir Reavis-Bey <amir.reavis-bey@gsa.gov> Co-authored-by: Jessica Dembe <jessica.dembe@gsa.gov>
* add missing tests, refactor - move class methods into a class << self block - make private methods private - only use "self" when necessary - use change to be saved helper methods changelog: Internal, In-person proofing, Refactor InPersonEnrollment model and tests
…ation if they are logged out due to it (LG-10661) (#9053) * Inform user that a service provider request is requiring re-authentication if they are logged out due to it changelog: User-Facing Improvements, Sign-In, Inform user that a service provider request is requiring re-authentication if they are logged out due to it * Update spec/controllers/concerns/forced_reauthentication_concern_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Update app/controllers/concerns/forced_reauthentication_concern.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * updates * Update app/controllers/concerns/forced_reauthentication_concern.rb Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
changelog: Internal, Scripts, Update email deliveries script to include email action
…rson Enrollments (#9065) * Add to the IEP message changelog: Internal, Cleanup, Add a message when attempting to destroy records with an In Person Enrollment associated with it * Update lib/cleanup/destroyable_records.rb Co-authored-by: Michael <107054114+mmagsa@users.noreply.github.com> --------- Co-authored-by: Michael <107054114+mmagsa@users.noreply.github.com>
…le-region KMS records (#9058) We are in the midst of a migration between KMS keys. We are changing from a single-region only key to a key that supports multi-region use. As part of this migration we are encrypting data twice: once with each of the keys. Under no circumstance should the data that is encrypted by KMS and stored be different for a given record. This commit introduces a rake task that confirms that the same data is being encrypted and written. It does so by grabbing a sample of records, removing the KMS encryption, and comparing the contents. [skip changelog]
* Delete flow_session[:threatmetrix_session_id] now that it has been moved to idv_session.threatmetrix_session_id [skip changelog] * Test threatmetrix_session_id with :show, not :upddate and make unsupervised and in_person ssn controller specs match
This commit makes a few small changes to the identity verification report: 1. Allow the report to be run without an issuer 2. Change the GPO verification counter to filter users who still new fraud review or in-person proofing 3. Change the final resolution event to filter users who still new fraud review, in-person, or GPO. Previously this used "deactivation_reason" which is not deprecated [skip changelog]
* LG-10658: Add analytics_id to logged Verify Info proofing result changelog: Internal, In-Person Proofing, Differentiate between remote and in-person flow Instant Verify / AAMVA proofing results in analytics * LG-10658: Fix tests; add missing PII-like key * LG-10658: Remove redundant hash key
…ing results analytics (#9075) [skip changelog]
jmhooper
approved these changes
Aug 24, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Internal
Upcoming Features