Merged
Conversation
* Empty commit * Fetch prior to secrets analyze * Better main detection * s/and/&&/ * Fix "if" syntax * Add changelog changelog: Internal, Continuous Integration, Add secret scanning job
The ProfileMigrationJob has migrated all of the Profile records that needed migrating so it can be removed [skip changelog]
Bumps [libphonenumber-js](https://gitlab.com/catamphetamine/libphonenumber-js) from 1.10.45 to 1.10.46. - [Changelog](https://gitlab.com/catamphetamine/libphonenumber-js/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/catamphetamine/libphonenumber-js/compare/v1.10.45...v1.10.46) --- updated-dependencies: - dependency-name: libphonenumber-js dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Remove unnecessary text_tag overrides changelog: Bug Fixes, Alerts, Fix HTML semantics for some alerts * Remove redundant margin reset on alert paragraph
* Gitignore .bak files Avoid accidentally checking in stray backup files. [skip changelog] * Ignore files with .bak extension --------- Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
Bumps [libphonenumber-js](https://gitlab.com/catamphetamine/libphonenumber-js) from 1.10.46 to 1.10.47. - [Changelog](https://gitlab.com/catamphetamine/libphonenumber-js/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/catamphetamine/libphonenumber-js/compare/v1.10.46...v1.10.47) --- updated-dependencies: - dependency-name: libphonenumber-js dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
changelog: Internal, Documentation, Update guidance for frontend error logging
Follow on to #9287, removes all references to / support for ial2_consent_given. Should not be merged until that PR is deployed. [skip changelog]
There are false positives identified when running the Gitlab secret detector locally. [skip changelog]
…9334) * Remove unused ServiceProviderMfaPolicy from GenericDeliveryPresenter changelog: Internal, Code Quality, Remove unreachable code * Remove more unused * Remove more unused
* Add and enforce analytics naming convention changelog: Internal, Analytics, Add new naming convention for analytics events * Limit AnalyticsEventNameLinter to analytics_events.rb
* remove including dav from proof_resolution in agent * remove capture_secondary_id_enabled from address form, validator and step * remove dav and capture secondary id from verify info * lint fixes * remove capture_secondary_id from state id step * update in person spec and helper * update idv step helper * remove unused strings * update step specs * update ssn and verify info specs * fix spacing for view files * update test names in state id step spec * update proofers, jobs and analytics spec * update progressive proofer spec * update pii in res proofing job spec * keep dav for proofing * revert changes * use analytics id for dav value * reference dav in specs again * make same_address_id false in analytics_spec so all in person events are triggered * remove unused address2_optional string * remove more instances of capture secondary id enabled * update email specs * update enrollment helper spec * update review spec to use mock ipp applicant and lint fix * lint fix to constants files * remove dav disabled cases from prog proofer and res adjudicator specs * update spec names in get usps proofing job * changelog: Internal, Double address verification, make dav default state for ipp * remove capture secondary id flag from id_config * add back in necessary tests and replace analytics_id check * remove needs_proof_of_address which would always be false * remove unused translations related to needs_proof_of_address * remove enrollment from passed_with_unsupported_secondary_id_type * remove reference to strings that are removed * remove config from application.yml.default * implement feedback
…9328) * add failing test changelog: Bug Fixes, OpenID Connect, Use correct redirect URIs in Content Security Policy on OIDC Logout * use logout service provider when building CSP override list in logout redirect * another test
changelog: Upcoming Features, USPS verification, fix edge case in reminder job. Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>
changelog: Internal, Dependencies, Update dependencies to resolve security advisories
changelog: Internal, Dependencies, Update dependencies to resolve security advisories
* remove load_doc_auth_async result unsed method * fix tests not to rely on load stored result async * changelog: Internal, Code Quality, remove unused async doc auth loading * remove DocumentCaptureSessionAsyncResult from codebase * resolve merge conflict * remove no longer needed begin block * remove lingering end
…to use verification code (#9308) * Add warning banner to Enter Code page about language change to use verification code changelog: User-facing Improvements, Verify by Mail, Add warning banner to Enter Code page about language change to use verification code * Adjust banner bottom margin * Fix indent * Remove unneeded div tag --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
* Update error message to say verification code changelog: User-facing Improvements, Identity Verification by mail, Update language from one-time code to verification code * Update one-time code to verification code for verification by mail * Update account page banner to say verification code * Another instance of verification code on Enter Code page * Remove extra space * LG-10807 Update user emails that refer to verify by mail codes * Move 14 day reminder email translation tags to user_mailer yamls * Replace code with verification code in 14 day reminder email * Change 'el' (the) to 'su' (your) to match English and French keys * LG-11099 Rephrase 14 day reminder letter * Update Spanish translation of 14 day reminder email
* LG-10815: Account deletion for monthly reporting changelog: Internal, Reporting, Account deletion rate (last 30 days) * Update app/jobs/reports/monthly_key_metrics_report.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * feedback * feedback --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…fing (#9343) Currently we have a before action that enforces all of the rate limits that a user might encounter during proofing. This is done so that if a user will encounter a rate limit during a proofing attempt they are sent to an error instead of being put through the process which they will not be able to complete when they reach a rate limited step. Prior to this commit we would check on all steps for whether a rate limiter has exceeded the maximum. This check was applied to all steps in a before action in `IdvStepConcern`. A consequence of this is we cannot count successful attempts towards the rate limit. In the case where we did that a user would complete a step successfully, then be redirected on the next step since the rate limiter for the previous trip exceeded the number of allowable attempts. This commit changes the logic to add methods for checking rate limits only on future steps after points in the flow where the rate limits are invoked. This will make it possible to count successful attempts towards the limit. changelog: Improvements, Rate limiting, The IdvStepConcern was modified so to enable checking rate limits on future steps instead of all steps to enable future rate limit increments on successful attempts.
soniaconnolly
approved these changes
Oct 10, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal
Upcoming Features