Deploy RC 337 to Prod

Brewfile

@@ -4,4 +4,5 @@ brew 'redis'
 brew 'node@16'
 brew 'yarn'
 brew 'openssl@1.1'
+brew 'jq'
 cask 'chromedriver'

Gemfile

@@ -46,13 +46,13 @@ gem 'maxminddb'
 gem 'multiset'
 gem 'net-sftp'
 gem 'newrelic_rpm', '~> 9.0'
-gem 'puma', '~> 5.6.7'
+gem 'puma', '~> 6.0'
 gem 'pg'
 gem 'phonelib'
 gem 'premailer-rails', '>= 1.12.0'
 gem 'profanity_filter'
 gem 'propshaft'
-gem 'rack', '>= 2.2.3.1'
+gem 'rack', '>= 3.0'
 gem 'rack-attack', '>= 6.2.1'
 gem 'rack-cors', '>= 1.0.5', require: 'rack/cors'
 gem 'rack-headers_filter'

Gemfile.lock

@@ -60,73 +60,74 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.1.1)
-      actionpack (= 7.1.1)
-      activesupport (= 7.1.1)
+    actioncable (7.1.2)
+      actionpack (= 7.1.2)
+      activesupport (= 7.1.2)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
       zeitwerk (~> 2.6)
-    actionmailbox (7.1.1)
-      actionpack (= 7.1.1)
-      activejob (= 7.1.1)
-      activerecord (= 7.1.1)
-      activestorage (= 7.1.1)
-      activesupport (= 7.1.1)
+    actionmailbox (7.1.2)
+      actionpack (= 7.1.2)
+      activejob (= 7.1.2)
+      activerecord (= 7.1.2)
+      activestorage (= 7.1.2)
+      activesupport (= 7.1.2)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.1.1)
-      actionpack (= 7.1.1)
-      actionview (= 7.1.1)
-      activejob (= 7.1.1)
-      activesupport (= 7.1.1)
+    actionmailer (7.1.2)
+      actionpack (= 7.1.2)
+      actionview (= 7.1.2)
+      activejob (= 7.1.2)
+      activesupport (= 7.1.2)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
       rails-dom-testing (~> 2.2)
-    actionpack (7.1.1)
-      actionview (= 7.1.1)
-      activesupport (= 7.1.1)
+    actionpack (7.1.2)
+      actionview (= 7.1.2)
+      activesupport (= 7.1.2)
       nokogiri (>= 1.8.5)
+      racc
       rack (>= 2.2.4)
       rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    actiontext (7.1.1)
-      actionpack (= 7.1.1)
-      activerecord (= 7.1.1)
-      activestorage (= 7.1.1)
-      activesupport (= 7.1.1)
+    actiontext (7.1.2)
+      actionpack (= 7.1.2)
+      activerecord (= 7.1.2)
+      activestorage (= 7.1.2)
+      activesupport (= 7.1.2)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.1.1)
-      activesupport (= 7.1.1)
+    actionview (7.1.2)
+      activesupport (= 7.1.2)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    activejob (7.1.1)
-      activesupport (= 7.1.1)
+    activejob (7.1.2)
+      activesupport (= 7.1.2)
       globalid (>= 0.3.6)
-    activemodel (7.1.1)
-      activesupport (= 7.1.1)
-    activerecord (7.1.1)
-      activemodel (= 7.1.1)
-      activesupport (= 7.1.1)
+    activemodel (7.1.2)
+      activesupport (= 7.1.2)
+    activerecord (7.1.2)
+      activemodel (= 7.1.2)
+      activesupport (= 7.1.2)
       timeout (>= 0.4.0)
     activerecord-postgis-adapter (9.0.1)
       activerecord (~> 7.1.0)
       rgeo-activerecord (~> 7.0.0)
-    activestorage (7.1.1)
-      actionpack (= 7.1.1)
-      activejob (= 7.1.1)
-      activerecord (= 7.1.1)
-      activesupport (= 7.1.1)
+    activestorage (7.1.2)
+      actionpack (= 7.1.2)
+      activejob (= 7.1.2)
+      activerecord (= 7.1.2)
+      activesupport (= 7.1.2)
       marcel (~> 1.0)
-    activesupport (7.1.1)
+    activesupport (7.1.2)
       base64
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
@@ -146,7 +147,7 @@ GEM
     android_key_attestation (0.3.0)
     ast (2.4.2)
     awrence (1.2.1)
-    aws-eventstream (1.2.0)
+    aws-eventstream (1.3.0)
     aws-partitions (1.792.0)
     aws-sdk-cloudwatchlogs (1.49.0)
       aws-sdk-core (~> 3, >= 3.122.0)
@@ -178,7 +179,7 @@ GEM
     aws-sdk-sqs (1.53.0)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sigv4 (~> 1.1)
-    aws-sigv4 (1.6.0)
+    aws-sigv4 (1.8.0)
       aws-eventstream (~> 1, >= 1.0.2)
     axe-core-api (4.7.0)
       dumb_delegator
@@ -193,7 +194,7 @@ GEM
       thread_safe (~> 0.3, >= 0.3.1)
     barby (0.6.8)
     base32-crockford (0.1.0)
-    base64 (0.1.1)
+    base64 (0.2.0)
     bcrypt (3.1.19)
     benchmark-ips (2.12.0)
     better_errors (2.10.1)
@@ -214,7 +215,7 @@ GEM
     brakeman (6.0.1)
     browser (5.3.1)
     builder (3.2.4)
-    bullet (7.1.0)
+    bullet (7.1.4)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     bundler-audit (0.9.1)
@@ -252,7 +253,7 @@ GEM
       addressable
     cssbundling-rails (1.0.0)
       railties (>= 6.0.0)
-    date (3.3.3)
+    date (3.3.4)
     dead_end (4.0.0)
     derailed_benchmarks (2.1.2)
       benchmark-ips (~> 2)
@@ -361,7 +362,7 @@ GEM
     jmespath (1.6.2)
     jsbundling-rails (1.1.2)
       railties (>= 6.0.0)
-    json (2.6.3)
+    json (2.7.0)
     jwe (0.4.0)
     jwt (2.7.1)
     knapsack (4.0.0)
@@ -412,12 +413,12 @@ GEM
     msgpack (1.7.2)
     multiset (0.5.3)
     mutex_m (0.2.0)
-    net-imap (0.4.2)
+    net-imap (0.4.6)
       date
       net-protocol
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
     net-sftp (3.0.0)
       net-ssh (>= 5.0.0, < 7.0.0)
@@ -426,7 +427,7 @@ GEM
     net-ssh (6.1.0)
     newrelic_rpm (9.6.0)
       base64
-    nio4r (2.5.9)
+    nio4r (2.6.1)
     nokogiri (1.14.5)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
@@ -471,45 +472,45 @@ GEM
     psych (5.1.1.1)
       stringio
     public_suffix (5.0.3)
-    puma (5.6.7)
+    puma (6.4.0)
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.7.3)
-    rack (2.2.8)
-    rack-attack (6.5.0)
-      rack (>= 1.0, < 3)
-    rack-cors (1.1.1)
+    rack (3.0.8)
+    rack-attack (6.7.0)
+      rack (>= 1.0, < 4)
+    rack-cors (2.0.1)
       rack (>= 2.0.0)
     rack-headers_filter (0.0.1)
     rack-mini-profiler (3.1.1)
       rack (>= 1.2.0)
-    rack-proxy (0.7.4)
+    rack-proxy (0.7.7)
       rack
-    rack-session (1.0.1)
-      rack (< 3)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rack-timeout (0.6.0)
+    rack-timeout (0.6.3)
     rack_session_access (0.2.0)
       builder (>= 2.0.0)
       rack (>= 1.0.0)
-    rackup (1.0.0)
-      rack (< 3)
-      webrick
-    rails (7.1.1)
-      actioncable (= 7.1.1)
-      actionmailbox (= 7.1.1)
-      actionmailer (= 7.1.1)
-      actionpack (= 7.1.1)
-      actiontext (= 7.1.1)
-      actionview (= 7.1.1)
-      activejob (= 7.1.1)
-      activemodel (= 7.1.1)
-      activerecord (= 7.1.1)
-      activestorage (= 7.1.1)
-      activesupport (= 7.1.1)
+    rackup (2.1.0)
+      rack (>= 3)
+      webrick (~> 1.8)
+    rails (7.1.2)
+      actioncable (= 7.1.2)
+      actionmailbox (= 7.1.2)
+      actionmailer (= 7.1.2)
+      actionpack (= 7.1.2)
+      actiontext (= 7.1.2)
+      actionview (= 7.1.2)
+      activejob (= 7.1.2)
+      activemodel (= 7.1.2)
+      activerecord (= 7.1.2)
+      activestorage (= 7.1.2)
+      activesupport (= 7.1.2)
       bundler (>= 1.15.0)
-      railties (= 7.1.1)
+      railties (= 7.1.2)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -524,9 +525,9 @@ GEM
     rails-i18n (7.0.6)
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 8)
-    railties (7.1.1)
-      actionpack (= 7.1.1)
-      activesupport (= 7.1.1)
+    railties (7.1.2)
+      actionpack (= 7.1.2)
+      activesupport (= 7.1.2)
       irb
       rackup (>= 1.0.0)
       rake (>= 12.2)
@@ -799,8 +800,8 @@ DEPENDENCIES
   pry-doc
   pry-rails
   psych
-  puma (~> 5.6.7)
-  rack (>= 2.2.3.1)
+  puma (~> 6.0)
+  rack (>= 3.0)
   rack-attack (>= 6.2.1)
   rack-cors (>= 1.0.5)
   rack-headers_filter

app/components/javascript_required_component.html.erb

@@ -16,7 +16,7 @@
 
     <p><strong><%= t('components.javascript_required.next_step') %></strong></p>
   <% end %>
-  <link rel="stylesheet" href="<%= no_js_detect_css_path %>">
+  <link rel="stylesheet" href="<%= no_js_detect_css_path(location:) %>">
 </noscript>
 <div class="js">
   <% if was_no_js? %>

app/components/javascript_required_component.rb

@@ -1,7 +1,7 @@
 class JavascriptRequiredComponent < BaseComponent
   include LinkHelper
 
-  attr_reader :header, :intro
+  attr_reader :header, :location, :intro
 
   BROWSER_RESOURCES = [
     { name: 'Google Chrome', url: 'https://support.google.com' },
@@ -10,8 +10,9 @@ class JavascriptRequiredComponent < BaseComponent
     { name: 'Apple Safari', url: 'https://support.apple.com/safari' },
   ].to_set.freeze
 
-  def initialize(header:, intro: nil)
+  def initialize(header:, location:, intro: nil)
     @header = header
+    @location = location
     @intro = intro
   end
 

app/components/tab_navigation_component.rb

@@ -9,8 +9,8 @@ def initialize(label:, routes:, **tag_options)
 
   def is_current_path?(path)
     recognized_path = Rails.application.routes.recognize_path(path, method: request.method)
-    request[:controller] == recognized_path[:controller] &&
-      request[:action] == recognized_path[:action]
+    request.params[:controller] == recognized_path[:controller] &&
+      request.params[:action] == recognized_path[:action]
   rescue ActionController::RoutingError
     false
   end

app/controllers/application_controller.rb

@@ -125,8 +125,8 @@ def amzn_trace_id
   end
 
   def disable_caching
-    response.headers['Cache-Control'] = 'no-store'
-    response.headers['Pragma'] = 'no-cache'
+    response.headers[Rack::CACHE_CONTROL] = 'no-store'
+    response.headers['pragma'] = 'no-cache'
   end
 
   def cache_issuer_in_cookie

app/controllers/idv/agreement_controller.rb

@@ -33,7 +33,8 @@ def update
       if result.success?
         idv_session.idv_consent_given = true
 
-        if IdentityConfig.store.in_person_proofing_opt_in_enabled
+        if IdentityConfig.store.in_person_proofing_opt_in_enabled &&
+           IdentityConfig.store.in_person_proofing_enabled
           redirect_to idv_how_to_verify_url
         else
           redirect_to idv_hybrid_handoff_url

app/controllers/idv/by_mail/enter_code_controller.rb

@@ -42,7 +42,8 @@ def index
       end
 
       def pii
-        Pii::Cacher.new(current_user, user_session).fetch
+        Pii::Cacher.new(current_user, user_session).
+          fetch(current_user.gpo_verification_pending_profile.id)
       end
 
       def create
@@ -62,8 +63,12 @@ def create
         )
 
         if !result.success?
-          flash[:error] = @gpo_verify_form.errors.first.message if !rate_limiter.limited?
-          redirect_to idv_verify_by_mail_enter_code_url
+          if rate_limiter.limited?
+            redirect_to idv_enter_code_rate_limited_url
+          else
+            flash[:error] = @gpo_verify_form.errors.first.message if !rate_limiter.limited?
+            redirect_to idv_verify_by_mail_enter_code_url
+          end
           return
         end