Skip to content

Deploy RC 345 to Prod#9885

Merged
amirbey merged 21 commits intostages/prodfrom
stages/rc-2024-01-09
Jan 9, 2024
Merged

Deploy RC 345 to Prod#9885
amirbey merged 21 commits intostages/prodfrom
stages/rc-2024-01-09

Conversation

@amirbey
Copy link
Contributor

@amirbey amirbey commented Jan 9, 2024
edited
Loading

User-Facing Improvements

  • Doc Auth: Upgrade Acuant SDK to 11.9.2 (#9844)

Bug Fixes

  • Logout: Consistently handle logout request for logged out user if session terminated by sign-in with another browser (#9842)

Internal

  • Analytics: Add new device property to Multi-Factor Authentication event (#9784)
  • Biometrics: 406 if asked for biometrics in production (#9837)
  • Build Tools: Support optional out-dir for build-sass package (#9866)
  • CI: Populate the tmp/pids directory for puma (Create tmp/pids directory for puma #9878) (#9878)
  • Code Quality: Add stricter linting for DOM testing (#9870)
  • Configuration: Add Puma configuration (#9848)
  • Dependencies: Update dependencies to resolve security advisories (#9880)
  • Dependencies: Configure Dependabot to create automatic pull requests for security advisories (#9877, #9879)
  • Documentation: Ensure all JavaScript workspace packages have documentation (#9853)
  • IdV: Save selfie status to user profile (#9858)
  • In-Person Proofing: Remove double address verfication from jobs (#9854)
  • Performance: Reduce size of application stylesheet (#9868)
  • Scripts: Fix bin/oncall/otp-deliveries script (#9872)

Upcoming Features

  • Identity Verification with Liveness Check (behind feature flag): Confirm that liveness check was performed before redirecting to Service Provider (#9846)

aduth and others added 21 commits January 4, 2024 13:16
@aduth
Add README files for all JavaScript packages (#9853)
2b5c62d 
changelog: Internal, Documentation, Ensure all JavaScript workspace packages have documentation
@jmax-gsa
LG-11962 return 406 if biometric selected in production (#9837)
427ba61 
changelog: Internal,Biometrics,406 if asked for biometrics in production

Added a before action in `authorization_controller` to do the 406, and added a method to `FeatureManagement` that contains the actual logic.

Co-authored by: Matt Hinz <matt.hinz@gsa.gov>
Co-authored by: Sonia Connolly <sonia.connolly@gsa.gov>
@aduth @zachmargolis
LG-11777: Handle logout request as already logged out if concurrent s…
b733821 
…ession exists (#9842)

* Avoid logging rate limit event for safelist exception

* Support custom redirect URL by Devise failure type

* LG-11777: Handle logout request as already logged out if concurrent session exists

changelog: Bug Fixes, Logout, Consistently handle logout request for logged out user if session terminated by sign-in with another browser

* Add controller specs for assigned devise_session_limited_failure_redirect_url

* Drop optional curly braces for hash merge

Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>

* Use UriService#add_params for URL builder

Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>

---------

Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
Add Puma configuration (#9848)
cb71bcb 
* Add Puma configuration

changelog: Internal, Configuration, Add Puma configuration

* update puma
@soniaconnolly @theabrad @solipet
LG-11695 enforce selfie capture performed (#9846)
ad9fad8 
* Rename :verify_confirmed before action to confirm_identity_verified

* Add User#identity_verified_with_selfie? and Profile.idv_level value :unsupervised_with_selfie

* Add check for selfie to completions_controller

This will only take effect if doc_auth_selfie_capture_enabled feature flag is on

changelog: Upcoming Features, Identity Verification with Liveness Check (behind feature flag), Confirm that liveness check was performed before redirecting to Service Provider

* Add check for selfie needed in openid_connect/authorization_controller

---------

Co-authored-by: Alex Bradley <alexander.bradley@gsa.gov>
Co-authored-by: Doug Price <douglas.price@gsa.gov>
@dawei-nava
LG-11916: Acuant SDK 11.9.2. (#9844)
c459137 
changelog:  User-facing Improvement, Doc Auth, Upgrade Acuant SDK to 11.9.2
@kevinsmaster5
LG 11763 Include new device in MFA analytics (#9784)
c6bb216 
* changelog: Internal, Analytics, add new device property to Multi-Factor Authentication event

* update test coverage to account for new device analytics property

* remove unneeded changes

* change device tracking sign in to account for 2FA submit

* change disavawal second sign in to account for 2FA submit

* add test for device cookie service

* add new_device event to mfa properties hash

* fix lint

* remove DeviceCookie service. put as function in User controller. update dependencies

* add #new_device to user spec

* leverage user session to store new device, fix some style inconsistencies

* update tests to include session value for new device

* fix lint

* revert changes to spec features

* fix spec label

* rename keyword for new_device function

* update spec to account for nil device and also false

* fix lint

* add new device false tests

* remove unneeded user_session override

* debug otp spec
@jmax-gsa
Update form_component gem to 3.9 (#9864)
37677c2 
* Updated the form_component gem.
[skip changelog]
@soniaconnolly @jmax-gsa
Spec fix: Expect 406 when selfie flag is off because of production bl…
6007bca 
…ock (#9862)

* When :doc_auth_selfie_capture_enabled is off, we now render the not_acceptable page. Spec now expects that in oidc_connect/authorization_controller_spec.

[skip changelog]

---------

Co-authored-by: John Maxwell <john.maxwell@gsa.gov>
@theabrad @soniaconnolly
LG-11698 Write that selfie check was performed in user's profile (#9858)
b33dc15 
* write unsupervised_with_selfie to idv_level

changelog: Internal, IdV, save selfie status to user profile

Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>

* add selfie_check_performed to load_result in tests

* used FeatureManagement.idv_block_biometrics_requests?

---------

Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>
@aduth
Remove unused USWDS utility classes (#9868)
9a3703e 
changelog: Internal, Performance, Reduce size of application stylesheet
@aduth
build-sass: Support optional out-dir option (#9866)
143d573 
changelog: Internal, Build Tools, Support optional out-dir for build-sass package
@amirbey
Convert status-message component from JS to TS (#9865)
2b286f9 
* convert status-message from js to ts

* Co-authored-by: Brittany Greaner <brittany.greaner@gsa.gov>

[skip changelog]

* make status required

Co-authored-by: Brittany Greaner <brittany.greaner@gsa.gov>

* change status message status to an enum

* happy linting

* use StatusMessageProps for StatusMessage types

---------

Co-authored-by: Brittany Greaner <brittany.greaner@gsa.gov>
@zachmargolis
Fix missing require for OTP deliveries script (#9872)
cf851c8 
changelog: Internal, Scripts, Fix bin/oncall/otp-deliveries script
@aduth
Use testing-library ESLint plugin (#9870)
bafa646 
changelog: Internal, Code Quality, Add stricter linting for DOM testing
@jack-ryan-nava-pbc
Remove Double Address Verification from jobs - Deploy First (#9854)
e138a49 
* Removing extraneous comma

* Linting

* changelog: Internal, In-Person Proofing, remove double address verfication from jobs

* Add default value to dav input arg

* Since default val of nil is set for dav in resolution proofing job don't add dav in agent job call.
@soniaconnolly
analytics_spec: remove unneeded allow_browser_log from two specs (#9874)
2cf87fe 
[skip changelog]
@aduth
Configure default Dependabot security updates (#9877)
f1c4dc1 
changelog: Internal, Dependencies, Configure Dependabot to create automatic pull requests for security advisories
@aduth
Revert "Try configuring Dependabot for security updates" (#9879)
89593de 
* Revert "Try configuring Dependabot for security updates"

* Add changelog

changelog: Internal, Dependencies, Configure Dependabot to create automatic pull requests for security advisories
@stephencshelton
changelog: Internal, CI, Populate the tmp/pids directory for puma (#9878
221fc61 
)
@aduth
Update Puma to 6.4.2 (#9880)
dd963f1 
changelog: Internal, Dependencies, Update dependencies to resolve security advisories
@amirbey amirbey self-assigned this Jan 9, 2024
@amirbey amirbey marked this pull request as ready for review January 9, 2024 17:50
@amirbey amirbey requested a review from matthinz January 9, 2024 17:51
@amirbey amirbey merged commit c454a2b into stages/prod Jan 9, 2024
@amirbey amirbey deleted the stages/rc-2024-01-09 branch January 9, 2024 18:07
amirbey added a commit that referenced this pull request Jan 9, 2024
@amirbey
Revert "Merge pull request #9885 from 18F/stages/rc-2024-01-09"
70a8924 
This reverts commit c454a2b, reversing
changes made to f894694.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmdembe jmdembe jmdembe approved these changes

@aduth aduth Awaiting requested review from aduth

@zachmargolis zachmargolis Awaiting requested review from zachmargolis

@jmhooper jmhooper Awaiting requested review from jmhooper

@mitchellhenke mitchellhenke Awaiting requested review from mitchellhenke

@matthinz matthinz Awaiting requested review from matthinz

Assignees

@amirbey amirbey

Labels

status - promotion

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.