Releases: 18F/identity-idp
Releases · 18F/identity-idp
RC 405
2024-08-13T214816
This tag was signed with the committer’s verified signature.
mitchellhenke
Mitchell Henke
User-Facing Improvements
- Enhanced In-person proofing: Added EIPP Expiration Date for Enrollments (#11068)
Bug Fixes
- Accessibility: Remove confusing and duplicate external link announcement (#11048)
- Accessibility: Improve content for email language preference hint (#11066)
- Accounts: Refactor presenter pending_ conditionals to account for cases of password-reset (#11054)
- SAML implementation: Fix validation namespace issues (#11064) (#11064)
Internal
- Analytics: Avoid sending nil values for analytics events (#10987)
- Analytics: Add internal documentation for analytics methods (#10966)
- Analytics: Use redirect logging controller for Privacy Act links (#11062)
- Automated Testing: Fix spec expectation of issue_year logging (#11058)
- Code Quality: Improve readability of automated test analytics assertions (#11012)
- Code Quality: Remove lingering code related to IRS reproofing (#11055)
- Continuous Integration: Improve Image Build Caching (#11063)
- Error Handling: Avoid duplicating ActiveJob's retry machinery (#11061)
- In-person Proofing: Ensure the USPS schedule (#11034)
- Maintenance: Update to Ruby 3.3.4 (#10998)
- Source code: Update dependencies (#11067)
- Suspension Metrics: Add suspension and reinstatement metrics to lg99 report (#11069)
- Tooling: Update uuid-convert script to handle deleted users (#11071)
RC 404
2024-08-13T185037
This tag was signed with the committer’s verified signature.
mitchellhenke
Mitchell Henke
User-Facing Improvements
- Authentication: Auth setup 2nd mfa lists all options regardless of SP (#11029)
- IdV: Remove inaccurate text about being able to verify phone numbers from US territories (#11036)
- In-person Proofing: Fix usps proofer bug (#11042)
- Mailers: Update alerts in mailers to align to match design system (#11039)
- Accessibility: Add
h1header to account reset pending screen (#11040)
Bug Fixes
- WebAuthn: Fix WebAuthn hints to pass on public key credential options (#11050)
Internal
- Analytics: Add support for Privacy Act brochure site redirect logging (#11031)
- Code Quality: Align MfaPolicy spec filename to described class (#11046)
- Code Quality: Remove asset tag helper patch assigning empty image alt (#11044)
- IdV logging: Added issue_year of ID (#11024)
- SAML implementation: Adding tests to ensure understanding around responses (#11035)
- Testing: Add test coverage for expected reCAPTCHA sign-in logging (#11037)
RC 403
User-Facing Improvements
- 508 compliance: Updated Acuant SDK for better selfie capture experience with screen readers. (#11011)
- Account Deletion: User Mailer changed to be clearer (#11033)
- Document Authentication: Vaidate state ID expiration date (#10995)
- PIV/CAC: Standardize PIV/CAC language (#10969)
Bug Fixes
- Page Layout: Fix spacing on PIV/CAC login screen (#11032)
Internal
- Analytics: Limit analytics CSP revisions to necessary entries (#11021)
- Automated Testing: Remove OIDC form-action CSP assertions from account creation specs (#11025)
- CI: Update formatting for messages to Slack (#11022)
- Dependencies: Update dependency to resolve security advisory (#11020)
- In-person proofing: Make sponser_id on in_person_enrollments non-nullable (#11015) (#11015)
- In-person proofing: Remove deprecated address routes (#11016)
- Maintenance: Update knapsack report (#10997)
- Rate Limiting: Enforce additional user IP rate-limiting on sign-in (#10982)
- SAML: Updates to saml_idp version that reduces complexity (#11017)
- kubernetes support: Update RDS CA bundle to support new encryption policy (#11023)
Upcoming Features
RC 402
User-Facing Improvements
- Backup Codes: Deemphasize backup codes (#10970)
- In-person Proofing: Display newer survey in English-language completion emails (#10994)
- In-person proofing: Barcode page updates to add alert and remove a line (#11005)
Internal
- Automated Testing: Assert logged events using have_logged_event (#11001, #11010)
- Biometric Comparison: Clean up old, unused methods (#11007)
- Continuous Integration: Use ECR for Redis and Postgres images (#11009)
- Doc Auth: Remove code from outdated Acuant versions (#11006)
- In-person proofing: Standardize logging for opted in ipp true/false values (#10983)
- Maintenance: Update Ruby dependencies (#10999)
Upcoming Features
- Aggregated Sign-in Emails: Avoid new device email for reauthentication from new account (#10978)
RC 401
User-Facing Improvements
- Doc Auth: Failed doc auth offers IPP offramp (#10903)
Bug Fixes
- Accessibility: Use aria-hidden for decorative SVG images (#10986)
Internal
- Automated Testing: Improve performance of PIV IdV sign-in spec (#10967)
- Automated Testing: Fix flakey IAA Agreements spec (#10989)
- CI: Change DNS zone for review apps to reviewapps (#10961)
- Code Quality: Sort keys in application.yml.default (#10981)
- Components: Use ActiveModel validations for components (#10971)
- In-person proofing: Set the sponsor_id field on (#10984)
- In-person proofing: Add enhanced_ipp property to (#10962)
- Maintenance: Remove unused methods (#11000)
- Source code: Add and fix predicate naming lint (#10990)
Upcoming Features
- Authentication: Recaptcha Sign in (#10944)
- Authentication: Let users who's passwords are compromised to change their password (#10861)
- Enhanced In-Person Proofing: Content Updates For Ready to Verify View and Email for EIPP (#10974)
- IdV with Biometric Comparison: Adding acr_values (#10993)
- In-person proofing: Backfill sponsor id again (#10988)
RC 400
Bug Fixes
- Help Links: Fixed a broken link on the document capture page (#10968)
- PIV Enrollment: Fix reprompt when reauthenticating to add PIV after sign-in (#10918)
Internal
- Analytics: Log new_device with email and password authentication event (#10965)
- IdV: Add doc_auth_result to in_person enrollments table (#10950)
- Performance: Avoid unnecessary seconds conversion before to_i (#10979)
- Reporting: Ensure parameter correctness (#10973)
- doc-capture: Refactored step code in doc capture (#10933)
Upcoming Features
- Enhanced In-person proofing: Bypass secondary id check for EIPP (#10934)
RC 399
2024-07-23T173547
This tag was signed with the committer’s verified signature.
aduth
Andrew Duthie
Bug Fixes
- In-person Proofing: Remove the term online from failure CTA body (#10936)
Internal
- Analytics: Log new_device for piv_cac_login event (#10960)
- Bug Fixes: Translate Post Office search results (#10940)
- Code Quality: Apply YAML normalizations to application.yml.default (#10972)
- Reporting: Improve
CloudwatchClientargument errors (#10937) - Reporting: Publish Weekly State of Protocols Email (#10923)
- Translations: Made doc auth error messages all live in the same section of the strings files (#10956)
RC 398.1
RC 398
2024-07-18T173149
This tag was signed with the committer’s verified signature.
aduth
Andrew Duthie
Bug Fixes
- Code Revert: Revert changes introduced in 88a2a1c (#10954)
- OpenID Connect: Fix language selection on OpenID Connect logout page (#10941)
Internal
- Analytics: Log new_device with email and password authentication event (#10957)
- Automated Testing: Use improved PKI service test stub consistently (#10942)
- Automated Testing: Align PIV/CAC setup-after-sign-in specs to user behavior (#10939)
- Automated Testing: Add spec to ensure mailers don't include SVG (#10949)
- Dependencies: Update dependencies to resolve security advisories (#10953)
- Localization: Normalize newlines in locale data (#10955)
- Performance: Split utilities stylesheet to standalone file (#10946)
RC 397
2024-07-17T184006
This tag was signed with the committer’s verified signature.
amirbey
Amir Reavis-Bey