RC 410.1

Merge pull request #11171 from 18F/stages/rc-2024-08-29-patch-1

Deploy RC 410.1 to production

RC 410

User-Facing Improvements

• Consent Screen: Standardize and simplify content for consent screen (#11147)

Bug Fixes

• In-Person proofing: Update profile.in_person_verification_pending_at timestamp to nil when the enrollment gets cancelled in the get_usps_proofing_results_job (#11149)

Internal

• Alerting: Model DMV maintenance windows in code (#11142)
• Authentication: Add aaguid to webauthn configuration (#11161) (#11161)
• Dependencies: Update dependency to resolve security advisory (#11159)

Upcoming Features

• Authentication: Piv filtering via domains (#10976)
• Partner account: Select email to share with partner (#10951)

RC 409.1

The release includes the changes from RC 409 (ref) with a bug-fix from #11153

RC 409

User-Facing Improvements

• Partner account: Database migration for 10951 (#11131) (#11131)
• Reporting: IdV, Add in-person proofing completion count to the weekly report that lists IdV completion statistics (#11075)

Bug Fixes

• Document Authentication: Fix mock client metadata (#11150)
• In-person proofing: Addresses error that occurs when pii is nil in verify info controller (#11065)

Internal

• Fraud prevention: Include associated user_id in event disavowal (#11140)
• Maintenance: Update rexml gem (#11132)
• Performance: Remove unnecessary use of DOMContentLoaded (#11127)
• Reporting: Update APG Report with Current Month (#11128)
• Reporting: Further stagger the delay of reporting jobs so we don't overwhelm other systems (#11116)
• Source code: Update lint rules (#11144)
• accuant capture: Refactor variable name (#11133)

Upcoming Features

• Doc Auth: Add secret validation for socure webhook (#11118)

RC 408

User-Facing Improvements

• Completions: Use standardized logo image for consent screen (#11120)
• Marketing Site: Update links to marketing site (#11086)

Bug Fixes

• Reporting: Add handling for error seen first day of the month (#11121)

Internal

• A/B testing: Rework A/B testing system (#11026)
• Code Quality: Remove feature flag for baseline email functionality (#11107)
• Continuous Integration: Improve performance of install step in continuous integration images (#11110)
• Dependencies: Update dependency to resolve security advisory (#11123)
• Performance: Optimize loading of Digital Analytics Program script (#11097, #11126)
• Reporting: Reduce threading and increase time slice default values for LG-99 Report (#11115)
• Reporting: Add AAL3 usage to protocols report (#11119)

Upcoming Features

• Identity verification: Implement proofer for Socure KYC (#11093)

RC 407

User-Facing Improvements

• Consent Screen: Arrange email as first item in IdV consent screen (#11113)
• In-person Proofing: Ensure EIPP enrollments are expired (#11085)
• Performance: Use defer for non-critical scripts (#11096)

Internal

• Automated Testing: Enforce YAML normalization for application.yml.default (#11106)
• Automated Testing: Improve reliability of automated tests (#11109)
• Automated Testing: Add 50/50 state integration (#11090)
• CI: Adding labels to kubernetes resources for easier tracing (#11081)
• Code Quality: Refactor backup code verification to follow conventional form pattern (#11089)
• Code Quality: Changed variable name (#11102)
• Code Quality: Change name of class and references (#11098)
• Code Quality: Renamed DocumentsStep to DocumentsAndSelfieStep (#11092)
• Configuration: Do not write config file by default on boot (#11100)
• Dependencies: Update dependencies to latest versions (#11103)
• Documentation: Link consistently to default application configuration (#11111)
• Documentation: Remove reference to frontend interest group team in contributing guide (#11108)
• Documentation: Document analytics methods properties (#11099)
• In-Person Proofing: Fix bug where user gets locked out of account after in_person_enrollment expires (#11105)
• Rate Limiting: Enforce additional user IP rate-limiting on backup code submission (#11094)
• Reporting: Adds some DIVR content to MKMR (#11072)

Upcoming Features

• Adding Socure support: Created a webhook for Socure to invoke during IdV (#11101)
• Doc Auth: Create feature flag for future use (#11114)

RC 406

User-Facing Improvements

• Authentication: Update authentication method links (#11047)

Internal

• Automated Testing: Use faster default driver for feature tests not requiring JavaScript (#11077)
• Configuration: Add redundancy checks to YAML configuration file (#11082)
• Dependencies: Update aws-sns-sdk gem (#11084)
• Documentation: Remove pii_like_keypaths from documented analytics properties (#11078)
• Documentation: Document authentication analytics events properties (#11076)
• Logging: Log unused_identity_config_keys event as JSON (#11080)
• Marketing Site: Add metadata to redirect URLs (#10889)
• Proofing Metrics: Optimized proofing query (#11083)
• Reporting: Stagger Cloudwatch-heavy report jobs so they don't hit rate limits (#11030)

RC 405

User-Facing Improvements

• Enhanced In-person proofing: Added EIPP Expiration Date for Enrollments (#11068)

Bug Fixes

• Accessibility: Remove confusing and duplicate external link announcement (#11048)
• Accessibility: Improve content for email language preference hint (#11066)
• Accounts: Refactor presenter pending_ conditionals to account for cases of password-reset (#11054)
• SAML implementation: Fix validation namespace issues (#11064) (#11064)

Internal

• Analytics: Avoid sending nil values for analytics events (#10987)
• Analytics: Add internal documentation for analytics methods (#10966)
• Analytics: Use redirect logging controller for Privacy Act links (#11062)
• Automated Testing: Fix spec expectation of issue_year logging (#11058)
• Code Quality: Improve readability of automated test analytics assertions (#11012)
• Code Quality: Remove lingering code related to IRS reproofing (#11055)
• Continuous Integration: Improve Image Build Caching (#11063)
• Error Handling: Avoid duplicating ActiveJob's retry machinery (#11061)
• In-person Proofing: Ensure the USPS schedule (#11034)
• Maintenance: Update to Ruby 3.3.4 (#10998)
• Source code: Update dependencies (#11067)
• Suspension Metrics: Add suspension and reinstatement metrics to lg99 report (#11069)
• Tooling: Update uuid-convert script to handle deleted users (#11071)

RC 404

User-Facing Improvements

• Authentication: Auth setup 2nd mfa lists all options regardless of SP (#11029)
• IdV: Remove inaccurate text about being able to verify phone numbers from US territories (#11036)
• In-person Proofing: Fix usps proofer bug (#11042)
• Mailers: Update alerts in mailers to align to match design system (#11039)
• Accessibility: Add h1 header to account reset pending screen (#11040)

Bug Fixes

• WebAuthn: Fix WebAuthn hints to pass on public key credential options (#11050)

Internal

• Analytics: Add support for Privacy Act brochure site redirect logging (#11031)
• Code Quality: Align MfaPolicy spec filename to described class (#11046)
• Code Quality: Remove asset tag helper patch assigning empty image alt (#11044)
• IdV logging: Added issue_year of ID (#11024)
• SAML implementation: Adding tests to ensure understanding around responses (#11035)
• Testing: Add test coverage for expected reCAPTCHA sign-in logging (#11037)

RC 403

User-Facing Improvements

• 508 compliance: Updated Acuant SDK for better selfie capture experience with screen readers. (#11011)
• Account Deletion: User Mailer changed to be clearer (#11033)
• Document Authentication: Vaidate state ID expiration date (#10995)
• PIV/CAC: Standardize PIV/CAC language (#10969)

Bug Fixes

• Page Layout: Fix spacing on PIV/CAC login screen (#11032)

Internal

• Analytics: Limit analytics CSP revisions to necessary entries (#11021)
• Automated Testing: Remove OIDC form-action CSP assertions from account creation specs (#11025)
• CI: Update formatting for messages to Slack (#11022)
• Dependencies: Update dependency to resolve security advisory (#11020)
• In-person proofing: Make sponser_id on in_person_enrollments non-nullable (#11015) (#11015)
• In-person proofing: Remove deprecated address routes (#11016)
• Maintenance: Update knapsack report (#10997)
• Rate Limiting: Enforce additional user IP rate-limiting on sign-in (#10982)
• SAML: Updates to saml_idp version that reduces complexity (#11017)
• kubernetes support: Update RDS CA bundle to support new encryption policy (#11023)

Upcoming Features

• Enhanced In-person Proofing: Update Ready to Verify View and Email template to include Tag and Real ID Content (#10996)
• IdV with Biometric Comparison: Supporting biometric acr in SAML (#11013)