Skip to content

Releases: 18F/identity-idp

RC 402

01 Aug 17:21
eaf9aed
Compare
Choose a tag to compare

User-Facing Improvements

  • Backup Codes: Deemphasize backup codes (#10970)
  • In-person Proofing: Display newer survey in English-language completion emails (#10994)
  • In-person proofing: Barcode page updates to add alert and remove a line (#11005)

Internal

  • Automated Testing: Assert logged events using have_logged_event (#11001, #11010)
  • Biometric Comparison: Clean up old, unused methods (#11007)
  • Continuous Integration: Use ECR for Redis and Postgres images (#11009)
  • Doc Auth: Remove code from outdated Acuant versions (#11006)
  • In-person proofing: Standardize logging for opted in ipp true/false values (#10983)
  • Maintenance: Update Ruby dependencies (#10999)

Upcoming Features

  • Aggregated Sign-in Emails: Avoid new device email for reauthentication from new account (#10978)

RC 401

30 Jul 16:24
9190a01
Compare
Choose a tag to compare

User-Facing Improvements

  • Doc Auth: Failed doc auth offers IPP offramp (#10903)

Bug Fixes

  • Accessibility: Use aria-hidden for decorative SVG images (#10986)

Internal

  • Automated Testing: Improve performance of PIV IdV sign-in spec (#10967)
  • Automated Testing: Fix flakey IAA Agreements spec (#10989)
  • CI: Change DNS zone for review apps to reviewapps (#10961)
  • Code Quality: Sort keys in application.yml.default (#10981)
  • Components: Use ActiveModel validations for components (#10971)
  • In-person proofing: Set the sponsor_id field on (#10984)
  • In-person proofing: Add enhanced_ipp property to (#10962)
  • Maintenance: Remove unused methods (#11000)
  • Source code: Add and fix predicate naming lint (#10990)

Upcoming Features

  • Authentication: Recaptcha Sign in (#10944)
  • Authentication: Let users who's passwords are compromised to change their password (#10861)
  • Enhanced In-Person Proofing: Content Updates For Ready to Verify View and Email for EIPP (#10974)
  • IdV with Biometric Comparison: Adding acr_values (#10993)
  • In-person proofing: Backfill sponsor id again (#10988)

RC 400

25 Jul 17:30
aaf491f
Compare
Choose a tag to compare

Bug Fixes

  • Help Links: Fixed a broken link on the document capture page (#10968)
  • PIV Enrollment: Fix reprompt when reauthenticating to add PIV after sign-in (#10918)

Internal

  • Analytics: Log new_device with email and password authentication event (#10965)
  • IdV: Add doc_auth_result to in_person enrollments table (#10950)
  • Performance: Avoid unnecessary seconds conversion before to_i (#10979)
  • Reporting: Ensure parameter correctness (#10973)
  • doc-capture: Refactored step code in doc capture (#10933)

Upcoming Features

  • Enhanced In-person proofing: Bypass secondary id check for EIPP (#10934)

RC 399

23 Jul 17:36
2024-07-23T173547
ca5fa2c
Compare
Choose a tag to compare

Bug Fixes

  • In-person Proofing: Remove the term online from failure CTA body (#10936)

Internal

  • Analytics: Log new_device for piv_cac_login event (#10960)
  • Bug Fixes: Translate Post Office search results (#10940)
  • Code Quality: Apply YAML normalizations to application.yml.default (#10972)
  • Reporting: Improve CloudwatchClient argument errors (#10937)
  • Reporting: Publish Weekly State of Protocols Email (#10923)
  • Translations: Made doc auth error messages all live in the same section of the strings files (#10956)

RC 398.1

18 Jul 18:28
2024-07-18T182708
3cbb3d8
Compare
Choose a tag to compare

Bug Fixes

RC 398

18 Jul 18:27
2024-07-18T173149
5301482
Compare
Choose a tag to compare

Bug Fixes

  • Code Revert: Revert changes introduced in 88a2a1c (#10954)
  • OpenID Connect: Fix language selection on OpenID Connect logout page (#10941)

Internal

  • Analytics: Log new_device with email and password authentication event (#10957)
  • Automated Testing: Use improved PKI service test stub consistently (#10942)
  • Automated Testing: Align PIV/CAC setup-after-sign-in specs to user behavior (#10939)
  • Automated Testing: Add spec to ensure mailers don't include SVG (#10949)
  • Dependencies: Update dependencies to resolve security advisories (#10953)
  • Localization: Normalize newlines in locale data (#10955)
  • Performance: Split utilities stylesheet to standalone file (#10946)

RC 397

17 Jul 18:45
2024-07-17T184006
628fd6b
Compare
Choose a tag to compare

User-Facing Improvements

  • PIV/CAC authentication: Remove PIV assumption (#10926)

Bug Fixes

  • In-person Proofing: Remove usps invalid states from selects (#10843) (#10843)

Internal

  • Analytics: Log email language for new account creation (#10935)
  • In-person proofing: Add enhanced_ipp property to (#10931)
  • analytics: Add on to multi_factor_auth_option_list (#10902)

Upcoming Features

  • Enhanced In-Person Proofing: By-pass Primary ID check in USPS proofing results job if Enhanced In-Person Proofing (#10917)
  • In-Person Proofing: Support more formats for translation of Post Office hours (#10925)
  • In-person proofing: Reminder email for eipp (#10928)

RC 396

11 Jul 20:54
c7af67c
Compare
Choose a tag to compare

User-Facing Improvements

  • identity verification: Verified & Pending States for Identity Verification (#10847)

Internal

  • ActionAccount: Clear message when trying to reinstate an already reinstated account (#10927)

RC 395

09 Jul 20:12
988c6d4
Compare
Choose a tag to compare

Bug Fixes

  • Accessibility: Render H1 for inactive service provider error page (#10921)
  • biometrics: Fix crash when cancelling image capture (#10906)

Internal

  • Analytics: Avoid logging multi_factor_auth_enter_piv_cac for PIV MFA visit (#10916)
  • Authentication: Consolidate MFA verification result handling (#10901)
  • In-person proofing: Add zipcode to Idv state id submitted (#10915)
  • In-person proofing: Add birth year to "Idv: in (#10899)
  • Reporting: Ensure the drop-off report and its tests are more robust (#10900)
  • Source code: Small cleanup to URI params helper code (#10920)
  • Specs: Fix flakey spec (#10919)

Upcoming Features

  • Biometrics: Add feature flags to support biometric IAL requests (#10908)
  • Identity verification: Disable verify by mail for in person proofing (#10892)

RC 394

03 Jul 16:30
f0d792e
Compare
Choose a tag to compare

NOTE: This release was rolled back due to errors during deployment

User-Facing Improvements

  • Authentication: Recaptcha ignore low confidence score failures (#10868)
  • Verify By Mail Flow: The verify by mail flow enforces the 2 pieces of fair evidence requirement which disallows verify by mail when a SP requests an authn context with the requirement. (#10886)

Bug Fixes

  • In-Person Proofing: Fix 500 in document capture when going to IPP (#10830)
  • OpenID Connect: Fix 500 error when validating userinfo requests (#10888)

Internal

  • Analytics: Ensure user ID present in account deletion submitted (#10887)
  • Automated Testing: Render negated test cases in account specs (#10885)
  • Bug Fixes: Translate Post Office search results (#10882)
  • CI: Remove per-branch checks for scheduled job checks (#10891)
  • Continuous Integration: Add JavaScript lint to prevent hardcoding URLs (#10894)
  • Data Requests: Allow filtering user log report by start and end dates (#10890)
  • Identity verification: Calculate proofing_components dynamically (#10870)
  • In-Person Proofing: Save Sponsor Id on IPP Enrollments (Internal) and on EIPP Enhanced Enrollments (Upcoming Features) (#10859)
  • Source code: Add scheduled checks for external changes (#10834)
  • Terms of use: Require re-accepting rules of use every 5 years (#10681)