Releases: 18F/identity-idp
Releases · 18F/identity-idp
RC 402
User-Facing Improvements
- Backup Codes: Deemphasize backup codes (#10970)
- In-person Proofing: Display newer survey in English-language completion emails (#10994)
- In-person proofing: Barcode page updates to add alert and remove a line (#11005)
Internal
- Automated Testing: Assert logged events using have_logged_event (#11001, #11010)
- Biometric Comparison: Clean up old, unused methods (#11007)
- Continuous Integration: Use ECR for Redis and Postgres images (#11009)
- Doc Auth: Remove code from outdated Acuant versions (#11006)
- In-person proofing: Standardize logging for opted in ipp true/false values (#10983)
- Maintenance: Update Ruby dependencies (#10999)
Upcoming Features
- Aggregated Sign-in Emails: Avoid new device email for reauthentication from new account (#10978)
RC 401
User-Facing Improvements
- Doc Auth: Failed doc auth offers IPP offramp (#10903)
Bug Fixes
- Accessibility: Use aria-hidden for decorative SVG images (#10986)
Internal
- Automated Testing: Improve performance of PIV IdV sign-in spec (#10967)
- Automated Testing: Fix flakey IAA Agreements spec (#10989)
- CI: Change DNS zone for review apps to reviewapps (#10961)
- Code Quality: Sort keys in application.yml.default (#10981)
- Components: Use ActiveModel validations for components (#10971)
- In-person proofing: Set the sponsor_id field on (#10984)
- In-person proofing: Add enhanced_ipp property to (#10962)
- Maintenance: Remove unused methods (#11000)
- Source code: Add and fix predicate naming lint (#10990)
Upcoming Features
- Authentication: Recaptcha Sign in (#10944)
- Authentication: Let users who's passwords are compromised to change their password (#10861)
- Enhanced In-Person Proofing: Content Updates For Ready to Verify View and Email for EIPP (#10974)
- IdV with Biometric Comparison: Adding acr_values (#10993)
- In-person proofing: Backfill sponsor id again (#10988)
RC 400
Bug Fixes
- Help Links: Fixed a broken link on the document capture page (#10968)
- PIV Enrollment: Fix reprompt when reauthenticating to add PIV after sign-in (#10918)
Internal
- Analytics: Log new_device with email and password authentication event (#10965)
- IdV: Add doc_auth_result to in_person enrollments table (#10950)
- Performance: Avoid unnecessary seconds conversion before to_i (#10979)
- Reporting: Ensure parameter correctness (#10973)
- doc-capture: Refactored step code in doc capture (#10933)
Upcoming Features
- Enhanced In-person proofing: Bypass secondary id check for EIPP (#10934)
RC 399
Bug Fixes
- In-person Proofing: Remove the term online from failure CTA body (#10936)
Internal
- Analytics: Log new_device for piv_cac_login event (#10960)
- Bug Fixes: Translate Post Office search results (#10940)
- Code Quality: Apply YAML normalizations to application.yml.default (#10972)
- Reporting: Improve
CloudwatchClient
argument errors (#10937) - Reporting: Publish Weekly State of Protocols Email (#10923)
- Translations: Made doc auth error messages all live in the same section of the strings files (#10956)
RC 398.1
RC 398
Bug Fixes
- Code Revert: Revert changes introduced in 88a2a1c (#10954)
- OpenID Connect: Fix language selection on OpenID Connect logout page (#10941)
Internal
- Analytics: Log new_device with email and password authentication event (#10957)
- Automated Testing: Use improved PKI service test stub consistently (#10942)
- Automated Testing: Align PIV/CAC setup-after-sign-in specs to user behavior (#10939)
- Automated Testing: Add spec to ensure mailers don't include SVG (#10949)
- Dependencies: Update dependencies to resolve security advisories (#10953)
- Localization: Normalize newlines in locale data (#10955)
- Performance: Split utilities stylesheet to standalone file (#10946)
RC 397
RC 396
RC 395
Bug Fixes
- Accessibility: Render H1 for inactive service provider error page (#10921)
- biometrics: Fix crash when cancelling image capture (#10906)
Internal
- Analytics: Avoid logging multi_factor_auth_enter_piv_cac for PIV MFA visit (#10916)
- Authentication: Consolidate MFA verification result handling (#10901)
- In-person proofing: Add zipcode to Idv state id submitted (#10915)
- In-person proofing: Add birth year to "Idv: in (#10899)
- Reporting: Ensure the drop-off report and its tests are more robust (#10900)
- Source code: Small cleanup to URI params helper code (#10920)
- Specs: Fix flakey spec (#10919)
Upcoming Features
RC 394
NOTE: This release was rolled back due to errors during deployment
User-Facing Improvements
- Authentication: Recaptcha ignore low confidence score failures (#10868)
- Verify By Mail Flow: The verify by mail flow enforces the 2 pieces of fair evidence requirement which disallows verify by mail when a SP requests an authn context with the requirement. (#10886)
Bug Fixes
- In-Person Proofing: Fix 500 in document capture when going to IPP (#10830)
- OpenID Connect: Fix 500 error when validating userinfo requests (#10888)
Internal
- Analytics: Ensure user ID present in account deletion submitted (#10887)
- Automated Testing: Render negated test cases in account specs (#10885)
- Bug Fixes: Translate Post Office search results (#10882)
- CI: Remove per-branch checks for scheduled job checks (#10891)
- Continuous Integration: Add JavaScript lint to prevent hardcoding URLs (#10894)
- Data Requests: Allow filtering user log report by start and end dates (#10890)
- Identity verification: Calculate proofing_components dynamically (#10870)
- In-Person Proofing: Save Sponsor Id on IPP Enrollments (Internal) and on EIPP Enhanced Enrollments (Upcoming Features) (#10859)
- Source code: Add scheduled checks for external changes (#10834)
- Terms of use: Require re-accepting rules of use every 5 years (#10681)