Deploy RC 194 to Prod #6464
Merged
Deploy RC 194 to Prod #6464
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
changelog: Improvements, Analytics, Updated analytics events Co-authored-by: Manish Shah <[email protected]>
* Add AddressVerificationMethodContext for GPO content (IdV app) **Why**: For parity with the existing experience, users should expect to see content specific for the GPO verification method (e.g. status alerts, "Come back later" page after completion, pending step indicator status). Also, this addresses an issue where previously, the absence of a phone value was used in determining method, but this isn't accurate, since phone may be assigned if the user already have a verified phone number. changelog: Upcoming Features, Identity Verification, Add content for GPO verification to password confirm step * List used translation keys inside component implementation Webpack may be stripping comments for the topmost scope (tree shaking?), irrespective of optimization settings. * Document, test AddressVerificationMethodContextProvider * Add spec for step indicator component GPO progress * Add spec for GPO VerifyController#show app data completion URL * Update address verification method context to object See: #6429 (comment) * Fix completion URL for various GPO/active profile scenarios 1. GPO path should always direct to the "Come back later" screen. This was done in previous PersonalKeyController using "pending profile" logic. However, at the time that this controller method is called, the profile will never be activated. Instead, check GPO as the first condition path. 2. Similarly, "after sign in path" also considers whether the profile is pending, which will always be true at the time the controller is called, even if the user didn't go through the GPO flow. Instead, choose the specific account path fallback for no-GPO, no-SP IdV * Remove unused pending profile method
* Evaluate render condition in context of instance So that the proc can reference instance methods * Add step association to IdV API endpoints **Why**: - Since we'll have future in-progress endpoints, the enabling of a single step should not make all endpoints available - Since BaseController is not practically reusable outside of identity verification, update module grouping to identity as specific to identity verification changelog: Upcoming Features, Identity Verification, Isolate step feature flags for submission handling * Use constant for BaseController required step See: #6435 (comment) * Use class property for required step * Define required_step using class_attribute See: - #6435 (comment) - #6435 (comment)
* Changelog: Future Feature, Identity authentication, create more descriptive url for MFA selection page * changelog: Improvements, change MFA setup url to be more descriptive, LG-6043 * LG-6043: change url to authentication method setup * fix cancellation spec * update routes * fix test
* Generate completion URL on password confirm submission (IdV app) **Why**: As we continue to absorb more steps into the IdV application flow, it will not be possible to determine where the user should be redirected, since it can depend on actions the user takes during the flow itself (e.g. opting to verify address by mail). Therefore, we should wait to determine completion URL until those factors have been accounted for. changelog: Upcoming Features, Identity Verification, Add password confirmation step * Remove outdated code concerning completion URL Per intent of changeset, completion URL is no longer handled in VerifyController
…ed profile (#6439) * Fix missing reactivation prompt for password reset with prior cancelled profile **Why**: So that a user who resets their password with an active profile always has the chance to reactivate the profile. changelog: Bug Fix, Password Reset, Allow user to reactivate profile after password reset if they had cancelled a previous proofing attempt * Add timestamps for password reset profile factory To match how it works in the real-world, and to avoid being skipped for updated logic in UserDecorator#password_reset_profile * Use profile factory traits consistently Consistency, convenience, assurance that behavior of a "password reset" profile is accurate (with timestamps)
changelog: Internal, Database, Drop deprecated user columns
* Fix paste for personal key confirmation (IdV app) **Why**: Because the primary user interaction we expect here is for the user to paste the personal key after clicking the "Copy" button on the personal key display page. changelog: Upcoming Features, Identity Verification, Add personal key step screen * Create separate variable for modifier Improve clarity See: #6443 (comment)
**Why**: It was originally implemented with the expectation that we might ship the personal key step independently, but with stabilization of the password re-entry step, it's most likely we'd ship them together now. changelog: Upcoming Features, Identity Verification, Add password confirmation step
**Why**: Since the concern of these assertions is common, and to reduce the runtime of the specs, since each test case will spin up a fresh browser tab and complete all the pre-steps required to get to these screens. changelog: Internal, Automated Testing, Improve performance of automated tests
**Why**: Assertions which rely on precise timing are likely to fail due to slow processing. Instead, freeze time to avoid bounding timeframes. changelog: Internal, Automated Testing, Improve test reliability for timing precision
* Use IdV mock PII data consistently **Why**: - We have automated tests which attempt to detect PII leaks in event logging, and it's only effective if we use the same PII consistently - Convenient single source of truth for applicant data at various stages of the proofing process changelog: Internal, Automated Testing, Harden automated PII leak detection testing * Update requested attributes phone number to formatted
* Scroll alert into view on password confirm error (IdV app) **Why**: So that the user isn't left confused about why the page hasn't changed when submitting the password confirmation step with an incorrect password. This was discovered in a recent bug bash, and regresses the current production behavior, where the server-side form submission would reset the scroll position of the page. changelog: Upcoming Features, Identity Verification, Add password confirmation step * Ensure scrollIntoView on each error submission
* add failing spec * fix logging of non-platform webauthn auths changelog: Bug Fixes, Logging, Fix logging of roaming webauthn authentications
* Try skipping screens in IdV feature spec helpers **Why**: Improve performance by skipping most of the proofing process, since these helpers exist to satisfy the necessary requirements to get to the point in the process where the spec is concerned with. It should not be the expectation that the helpers themselves are verifying that the experience is functional, since that is the responsibility of the individual feature spec dedicated to each step of the process. changelog: Internal, Automated Testing, Improve performance of automated integration tests * More complete stubbing for phone-based IdV session * Try stubbing GPO as well * Improve accuracy of GPO stubbing See: https://github.com/18F/identity-idp/blob/d9ae660f5208570e12d1c81997b499015496fbfe/app/controllers/idv/gpo_controller.rb#L100 * Create stub_idv_session helper See: #6447 (comment)
* add failing spec * Only show reset personal key if user has an active profile changelog: Bug Fixes, Account Management, Only show reset personal key if user has an active profile Co-authored-by: Andrew Duthie <[email protected]> Co-authored-by: Andrew Duthie <[email protected]>
* Consolidate IdV cancellation feature specs **Why**: To improve performance of feature specs, run 3 specs for IdV cancellation instead of 24. * Add changelog changelog: Internal, Automated Testing, Improve performance of automated integration tests
changelog: Internal, Rate Limiting, Remove deprecated reading and writing of Postgres-based rate limiting
**Why**: - The described behavior is already covered in `spec/features/idv/cancel_spec.rb`. - Improve test performance changelog: Internal, Automated Testing, Improve performance of automated integration tests
[skip changelog]
A bug report highlighted an inconsistency in our reports, digging in, I found that we create both "billable: true" and "billable: false" rows in sp_return_logs so the reports that added up sp_return_logs for billing were counting some extra. changelog: Internal, Reporting, Only track billable events in billing reports
* add all states except AK, OK, WV, NH * move state values to config as json * fix lint errors * Add changelog changelog: Improvements, AAMVA, LG-6506 Support for additional AAMVA DLDV States * get rid of constant * lint again * Update app/services/idv/steps/verify_base_step.rb Co-authored-by: Andrew Duthie <[email protected]> * replace additional constants to fix ruby tests * lint again * Update spec/features/idv/doc_auth/verify_step_spec.rb Co-authored-by: Andrew Duthie <[email protected]> * Update spec/features/idv/doc_auth/verify_step_spec.rb Co-authored-by: Andrew Duthie <[email protected]> * Update spec/features/idv/doc_auth/verify_step_spec.rb Co-authored-by: Andrew Duthie <[email protected]> * extra parenthesis deleted Co-authored-by: Andrew Duthie <[email protected]>
* Route users to the idv phone flow Removes the remainder of the IPP flow since the user will now continue on the idv flow * Don't return redirect url. Fix spec. * Remove reptitive comments * Update IPP feature test * Bump gitlab * Use consistent applicant mock data * Don't bother returning nil * Update comment * Add changelog changelog: Upcoming Features, In-Person Proofing, Add address verification flow flow using existing idv pages * Fix failing lint errors * Re-add missing translations * Add comment to pass i18n-unused * Use correct heading keys in flow spec
…t resend user to after mfa path (#6462) * changelog: Upcoming Features, Authentication, update to not cancel but resend user to path LG-6542 * remove params * add test for cancel functionality
* Include more context when logging telephony sent events changelog: Internal, Logging, Include more context when logging telephony sent events * Update app/controllers/users/two_factor_authentication_controller.rb Co-authored-by: Zach Margolis <[email protected]> * Update app/services/analytics_events.rb Co-authored-by: Zach Margolis <[email protected]> * fix handling of resend parameter * describe phone fingerprint Co-authored-by: Zach Margolis <[email protected]> Co-authored-by: Zach Margolis <[email protected]>
Bumps [identity-style-guide](https://github.com/18F/identity-style-guide) from 6.4.2 to 6.5.0. - [Release notes](https://github.com/18F/identity-style-guide/releases) - [Changelog](https://github.com/18F/identity-style-guide/blob/main/CHANGELOG.md) - [Commits](18F/identity-design-system@v6.4.2...v6.5.0) --- updated-dependencies: - dependency-name: identity-style-guide dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Revert AAMVA supported states **Why**: There was a misunderstanding about support coverage, which is in-fact unchanged. This keeps the config-based implementation introduced in #6444, while reverting the list of states to its original values. * Add changelog [skip changelog] * Add Hawaii to supported AAMVA states
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Improvements
Bug Fixes
Internal
Upcoming Features