Deploy RC 379 to Production #10624
Merged
Deploy RC 379 to Production #10624
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…0574) * Improve failure message for unused allowed untranslated keys test changelog: Internal, Tests, Improve test message for unused allowed untranslated keys * Update spec/i18n_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * pretty inspect --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
See https://gitlab.login.gov/lg-people/lg-people-appdev/protocols/common/-/issues/1 **Why**: - We would like to like have some baseline information about the state of our partner API consumption. **How**: - Using a similar pattern to other reports, query our CloudWatch logs to report from the analytics events log. changelog: Internal, Reporting, Create protocols report
See https://gitlab.login.gov/lg-people/lg-people-appdev/protocols/common/-/issues/2 **Why**: - We would like to like know how many service providers are still using the deprecated LOA ACR values. **How**: - Using a similar pattern to other reports, query our CloudWatch logs to report from the analytics events log. changelog: Internal, Reporting, Create LOA ACR requests report
* check ssn so do not route to update view inappropriately * changelog: Bug Fixes, State id, check ssn so view is not changed to update erroneously * change to ssn check and add test * assign values and fire analytics after form is successful
- scripts/yml_to_flat_yml takes a batch of yml files and converts them to txt - I18nFlatYmlBackend implements loading these files for the I18n gem * Migrate fixtures for rails-i18n-webpack-plugin * Remove domain concept from rails-i18n-webpack-plugin * Remove unused helper functions * Rename to "FlatYml" backend, since we can parse as YML * Update normalize-yaml - Disable proseWrap * Split transliteration back out * Bring back separate telephony/*.yml files * Add scripts/fix_yml_merge_conflicts to fix addressing issues with long-lived branch * Add i18n-tasks backend * rails-18n-js plugin looks up nested keys (used for one, other) * Remove unused * Remove forced quoting in YAML normalization Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com> * Use YAML array syntax, remove array conversion code * Update documentation * Rename confusing variable * Specs for custom i18n backend * add guard for nil config from running spec/lib/deploy/activate_spec.rb changelog: Internal, Source code, Reformat i18n files to simplify merges --------- Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com>
- Updates i18n_spec to correctly iterate over arrays - Updates i18n_spec to handle new flatter files changelog: Internal, Source code, Update internationalization specs
… languages. (#10461) * LG-12770: Update Translations to ensure better understanding in other languages changelog: User-Facing Improvements, Authentication, update language to DoS standards update form language address lqa comment 308 translations for Zh normalize yaml remove translated keys froms pec mfa info removed * Remove parenthesized English text This refers to a button below where the label is expected to be translated to Spanish * Translate additional French string --------- Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
* Fail build on unnecessary allowed_extra_analytics changelog: Internal, Automated Testing, Fail build on unnecessary allowed_extra_analytics * Temporary: Demonstrate failures * Revert "Temporary: Demonstrate failures" This reverts commit 25f66ab. * Avoid failing when checked, unflagged method Scenario: A test calls an analytics method, but all of its arguments are documented. This will be included in checked_extra_analytics, but not an issue. If it was an issue, it would have failed earlier in the UndocumentedParamsChecker check Alternatively, we could assign method name into checked_extra_analytics only when it's going to be an issue, but the logical ordering of how allowed_extra_analytics is considered relative to extra_keywords makes this difficult. * Fix existing issues * Move up shortcircuit to avoid evaluating groups without metadata * Group by first * Fix additional issues * Skip blank allowed_extra_analytics Scenario: Metadata assigned on group different than highest ancestor? * Handle nil checked_extra_analytics with array cast * Try to avoid infinite loop * Reset groups after each spec Avoid endlessly accumulating groups `after(:all)` happens after each test file, not after _all_ all * Invert to positive assert Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Avoid evaluating unused if running only subset * Revert to checking extra analytics keywords only * Add file reference to errors * Fix existing issues * Fix existing issues * Always reset groups * Ensure reset using ensure block --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…#10583) * Add consistency checks for whitespace in internationalization changelog: Internal, Internationalization, Add consistency checks for whitespace in internationalization * accommodate arrays * make trailing space consistent * switch to not allowing leading or trailing space * simplify
…10576) changelog: Internal, Security Tooling, Configure Dependabot for security updates, major Stylelint releases
changelog: Internal, Security Tooling, Configure Dependabot for security updates, major Stylelint releases
changelog: Internal, Security Tooling, Configure Dependabot for security updates, major Stylelint releases
changelog: Internal, Security Tooling, Configure Dependabot for security updates, major Stylelint releases
changelog: Bug Fixes, Sign In, Fix typo for error message on exceeded sign-in attempts
* LG-13007: clean up further. changelog: Internal, Doc Auth, Clean up exit survey * LG-13007: remove commented out part
* fix error in report job where nil email array returns false changelog: Internal, IdV, Fix error Identity report job with empty email array * add regression test for job * actually perform the job in the test
* Apply autocomplete attribute consistently to all forms changelog: Bug Fixes, Forms, Disable autocomplete consistently for all forms * Simplify require syntax See: #10604 (comment) Co-Authored-By: Zach Margolis <zachmargolis@users.noreply.github.com> * Restore explicit method: post for persisted records See: https://github.com/18F/identity-idp/pull/10604/files#r1597129639 * Fix ARIA assignment through HTML options --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* LG-12214: Refresh device cookie on every user action changelog: Bug Fixes, New Device Detection, Extend duration of permanent device cookie on every user event * Improve wording of test description * Assert specific device UUID * Add spec for refreshing cookie on subsequent sign-in
…tion only on client-side redirects (#10603) * Respect openid_connect_content_security_form_action_enabled configuration on client-side redirects changelog: Internal, OpenID Connect, Respect openid_connect_content_security_form_action_enabled configuration on client-side redirects * move into conern
LG-13013 Create UniqueMonthlyAuthCountsByPartner helper changelog: Internal, Reporting,update specs and unique partner helper --------- Co-authored-by: Colter <59977618+colter-nattrass@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Luis <luis.matos@gsa.gov>
* LG-7434: Support HTTP POST for OIDC logout route **Why**: - The specification for OpenID Connect RP-Initiated Logout 1.0 requires both HTTP `GET` and `POST` methods to be supported. See: https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout - Data sent using the `POST` method remains encrypted during transport in the browser and in web application logs, preventing leakage of sensitive information **How**: - The same endpoint shall be used, `/openid_connect/logout`, but the request data must be sent as part of the body and use form serialization as required for HTTP `POST` requests (RFC 9110, sec. 9.3.3). resolves https://gitlab.login.gov/lg-people/lg-people-appdev/protocols/openid-connect/-/issues/3 changelog: Bug Fixes, Security, Support POST for OIDC RP-Initiated Logout 1.0
* changelog: internal, in-person-proofing, add new skip_doc_auth name * add new property name and default to false * fixed lint issue
* add zh strings * remove strings from allowed_untranslated_keys * update date formating to include translations for year and day * add and use full date * changelog: User-facing Improvements, Please call email, add zh translation * add key to untranslated list * specify locale
changelog: Internal, Automated Testing, Fail build on unnecessary allowed_extra_analytics
New billing report V2 with partner details changelog: Internal, Reporting, new billing_report_v2 with partner * lg-13018 combined invoice report v2 with partner changelog: Internal, Reporting, Add Partner to combined_invoice_supplement_report * Remove Rubocop lint disabling by adding appropriate associations * PR comments * lint fix * Update service_provider.rb * Update app/jobs/reports/combined_invoice_supplement_report_v2.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Config cron run updates * Update combined_invoice_supplement_report_v2_spec.rb --------- Co-authored-by: Colter <59977618+colter-nattrass@users.noreply.github.com> Co-authored-by: Zach Margolis <zachary.margolis@gsa.gov> Co-authored-by: Luis H. Matos <ThatSpaceGuy@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* changelog: Internal, Analytics, Adds property to SP redirect initiated event * update controllers to account for legit nil values at login page visit (dual browsers, etc.) revise other tests to include sign_in_duration * change to duration tracking to allow for nil. fix redundant integer management. refactored duration calculation as a separate method in shared module * remove hard-coded nil value * rebase merge conflict. fix mis-inserted function in auth count concern, leverage helper method * wrap time-based expect blocks in freeze_time. at least one spec was failing because of time-weirdness * reframe freeze block * add travel to expected time elapsed * add freeze and travel to to test * correct use of freeze_time and add travel to to tests * put better control over time in idp controller test * tracking saml_idp as nil seems more appropriate with the tests there. removing session setting from session_helper to try changing that back * move sign_in_duration method to its own concern * rename duration method, leverage around -> do for better freeze_time control * add unit test for SignInDurationConcern * improve concern spec with time freeze and clarify test context * make use of time as string consistent * remove leftover code comments * adjust time freeze * create more precision by rounding instead of converting to i * change sign in duration output to a floating number
* Exclude nopush from preload headers * Avoid preload headers for non-critical assets * Shorten font preload to use path instead of full URL changelog: Internal, Performance, Optimize preload response headers to prioritize critical assets * Update spec for preload_links_header mock argument * Assert absent of nopush Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Fix typo headers --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* Add resource hints for reCAPTCHA changelog: Internal, Spam Mitigation, Add resource hints to improve load speed for reCAPTCHA * Remove redundant chomp Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* delete Acuant 11.9.1 files * Update default Acuant SDK version to 11.9.3 * changelog: Internal, DocAuth, remove outdated Acuant SDK version * remove irrelevant startWorkers Acuant function * removed out-of-date conditional logic * make start function non-optional Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com> * simplify function that returns Acuant SDK --------- Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com>
* LG-12706: Include user_id in piv_cac_login event changelog: Internal, Analytics, Include user_id in piv_cac_login event * Fix user-scoped stub_analytics, avoid unnecessary work
* remove erroneous arcgis test and duplicate import * changelog: Internal, Post office search spec, remove unused arcgis test * put import back in
…r` (#10614) The `OpenidConnectUserInfoPresenter` is responsible for building the user info hash. This is stored in the identity token and exposed at the user info endpoint as part of the OIDC protocol. The `OpenidConnectUserInfoPresenter` is reponsible for looking at the parameters of the request to determine which attributes to include in the hash. This can include things like the level of service for identity proofing and the requested scopes. Prior to this commit the `OpenidConnectUserInfoPresenter` was using the `ServiceProviderIdentity#ial` to determine whether identity proofing was performed. This approach does not work when using multiple vectors of trust determine the authentication context. The `#ial` column represents the level of service that was set when the identity was linked when the SP request was stored in the session. This could change with multiple vectors of trust if the state of the users account changes during the transaction. This commit starts using the `AuthnContextResolver` to compute the level of service and set the attributes so that it matches the dynamic behavior of the rest of the application with multiple vectors of trust in play. [skip changelog]
* LG-13317: Log 10-digit OTP A/B test params for OTP sends * only include ab test data if enabled [skip changelog] --------- Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov>
* LG-12086 | Renames CaptureDocStatusController changelog: Internal, Tech Debt, Renames CaptureDocStatusController to LinkSentPollController Co-authored-by: Matt Wagner <matt.wagner@gsa.gov>
jmhooper
approved these changes
May 14, 2024
zachmargolis
approved these changes
May 14, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal