RC 396

User-Facing Improvements

• identity verification: Verified & Pending States for Identity Verification (#10847)

Internal

• ActionAccount: Clear message when trying to reinstate an already reinstated account (#10927)

RC 395

Bug Fixes

• Accessibility: Render H1 for inactive service provider error page (#10921)
• biometrics: Fix crash when cancelling image capture (#10906)

Internal

• Analytics: Avoid logging multi_factor_auth_enter_piv_cac for PIV MFA visit (#10916)
• Authentication: Consolidate MFA verification result handling (#10901)
• In-person proofing: Add zipcode to Idv state id submitted (#10915)
• In-person proofing: Add birth year to "Idv: in (#10899)
• Reporting: Ensure the drop-off report and its tests are more robust (#10900)
• Source code: Small cleanup to URI params helper code (#10920)
• Specs: Fix flakey spec (#10919)

Upcoming Features

• Biometrics: Add feature flags to support biometric IAL requests (#10908)
• Identity verification: Disable verify by mail for in person proofing (#10892)

RC 394

NOTE: This release was rolled back due to errors during deployment

User-Facing Improvements

• Authentication: Recaptcha ignore low confidence score failures (#10868)
• Verify By Mail Flow: The verify by mail flow enforces the 2 pieces of fair evidence requirement which disallows verify by mail when a SP requests an authn context with the requirement. (#10886)

Bug Fixes

• In-Person Proofing: Fix 500 in document capture when going to IPP (#10830)
• OpenID Connect: Fix 500 error when validating userinfo requests (#10888)

Internal

• Analytics: Ensure user ID present in account deletion submitted (#10887)
• Automated Testing: Render negated test cases in account specs (#10885)
• Bug Fixes: Translate Post Office search results (#10882)
• CI: Remove per-branch checks for scheduled job checks (#10891)
• Continuous Integration: Add JavaScript lint to prevent hardcoding URLs (#10894)
• Data Requests: Allow filtering user log report by start and end dates (#10890)
• Identity verification: Calculate proofing_components dynamically (#10870)
• In-Person Proofing: Save Sponsor Id on IPP Enrollments (Internal) and on EIPP Enhanced Enrollments (Upcoming Features) (#10859)
• Source code: Add scheduled checks for external changes (#10834)
• Terms of use: Require re-accepting rules of use every 5 years (#10681)

RC 393

Internal

• Analytics: Remove analytics event route (#10876)
• Analytics: Removes now-redundant ssn_is_unique check (#10833)
• GpoMail: Query optimization (#10852)
• Reporting: Update unique users logic in combined-invoice-supplement-report-v2 (#10869)
• Reporting: Fix query error in fraud metrics reporting (#10874)
• Reporting: Fix queries across multiple internal reports (#10875)

Upcoming Features

• Aggregated Sign-In Email: Avoid sending new device email after account creation (#10877)
• In-person proofing: Backfill sponsor id (#10872)

RC 392

Bug Fixes

• Accessibility: Render email language preference as language of parts (#10841)

Internal

• Enhanced IPP: Addressed additional code comments (clean up depricated width on td, round image width (#10839)
• Layout: Add OpenGraph metadata for site name (#10850)
• RISC: Remove obsolete code (#10826)
• Scripts: Update Cloudwatch querying client (#10848)
• Source code: Update code to match React conventions (#10838)
• Source code: Enforce usage of yarn-deduplicate via lint (#10857)
• Source code: Upgrade dependencies to fix security vulnerabilities (#10854)
• Source code: Update .gitattributes for yarn.lock (#10856)
• UI Components: Replace Alert component "other" as default style (#10779)
• WebAuthn: Standardize form validation for WebauthnSetupForm (#10782)

Upcoming Features

• Spam Mitigation: Add reCAPTCHA at sign-in behind feature flag (#10772)

RC 391.1

Bug Fixes

• Reports: Resolve double-parsing JSON in Dropoff report (LG-13570) (#10846)

RC 391

Internal

• Dependencies: Update dependencies to latest versions (#10835)
• Error handling: Remove RISC network errors from NewRelic (#10806)
• Reporting: Move weekly reports to run at 00:00 Monday UTC (#10805)
• ResolutionProofingJob: Populate ssn_is_unique (#10801)
• Translations: Update missing Chinese translations (#10829)
• Translations: Update Chinese translations (#10831, #10837)

Upcoming Features

• Enhanced In-person Proofing: Conditionally render Enhanced IPP version of Ready To Verify Email. Enhanced IPP Email template has additional content and a different design. (#10816)
• In-person proofing: Create enhanced ipp enrollments (#10820)

RC 390

User-Facing Improvements

• Account Page: Update language email preference selection to be in the language being described. (#10808)

Bug Fixes

• Acuant SDK: Clear out a callback when done with it. (#10762)

Internal

• Continuous Integration: Add test to ensure schema files are consistent with migrations (#10813)
• Continuous Integration: Add coverage metric to GitLab CI (#10821)
• Metrics: Add certificate validation errors to event (#10818)
• Reporting: Fixing column names and column order (#10817) (#10817)
• Tests: Reorganize dependency audit checks (#10814)
• Tests: Small refactor to AnalyticsSpec (#10810)
• Translations: Update missing Chinese translations (#10819)

RC 389

Internal

• Analytics: Fix small bug in tracking metrics (#10789)
• Continuous Integration: Fix flaky IdentityLinker test (#10807)
• Internationalization: Add quotes to punctuation check in tests (#10803)
• Reporting: More robust unit testing for combined billing report (#10799)
• Translations: Update missing Chinese translations (#10797, #10800, #10804)

RC 388

Bug Fixes

• Reporting Jobs: Fix exception in IdentityVerificationReport when email configuration is blank (#10709)

Internal

• Analytics: Add logging for SAML namespace fix (#10765)
• Analytics: Document critical-path MFA setup analytics methods (#10777)
• Automated Testing: Sync exemptions for allowed extra analytics (#10776)
• Code Management: Standardize Git-based file handling (#10518)
• Configuration: Rename reCAPTCHA mock validator configuration (#10773)
• Continuous Integration: Enable lint rule for unused block arguments (#10787)
• Dependencies: Update factory_bot to fix deprecation warning (#10785)
• Documentation: Clarify instructions for committing optimized fonts and glyphs.txt (#10778)
• Internationalization: Add test that ensures punctuation pairs match correctly (#10784)
• Internationalization: Update translations in document authentication flow (#10758)
• Internationalization: Fix internationalization test to fail when there are unused allowed interpolation mismatches (#10783)
• Logging: Update identity-logger to use millisecond precision timestamp (#10781)
• Maintenance: Update to Ruby 3.3.1 (#10774)
• Performance: Optimize performance of UI component ID generation (#10780)
• Reporting: Adding 14 additional columns at the request of billing report customers for more idv breakdown visibility (#10788)
• Maintenance: Remove doc_auth_selfie_capture_enabled feature flag (#10751)

Upcoming Features

• Chinese Language: Add additional Chinese translations (#10775)
• In-person proofing: Persist sponsor_id on in_person_enrollments (#10759)
• In-person proofing: Fetch eipp usps locations (#10750)
• In-person proofing: Conditionally render content on Ready to Verify view based on vtr for EIPP (#10755)