SmartPay Training Sprint 49 Release v6.9

This sprint release contains the following:

• User Certification - Export of Users with the Reporting Role & Admin Role
  #757
• Dependabot Alert: Websites were able to send any requests to the development server and read the response in vite
  #753
• Dependabot Alert: Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening
  #750

SmartPay Training Sprint 48 Release v6.8

This sprint release contains the following:

• Federal Website Standards - Meta Page Descriptions
  #715
• Remove All Content/References to Executive Order (E.O.) 14081
  #746
• Add Asterisk to the 4-digit Prefixes where referenced throughout website and add additional content
  #745
• Federal Website Standards - HTML Page Titles
  #714

SmartPay Training Sprint 47 Release v6.7

This sprint release contains the following:

• Dependabot Alert: Atro CSRF Middleware Bypass (security.checkOrigin)
  #720
• Dependabot Alert: Astro's server source code is exposed to the public if source maps are enabled
  #725
• Update to the latest version of USWDS 3.11.0
  #722
• BUG: Training Report - Selecting an Agency w/o Bureau No Results Returned
  #728
• Update SMTP to reflect GSA IT naming convention standard
  #736

SmartPay Training Sprint 46 Release v6.6

This sprint release contains the following:

• BUG: Admin/User Profile Saved Changes are Not Displayed on Results screen
  #709
• BUG: Insert a space between the date field of Completion date range end and Quiz type(s) on the SmartPay Training Report
  #705
• Customizable Training Report for A/OPC
  #633

SmartPay Training Sprint 45 Release v6.5

This sprint release contains the following:

• Add Admin Permission to User- Sean Sayler
  #712
• Update to the latest version of USWDS 3.10.0
  #699
• Dependabot Alert: Regular Expression Denial of Service (ReDoS) in cross-spawn
  #703

SmartPay Training Sprint 44 Release v6.4

This sprint release contains the following:

• December 2024 Separation Report - Remove User
  #702
• Static Code Vulnerability: js/incomplete-URL-substring-sanitization
  #698

SmartPay Training Sprint 42 Release v6.3

This sprint release contains the following:

• BUG: Edit User Profile, When Error the Spinner Does Not Stop
  #684
• BUG: The Agency/Bureau drop-down doesn't allow a user to deselect a value
  #686
• Reconsider implementing USWDS Comboboxes for agency/bureau dropdown
  #54
• Customizable Training Reports
  #34
• Bug: Missing trademark on BioPreferred® product
  #680
• Consistent Message Displayed on Expired/Invalid Links
  #630
• USWDS 3.9.0
  #667

SmartPay Training Sprint 41 Release v6.2

This sprint release contains the following:

• Dependabot Alert: Vite's server.fs.deny is bypassed when using ?import&raw
  #651
• Biobased in Training
  #663
• Dependabot Alert: Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS
  #650
• Dependabot Alert: Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
  #636

SmartPay Training Sprint 40 Release v6.1

This sprint release contains the following:

• Create Search Functionality
  #635
• Sprint 40 Content changes
  #656
• Update the descriptions on each training card
  #637

SmartPay Training Sprint 39 Release v6.0

This sprint release contains the following:

• Update Treasury Links within Training Lessons
  #647
• Dependabot Alert: Regular Expression Denial of Service (ReDoS) in micro match
  #628
• The system must collect each answer on each quiz taken
  #549
• BUG: Update Titles on FASCSA and Drone
  #631