RC 391

Internal

• Dependencies: Update dependencies to latest versions (#10835)
• Error handling: Remove RISC network errors from NewRelic (#10806)
• Reporting: Move weekly reports to run at 00:00 Monday UTC (#10805)
• ResolutionProofingJob: Populate ssn_is_unique (#10801)
• Translations: Update missing Chinese translations (#10829)
• Translations: Update Chinese translations (#10831, #10837)

Upcoming Features

• Enhanced In-person Proofing: Conditionally render Enhanced IPP version of Ready To Verify Email. Enhanced IPP Email template has additional content and a different design. (#10816)
• In-person proofing: Create enhanced ipp enrollments (#10820)

RC 390

User-Facing Improvements

• Account Page: Update language email preference selection to be in the language being described. (#10808)

Bug Fixes

• Acuant SDK: Clear out a callback when done with it. (#10762)

Internal

• Continuous Integration: Add test to ensure schema files are consistent with migrations (#10813)
• Continuous Integration: Add coverage metric to GitLab CI (#10821)
• Metrics: Add certificate validation errors to event (#10818)
• Reporting: Fixing column names and column order (#10817) (#10817)
• Tests: Reorganize dependency audit checks (#10814)
• Tests: Small refactor to AnalyticsSpec (#10810)
• Translations: Update missing Chinese translations (#10819)

RC 389

Internal

• Analytics: Fix small bug in tracking metrics (#10789)
• Continuous Integration: Fix flaky IdentityLinker test (#10807)
• Internationalization: Add quotes to punctuation check in tests (#10803)
• Reporting: More robust unit testing for combined billing report (#10799)
• Translations: Update missing Chinese translations (#10797, #10800, #10804)

RC 388

Bug Fixes

• Reporting Jobs: Fix exception in IdentityVerificationReport when email configuration is blank (#10709)

Internal

• Analytics: Add logging for SAML namespace fix (#10765)
• Analytics: Document critical-path MFA setup analytics methods (#10777)
• Automated Testing: Sync exemptions for allowed extra analytics (#10776)
• Code Management: Standardize Git-based file handling (#10518)
• Configuration: Rename reCAPTCHA mock validator configuration (#10773)
• Continuous Integration: Enable lint rule for unused block arguments (#10787)
• Dependencies: Update factory_bot to fix deprecation warning (#10785)
• Documentation: Clarify instructions for committing optimized fonts and glyphs.txt (#10778)
• Internationalization: Add test that ensures punctuation pairs match correctly (#10784)
• Internationalization: Update translations in document authentication flow (#10758)
• Internationalization: Fix internationalization test to fail when there are unused allowed interpolation mismatches (#10783)
• Logging: Update identity-logger to use millisecond precision timestamp (#10781)
• Maintenance: Update to Ruby 3.3.1 (#10774)
• Performance: Optimize performance of UI component ID generation (#10780)
• Reporting: Adding 14 additional columns at the request of billing report customers for more idv breakdown visibility (#10788)
• Maintenance: Remove doc_auth_selfie_capture_enabled feature flag (#10751)

Upcoming Features

• Chinese Language: Add additional Chinese translations (#10775)
• In-person proofing: Persist sponsor_id on in_person_enrollments (#10759)
• In-person proofing: Fetch eipp usps locations (#10750)
• In-person proofing: Conditionally render content on Ready to Verify view based on vtr for EIPP (#10755)

RC 387

Bug Fixes

• Fraud prevention: New device sign in list failed mfa attempts (#10659)

Internal

• Analytics: Document standard FormResponse analytics consistently (#10745)
• Analytics: Log the requested NameID format (#10761)
• Automated Testing: Validate unnecessary exempted files in TypeScript enforcement (#10760)
• Automated Testing: Remove unnecessary allowed_extra_analytics in accessibility specs (#10749)
• Automated Testing: Refactor NameID format related tests (#10727)
• Dependencies: Update dependencies to latest versions (#10746, #10766, #10770)
• Identity verification: Guard against double-counting SP costs (#10743)
• Internationalization: Update Spanish content (#10719)
• Platform Automation: Add production IDP image creation (#10738)
• Reporting: Fixed the bug where the new_unique_users_unknown column was not populating properly (#10752)
• Reporting: Modified logic in partner helper to reflect new billing requirements (#10769)

RC 386

User-Facing Improvements

• Footer Links: Add Accessibility Statement link to footer (#10717)
• Personal key profile recovery: Add label for personal key input (#10695)

Bug Fixes

• Security: Fix CORS stopping POST for OIDC RP-Initiated Logout 1.0 (#10697)

Internal

• Analytics: Document analytics for critical-path sign-in flow (#10736)
• Analytics: Remove sp_request_requested_attributes from completion events (#10737)
• Code Quality: Remove unused Attempts API code (#10732)
• Configuration: Remove unused configuration keys (#10730)
• Database: Remove unused database field (#10735)
• Dependencies: Update dependencies to resolve security advisories (#10744)
• OIDC: Fix missing action for OIDC test route (#10721)
• Reporting: Adds users failing fraud review to DIVR (#10741)
• Source code: Increase unit test coverage (#10739)

Upcoming Features

• Aggregated Sign-In Email: Fix new device notification on reuathentication (#10731)

RC 385

User-Facing Improvements

• Authentication: Translation updates from previous sprint (#10669)

Internal

• CI: Handle multiple kube contexts (#10715) (#10715)
• Code Quality: Remove unused analytics methods (#10718)
• OIDC: Remove gate allowing backward compatabilty for x509:presented attr value (#10701)
• Reporting: Refine Protocols report (#10699)
• Reporting: Key metrics count (#10710)
• Source code: Update RuboCop lint rules (#10716)
• Source code: Unify related classes (#10720)

RC 384

RC 384 is a redo of RC 383

• Without SAML name ID changes (#10629)
• With #10706 and #10696 added

Bug Fixes

• Code Revert: Revert changes introduced in fb74d7b (#10627)
• Code Revert: Revert changes introduced in 30cb0f3 (#10629)
• Code Revert: Revert changes introduced in 6c16f7a

Internal

• Analytics: Remove track_mfa_submit analytics pass-through method (#10679)
• Code Quality: Remove unused code (#10705, #10706)
• Code Quality: Remove unused feature flags (#10693)
• Dependencies: Update dependencies to latest versions (#10698)
• Document Authentication: Add zipcode to analytics events (#10696)
• FormObject normalization: Updates the HowToVerify flow (#10682)
• Performance: Reduce size of application stylesheet (#10703)
• Reporting: Key metrics count (#10691)

RC 383

Warning

This release was rolled back

User-Facing Improvements

• SAML: Validate requested NameID formats and return appropriate response (#10629)

Internal

• Analytics: Remove track_mfa_submit analytics pass-through method (#10679)
• Code Quality: Remove unused code (#10705)
• Code Quality: Remove unused feature flags (#10693)
• Dependencies: Update dependencies to latest versions (#10698)
• FormObject normalization: Updates the HowToVerify flow (#10682)
• Performance: Reduce size of application stylesheet (#10703)
• Reporting: Key metrics count (#10691)

RC 382

User-Facing Improvements

• Account Management: Prompt user to confirm setting up backup codes from account page (#10685)
• Authentication: Translations fixing for DOS (#10642)
• Authentication: Update translations (#10651)
• Doc Auth: Simpliefied Chinese translations (#10557)
• IdV: Update translations for agreement step screen (#10675)
• In-person proofing: Update translations for Opt-in IPP non-biometric (#10428)

Bug Fixes

• Code Revert: Revert changes introduced in 97e5c06 (#10689)
• Selfie: Fix problem with focus jumping for screenreader while capturing selfie (#10668)

Internal

• Code Quality: Remove unused Step Indicator component styles (#10661)
• Continuous Integration: Fix command for review app configuration in GitLab job (#10667)
• Design System: Use design system centered variant for banner (#10663)
• Doc Auth: Add tests for resubmit h1 and body copy (#10674)
• Document Authentication: TrueIDReponse successful if transaction status passes (#10427)
• FormObject: Fix usage in AgreementController (#10652)
• Identity verification: Send issue + expiry date to AAMVA (#10653)
• In-Person Proofing: Prevent get usps proofing results job spec to pass when enrollment status by email is enabled (#10671)
• Logging: Log whether the state ID issue/exp dates are present. (#10658)
• Performance: Verify and consume backup code in single database transaction (#10687)
• Performance: Optimize size of fonts to include only content character data (#10655)
• Performance: Reduce path size for static assets (#10677)
• Performance: Delete and regenerate backup codes in a single transaction (#10686)
• Performance: Avoid outputting font-face for unused light font weight (#10673)
• Reporting: Added new billing report fields (#10683)
• Source code: Remove unused scripts (#10579)
• in-person-proofing: Rename skip_doc_auth (#10672)

Upcoming Features

• Aggregated Sign-In Message: Fix aggregated new device sign-in for expired session (#10628, #10678)