Continua11y

18F/identity-idpaccessibility for margolis-i18n-plural branchaccessibility for stages/demo branchaccessibility for stages/qa branchaccessibility for qa-merge-test branchaccessibility for update-bummr branchaccessibility for mb-analytics-cleanup branchaccessibility for master branchaccessibility for jy-more-508 branchaccessibility for jy-remove-pa11y-crawl branchaccessibility for mb-code-cleanup branchaccessibility for ab-i18n-time branchaccessibility for pek-longer-reauthn-window branchaccessibility for pek-test-qa-deploy branchaccessibility for jy-normalize-i18n branchaccessibility for jy-continue-consolidation branchaccessibility for jy-508-all-the-things branchaccessibility for jy-email-address branchaccessibility for amos-fix-dashboard-bundle branchaccessibility for amos-fix-qa-sp branchaccessibility for pek-encrypted-email-migration-fix branchaccessibility for mb-fix-lingering-invalid-otp-flash branchaccessibility for jy-run-pa11y-locally branchaccessibility for fix-expired-session-link branchaccessibility for margolis-worker-health-endpoint branchaccessibility for progress-steps-take-1 branchaccessibility for pek-drop-email-plain branchaccessibility for jy-remove-deploy-stuff-from-readme branchaccessibility for margolis-twilio-repeat branchaccessibility for ab-add-tooltip-strings branchaccessibility for mb-update-email-analytics branchaccessibility for margolis-remote branchaccessibility for ab-redirect-from-users branchaccessibility for margolis-twilio-human-detection branchaccessibility for monfresh-registration-analytics branchaccessibility for margolis-twimlet-menu branchaccessibility for ab-csp-errors branchaccessibility for margolis-remove-spring branchaccessibility for pek-no-sign-out-links branchaccessibility for pek-fix-encrypted-email branchaccessibility for pek-nullify-old-recovery-codes branchaccessibility for help-center branchaccessibility for jy-fix-broken-links-in-docs branchaccessibility for hursey013-server-zxcvbn branchaccessibility for pek-fix-user-encrypted-email-migration branchaccessibility for jy-idp-private-issue-1123 branchaccessibility for monfresh-fix-scrypt-cost-migration branchaccessibility for margolis-reactivate-profile branchaccessibility for jamie-spanish-new branchaccessibility for monfresh-improve-logging branchaccessibility for pek-encrypt-user-email branchaccessibility for jy-idp-private-issue-1037 branchaccessibility for new-recovery-post-pw-change-ui branchaccessibility for add-analytics-events branchaccessibility for pek-profile-recover-pii branchaccessibility for monfresh-add-more-analytics-events branchaccessibility for hursey013-remove-client-validation branchaccessibility for monfresh-update-rubocop-config branchaccessibility for amos/feature/nr_browser_instrumentation branchaccessibility for pek-store-password-cost branchaccessibility for pek-fix-session-encryption-reload branchaccessibility for set-password-salt branchaccessibility for session-warning-modal-updates branchaccessibility for encryption-migration branchaccessibility for encrypt-recovery-code branchaccessibility for recovery-code-encryption branchaccessibility for translate-zxcvbnabcdefg branchaccessibility for amos/fix/i18n_override_enhance branchaccessibility for margolis-loaner branchaccessibility for update-bin-setup branchaccessibility for liz/revise-headers-instructions branchaccessibility for session-store-tasks branchaccessibility for margolis-crontab branchaccessibility for concurrent-sessions branchaccessibility for mb-update-password-analytics branchaccessibility for amos/tmp/qa-test branchaccessibility for remove-client-validation branchaccessibility for mb-add-friendly-name-to-sp-dev branchaccessibility for jeannine/updates-idv branchaccessibility for underline-links branchaccessibility for filter-pii-idv branchaccessibility for add-logstasher branchaccessibility for limit-concurrent-sessions branchaccessibility for amos/feature/specd-user-flows branchaccessibility for amos/fix/update-arch-doc branchaccessibility for encrypt-pii-part3 branchaccessibility for fix-flickering-email-spec branchaccessibility for amos/feature/email_confirmation_ux branchaccessibility for amos/fix/move_docs branchaccessibility for update-authenticator-img branchaccessibility for margolis-tooltip-placeholder branchaccessibility for session-store-cleanup branchaccessibility for two-factor-changes branchaccessibility for liz/revise-notifications branchaccessibility for margolis-privary branchaccessibility for update-email-copy branchaccessibility for margolis-remove-more-cruft branchaccessibility for stages/dev branchaccessibility for liz/fix-idv-typo branchaccessibility for jy-reorg-some-specs branchaccessibility for fix-reek-offense branchaccessibility for jy-email-confirmation branchaccessibility for ui-bug-bash-tweaks branchaccessibility for liz/implementing-content-fixes branchaccessibility for margolis-remove-cors branchaccessibility for jy-saml-tres branchaccessibility for margolis-capistrano-whenever branchaccessibility for update-dependencies branchaccessibility for authenticator-ui branchaccessibility for use-18f-saml-idp-fork branchaccessibility for margolis-queue-health-checks branchaccessibility for jy-typo branchaccessibility for jy-remove-2fa-flash branchaccessibility for margolis-more-cors-tweaks branchaccessibility for jy-slo-dos branchaccessibility for fix-email-link branchaccessibility for update-gems branchaccessibility for liz/remove-mailer-footer branchaccessibility for update-bullet branchaccessibility for add-recovery-link branchaccessibility for fix-tooltip-focus branchaccessibility for margolis-expose-deploy-information branchaccessibility for update-reek branchaccessibility for remove-unused-gems branchaccessibility for remove-unused-code branchaccessibility for jy-null-view branchaccessibility for fix-radio-btn branchaccessibility for margolis-session-decorators-match branchaccessibility for 2fa-fixes branchaccessibility for amos/fix/deploy_rb branchaccessibility for amos/feature/specy_flowy branchaccessibility for liz/fix-typos branchaccessibility for margolis-consolidate-event-names branchaccessibility for fix-deploy-config branchaccessibility for jy-use-session-decorators branchaccessibility for fix-phone-setup branchaccessibility for add-link-to-verify-page branchaccessibility for jy-specs-cleanup branchaccessibility for amos/fix/i18n-tool-urls branchaccessibility for liz/content-update-demo branchaccessibility for remove-link-pw-reset-page branchaccessibility for ahoy-postgres branchaccessibility for encrypt-pii-on-pw-change branchaccessibility for jy-i18n-reorg branchaccessibility for i18n-js-bridge branchaccessibility for encrypt-session-at-rest branchaccessibility for deactivate-profile-when-pw-reset branchaccessibility for amos/fix/readme-getting-started-updates branchaccessibility for fix-session-timeout-specs branchaccessibility for amos/feature/arch_docs_r1 branchaccessibility for liz/fix-idv-copy branchaccessibility for jy-moar-i18n branchaccessibility for update-gems-with-bummr branchaccessibility for update-overcommit branchaccessibility for encrypt-pii-part2 branchaccessibility for add-email-validation-msg branchaccessibility for update-deploy-config branchaccessibility for output-safety-i18n-rubocop branchaccessibility for liz/all-the-content-fixes branchaccessibility for update-footer branchaccessibility for redis-self-expiring-sessions branchaccessibility for disable-safe-navigation-rubocop branchaccessibility for authenticator-cancel-links branchaccessibility for jy-minutes-tests branchaccessibility for margolis-utc branchaccessibility for disable-zxcvbn-in-test-env branchaccessibility for encrypt-pii branchaccessibility for encrypt-pii-part1 branchaccessibility for jy-queue-healthcech branchaccessibility for amos/HOTFIX/pre-ea6c4f3 branchaccessibility for margolis-constant-redefined-warning branchaccessibility for update-create-pw-page branchaccessibility for refactor-2fa branchaccessibility for password-scrypt branchaccessibility for alert-banners branchaccessibility for remove-home-page branchaccessibility for fix-logo-nav-spacing branchaccessibility for terms-of-service branchaccessibility for jy-invalid-password-bug branchaccessibility for amos/fix/add_meta_to_test_sp branchaccessibility for timezone-otp-jobs branchaccessibility for server-side-zxcvbn branchaccessibility for locale-string-test branchaccessibility for update-readme branchaccessibility for otp-date branchaccessibility for ruby-saml-1.4.0 branchaccessibility for jy-activeupport-error branchaccessibility for hotfix-js-precompile branchaccessibility for update-service-provider-yml branchaccessibility for more-sp-brand-info branchaccessibility for jy-remove-comments-from-config branchaccessibility for amos/fix/update_dev_sp_url branchaccessibility for amos/feature/799-a_little_more_branding branchaccessibility for temp_deploy branchaccessibility for nacin/hsts branchaccessibility for amos/feature/894-add_i18n_override branchaccessibility for revert-559-meg/fix/buttons branchaccessibility for meg/fix/buttons branchaccessibility for agency-branded-experience-start branchaccessibility for otp-input-maxlength branchaccessibility for jy-test-coverage branchaccessibility for jy-playing-in-views branchaccessibility for spacing-and-ui-tweaks branchaccessibility for fix-casing-password-page branchaccessibility for alert-ico-position-tweak branchaccessibility for invalid-token branchaccessibility for ah/feature/capistrano-passenger-restart branchaccessibility for sess-timeout-cntdn branchaccessibility for devise-encrypt-pbkdf2 branchaccessibility for slo-fixes branchaccessibility for mfa-pw-change branchaccessibility for jy-session-timeout-msg branchaccessibility for tooltip-fix branchaccessibility for new-usa-flag branchaccessibility for ie-stylesheets branchaccessibility for jy-config-setup branchaccessibility for jy-refactor-fun branchaccessibility for add-contact-view-test branchaccessibility for jy-issue-851 branchaccessibility for basic-info branchaccessibility for fix-usa-topbar branchaccessibility for jy-mandrill-css branchaccessibility for autofocus-mfa branchaccessibility for fix-bullets branchaccessibility for pw-strength-ui-fix branchaccessibility for reencrypt-pii-on-pw-change branchaccessibility for deactivate-profile-on-pw-reset branchaccessibility for encrypt-session branchaccessibility for devise-encrypt-sha512 branchaccessibility for dob-field branchaccessibility for amos/fix/hot-js branchaccessibility for hotfix-js-compile branchaccessibility for babelify-tweak branchaccessibility for visual-updates branchaccessibility for verify-email-page-update branchaccessibility for ui-fixes-and-tweaks2 branchaccessibility for amos/fix/readme_deploy branchaccessibility for ui-fixes-and-tweaks branchaccessibility for add-pw-pepper branchaccessibility for recent-identities-events branchaccessibility for add-idv-test branchaccessibility for rate-limit-css branchaccessibility for amos/fix/remove_old_key branchaccessibility for amos/feature/320-localize_strings branchaccessibility for zip-code-input branchaccessibility for update-sms-message branchaccessibility for sentence-case-updates branchaccessibility for remove-tel-links branchaccessibility for remove-ssn-dupe-check branchaccessibility for store-pii-as-json branchaccessibility for refactor-idv-session branchaccessibility for require-2fa-for-sidekiq-access branchaccessibility for prevent-redundant-idv branchaccessibility for jjg/feature/newrelic-deployment branchaccessibility for recovery-code-support branchaccessibility for do-not-track-session-ping-events branchaccessibility for amos/refactor-2fa branchaccessibility for contact-page branchaccessibility for sp-session-active branchaccessibility for prevent-multiple-idv branchaccessibility for style-cleanup branchaccessibility for idv-finance-radio-stylez branchaccessibility for idv-max-attempts branchaccessibility for fix-profile-spacing branchaccessibility for accessibility-tweak branchaccessibility for remove-playbook-code branchaccessibility for update-and-add-favicons branchaccessibility for profile-idv-section-tooltip branchaccessibility for idv-interrupted branchaccessibility for add-issue-template branchaccessibility for profile-dob-date branchaccessibility for state-no-dash branchaccessibility for amos/fix/phantomjs-travis-update branchaccessibility for make-rack-mini-profiler-optional branchaccessibility for rubocop-makefile branchaccessibility for idv-server-validation branchaccessibility for devise-timeout branchaccessibility for backup_codes branchaccessibility for default_otp_method branchaccessibility for idv-form-validation branchaccessibility for add_activity_2 branchaccessibility for amos/fix/from_email branchaccessibility for add-flair-to-bin-script branchaccessibility for jjg/fix/add-newrelic-config-to-capistrano branchaccessibility for jjg/fix/minor-deploy-fixes branchaccessibility for amos/feature/new_stages branchaccessibility for update-idv-continue-later-page branchaccessibility for remove-splash-page branchaccessibility for amos/feature/voice_otp_no_preference_attrib branchaccessibility for playbook branchaccessibility for explicit-sign-out branchaccessibility for refactor-service-provider branchaccessibility for amos/feature/new_string branchaccessibility for session-timeout-tweaks branchaccessibility for fix-rubocop-rails-offenses branchaccessibility for separate-ssn-dupe-error-page branchaccessibility for idv-cancel-mesg branchaccessibility for fix-field-focus branchaccessibility for alert-ui-tweak branchaccessibility for add-modalz branchaccessibility for sticky-idv-forms branchaccessibility for fix-footer-safari branchaccessibility for ie9-validation branchaccessibility for refactor_phone_confirmation branchaccessibility for idv-cant-continue branchaccessibility for fix-inline-forms branchaccessibility for refactor-omniauth-controller branchaccessibility for fix-reek-offenses branchaccessibility for ui-touchups branchaccessibility for wtf-forms branchaccessibility for add-events branchaccessibility for small-ui-tweaks branchaccessibility for nav-footer-btn-tweaks branchaccessibility for amos/fix/rspec_color branchaccessibility for design-polish branchaccessibility for active-links branchaccessibility for throttle-otp-requests branchaccessibility for svg-updates branchaccessibility for fix-travis branchaccessibility for sp-demo-attribute-bundle branchaccessibility for idv-no-love-page branchaccessibility for demo-sp-rails-cert branchaccessibility for field-kit branchaccessibility for splash-copy branchaccessibility for spacing-stuff branchaccessibility for remove-unused-controller branchaccessibility for amos/feature/move_mobile_to_phone branchaccessibility for amos/fix/360 branchaccessibility for disable-kbv-by-default branchaccessibility for more-visual branchaccessibility for fix-rack-attack-deprecations branchaccessibility for remove-delete-user-feature branchaccessibility for fix-alert-icon branchaccessibility for ui-fixes branchaccessibility for more-visual-tweaks branchaccessibility for fix-duplicate-method-calls branchaccessibility for amos/fix/sp-rails-demo branchaccessibility for fix-form-validator branchaccessibility for update-reek-rubocop-gems branchaccessibility for fix-nil-check-offenses branchaccessibility for fix-unused-parameters branchaccessibility for blanding-page-iterate branchaccessibility for amos/fix/travis_node_stable branchaccessibility for visual-tweaks branchaccessibility for fix-flaky-test branchaccessibility for amos/fix/phantomjs branchaccessibility for amos/feature/voice_otp branchaccessibility for jjg/fix/restart-hosts-after-deploy branchaccessibility for remove-autofocus branchaccessibility for disable-brittle-test branchaccessibility for splash-page-tweaks branchaccessibility for iterate-on-form-validate branchaccessibility for edit-password branchaccessibility for fix-inline-style branchaccessibility for update-contributing branchaccessibility for identity-linker-uuid branchaccessibility for more-reek-fixes branchaccessibility for dupe-ssn-alert branchaccessibility for blanding-page branchaccessibility for mbun-per-sp branchaccessibility for fix_capybara_timeout branchaccessibility for sms-message-consistentify branchaccessibility for fix-code-smells branchaccessibility for form-validation branchaccessibility for remove_ial branchaccessibility for setup-foreman-install branchaccessibility for setup-foreman branchaccessibility for user-decorator-self branchaccessibility for amos/fix/new_dashboard_logingov branchaccessibility for reland branchaccessibility for idv-layout-tweaks branchaccessibility for tooltip-tweaks branchaccessibility for fingerprinter-tool branchaccessibility for jjg/feature/login-dot-gov branchaccessibility for mock-vendor-pii-warning branchaccessibility for add-tooltip-functionality branchaccessibility for totp-start-page branchaccessibility for test-cleanup branchaccessibility for proofing-ui branchaccessibility for fix-link-reference branchaccessibility for make-nav-slimmer branchaccessibility for slimmer-nav branchaccessibility for typo-fix branchaccessibility for saml-tests branchaccessibility for fix-flickering-spec branchaccessibility for add_rubocopy_explanations branchaccessibility for jjg/feature/elasticache branchaccessibility for idv-tests branch

show pull requests
commiterrorswarningsnoticestotal
Use numbers only infavor of words and numbers **Why**: Translating the mix of number and words used to convery time is a pain 84ec69 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage f30a5d 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage 8db655 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage 1c4539 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage f1c46a 10910
Update bummr from 0.1.5 to 0.1.6 d895df 10910
Refactor submit_answers method per PR review 46eef5 10910
Refactor submit_answers method per PR review 059717 10910
Use `hide` instead of custom css class **Why**: Hide is accessible! 9e28d5 10910
Use `hide` instead of custom css class **Why**: Hide is accessible! 2f1cec 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage b017e4 10910
SCSS lint cleanup 74cb94 10910
SCSS lint cleanup ef5c9e 10910
Refactor 5fccc7 10910
Refactor 665bb7 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage 6b45a6 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage 49ee5a 10910
WIP: pluralization in JS 4f0ad5 10910
Moves untranslated words from js into i18n file **Why**: We would like all of our strings to be in translation files for portability to other languages 920a5a 10910
Moves untranslated words from js into i18n file **Why**: We would like all of our strings to be in translation files for portability to other languages d58731 10910
Bump the reauthn_window to 60 seconds (#795) **Why**: UX feedback indicates 30 seconds is often too short. 5ec58b 10910
Bump the reauthn_window to 60 seconds **Why**: UX feedback indicates 30 seconds is often too short. 30faf1 10910
Bump the reauthn_window to 60 seconds **Why**: UX feedback indicates 30 seconds is often too short. 51b37f 10910
Bump the reauthn_window to 60 seconds **Why**: UX feedback indicates 30 seconds is often too short. aed7ed 10910
Bump the reauthn_window to 60 seconds **Why**: UX feedback indicates 30 seconds is often too short. 3f0c7c 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage 54b3e0 10910
Add missing PasswordForm spec **Why**: To have more complete code coverage 522a89 10910
Consolidate 'Continue' locales (#791) **Why**: We had the string 'Continue' defined in 4 places, easier to have it just once. 53b6db 10910
reuse UAK just for migration db2057 10910
Alpha order and 'normalize' locales **Why**: `i18n-tasks normalize` is MAGIC ea61f4 10910
Alpha order and 'normalize' locales **Why**: `i18n-tasks normalize` is MAGIC be75dd 10910
Alpha order and 'normalize' locales **Why**: `i18n-tasks normalize` is MAGIC 774d77 10910
Consolidate 'Continue' locales **Why**: We had the string 'Continue' defined in 4 places, easier to have it just once. baf00d 10910
Consolidate 'Continue' locales **Why**: We had the string 'Continue' defined in 4 places, easier to have it just once. 59e868 10910
do not cache UAK for EncryptedEmail 588211 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it 42f557 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it ed889f 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it ff6eda 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it 736a47 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it a37857 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it 289153 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it 1d2618 10910
Add `alt` tag to all login.gov logos **Why**: Accessibility requires it 42374f 10910
disable logging b4039d 10910
debug UAK for EncryptedEmail b7654c 10910
Adds sp.qa.login.gov to SPs (#785) e4f918 10910
Update mailer specs to use locales **Why**: If we do not, they are brittle c6240c 10910
Update mailer specs to use locales **Why**: If we do not, they are brittle e19b47 10910
Adds email to attribute bundle (#786) cef691 10910
Adds sp.qa.login.gov to SPs 050e08 10910
Adds email to attribute bundle cf3a7c 10910
Adds email to attribute bundle 688bee 10910
Adds sp.qa.login.gov to SPs eea2d5 10910
Improve email encryption rollback resiliency (#784) **Why**: When doing a rake db:rollback and the db:migrate, non-unique emails may have been introduced. adc0b4 10910
Improve email encryption rollback resiliency **Why**: When doing a rake db:rollback and the db:migrate, non-unique emails may have been introduced. 5f9b1f 10910
Improve email encryption rollback resiliency **Why**: When doing a rake db:rollback and the db:migrate, non-unique emails may have been introduced. b19a8e 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 0f71d4 10910
Use flash.now for invalid passcode (#780) **Why**: So that the flash message doesn't carry over to the profile page after entering the correct passcode. 4e7ff7 10910
Use flash.now for invalid passcode **Why**: So that the flash message doesn't carry over to the profile page after entering the correct passcode. d491cd 10910
Use flash.now for invalid passcode **Why**: So that the flash message doesn't carry over to the profile page after entering the correct passcode. 5dca2c 10910
Link to current page in session expired modal (#778) **Why**: For a better user experience 243b04 10910
WIP e53203 10910
Link to current page in session expired modal **Why**: For a better user experience 8d1c1d 10910
Organizes javascript files **Why**: keeps code neater 64d938 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 8bd73d 10910
Organizes javascript files **Why**: keeps code neater d40c3f 10910
Link to current page in session expired modal **Why**: For a better user experience e28bde 10910
Organizes javascript files **Why**: keeps code neater 827ea7 10910
Link to current page in session expired modal **Why**: For a better user experience c02c06 10910
Fix lints 5cd9bf 10910
Fix lints 4ca73f 10910
WIP 450ad6 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 484b62 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs fddb51 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 666012 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 1b1bf8 10910
Review feedback: move all healthy check into domain edfbe9 10910
Review feedback: move all healthy check into domain 842f06 10910
Fix lints 3f378a 10910
Fix lints 5b585f 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 8b3c06 10910
Expose worker health status in an endpoint **Why**: So that we can check if our jobs are running from outside our jobs 6c79f4 10910
tweaks, tests a3d60c 10910
tweaks, tests 49e9fb 10910
tweaks, tests bedfa2 10910
tweaks, tests 9082b0 10910
Drop User.email_plain column **Why**: To be used *after* successful migration to encrypted email. ed0780 10910
Drop User.email_plain column **Why**: To be used *after* successful migration to encrypted email. 9625a6 10910
Drop User.email_plain column **Why**: To be used *after* successful migration to encrypted email. c2a2d7 10910
Drop User.email_plain column **Why**: To be used *after* successful migration to encrypted email. 0ab08f 10910
Tweaks to JS files per brendans comments **Why**: because comments fa0633 10910
tweaks, tests aa77ca 10910
tweaks, tests ec7acb 10910
Moves stray tooltip into tooltips locale file (#773) **Why**: To keep our tooltips in a consistent location 9e75cb 10910
Moves stray tooltip into tooltips locale file (#773) **Why**: To keep our tooltips in a consistent location 47a95e 10910
tweaks, tests ac5eee 10910
tweaks, tests de0ddc 10910
Ensure LoginGov object is properly set on window **Why**: Makes shared javascript functions available under correct namespace d87b22 10910
Remove Welcome link from nav when 2FA incomplete (#774) **Why**: A User is not fully signed-in until 2FA is complete. The nav should not hint otherwise. 1a7d0a 10910
Remove Welcome link from nav when 2FA incomplete (#774) **Why**: A User is not fully signed-in until 2FA is complete. The nav should not hint otherwise. 6f5049 10910
Add remote script (#769) **Why**: makes running commands on our various servers easier 9bc946 10910
tweaks, tests ded231 10910
tweaks, tests d5a5cd 10910
Consolidate Email Update analytics (#771) **Why**: To keep analytics reporting consistent. 94373a 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior for a limited number of retries 5696dd 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior for a limited number of retries e3e1a2 10910
Remove Welcome link from nav when 2FA incomplete **Why**: A User is not fully signed-in until 2FA is complete. The nav should not hint otherwise. b08abb 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior for a limited number of retries a45dd5 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior for a limited number of retries 83a924 10910
Remove Welcome link from nav when 2FA incomplete (#774) **Why**: A User is not fully signed-in until 2FA is complete. The nav should not hint otherwise. 10be42 10910
Switch to numDigits instead of finishOnKey 5c2318 10910
Switch to numDigits instead of finishOnKey ac25bd 10910
Moves stray tooltip into tooltips locale file **Why**: To keep our tooltips in a consistent location d2accf 10910
Moves stray tooltip into tooltips locale file **Why**: To keep our tooltips in a consistent location 7c04a6 10910
old logic 40867b 10910
old logic 8b48af 10910
Ensure LoginGov object is properly set on window **Why**: Makes shared javascript functions available under correct namespace 05f2d1 10910
Skip CSRF on API endpoint 0b9f52 10910
Skip CSRF on API endpoint 682585 10910
clean up a tad a498cd 10910
clean up a tad 667af9 10910
Removes markup from translation files **Why**: Cleaner separation of concerns bbead9 10910
Consolidate Email Update analytics **Why**: To keep analytics reporting consistent. 6ce09f 10910
Consolidate Email Update analytics **Why**: To keep analytics reporting consistent. ddeed4 10910
Removes markup from translation files **Why**: Cleaner separation of concerns 9063c1 10910
Fixes CodeClimate errors **Why**: CodeClimate doesnt like errors f9c343 10910
Properly coountdown time to account unlocking **Why**: The time remaining displayed on the Account Locked screen never changes, leading to a poor user experience **How**: Refactor JS to make the countdown and hours-minutes-seconds formatting reusable 204095 10910
Consolidate Email Update analytics **Why**: To keep analytics reporting consistent. 2cc301 10910
Consolidate Email Update analytics **Why**: To keep analytics reporting consistent. 90dd0e 10910
Add remote script **Why**: makes running commands on our various servers easier 451c3c 10910
Add remote script **Why**: makes running commands on our various servers easier ca15d6 10910
more typo e1a4f5 10910
more typo 5ce682 10910
Review feedback: typo 7ea895 10910
Review feedback: typo f61fff 10910
Review feedback: use Kernel.puts to pacify Rubocop 39ca09 10910
Review feedback: use Kernel.puts to pacify Rubocop 446127 10910
Add remote script **Why**: makes running commands on our various servers easier 1608fb 10910
Add remote script **Why**: makes running commands on our various servers easier faee1a 10910
Uses capybara matcher for current path **Why**: Using have_current_path means the code doesnt have to have workarounds like sleep statements 1dab98 10910
Uses capybara matcher for current path **Why**: Using have_current_path means the code doesnt have to have workarounds like sleep statements e8fa45 10910
Add remote script **Why**: makes running commands on our various servers easier e64a26 10910
Add remote script **Why**: makes running commands on our various servers easier 644ed8 10910
Add remote script **Why**: makes running commands on our various servers easier f0e8c3 10910
Add remote script **Why**: makes running commands on our various servers easier e96e42 10910
Removes redirect from /users **Why**: Providing a route to /users doesn't satisfy the issue this PR is meant to resolve 2c04de 10910
Removes redirect from /users **Why**: Providing a route to /users doesn't satisfy the issue this PR is meant to resolve 335542 10910
Add 'human detection' to voice OTP phone call **Why**: So we don't read our OTPs into people's voicemails **How**: Replace intial message that reads the code with one that prompts users to press 1 to hear the code 60ab39 10910
Add 'human detection' to voice OTP phone call **Why**: So we don't read our OTPs into people's voicemails **How**: Replace intial message that reads the code with one that prompts users to press 1 to hear the code b554f7 10910
Add 'human detection' to voice OTP phone call **Why**: So we don't read our OTPs into people's voicemails **How**: Replace intial message that reads the code with one that prompts users to press 1 to hear the code 4c7918 10910
Add 'human detection' to voice OTP phone call **Why**: So we don't read our OTPs into people's voicemails **How**: Replace intial message that reads the code with one that prompts users to press 1 to hear the code fa26ea 10910
Refactor RegisterUserEmailForm 93cdd0 10910
Refactor RegisterUserEmailForm 6f08d8 10910
Removes redirect from /users **Why**: Providing a route to /users doesn't satisfy the issue this PR is meant to resolve 7133c5 10910
Removes redirect from /users **Why**: Providing a route to /users doesn't satisfy the issue this PR is meant to resolve af4c40 10910
Review feedback: clarify spec descriptions c70973 10910
Review feedback: clarify spec descriptions f7152d 10910
Implement 'press 1 to repeat' voice OTP behavior via twimlets **Why**: Because this is easier to implement than having Twilio call back in to us for the time being bdfc28 10910
Implement 'press 1 to repeat' voice OTP behavior via twimlets **Why**: Because this is easier to implement than having Twilio call back in to us for the time being 5b8e22 10910
Implement 'press 1 to repeat' voice OTP behavior via twimlets **Why**: Because this is easier to implement than having Twilio call back in to us for the time being e9ae03 10910
Use erb syntax in google analytics partial **Why**: I updated the file type from slim to erb, but neglected to change the the variable interpolation around the analytics key b32056 10910
Use erb syntax in google analytics partial **Why**: I updated the file type from slim to erb, but neglected to change the the variable interpolation around the analytics key b41f3a 10910
Review feedbac: reek/rubocop a5e0c0 10910
Review feedbac: reek/rubocop 011934 10910
Review feedback: remove hardcoded number, split out complex line d427d8 10910
Review feedback: remove hardcoded number, split out complex line 234dbf 10910
Implement 'press 1 to repeat' voice OTP behavior via twimlets **Why**: Because this is easier to implement than having Twilio call back in to us for the time being abc2fc 10910
Implement 'press 1 to repeat' voice OTP behavior via twimlets **Why**: Because this is easier to implement than having Twilio call back in to us for the time being 2baee5 10910
Fix rubocop warning **Why**: Resolve warning 4eaa8c 10910
Fix rubocop warning **Why**: Resolve warning 285660 10910
Adds test for redirect from /users **Why**: Tests are important for determining if the app is behaving properly eaf8d7 10910
Adds test for redirect from /users **Why**: Tests are important for determining if the app is behaving properly bab428 10910
Consolidate Registration analytics **Why**: To better group registration events and their properties. 98482b 10910
Remove spring **Why**: Spring loads automagically without user intervention, and can cause issues when files don't reload as expected 7aa1ef 10910
rough first stab at progress step implementation **Why**: UI we want to add 3ba2c7 10910
rough first stab at progress step implementation **Why**: UI we want to add 9c4db5 10910
Hide Sign Out till 2FA complete (#763) **Why**: The UX is not 'signed in' until 2FA is complete. 15425a 10910
Redirects users from /users to /users/sign_up **Why**: When a user sits on the users/sign_up page for too long, they are directed to the /users page, which is not defined. Instead, redirect them back to the sign_up page. aaa002 10910
Hide Sign Out till 2FA complete (#763) **Why**: The UX is not 'signed in' until 2FA is complete. fe0c97 10910
Remove spring **Why**: Spring loads automagically without user intervention, and can cause issues when files don't reload as expected 33e169 10910
Remove spring **Why**: Spring loads automagically without user intervention, and can cause issues when files don't reload as expected 4c0e2b 10910
rough first stab at progress step implementation **Why**: UI we want to add ffb92c 10910
Hide Sign Out till 2FA complete **Why**: The UX is not 'signed in' until 2FA is complete. 81f213 10910
rough first stab at progress step implementation **Why**: UI we want to add 5b2129 10910
rough first stab at progress step implementation **Why**: UI we want to add 8c85c9 10910
Update to satisfy codeclimate 53f30a 10910
Update to satisfy codeclimate 1f8f6f 10910
Review feedback: clarify spec descriptions 818c69 10910
Review feedback: clarify spec descriptions 474c51 10910
Review feedback: clarify spec descriptions 2563f4 10910
Review feedback: clarify spec descriptions e705fa 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior d171ad 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior cf30b5 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior de875a 10910
self-close-tag d57f5b 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. 7e5a38 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. 72e80f 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. 43d9d9 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. ab7aac 10910
wip 65cb01 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. eee973 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. 858157 10910
Nullify legacy recovery codes (#758) **Why**: Since they cannot be used, nullify old recovery codes so that the next user login will generate a new one. e6ca3e 10910
wip a2aad1 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. 176be1 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. e7243b 10910
Drop User.email_plain column **Why**: To be used *after* successful migration to encrypted email. e362ee 10910
Drop User.email_plain column **Why**: To be used *after* successful migration to encrypted email. 7cc3ec 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. d01a3c 10910
Rename users.email instead of dropping **Why**: To help with migrations, rename the email column instead of dropping. The actual drop will happen in a future PR. 6a1bd0 10910
Serve TwiML from our own app **Why**: So we can add 'press 1 to repeat' behavior a3be84 10910
Nullify legacy recovery codes **Why**: Since they cannot be used, nullify old recovery codes so that the next user login will generate a new one. ae8260 10910
Nullify legacy recovery codes **Why**: Since they cannot be used, nullify old recovery codes so that the next user login will generate a new one. 470866 10910
Nullify legacy recovery codes **Why**: Since they cannot be used, nullify old recovery codes so that the next user login will generate a new one. 23340f 10910
Nullify legacy recovery codes **Why**: Since they cannot be used, nullify old recovery codes so that the next user login will generate a new one. 6613ea 10910
keep users.email column to debug encryption 643bfb 10910
Add Help Center page **Why**: - Users need a place to have their questions answered Add test for help center page **Why**: - Establishes tests for the page - Checks for the correct page title Clean up spacing in pages translation file aa4a00 10910
Add Help Center page **Why**: - Users need a place to have their questions answered Add test for help center page **Why**: - Establishes tests for the page - Checks for the correct page title Clean up spacing in pages translation file e51d3b 10910
Add Help Center page **Why**: - Users need a place to have their questions answered Add test for help center page **Why**: - Establishes tests for the page - Checks for the correct page title 72bb8d 10910
Add Help Center page **Why**: - Users need a place to have their questions answered abd292 10910
fixup: Use relative URLs cause Github is smart 5b6ebc 10910
Move files to appropriate directories **Why**: Moving to initializers helps override autoload f5b772 10910
Move files to appropriate directories **Why**: Moving to initializers helps override autoload a4ade7 10910
Fix migrations for User email encryption **Why**: Devise method conflicts because columns change from email -> email_fingerprint. 08e720 10910
Fix migrations for User email encryption **Why**: Devise method conflicts because columns change from email -> email_fingerprint. c520ed 10910
Use `domain_name` instead of `mailer_domain_name` 89c198 10910
Use `domain_name` instead of `mailer_domain_name` db5b9a 10910
Stub User model in AddScryptCost migration (#752) **Why**: To allow the migration to pass when it doesn’t yet know about new methods in the model due to the way Rails loads files. c75ec8 10910
Stub User model in AddScryptCost migration **Why**: To allow the migration to pass when it doesn’t yet know about new methods in the model due to the way Rails loads files. 007538 10910
Stub User model in AddScryptCost migration **Why**: To allow the migration to pass when it doesn’t yet know about new methods in the model due to the way Rails loads files. fb868c 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 1dfebc 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 9df59e 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 0400e5 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 62c160 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password f37468 10910
fix user#password_reset_profile 25cf5b 10910
fix user#password_reset_profile 2b2a8d 10910
WIIIIP debug printing 2086ec 10910
WIIIIP debug printing abfd32 10910
Add spanish yaml And translation 05d72e 10910
add spanish yaml translate sign in ecb3bd 10910
Automate logstash.conf setup 44595a 10910
Automate logstash.conf setup 4ffb7e 10910
i18n server side zxcvbn **Why**: To use translation strings vs hardcoded feedback 0b969a 10910
i18n server side zxcvbn **Why**: To use translation strings vs hardcoded feedback 7273f6 10910
reek cannot recognize the class_methods block in a Concern 35658c 10910
reek cannot recognize the class_methods block in a Concern 602f48 10910
review fixes 0f6ef6 10910
review fixes e7e2e8 10910
wip a0ce4e 10910
wip ba4bd8 10910
review fixes 14433d 10910
review fixes 0f0d80 10910
review fixes df8ed4 10910
review fixes 84e9d0 10910
review fixes 701346 10910
review fixes 540627 10910
review fixes 1fd58e 10910
review fixes cd2ac9 10910
review fixes d0088b 10910
Tweak UI around new recovery code (#747) **Why**: needed a little love b579fe 10910
Remove extraneous spec expectations 35d83e 10910
Remove extraneous spec expectations d7edde 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 873a76 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 2b2e37 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password cf4d60 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password 70b6eb 10910
Add UI for reactivating a profile **Why**: Because otherwise the data will be encrypted with an old password d935d6 10910
Tweak UI around new recovery code **Why**: needed a little love d22fee 10910
Tweak UI around new recovery code **Why**: needed a little love 9de580 10910
Add more analytics events (#746) **Why**: for easier analysis, funnel tracking c509fd 10910
Add more analytics events **Why**: for easier analysis, funnel tracking ee976c 10910
Add more analytics events **Why**: for easier analysis, funnel tracking a6775e 10910
wip e7d81f 10910
WIP reactivate page wip wip iwp wip wip c017c6 0000
Reformat Analytics JSON output (#744) **Why**: To make it easier to run queries **How**: - Add a `properties` hash for event-specific attributes - Move `user_id` to the top level - Add events to track certain page visits 45e423 10910
WIP reactivate page wip wip iwp 5076e4 10910
WIP reactivate page wip wip iwp d08986 10910
Remove client side validation (#737) **Why**: To resolve multiple bugs 20b2f0 10910
Add User.recovery_salt (#743) **Why**: User.password_salt changes every time password is reset. In order to recover PII with a recovery code, we need to use a separate salt. 2dd692 10910
Add User.recovery_salt **Why**: User.password_salt changes every time password is reset. In order to recover PII with a recovery code, we need to use a separate salt. 4ff9e7 10910
Add User.recovery_salt **Why**: User.password_salt changes every time password is reset. In order to recover PII with a recovery code, we need to use a separate salt. f63e0f 10910
Reformat Analytics JSON output **Why**: To make it easier to run queries **How**: - Add a `properties` hash for event-specific attributes - Move `user_id` to the top level - Add events to track certain page visits 5d40c9 10910
Reformat Analytics JSON output **Why**: To make it easier to run queries **How**: - Add a `properties` hash for event-specific attributes - Move `user_id` to the top level - Add events to track certain page visits 612580 10910
wip 44c28c 10910
Remove client side validation **Why**: To resolve multiple bugs c09dd0 10910
Remove client side validation **Why**: To resolve multiple bugs 3298ce 10910
Fix Rubocop Rails offenses in views 2d7b53 10910
Fix Rubocop Rails offenses in views 60fdde 10910
Fix Rubocop Rails offenses in views d53ab7 10910
Fix Rubocop Rails offenses in views a76142 10910
Adds newrelic browser instrumentation (#735) 3192ea 10910
Remove client side validation **Why**: To resolve multiple bugs 43718e 10910
Remove client side validation **Why**: To resolve multiple bugs 86f223 10910
Remove client side validation **Why**: To resolve multiple bugs 06d075 10910
Remove client side validation **Why**: To resolve multiple bugs daba56 10910
Adds newrelic browser instrumentation 3f38fb 10910
Adds newrelic browser instrumentation cbda89 10910
Adds newrelic browser instrumentation 21a6c9 10910
Fixes formatting 30427c 10910
Fixes formatting 237b6a 10910
Fixes formatting ab07a3 10910
add Users.password_cost 21d157 10910
use cattr_reader 8f9435 10910
review feedback 23e980 10910
review feedback 93a5a1 10910
Ignores missing translations in newrelic-browser.js cac51a 10910
Ignores missing translations in newrelic-browser.js 5f4bed 10910
Adds newrelic browser instrumentation 4fda66 10910
Adds newrelic browser instrumentation 906a1b 10910
Adds newrelic browser instrumentation 3fca22 10910
Fix Rubocop Rails offenses in views 25b12c 10910
Fix Rubocop Rails offenses in views 86ba57 10910
Adds newrelic browser instrumentation 472618 10910
Fix Rails autoload for SessionEncryptor **Why**: Rails autoload in development led to exceptions like `user_access_key must be a UserAccessKey` whenever a file changed. 47dda2 10910
Fix Rails autoload for SessionEncryptor **Why**: Rails autoload in development led to exceptions like `user_access_key must be a UserAccessKey` whenever a file changed. abcee7 10910
Enable Rails cops in rubocop.yml **Why**: So that Code Climate reports Rails offenses. 15dd00 10910
Enable Rails cops in rubocop.yml **Why**: So that Code Climate reports Rails offenses. 4237a3 10910
another test 6bb682 10910
another test 5d62f7 10910
another test 46e40d 10910
another test e04ec0 10910
another test e4d6f3 10910
testing 8f6bbf 10910
Add Rubocop Rails/Output to rubocop.yml **Why**: So that Code Climate reports it. Code Climate ignores Rails cops by default, so we have to add the ones we care about to .rubocop.yml 18a7d6 10910
Add Rubocop Rails/Output to rubocop.yml **Why**: So that Code Climate reports it. Code Climate ignores Rails cops by default, so we have to add the ones we care about to .rubocop.yml 36fa5e 10910
Add Rubocop Rails/Output to rubocop.yml **Why**: So that Code Climate reports it. Code Climate ignores Rails cops by default, so we have to add the ones we care about to .rubocop.yml 854480 10910
Add Rubocop Rails/Output to rubocop.yml **Why**: So that Code Climate reports it. Code Climate ignores Rails cops by default, so we have to add the ones we care about to .rubocop.yml af226f 10910
Set users.password_salt if it is not set **Why**: One-time clean up to new encryption in #650 81bde8 10910
Set users.password_salt if it is not set **Why**: One-time clean up to new encryption in #650 15f819 10910
Updates tests fb213f 10910
Updates tests d1e74b 10910
review comments 9f78ca 10910
review comments c3ca4b 10910
Deactivate invalid encrypted Profile on login **Why**: When encryption logic changes, deactivate legacy profiles automatically because they cannot be recovered. f52314 10910
Deactivate invalid encrypted Profile on login **Why**: When encryption logic changes, deactivate legacy profiles automatically because they cannot be recovered. 565ccc 10910
Deactivate invalid encrypted Profile on login **Why**: When encryption logic changes, deactivate legacy profiles automatically because they cannot be recovered. 9bd5dc 10910
Deactivate invalid encrypted Profile on login **Why**: When encryption logic changes, deactivate legacy profiles automatically because they cannot be recovered. 4415d9 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. ebbffe 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. 8384fa 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. 0ed65e 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. 7afb33 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. 0586ba 10910
Display recovery code after IdV confirmation 21b918 10910
Print Rails logs to STDOUT in development (and pretty-print locally) (#722) **Why**: Makes development easier with foreman 1b0d14 10910
Print Rails logs to STDOUT in development (and pretty-print locally) (#722) **Why**: Makes development easier with foreman 6ba116 10910
I18n zxcvbn javascript library (#717) **Why**: To allow for custom translation of the zxcvbn library e335fd 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 17467d 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 12f7d2 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy d3a1fb 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 1ac493 10910
Updates screenshot and save call for simplicity 0f942b 10910
Print Rails logs to STDOUT in development (and pretty-print locally) **Why**: Makes development easier with foreman 8b0d86 10910
Print Rails logs to STDOUT in development (and pretty-print locally) **Why**: Makes development easier with foreman 65bc4e 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 052bcf 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 1eca1c 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 980c5f 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy 62e131 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy cef6a8 10910
Starting over with new approach **Why**: This approach allows the npm package to remain as is, so we do not need to maintain our own local copy d1bc07 10910
Permits i18n mode in user flows specs 63fbc1 10910
Print Rails logs to STDOUT in development **Why**: Makes development easier with foreman d38fd9 10910
Print Rails logs to STDOUT in development **Why**: Makes development easier with foreman 86dcb8 10910
Updates bin/setup to sign overcommit **Why**: When the repo is first installed, overcommit complains that a signature is missing. According to the docs here: https://github.com/brigade/overcommit#installation, this is a necessary step. ee179c 10910
Updates bin/setup to sign overcommit **Why**: When the repo is first installed, overcommit complains that a signature is missing. According to the docs here: https://github.com/brigade/overcommit#installation, this is a necessary step. 844b76 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. f109ed 10910
Encrypt recovery_code with HSM **Why**: Applies same encryption model to recovery_code as to password. f8f43a 0000
Changes privacy headers to sentence case **Why**: To match our styleguide. 07f06e 10910
Changes privacy headers to sentence case **Why**: To match our styleguide. ec31c7 10910
Drop sessions table **Why**: Sessions are now stored in Redis 03e7cc 10910
Drop sessions table **Why**: Sessions are now stored in Redis 7140a8 10910
Drop sessions table **Why**: Sessions are now stored in Redis c40bba 10910
Fix crontab generation **Why**: Background jobs weren't working **How**: - Set correct PATH so that bundle commands work - Also write STDOUT to a file for visibility c27435 10910
Fix crontab generation **Why**: Background jobs weren't working **How**: - Set correct PATH so that bundle commands work - Also write STDOUT to a file for visibility fb1c94 10910
Fix crontab generation **Why**: Background jobs weren't working **How**: - Set correct PATH so that bundle commands work - Also write STDOUT to a file for visibility 6bbc36 10910
env 376544 10910
Limit session concurrency to one **Why**: Meets FedRAMP requirements of max 2 concurrent sessions. e4f9fd 10910
wip 427ff2 10910
wip 05214c 10910
WIP: dump env to a log file 24cc31 10910
Limit session concurrency to one **Why**: Meets FedRAMP requirements of max 2 concurrent sessions. 626f55 10910
Limit session concurrency to one **Why**: Meets FedRAMP requirements of max 2 concurrent sessions. bb236b 10910
Add active_profile attribute 57fef4 10910
Add active_profile attribute 8a3b87 10910
Add active_profile attribute 998aa8 10910
Drop sessions table **Why**: Sessions are now stored in Redis 62f055 10910
Drop sessions table **Why**: Sessions are now stored in Redis 3adfee 10910
Drop sessions table **Why**: Sessions are now stored in Redis e403b8 10910
Drop sessions table **Why**: Sessions are now stored in Redis 8f31b4 10910
Add active_profile attribute 2d5905 10910
Add active_profile attribute d069f2 10910
Consolidate Password Reset analytics **Why**: For better organization and to make it easier to run queries related to password reset events. 40f435 10910
Consolidate Password Reset analytics **Why**: For better organization and to make it easier to run queries related to password reset events. c4b2bd 10910
Consolidate Password Reset analytics **Why**: For better organization and to make it easier to run queries related to password reset events. 419673 10910
Consolidate Password Reset analytics **Why**: For better organization and to make it easier to run queries related to password reset events. 8469c3 10910
Consolidate Password Reset analytics **Why**: For better organization and to make it easier to run queries related to password reset events. 364295 10910
Consolidate Password Reset analytics **Why**: For better organization and to make it easier to run queries related to password reset events. eb1a61 10910
Fix broken tests **Why**: Resolved issues caused by updated translation strings 0e7d99 10910
Fix broken tests **Why**: Resolved issues caused by updated translation strings 095f1c 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library 1f1fe8 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library cb99e8 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library 2e0a39 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library 0bcfa3 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library ac0fed 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library 6d7e44 10910
Add more attribute to sp.dev YAML entry (#716) **Why**: To get the full branded experience 1ec94b 10910
Remove client side validation **Why**: To resolve multiple bugs cc2454 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library b26f25 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library f680fb 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library a5f358 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library 4a1f87 10910
Translate zxcvbn **Why**: To allow for custom translation of the zxcvbn library 33461b 10910
Add more attribute to sp.dev YAML entry (#716) **Why**: To get the full branded experience de1f78 10910
Add more attribute to sp.dev YAML entry (#716) **Why**: To get the full branded experience 4a37c3 10910
Add more attribute to sp.dev YAML entry **Why**: To get the full branded experience 1fff7d 10910
Add more attribute to sp.dev YAML entry **Why**: To get the full branded experience 63451e 10910
Rename log_in keys to sign_in **Why**: Make the key names consistent with the language **How**: ``` git grep -l log_in_ | xargs perl -p -i -e 's/log_in_/sign_in_/g' -- ``` 1bba58 10910
Rename log_in keys to sign_in **Why**: Make the key names consistent with the language **How**: ``` git grep -l log_in_ | xargs perl -p -i -e 's/log_in_/sign_in_/g' -- ``` 2350a3 10910
Add view spec fb53fb 10910
Add view spec 4e468f 0000
Add view spec ea3edf 10910
Add view spec cc71aa 0000
Revise headers and instructions **Why**: To match the styleguide and for better clarity c6243e 10910
Revise headers and instructions **Why**: To match the styleguide and for better clarity e20c29 10910
Underline links by default (#715) **Why**: better for accessibility **How**: by default, links are now underlined, and can be overridden with `text-decoration-none` class 7bc0a9 10910
Underline links by default (#715) **Why**: better for accessibility **How**: by default, links are now underlined, and can be overridden with `text-decoration-none` class b8e7f8 10910
Underline links by default **Why**: better for accessibility **How**: by default, links are now underlined, and can be overridden with `text-decoration-none` class c7bd73 10910
Update email visual design (#714) **Why**: As per latest designs 9cc61d 10910
Update email visual design (#714) **Why**: As per latest designs 2f6f88 10910
Update email visual design **Why**: As per latest designs 56d81a 10910
Update email visual design **Why**: As per latest designs e79da6 10910
Limit session concurrency to one **Why**: Meets FedRAMP requirements of max 2 concurrent sessions. 23e66e 10910
Limit session concurrency to one **Why**: Meets FedRAMP requirements of max 2 concurrent sessions. 3c33f0 10910
Add IdV form params to filtered list (#711) **Why**: Do not leak PII into logs 7a0780 10910
Add IdV form params to filtered list (#711) **Why**: Do not leak PII into logs 246625 10910
Add IdV form params to filtered list **Why**: Do not leak PII into logs 169526 10910
Add IdV form params to filtered list **Why**: Do not leak PII into logs e8ade6 0000
Add IdV form params to filtered list **Why**: Do not leak PII into logs 0281ea 10910
Add IdV form params to filtered list **Why**: Do not leak PII into logs 4b9268 0000
Updates ERD (#710) dcbac5 0000
Updates ERD (#710) 125bce 0000
Update README a909cb 10910
Update README d4d063 10910
add feature test showing multiple SP sessions in multiple browsers 44d9b1 0000
add feature test showing multiple SP sessions in multiple browsers 8489fb 0000
Updates ERD 066c52 0000
Updates regex match when called from flows spec 2e0292 0000
Updates regex match when called from flows spec bf253d 0000
Updates regex match when called from flows spec 474a5c 0000
Updates regex match when called from flows spec b54a47 0000
Updates ERD 667974 0000
add feature test showing multiple SP sessions in multiple browsers a67d61 0000
add feature test showing multiple SP sessions in multiple browsers ecab85 0000
improve invalid base64 encoding detection, clarify some variable names 808caf 0000
improve invalid base64 encoding detection, clarify some variable names 184c67 0000
Revise headers and instructions **Why**: To match the styleguide and for better clarity 5b3982 0000
Call reset_email before specs that open emails (#708) **Why**: To make sure any previous emails from other specs are not opened instead. This fixes the flickering spec on Travis. 421cbf 0000
Call reset_email before specs that open emails **Why**: To make sure any previous emails from other specs are not opened instead. This fixes the flickering spec on Travis. 39893b 0000
Call reset_email before specs that open emails **Why**: To make sure any previous emails from other specs are not opened instead. This fixes the flickering spec on Travis. a15012 0000
Iterate on resending confimation UX **Why**: Based on feedback, turned button back into link, added flash message within the body of the page 1d64ae 0000
Iterate on resending confimation UX **Why**: Based on feedback, turned button back into link, added flash message within the body of the page 26b327 0000
Iterate on resending confimation UX **Why**: Based on feedback, turned button back into link, added flash message within the body of the page b4e43b 0000
Iterate on resending confimation UX **Why**: Based on feedback, turned button back into link, added flash message within the body of the page 918f77 0000
Iterate on resending confimation UX **Why**: Based on feedback, turned button back into link, added flash message within the body of the page 1fef08 0000
Iterate on resending confimation UX **Why**: Based on feedback, turned button back into link, added flash message within the body of the page 29bdea 0000
basic stylez e0e2b2 0000
basic stylez f261a8 0000
Moves docs to /docs (#706) 64ecd0 0000
Moves docs to /docs (#706) d5fed0 0000
Moves docs to /docs 598b41 0000
Moves docs to /docs 406ac6 0000
Removes those silly tabs f5c5c3 0000
Removes those silly tabs 71f57d 0000
Skip I18n override for flow specs 8fef59 0000
Skip I18n override for flow specs ddb75c 0000
Replace placeholder tooltip for 2FA (#704) **Why**: Real copy is better 72a929 0000
Replace placeholder tooltip for 2FA (#704) **Why**: Real copy is better 9e0487 0000
Fixes wonky conditional ea817b 0000
Fixes wonky conditional 5f503f 0000
Update Authenticator app illustration **Why**: Update authenticator app illustration so that it does not trigger a QR Code reader. 42855e 0000
Update Authenticator app illustration **Why**: Update authenticator app illustration so that it does not trigger a QR Code reader. e868ea 0000
Replace placeholder tooltip for 2FA **Why**: Real copy is better 2d4ae6 0000
Replace placeholder tooltip for 2FA **Why**: Real copy is better 72b3f4 0000
use positive assertion in test c96b71 0000
use positive assertion in test a1c9cc 0000
Clean up session-related tasks **Why**: Redis will clear expired sessions automatically. We need only clean up the Identity-related Session records daily for storage reasons. 7fc40c 0000
Translate errors for validate-field.js and update copy **Why**: To be multi-language friendly and to share copy with the server. 72cd89 0000
stub session store to workaround Rails TestSession a1a9bc 0000
Add instructional text to the 2FA setup screen **Why**: - Presumably, users found it confusing before Rework 2FA setup info and instruction text **Why**: - Makes instructional language more accurate - Simplifies translation strings for info paragraph 3cd028 0000
Add instructional text to the 2FA setup screen **Why**: - Presumably, users found it confusing before Rework 2FA setup info and instruction text **Why**: - Makes instructional language more accurate - Simplifies translation strings for info paragraph b798de 0000
Removes custom formatter from coverage calculation ef2d56 0000
Removes custom formatter from coverage calculation bc3d9c 0000
Update email copy (#691) **Why**: As per content updates 470811 0000
Update email copy (#691) **Why**: As per content updates 3e7653 0000
Add current working copy for privacy policy (#688) **Why**: Lorem ipsum is distracting c27dd7 0000
Add current working copy for privacy policy (#688) **Why**: Lorem ipsum is distracting 9b8c2c 0000
Excludes custom formatters from CC ratings 20fa9d 0000
Excludes custom formatters from CC ratings c92846 0000
Fixes style issues a4eb53 0000
Fixes style issues ddd170 0000
Translate errors for validate-field.js and update copy **Why**: To be multi-language friendly and to share copy with the server. c39c10 0000
Translate errors for validate-field.js **Why**: To be multi-language friendly and to share copy with the server. 994b31 0000
Update authenticator illustration **Why**: Old sample qr code actually generated an otp for a test user, the new one redirects to login.gov e48cdb 0000
Update authenticator illustration **Why**: Old sample qr code actually generated an otp for a test user, the new one redirects to login.gov 617f0b 0000
Translate errors for validate-field.js **Why**: To be multi-language friendly and to share copy with the server. b6c4ed 0000
Translate errors for validate-field.js **Why**: To be multi-language friendly and to share copy with the server. 521359 0000
Remove the form-wide error notification **Why**: For a form with only one field, it's redundant 572640 0000
Update authenticator illustration **Why**: Old sample qr code actually generated an otp for a test user, the new one redirects to login.gov d2b713 0000
Update authenticator illustration **Why**: Old sample qr code actually generated an otp for a test user, the new one redirects to login.gov 1f6b44 0000
Update authenticator illustration **Why**: Old sample qr code actually generated an otp for a test user, the new one redirects to login.gov 0755c6 0000
Update authenticator illustration **Why**: Old sample qr code actually generated an otp for a test user, the new one redirects to login.gov 4b8725 0000
Correctly clear the client-side email error class for email validation **Why**: The server uses .has-error to mark error fields and the client uses .invalid, so we need to clear both client-side when errors are cleared. 780d6e 0000
rough first stab at progress step implementation **Why**: UI we want to add 841503 0000
rough first stab at progress step implementation **Why**: UI we want to add 2b9dc0 0000
Shortens totp_configured **Why**: Because shorter is better f97ebf 0000
Shortens totp_configured **Why**: Because shorter is better aef801 0000
rough first stab at progress step implementation **Why**: UI we want to add 47bdb7 0000
rough first stab at progress step implementation **Why**: UI we want to add f50302 0000
rough first stab at progress step implementation **Why**: UI we want to add 6f210f 0000
rough first stab at progress step implementation **Why**: UI we want to add e078e5 0000
rough first stab at progress step implementation **Why**: UI we want to add a2f26a 0000
rough first stab at progress step implementation **Why**: UI we want to add d6c923 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 67afe7 0000
rough first stab at progress step implementation **Why**: UI we want to add ccc9f4 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting f5253a 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 74a74a 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting a6009b 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 35bc46 0000
rough first stab at progress step implementation **Why**: UI we want to add d0540e 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 1b1416 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 2b858b 0000
Update password reset tests **Why**: A few tests were referencing the wrong translation string 484821 0000
Update password reset tests **Why**: A few tests were referencing the wrong translation string fb1ad6 0000
Remove cruft from CORS integration **Why**: Forgot to remove it before 5afb7b 0000
Update email copy **Why**: As per content updates a0bab5 0000
Update email copy **Why**: As per content updates d3ac38 0000
Update email copy **Why**: As per content updates 424a32 0000
Update email copy **Why**: As per content updates a291cf 0000
Update email copy **Why**: As per content updates c33f80 0000
Update email copy **Why**: As per content updates 20460e 0000
Update email copy **Why**: As per content updates a3ca3d 0000
Update email copy **Why**: As per content updates 5840d2 0000
Update email copy **Why**: As per content updates 86f0f6 0000
Update email copy **Why**: As per content updates 7663e9 0000
refactor away UserAccessKeyMaker 3826ed 0000
refactor away UserAccessKeyMaker 64dd70 0000
Update email copy **Why**: As per content updates 4b34fc 0000
Update email copy **Why**: As per content updates 5acac0 0000
Remove cruft from CORS integration **Why**: Forgot to remove it before d68d02 0000
Remove cruft from CORS integration **Why**: Forgot to remove it before 4c368f 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting afb65d 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting bcdad4 0000
Ignore Reek NestedIterators offense in spec **Why**: We don't care about this offense in this spec. 9da6bb 0000
Makes a few minor text changes (#696) **Why**: Because typos are not good 3202c3 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 62c605 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 400032 0000
Makes a few minor text changes **Why**: Because typos are not good 85dad0 0000
Makes a few minor text changes **Why**: Because typos are not good b3e3ad 0000
codeclimate fixes 1205ad 0000
codeclimate fixes e8339b 0000
add unit tests for UserAccessKey 22f18b 0000
add unit tests for UserAccessKey fdcd08 0000
add Fingerprinter.verify and use secure_compare a868b3 0000
add Fingerprinter.verify and use secure_compare 9f2ab5 0000
Updates session_timedout **Why**: Because @jeanninehunter was right about splitting that long sentence into two smaller ones. 0f54f2 0000
Updates session_timedout **Why**: Because @jeanninehunter was right about splitting that long sentence into two smaller ones. 5468cc 0000
Add periods to end of messages **Why**: Because we strive for consistency in punctuation. 5e84e0 0000
Add periods to end of messages **Why**: Because we strive for consistency in punctuation. a669e8 0000
Update notification messages **Why**: To bring them in line with our styleguide de5f2c 0000
Update notification messages **Why**: To bring them in line with our styleguide 63509f 0000
Add text for SP and non-SP scenario to 'idv/fail' b1862e 0000
Add text for SP and non-SP scenario to 'idv/fail' 6866ba 0000
Add text for SP and non-SP scenario to 'idv/fail' 6a5a04 0000
move unique index on Sessions to session_id+identity_id c3a99c 0000
Fix typo in spec description 635d0b 0000
Fix typo in spec description 7bb01b 0000
Ignore Reek NestedIterators offense in spec **Why**: We don't care about this offense in this spec. 1ef282 0000
Ignore Reek NestedIterators offense in spec **Why**: We don't care about this offense in this spec. 62ffe1 0000
Update email copy **Why**: As per content updates 656b49 0000
Update email copy **Why**: As per content updates 81c3e4 0000
Update email copy **Why**: As per content updates aa6b3b 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting f60a8d 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting d59218 0000
UI tweaks & fixes (#687) 442431 0000
UI tweaks & fixes 2627d8 0000
Minor content changes A few changes throughout but mostly to the duplicate address email 1f1126 0000
UI tweaks & fixes 09a1d3 0000
Minor content changes A few changes throughout but mostly to the duplicate address email f80cef 0000
Minor content changes A few changes throughout but mostly to the duplicate address email 17b57e 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 0f09c9 0000
Add current working copy for privacy policy **Why**: Lorem ipsum is distracting 4efea5 0000
UI tweaks & fixes 5f3033 0000
UI tweaks & fixes 721fac 0000
Add instructional text to the 2FA setup screen **Why**: - Presumably, users found it confusing before 46387b 0000
Add instructional text to the 2FA setup screen **Why**: - Presumably, users found it confusing before 74a965 0000
Address PR review feedback 28c744 0066
Address PR review feedback d3fece 0066
Make deploy.json world-readable **Why**: nginx runs processes as the 'nobody' user so files need to be world-readable in order to be served by nginx af9c23 0000
Make deploy.json world-readable **Why**: nginx runs processes as the 'nobody' user so files need to be world-readable in order to be served by nginx fdd201 0000
Remove CORS stuff for deploy.json **Why**: We are currently not using AJAX to load this data so we don't need to worry about CORS headers and can just rely on the web servers to serve static files in public 91bd84 0000
Address PR review feedback d53563 0066
Address PR review feedback a5314e 0066
Address PR review feedback 5af59f 0066
Address PR review feedback b2098e 0066
Update shoulda-matchers from 2.8.0 to 3.1.1 (#680) **Why**: To use the latest and greatest **How**: - Add RSpec config per 3.x instructions - Update specs 4d1025 0000
Move `user` logic into `SamlIdpLogoutConcern` 08c3da 0000
Move `user` logic into `SamlIdpLogoutConcern` df0825 0000
Move `user` logic into `SamlIdpLogoutConcern` f374f9 0000
Move `user` logic into `SamlIdpLogoutConcern` f4f287 0000
Hook whenever gem into capistrano deploy **Why**: Because we want our crontab schedules to update when we deploy **How**: - Require the magic 'whenever/capistrano' file to hook into the deploy - Set the job_creator role on hosts to match schedule.rb ffe547 0000
Replace Ahoy with Keen **Why**: - We don't need Ahoy to be able to use keen.io - Keen doesn't require a DB to query the data - Keen provides rich querying via either the keen gem or on their site https://github.com/keenlabs/keen-gem#running-queries 96f828 0000
Replace Ahoy with Keen **Why**: - We don't need Ahoy to be able to use keen.io - Keen doesn't require a DB to query the data - Keen provides rich querying via either the keen gem or on their site https://github.com/keenlabs/keen-gem#running-queries f55d05 0000
Replace Ahoy with Keen **Why**: - We don't need Ahoy to be able to use keen.io - Keen doesn't require a DB to query the data - Keen provides rich querying via either the keen gem or on their site https://github.com/keenlabs/keen-gem#running-queries 64741d 0000
Replace Ahoy with Keen **Why**: - We don't need Ahoy to be able to use keen.io - Keen doesn't require a DB to query the data - Keen provides rich querying via either the keen gem or on their site https://github.com/keenlabs/keen-gem#running-queries b2a23f 0000
Hook whenever gem into capistrano deploy **Why**: Because we want our crontab schedules to update when we deploy **How**: - Require the magic 'whenever/capistrano' file to hook into the deploy - Set the job_creator role on hosts to match schedule.rb 245643 0000
Hook whenever gem into capistrano deploy **Why**: Because we want our crontab schedules to update when we deploy **How**: - Require the magic 'whenever/capistrano' file to hook into the deploy - Set the job_creator role on hosts to match schedule.rb 433660 0000
Make sure we have a host with the job_creator role that whenever uses edfdde 0000
Make sure we have a host with the job_creator role that whenever uses e9dcfd 0000
Hook whenever gem into capistrano deploy **Why**: Because we want our crontab schedules to update when we deploy c2a8ac 0000
Update shoulda-matchers from 2.8.0 to 3.1.1 **Why**: To use the latest and greatest **How**: - Add RSpec config per 3.x instructions - Update specs 4e9fdb 0000
Update shoulda-matchers from 2.8.0 to 3.1.1 **Why**: To use the latest and greatest **How**: - Add RSpec config per 3.x instructions - Update specs fff5d3 0000
Hook whenever gem into capistrano deploy **Why**: Because we want our crontab schedules to update when we deploy 4cb3e2 0000
Update shoulda-matchers from 2.8.0 to 3.1.1 **Why**: To use the latest and greatest **How**: - Add RSpec config per 3.x instructions - Update specs 296cf2 0000
Update shoulda-matchers from 2.8.0 to 3.1.1 **Why**: To use the latest and greatest **How**: - Add RSpec config per 3.x instructions - Update specs de6a73 0000
Fix authenticator UI (#662) **Why**: UI components need space f52144 0000
Use 18F fork of saml_idp gem (#677) **Why**: Upstream maintenance seems to have ceased. 57f33c 0000
create new OpenSSL::Cipher for each use, rather than calling cipher.reset ad965d 0000
create new OpenSSL::Cipher for each use, rather than calling cipher.reset 265531 0000
Reek, u ray 1f335c 0000
Reek, u ray 4b5785 0000
Code climate, u cray c159fa 0000
Code climate, u cray 5165ec 0000
Fix authenticator UI **Why**: UI components need space 45d78d 0000
Fix authenticator UI **Why**: UI components need space 407afb 0000
Additional CORS fixes for /api/deploy (#670) **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly 627138 0000
Additional CORS fixes for /api/deploy (#670) **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly ed6972 0000
Fix authenticator UI **Why**: UI components need space a68a0c 0000
Use 18F fork of saml_idp gem **Why**: Upstream maintenance seems to have ceased. 54e81c 0000
Use 18F fork of saml_idp gem **Why**: Upstream maintenance seems to have ceased. 7a3076 0000
Use 18F fork of saml_idp gem **Why**: Upstream maintenance seems to have ceased. c64615 0000
Fix health check config 18b1b2 0000
Fix health check config 4a69e8 0000
Additional CORS fixes for /api/deploy (#670) **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly d73b93 0000
rename unlock_password -> unlock_user_access_key 645c71 0000
Update brakeman from 3.4.0 to 3.4.1 242673 0000
Update brakeman from 3.4.0 to 3.4.1 e9e61c 0000
remove optimization -- per DHS recommendation do not cache RSA key in memory 5af972 0000
remove optimization -- per DHS recommendation do not cache RSA key in memory 7503a1 0000
Additional CORS fixes for /api/deploy **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly a1e992 0000
Update brakeman from 3.4.0 to 3.4.1 8ff55c 0000
Update brakeman from 3.4.0 to 3.4.1 feec5d 0000
Additional CORS fixes for /api/deploy **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly a78b27 0000
Update pa11y-crawl from 0.2.3 to 0.3.2 a6105d 0000
Updates soft fail language Based on @jeanninehunter's recommendations 670156 0000
Updates soft fail language Based on @jeanninehunter's recommendations 5b557a 0000
feature spec passing 57e614 0000
Update hardfail language Adds most recent hardfail language based on review e897c9 0000
Update hardfail language Adds most recent hardfail language based on review b7ac0f 0000
rename classes PasswordHasher -> UserAccessKeyMaker HashedPassword -> UserAccessKey Pii::KeyMaker -> EncryptedKeymaker 9f58e1 0000
rename classes PasswordHasher -> UserAccessKeyMaker HashedPassword -> UserAccessKey Pii::KeyMaker -> EncryptedKeymaker 81560a 0000
Update i18n-tasks from 0.9.5 to 0.9.6 and fix bug **Why**: One of our views was splitting the locale key string across 2 lines, and i18n-tasks didn't like that. **How**: Fix the alignment in the view 1a9da8 0000
Fix color of link in email footer **Why**: Gmail is automatically creating a link out of the string login.gov, this makes it the proper color. 11cae8 0000
Additional CORS fixes for /api/deploy **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly 697543 0000
Additional CORS fixes for /api/deploy **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly d8d349 0000
Fix color of link in email footer **Why**: Gmail is automatically creating a link out of the string login.gov, this makes it the proper color. 448a65 0000
Update i18n-tasks from 0.9.5 to 0.9.6 and fix bug **Why**: One of our views was splitting the locale key string across 2 lines, and i18n-tasks didn't like that. **How**: Fix the alignment in the view 76ab00 0000
Update i18n-tasks from 0.9.5 to 0.9.6 and fix bug **Why**: One of our views was splitting the locale key string across 2 lines, and i18n-tasks didn't like that. **How**: Fix the alignment in the view 476a85 0000
Fix color of link in email footer **Why**: Gmail is automatically creating a link out of the string login.gov, this makes it the proper color. e3b031 0000
Deletes mailer footer (#671) **Why**: Based on current content docs 845423 0000
Deletes mailer footer (#671) **Why**: Based on current content docs f947ce 0000
zap unused variable 091bc9 0000
zap unused variable 5978b6 0000
Deletes mailer footer (#671) **Why**: Based on current content docs e7c30c 0000
review feedback 93605f 0000
review feedback 45679a 0000
Update zxcvbn-js from 4.4.0 to 4.4.1 f5cdfd 0000
Deleted the footer element 8bd5e5 0000
Deleted mailer footer **Why**: Based on current content docs 3b60ba 0000
Additional CORS fixes for /api/deploy **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly 5184dc 0000
Additional CORS fixes for /api/deploy **Why**: Even for GET requests, the browser still sends an OPTIONS preflight request and we need to handle that explicitly aafa96 0000
Update bullet to 5.4.2 and fix N+1 query offense (#669) **Why**: To avoid unnecessary DB queries 882340 0000
Update bullet to 5.4.2 and fix N+1 query offense **Why**: To avoid unnecessary DB queries 634a95 0000
Update bullet to 5.4.2 and fix N+1 query offense **Why**: To avoid unnecessary DB queries c7f09e 0000
WIP d5992f 0000
wip dda129 0000
Add cancel link to recovery code **Why**: Allow the user to back out of using recovery code e4b182 0000
Do not show My Account link within 2FA process (#664) **Why**: The link to My Account should only show when the user has completed the full 2FA process. 9ba838 0000
Updates require statement for rails_helper e9c02d 0000
Updates require statement for rails_helper cccd4e 0000
Fix color of link in email footer **Why**: Gmail is automatically creating a link out of the string login.gov, this makes it the proper color. 994329 0000
Fix tooltip focus state **Why**: Correcting odd behavior that occured when tooltip was clicked b9b6b8 0000
Fix tooltip focus state **Why**: Correcting odd behavior that occured when tooltip was clicked 0ac37a 0000
Fix tooltip focus state **Why**: Correcting odd behavior that occured when tooltip was clicked c00392 0000
Do not show My Account link within 2FA process **Why**: The link to My Account should only show when the user has completed the full 2FA process. 956a9f 0000
Fix tooltip focus state **Why**: Correcting odd behavior that occured when tooltip was clicked 77e9e0 0000
Fix authenticator UI **Why**: UI components need space fd0f86 0000
Add rack-cors **Why**: This lets us expose our deploy.json to AJAX from different domains, like our dashboards. b90aee 0000
Fix authenticator UI **Why**: UI components need space ea6dad 0000
Add rack-cors **Why**: This lets us expose our deploy.json to AJAX from different domains, like our dashboards. f76fc1 0000
clarify comment 5efd7b 0000
clarify comment a70f0d 0000
Remove unused code in SamlTestController (#656) **Why**: To keep our code lean. Removing this code doesn't result in any failing tests, which means we probably don't care about those scenarios since we've never run into them. 5c7df2 0000
Remove coffee-rails gem (#660) **Why**: Because we don't use it. 2958ed 0000
Update Reek to 4.5.1 and fix offenses (#661) **Why**: Cause we want to smell good. c55cd0 0000
Review fixes 6bdf69 0000
Review fixes 2b172a 0000
Update Reek to 4.5.1 and fix offenses **Why**: Cause we want to smell good. d03a1d 0000
Update Reek to 4.5.1 and fix offenses **Why**: Cause we want to smell good. 7ffe5a 0000
Remove coffee-rails gem **Why**: Because we don't use it. 189149 0000
Remove coffee-rails gem **Why**: Because we don't use it. c378fc 0000
Fix active radio style (#653) **Why**: was slightly off center 98b615 0000
Remove unused code in SamlTestController **Why**: To keep our code lean. Removing this code doesn't result in any failing tests, which means we probably don't care about those scenarios since we've never run into them. 20a665 0000
Remove unused code in SamlTestController **Why**: To keep our code lean. Removing this code doesn't result in any failing tests, which means we probably don't care about those scenarios since we've never run into them. f6d752 0000
Remove unused code in SamlTestController **Why**: To keep our code lean. Removing this code doesn't result in any failing tests, which means we probably don't care about those scenarios since we've never run into them. 6dcc67 0000
Remove unused code in SamlTestController **Why**: To keep our code lean. Removing this code doesn't result in any failing tests, which means we probably don't care about those scenarios since we've never run into them. 1f1fd8 0000
WIP 088781 0000
clarify comment b96236 0000
clarify comment e3c627 0000
clarify tests 9fc51e 0000
clarify tests 03da6f 0000
Conditionally loads rspec rake task e5f436 0000
Conditionally loads rspec rake task 73c050 0000
use Devise.secure_compare instead of simple == ae2e10 0000
use Devise.secure_compare instead of simple == effa83 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable 4228d9 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable 8fc660 0000
Fix active radio style **Why**: was slightly off center f464ff 0000
Fix active radio style **Why**: was slightly off center 52c5aa 0000
use Devise.secure_compare instead of simple == e09126 0000
use Devise.secure_compare instead of simple == 819411 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable e25869 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable a68e05 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable c1b921 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable 884ccb 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable 76d975 0000
Disables screenshot on failure 401dad 0000
Add specs to make sure *SessionDecorator classes don't diverge **Why**: Because Ruby does not have static interfaces, we may need some help making sure that classes are interchangeable de3064 0000
add pii_signing.key.enc to gitignore 83d2e2 0000
add pii_signing.key.enc to gitignore e15510 0000
fix travis build for pii_signing.key.enc 2980d3 0000
fix travis build for pii_signing.key.enc bc47df 0000
Rename phone_to_delivery_to for view c09528 0000
Rename phone_to_delivery_to for view 103c51 0000
Updates asset_roles to app and web cc8a02 0000
Updates asset_roles to app and web b2307e 0000
Removes asset_host from capybara.rb e48f39 0000
Fix 'Account' typo For email confirmation copy e88a18 0000
Fix 'Account' typo For email confirmation copy ffce11 0000
Adds rake task + custom formatter 3827c1 0000
Adds require statement for capybara-screenshot c61635 0000
Moves capybara-screenshot to test group d3dc77 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. 5bea0f 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. 5b2db0 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. 8a9012 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 882830 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 10edf8 0000
split SigningKey and Encodable into their own classes 667bbc 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 0d53b3 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 132213 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 65b57e 0000
Improve specs 5f471a 0000
Improve specs e440c0 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 308014 0000
Remove app role from passenger_roles **Why**: Only the web role needs to be restarted. 6c894e 0000
Fix OTP sending during initial phone setup (#639) **Why**: The `send_code` method was assuming the user already had a phone, but was supposed to check for the unconfirmed phone first since this is the initial phone setup. 699aeb 0000
Fix OTP sending during initial phone setup **Why**: The `send_code` method was assuming the user already had a phone, but was supposed to check for the unconfirmed phone first since this is the initial phone setup. af19d1 0000
Fix OTP sending during initial phone setup **Why**: The `send_code` method was assuming the user already had a phone, but was supposed to check for the unconfirmed phone first since this is the initial phone setup. 306213 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. 04698f 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. d00d40 0000
Add link to verify email page (#632) a7e409 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. 2590ad 0000
Rename tracking events **Why:** The tracking event names were not previously consistent across files. This changes makes everything consistent with a format of 'Capital Topic: lowercase detail' for event names. 5e6ef6 0000
Remove unnecessary link (#633) 74f286 0000
Add link to verify email page f16223 0000
Fixes github URL of locales 258b27 0000
Fixes github URL of locales 0ba907 0000
Fixes github URL of locales 34a23c 0000
Update button on profile **Why**: Original text — “View” — was technically inaccurate. “Get a new code” is a plain language way to say that the button regenerates your recovery code. 5eb0be 0000
Update button on profile **Why**: Original text — “View” — was technically inaccurate. “Get a new code” is a plain language way to say that the button regenerates your recovery code. 358a04 0000
Update button on profile **Why**: Original text — “View” — was technically inaccurate. “Get a new code” is a plain language way to say that the button regenerates your recovery code. 537f16 0000
Remove unnecessary link 943e0c 0000
Store analytics events in the DB **Why**: To make it easier to query the data and generate reports with tools such as Metabase. **How**: - Change the Ahoy::Store to Ahoy::Stores::ActiveRecordTokenStore - Create an AhoyEvents table to hold the data 72d1cc 0000
Store analytics events in the DB **Why**: To make it easier to query the data and generate reports with tools such as Metabase. **How**: - Change the Ahoy::Store to Ahoy::Stores::ActiveRecordTokenStore - Create an AhoyEvents table to hold the data 4bbc68 0000
Removing inaccurate recovery code content **Why**: Our content on the recovery code page was out-of-sync with development. 207427 0000
Removing inaccurate recovery code content **Why**: Our content on the recovery code page was out-of-sync with development. 6e69c7 0000
Remove unnecessary link ee522c 0000
Add link to verify email page a7f516 0000
Re-encrypt PII on password change (#622) **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 9e4b2f 0000
Fix specs and reeks 09b541 0000
Fix specs and reeks 32b6a1 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 52dfa8 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. afdca2 0000
Freeze constants for le rubocop 3af161 0000
Freeze constants for le rubocop ebeaca 0000
Add i18n strings JS object (#619) 570875 0000
Add i18n strings JS object (#619) 48df5d 0000
Encrypt Rails session at rest (#618) **Why**: Protects PII **How**: Provide custom serializer to session store. c50c35 0000
Add i18n strings JS object ca3de6 0000
Add i18n strings JS object 5d4605 0000
Add i18n strings JS object 45c134 0000
Add i18n strings JS object 64fb2d 0000
Encrypt Rails session at rest (#618) **Why**: Protects PII **How**: Provide custom serializer to session store. f03914 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 487a6b 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 1db5d0 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 4528eb 0000
Encrypt Rails session at rest (#618) **Why**: Protects PII **How**: Provide custom serializer to session store. 0f7788 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Provide custom serializer to session store. 439dcb 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Provide custom serializer to session store. 0305a8 0000
refactor tests to clarify descriptions and reduce necessary stubbing c1d838 0000
refactor tests to clarify descriptions and reduce necessary stubbing f04e3e 0000
Refer to OS X, not Mac, and reference laptop script c4178f 0000
Refer to OS X, not Mac, and reference laptop script 4c814a 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. c36bae 0000
Remove duplicate session timeout spec (#621) **Why**: We are already testing the same thing in the spec above it. Testing that the user can sign back in can be done in a non-JS test using Timecop without slowing down the test. 62c507 0000
Remove duplicate session timeout spec (#621) **Why**: We are already testing the same thing in the spec above it. Testing that the user can sign back in can be done in a non-JS test using Timecop without slowing down the test. 003451 0000
Remove duplicate session timeout spec **Why**: We are already testing the same thing in the spec above it. Testing that the user can sign back in can be done in a non-JS test using Timecop without slowing down the test. 71f90a 0000
Remove duplicate session timeout spec **Why**: We are already testing the same thing in the spec above it. Testing that the user can sign back in can be done in a non-JS test using Timecop without slowing down the test. 871aa0 0000
Adds security documentation add encryption notes 500808 0000
Adds security documentation add encryption notes f36808 0000
Updates idv index Based on latest Invision comp 11c6d2 0000
Updates idv index Based on latest Invision comp 7fc7f7 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 268a27 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. a09586 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. f4d57a 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. f216f0 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. 76412c 0000
Update zxcvbn-js from 4.2.0.1 to 4.4.0 716e51 0000
Update overcommit from 0.35.0 to 0.37.0 (#617) **Why**: To get the latest and greatest 5c7275 0000
Enables bachman notation for ERD 102b32 0000
add encryption notes 217dda 0000
Update zxcvbn-js from 4.2.0.1 to 4.4.0 f99795 0000
Update zxcvbn-js from 4.2.0.1 to 4.4.0 4b7f1f 0000
Adds security documentation adee35 0000
Add i18n strings JS object 70cb62 0000
Add i18n strings JS object 13b136 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Provide custom serializer to session store. 4f0819 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Provide custom serializer to session store. d172b6 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Provide custom serializer to session store. 43fd98 0000
Update overcommit from 0.35.0 to 0.37.0 (#617) **Why**: To get the latest and greatest 47dbe3 0000
Update overcommit from 0.35.0 to 0.37.0 (#617) **Why**: To get the latest and greatest bd2587 0000
Update overcommit from 0.35.0 to 0.37.0 **Why**: To get the latest and greatest 8a6354 0000
Update overcommit from 0.35.0 to 0.37.0 **Why**: To get the latest and greatest 245b15 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. f93692 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. 3fddc8 0000
Updates ERD with Bachman notation b9403d 0000
Update dev & qa server hostnames in deploy config (#613) **Why**: To point to the latest servers a0b989 0000
Updates overview diagram 3f35c8 0000
Adds ERD to architecture documentation Adds configuration for ERD Updates diagrams to reflect latest architecture Updates routes to reflect latest master 7e7e02 0000
yank signing key e907a0 0000
yank signing key 759372 0000
review feedback f6fffd 0000
review feedback b4fb8b 0000
Add custom validation message for email inputs **Why**: Input specific error message rather than the default of 'please match the requested format'. 071682 0000
Update footer (#606) **Why**: per designs; simpler a72095 0000
Update footer (#606) **Why**: per designs; simpler 64b92a 0000
Add custom validation message for email inputs **Why**: Input specific error message rather than the default of 'please match the requested format'. 5b7f27 0000
Add custom validation message for email inputs **Why**: Input specific error message rather than the default of 'please match the requested format'. 54e294 0000
Update dev & qa server hostnames in deploy config **Why**: To point to the latest servers 42d04f 0000
Update dev & qa server hostnames in deploy config **Why**: To point to the latest servers 215875 0000
Move complicated statements to meaningful methods 984fe6 0000
Move complicated statements to meaningful methods 2e5233 0000
Move complicated statements to meaningful methods e1f655 0000
Move complicated statements to meaningful methods 0357af 0000
Update dev & qa server hostnames in deploy config **Why**: To point to the latest servers 281195 0000
Update dev & qa server hostnames in deploy config **Why**: To point to the latest servers 5bed01 0000
Skip OutputSafety rubocop rule for i18n (#609) **Why**: quiets this warning: lib/i18n_override.rb:12:11: C: Tagging a string as html safe may be a security risk, prefer safe_join or other Rails tag helpers instead rtn.html_safe ^^^^^^^^^ 1cc2e5 0000
Updates getting started instructions 2d77e6 0000
Updates getting started instructions a61046 0000
use named args (must remove methods too to fit below reek threshold) 1c8816 0000
use named args (must remove methods too to fit below reek threshold) 1d0211 0000
fix regression fae977 0000
fix regression c51ffa 0000
review feedback d8b9bb 0000
review feedback dcf10d 0000
yank unused config keys 61f6f7 0000
yank unused config keys 5a43bc 0000
Add custom validation message for email inputs **Why**: Input specific error message rather than the default of 'please match the requested format'. 22fd43 0000
Add custom validation message for email inputs **Why**: Input specific error message rather than the default of 'please match the requested format'. d2e0f4 0000
review feedback 27fc88 0000
review feedback f5f108 0000
Skip OutputSafety rubocop rule for i18n **Why**: quiets this warning: lib/i18n_override.rb:12:11: C: Tagging a string as html safe may be a security risk, prefer safe_join or other Rails tag helpers instead rtn.html_safe ^^^^^^^^^ fc12a8 0000
Skip OutputSafety rubocop rule for i18n **Why**: quiets this warning: lib/i18n_override.rb:12:11: C: Tagging a string as html safe may be a security risk, prefer safe_join or other Rails tag helpers instead rtn.html_safe ^^^^^^^^^ 6a01fc 0000
rubocop fix 7ab74b 0000
rubocop fix d4a9f0 0000
review feedback 95000e 0000
review feedback b13055 0000
First round content fixes Contains most of the fixes for authentication; leaves verification mostly untouched a0e0e0 0000
Update footer **Why**: per designs; simpler 81e9f1 0000
Update footer **Why**: per designs; simpler c9cadf 0000
quiet codeclimate errors 2e399f 0000
quiet codeclimate errors c6f084 0000
remove Profile.plain_pii method afaf06 0000
remove Profile.plain_pii method d17b0a 0000
bump up session ttl for travis 2433b8 0000
bump up session ttl for travis b5da81 0000
toggle to test travis 723f60 0000
toggle to test travis 08acde 0000
toggle to test travis 9d94c0 0000
toggle to test travis deb166 0000
test failing at travis 3a008a 0000
test failing at travis 9ec0e8 0000
Disable SafeNavigation rubocop style **Why**: Reek disagrees, and the longer older syntax is more clear to non-Rubyists. 52e7b3 0000
Disable SafeNavigation rubocop style **Why**: Reek disagrees, and the longer older syntax is more clear to non-Rubyists. 5a7c62 0000
yank login page session modal e6bcca 0000
yank login page session modal 199d00 0000
set login_timeout_warning_seconds to 4 minutes (half session ttl) 9ed106 0000
set login_timeout_warning_seconds to 4 minutes (half session ttl) ec8262 0000
codeclimate fixes cbb4ed 0000
codeclimate fixes 0c532f 0000
codeclimate fixes 3cb411 0000
codeclimate fixes 4cfab5 0000
review feedback 51dd5d 0000
review feedback 534d1b 0000
Add cancel links to the authenticator setup pages (#602) **Why**: - We need to give users the opportunity to get back to their profile from the authenticator setup pages 7eec06 0000
Add cancel links to the authenticator setup pages **Why**: - We need to give users the opportunity to get back to their profile from the authenticator setup pages 521546 0000
What: Switch default timezone to UTC (#600) How: Change application.rb Why: UTC is fairly standard for server things, let's be standard! a9df6f 0000
Add tests showing sign in after session expiration+deletion c5e940 0000
Add tests showing sign in after session expiration+deletion 9efb3a 0000
What: Switch default timezone to UTC How: Change application.rb Why: UTC is fairly standard for server things, let's be standard! f8649f 0000
What: Switch default timezone to UTC How: Change application.rb Why: UTC is fairly standard for server things, let's be standard! 2ec2c2 0000
PR feedback fixes f2401a 0000
PR feedback fixes aff2c5 0000
Refactor Pii::Cipher to use aes-256-gcm bfa770 0000
Refactor Pii::Cipher to use aes-256-gcm 023226 0000
Refactor IdV controllers to DRY up some methods (#598) **Why**: Creates some method-count headroom in the IdV controllers for adding passphrase collection later. a8acfb 0000
replace RSAEncryptor with EnvelopeEncryptor in prep for KMS 99cd45 0000
replace RSAEncryptor with EnvelopeEncryptor in prep for KMS 684b03 0000
Refactor IdV controllers to DRY up some methods **Why**: Creates some method-count headroom in the IdV controllers for adding passphrase collection later. a7a2a8 0000
Refactor IdV controllers to DRY up some methods **Why**: Creates some method-count headroom in the IdV controllers for adding passphrase collection later. edfd63 0000
Use method instead of global var 2ec0a6 0000
Use method instead of global var 75da04 0000
Iterate on pw create page (#593) **Why**: provides helpful instructions, UI tweaks 4ad82d 0000
Iterate on pw create page (#593) **Why**: provides helpful instructions, UI tweaks 79f63c 0000
Fix 'already initialized constant VALID_PASSWORD' errors 199b5e 0000
Iterate on pw create page (#593) **Why**: provides helpful instructions, UI tweaks afaf46 0000
Fix 'already initialized constant VALID_PASSWORD' errors cdfe63 0000
Fix 'already initialized constant VALID_PASSWORD' errors 2234ea 0000
Fix 'already initialized constant VALID_PASSWORD' errors f8bb32 0000
Fix 'already initialized constant VALID_PASSWORD' errors 5109c7 0000
Iterate on pw create page **Why**: provides helpful instructions, UI tweaks cd5969 0000
Iterate on pw create page **Why**: provides helpful instructions, UI tweaks 4c2343 0000
Style updates 9f7654 0000
Style updates 18007b 0000
Config redis with url rather than host and port 943cec 0000
Config redis with url rather than host and port c09bdc 0000
Consolidate specs de2a93 0000
Consolidate specs 6743dc 0000
Set queue dynamically 7fe018 0000
Set queue dynamically e6529e 0000
Use let instead of instance variable ee9d7b 0000
Use let instead of instance variable c9397b 0000
More spec tweaks 00e752 0000
More spec tweaks 74fda9 0000
Use SCrypt for passphrase encryption **Why**: A crypto model everyone can agree on. 7d2b00 0000
Use SCrypt for passphrase encryption **Why**: A crypto model everyone can agree on. be3548 0000
Fix order of alert class properties **Why**: - To make Code Climate pass b39848 0000
Fix order of alert class properties **Why**: - To make Code Climate pass 101462 0000
Remove splash home page (#587) **Why**: defunct f7d5b1 0000
Fix nav logo spacing **Why**: designz 0ded61 0000
Remove splash home page **Why**: defunct 757eb4 0000
Remove splash home page **Why**: defunct e427a7 0000
Fix nav logo spacing **Why**: designz dba66a 0000
Fix nav logo spacing **Why**: designz ef6da6 0000
Fix confirmation context bugs - In confirmation context, OTP attempts should not be limited - In IdV context, reenter phone number link should point to phone screen 68d765 0000
Fix confirmation context bugs - In confirmation context, OTP attempts should not be limited - In IdV context, reenter phone number link should point to phone screen 20eadc 0000
Address PR feedback dd8c1d 0000
Address PR feedback 9836e9 0000
Address PR feedback 95ddb2 0000
Terms of service beginnings (#581) **Why**: gotta have em 4a6854 0000
Terms of service beginnings **Why**: gotta have em 20ac6c 0000
Terms of service beginnings **Why**: gotta have em e7c2e8 0000
Add js form validation test **Why**: To test that feedback is provided on form inputs as soon as the user removes focus from field df8b68 0000
Add js form validation test **Why**: To test that feedback is provided on form inputs as soon as the user removes focus from field f5a92a 0000
Add double newlines after `import` statements **Why**: Style 4fc723 0000
Add double newlines after `import` statements **Why**: Style 3975a1 0000
replace RSAEncryptor with EnvelopeEncryptor in prep for KMS 6d7857 0000
replace RSAEncryptor with EnvelopeEncryptor in prep for KMS 716040 0000
replace RSAEncryptor with EnvelopeEncryptor in prep for KMS c9f195 0000
replace RSAEncryptor with EnvelopeEncryptor in prep for KMS 9f0f70 0000
Updates endpoints/metadata for test SP in dev env 94940e 0000
Updates endpoints/metadata for test SP in dev env e196e5 0000
Adds metadata to test SP cacd01 0000
Terms of service beginnings **Why**: gotta have em e5b7b7 0000
Terms of service beginnings **Why**: gotta have em 9b916c 0000
Terms of service beginnings **Why**: gotta have em 9b5b37 0000
Terms of service beginnings **Why**: gotta have em 81df30 0000
fix double negative (hard to read) 26d9f1 0000
fix double negative (hard to read) 83c5fd 0000
Use consistent timezone for parsing **Why**: Without explicit call to `.zone` the parse() method can do unexpected things. a0502f 0000
Use consistent timezone for parsing **Why**: Without explicit call to `.zone` the parse() method can do unexpected things. 24a318 0000
quiet reek 2ebbb7 0000
quiet reek 7f652a 0000
new encryption algorithm with no stored AES CEK 3c8465 0000
new encryption algorithm with no stored AES CEK 4138e3 0000
Use consistent timezone for parsing **Why**: Without explicit call to `.zone` the parse() method can do unexpected things. 2be109 0000
Use consistent timezone for parsing **Why**: Without explicit call to `.zone` the parse() method can do unexpected things. 239b08 0000
make it clearer what the production cek should look like 2f7102 0000
make it clearer what the production cek should look like abf349 0000
whitespace only bd710f 0000
whitespace only c4d93a 0000
Refactor Encryptor into separate class-per-model **Why**: Better distinguish the encryption models 15e8f2 0000
Refactor Encryptor into separate class-per-model **Why**: Better distinguish the encryption models abed77 0000
Add login text / link re: privacy consent **Why**: need to have it! fc269f 0000
codeclimate fixes e7aa91 0000
codeclimate fixes 3c2304 0000
Add login text / link re: privacy consent **Why**: need to have it! cea176 0000
Use Time.zone.now when direct_otp_sent_at is null (#573) **Why**: Under some conditions the direct_otp_sent_at value is not yet set when the Sidekiq job is created. 2217c8 0000
rename methods to indicate RSA-vs-AES 69bba6 0000
WIP 6708f8 0000
WIP 5739d8 0000
rubocop fix 6bbdb9 0000
rubocop fix 9f3447 0000
Add devise_zxcvbn server-side password validation **Why**: Match password validation rules on the server with same library used on the client. **How**: The configuration calls for a level of 3 out of 4 (Good) password strength. We can adjust as necessary. 97e68a 0000
Add devise_zxcvbn server-side password validation **Why**: Match password validation rules on the server with same library used on the client. **How**: The configuration calls for a level of 3 out of 4 (Good) password strength. We can adjust as necessary. 196712 0000
Use regex to test locale-file-specific strings (#575) **Why**: Code-specific strings hard-coded in tests are very brittle. 401f5d 0000
Use regex to test locale-file-specific strings **Why**: Code-specific strings hard-coded in tests are very brittle. d78df3 0000
Use regex to test locale-file-specific strings **Why**: Code-specific strings hard-coded in tests are very brittle. 6b5d51 0000
No more alpha or proof-of-concept (#574) e8643e 0000
No more alpha or proof-of-concept 94d00c 0000
No more alpha or proof-of-concept 277b03 0000
Use Time.zone.now when direct_otp_sent_at is null **Why**: Under some conditions the direct_otp_sent_at value is not yet set when the Sidekiq job is created. 4ee93e 0000
Use Time.zone.now when direct_otp_sent_at is null **Why**: Under some conditions the direct_otp_sent_at value is not yet set when the Sidekiq job is created. d5c764 0000
Use Time.zone.now when direct_otp_sent_at is null **Why**: Under some conditions the direct_otp_sent_at value is not yet set when the Sidekiq job is created. fda9d5 0000
Use Time.zone.now when direct_otp_sent_at is null **Why**: Under some conditions the direct_otp_sent_at value is not yet set when the Sidekiq job is created. 786e1a 0000
temp_user.errors[:password] is an array 1eca00 0000
temp_user.errors[:password] is an array 9c9aad 0000
rubocop fix b7c362 0000
rubocop fix 080ad9 0000
rename variable for clarity cceb55 0000
rename variable for clarity af215b 0000
Pii::Encryptor no longer has too many methods 520866 0000
Pii::Encryptor no longer has too many methods 7a692f 0000
new encryption algorithm with no stored AES CEK 4710e8 0000
new encryption algorithm with no stored AES CEK ac48c0 0000
SAML Response.issuers method removed **Why**: ruby-saml 1.4.0 removed the Response.issuers method in favor of assertion against settings.idp_entity_id. See https://github.com/onelogin/ruby-saml/commit/b5c6c4d219031b1f3b5ce468ae4082fa08a6b21a d114c5 0000
add test for User.weak_words 95c80a 0000
add test for User.weak_words c84622 0000
SAML Response.issuers method removed **Why**: ruby-saml 1.4.0 removed the Response.issuers method in favor of assertion against settings.idp_entity_id. See https://github.com/onelogin/ruby-saml/commit/b5c6c4d219031b1f3b5ce468ae4082fa08a6b21a b12a5c 0000
SAML Response.issuers method removed **Why**: ruby-saml 1.4.0 removed the Response.issuers method in favor of assertion against settings.idp_entity_id. See https://github.com/onelogin/ruby-saml/commit/b5c6c4d219031b1f3b5ce468ae4082fa08a6b21a c21234 0000
Tweak non babelified js (#569) **Why**: scripts in misc not being transpiled, thus cant use things like 'let' 1c8e3e 0000
Tweak non babelified js (#569) **Why**: scripts in misc not being transpiled, thus cant use things like 'let' 338a91 0000
Tweak non babelified js **Why**: scripts in misc not being transpiled, thus cant use things like 'let' b5dfac 0000
Tweak non babelified js **Why**: scripts in misc not being transpiled, thus cant use things like 'let' 9a61ec 0000
Add sp fields to config for demo app **Why**: better demo experience 949022 0000
Add sp fields to config for demo app **Why**: better demo experience 576601 0000
Add sp fields to config for demo app **Why**: better demo experience 16b142 0000
Update sp branded logo design (#567) **Why**: making it better 451340 0000
Update sp branded logo design **Why**: making it better bb41d2 0000
Update ruby-saml gem to official 1.4.0 release **Why**: Version 1.4.0 contains our changes. See https://github.com/onelogin/ruby-saml/releases/tag/1.4.0 esp https://github.com/onelogin/ruby-saml/pull/345 75f16e 0000
Add branded header, back link to sign in page (#564) **Why**: Users want a custom experience when authenticating with a partner app 4fdf82 0000
Add branded header, back link to sign in page **Why**: Users want a custom experience when authenticating with a partner app e23d45 0000
Add branded header, back link to sign in page **Why**: Users want a custom experience when authenticating with a partner app 8685fb 0000
Updates dev SP urls (#563) f7985e 0000
add test for User.weak_words 3111b9 0000
add test for User.weak_words c98047 0000
Updates dev SP urls ed8512 0000
Updates dev SP urls 4427c2 0000
[Issue #799] Adds branded header to sign in page Why Users want a custom experience when authenticating with a partner application. How Display a custom heading when we validate the originating SP application. 2f66c5 0000
[Issue #799] Adds branded header to sign in page Why Users want a custom experience when authenticating with a partner application. How Display a custom heading when we validate the originating SP application. ddc6e4 0000
[Issue #799] Adds branded header to sign in page Why Users want a custom experience when authenticating with a partner application. How Display a custom heading when we validate the originating SP application. 160735 0000
Add HSTS preload value f4dc0a 0000
Add HSTS preload value 06ee37 0000
Add HSTS preload value edcc5c 0000
Set HSTS max-age to one year 59a40a 0000
Revert 'editted a button' 4c1a9f 0000
Disables :cop: for SingleLineBlockParams 81b320 0000
Disables :cop: for SingleLineBlockParams e8665f 0000
Disables :cop: for SingleLineBlockParams ff5885 0000
Disables :cop: for SingleLineBlockParams 730ba9 0000
Disables :cop: for SingleLineBlockParams e36cc7 0000
Disables :cop: for SingleLineBlockParams 6499f4 0000
Disables :cop: for SingleLineBlockParams 9a579c 0000
Disables :cop: for SingleLineBlockParams f56d11 0000
Disables :cop: for SingleLineBlockParams c1448b 0000
Disables :cop: for SingleLineBlockParams 0e6d96 0000
Disables :cop: for SingleLineBlockParams 337c8a 0000
Disables :cop: for SingleLineBlockParams 48ee91 0000
Revert 'editted a button' cb1a63 0000
editted a button (#559) 682abe 0000
editted a button 069dfb 0000
editted a button 0f56f1 0000
Restyle notification banners **Why**: - The banners didn't meet accessibility standards. **What**: - Add new icon svgs - Reposition icons - Change text color - Rework spacing in banner 63fb36 0000
Restyle notification banners **Why**: - The banners didn't meet accessibility standards. **What**: - Add new icon svgs - Reposition icons - Change text color - Rework spacing in banner 6f843a 0000
add test for User.weak_words f59014 0000
add test for User.weak_words 9fa36e 0000
add comment about devise_zxcvbn config, reformat devise plugin listing 47e277 0000
add comment about devise_zxcvbn config, reformat devise plugin listing df632b 0000
Moar test clean up be7c3e 0000
Moar test clean up a9828a 0000
Nav tweaks **Why**: _ 900224 0000
Nav tweaks **Why**: _ 5794a3 0000
Nav tweaks **Why**: _ 08eb8e 0000
Nav tweaks **Why**: _ 256137 0000
Nav tweaks **Why**: _ 12a223 0000
Nav tweaks **Why**: _ 8e5b43 0000
Removes trailing whitespace c61a00 0000
Removes one last smell eb939a 0000
Removes assignment in condition 0add35 0000
Removes code smells 6a8e0e 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length 59fc2b 0000
Cleans up rubocop offenses bc8194 0000
Stores valid SP metadata in session for custom experience Deletes SP metadata from session when assertion is made 9c043c 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length a08fdb 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length 856c98 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length b2580b 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length 330eae 0000
zap duplicate method introduced in bad merge conflict 947576 0000
zap duplicate method introduced in bad merge conflict f3d2db 0000
codeclimate fix bef234 0000
codeclimate fix a75d03 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length 7fdd25 0000
Passcode input format / validate **Why**: better usability to have input length (& format) correspond with code length f1a591 0000
Remove unused view template / methods / files (#553) **Why**: We don't need what we don't use daf7d7 0000
UI spacing & misc tweaks **Why**: better scaling for small screenz 41722f 0000
Remove unused view template / methods / files **Why**: We don't need what we don't use 563c6e 0000
Remove unused view template / methods / files **Why**: We don't need what we don't use 603dd0 0000
Remove unused view template / helper method **Why**: We don't need what we don't use fc240d 0000
Remove unused view template / helper method **Why**: We don't need what we don't use 4bcf31 0000
UI spacing & misc tweaks **Why**: better scaling for small screenz 55f321 0000
UI spacing & misc tweaks **Why**: better scaling for small screenz d46a1b 0000
UI spacing & misc tweaks **Why**: better scaling for small screenz 3a27f3 0000
set login_timeout_warning_seconds to 4 minutes (half session ttl) 4e673d 0000
set login_timeout_warning_seconds to 4 minutes (half session ttl) 93e4c8 0000
codeclimate fix 249bef 0000
codeclimate fix 098747 0000
Add login page timeout modal to prevent CSRF error on session timeout 5f30ab 0000
Add login page timeout modal to prevent CSRF error on session timeout 2d1308 0000
make Figaro key required, disable CSRF check on session create 3632c0 0000
make Figaro key required, disable CSRF check on session create 82f7ff 0000
Add stylez, fix links in inputs **Why**: ;) 7de35e 0000
Add stylez, fix links in inputs **Why**: ;) 263398 0000
Add stylez, fix links in inputs **Why**: ;) c3d693 0000
Add stylez, fix links in inputs **Why**: ;) 7ecfff 0000
make Figaro key required, disable CSRF check on session create 8844a7 0000
Changing casing on the create password screen (#550) **Why**: changed to sentence casing to match other copy 7282ae 0000
Tweak alert icon positioning **Why**: looks better 85978a 0000
Changing casing on the create password screen **Why**: changed to sentence casing to match other copy 6f8b6b 0000
Changing casing on the create password screen **Why**: changed to sentence casing to match other copy 13e249 0000
Tweak alert icon positioning **Why**: looks better 40ada4 0000
Tweak alert icon positioning **Why**: looks better 05c2bf 0000
Updates log in message 36a8dc 0000
Improve invalid confirmation token error (#547) **Why**: Help explain to users why the confirmation link they received is no longer working df549d 0000
Improve invalid confirmation token error **Why**: Help explain to users why the confirmation link they received is no longer working c94f0e 0000
Improve invalid confirmation token error **Why**: Help explain to users why the confirmation link they received is no longer working 53c06b 0000
Improve invalid confirmation token error **Why**: Help explain to users why the confirmation link they received is no longer working 3bd9e4 0000
Improve invalid confirmation token error **Why**: Help explain to users why the confirmation link they received is no longer working 54ddf2 0000
Update application.yml.example e071e2 0000
Update application.yml.example 05eec8 0000
Ignores reek warnings for i18n dev tool 30b7b2 0000
Ignores reek warnings for i18n dev tool 20bd41 0000
Cleans up some smelly code 8dd589 0000
Cleans up some smelly code e58010 0000
Add Gemfile.lock 7738ba 0000
Add Gemfile.lock ff8a8f 0000
codeclimate fix a25ef2 0000
codeclimate fix 5ce8fd 0000
Moves i18n override spec to better location 631e1c 0000
Moves i18n override spec to better location 3338a3 0000
Moar test clean up d0070a 0000
Moar test clean up 6afcb9 0000
Tests specifically for Digital Envelope Encryption Model (DEEM) fbdc74 0000
Single quotes **Why**: Code climate is my master 031ebc 0000
Single quotes **Why**: Code climate is my master 6d5376 0000
Fix typo **Why**: It broke functionality 86dadc 0000
Fix typo **Why**: It broke functionality db7b89 0000
Co-branded login.gov :: SP header nav **Why**: reassuring to see branding for originating SP on login.gov 29f669 0000
Co-branded login.gov :: SP header nav **Why**: reassuring to see branding for originating SP on login.gov b657fe 0000
recovery code feature was assuming Devise was using bcrypt encryption configuration 573122 0000
recovery code feature was assuming Devise was using bcrypt encryption configuration 12055b 0000
remove unnecessary test fixture af10bc 0000
remove unnecessary test fixture 16b0e9 0000
refactor password form validation into central validator c92b6c 0000
refactor password form validation into central validator da0088 0000
fix test syntax 07cb0d 0000
refactor password form validation into central validator 66e1d1 0000
fix test syntax 9b9673 0000
add another condition to unconfirmed user password check 844ef4 0000
must set stretches > 1000 or it will be overridden in the devise plugin 28ef1d 0000
must set stretches > 1000 or it will be overridden in the devise plugin 806793 0000
remove missing password parameter check c4a49d 0000
remove missing password parameter check d1bbb0 0000
remove check for missing password param fade92 0000
remove check for missing password param fa2b7a 0000
add comment about Digital Envelope Encryption Model 492893 0000
add comment about Digital Envelope Encryption Model 87ddd2 0000
small test optimization 396db1 0000
small test optimization 44464b 0000
fix Cancel link on edit email page 659286 0000
fix Cancel link on edit email page cea626 0000
Session timeout countdown **Why**: ... a2413d 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip ab8957 0000
WIP 0b7888 0000
a riddle, wrapped in a mystery, inside an enigma 5049e0 0000
a riddle, wrapped in a mystery, inside an enigma f51497 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip d888ac 0000
Idv::Applicant tests 4eb5fc 0000
Idv::Applicant tests 9e5eb9 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip e7f7af 0000
Bigger and better usa flag icon **Why**: old one was pixelated ;) a55385 0000
Bigger and better usa flag icon **Why**: old one was pixelated ;) aa9686 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip 830a60 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip 691f55 0000
Bigger and better usa flag icon **Why**: old one was pixelated ;) decf41 0000
Bigger and better usa flag icon **Why**: old one was pixelated ;) 860b03 0000
Add conditional IE stylesheets **Why**: Fixes 404 errors for stylesheets on older versions of IE, can be completely removed in the future if it's found there is no need for them. b137e6 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip b07a7b 0000
Fix tooltip focus state **Why**: Removes blue outline artifact left after clicking tooltip e39b05 0000
codeclimate fix faf393 0000
Rewrite test to clarify what the PR is fixing 5a2418 0000
codeclimate fix f13ee0 0000
Rewrite test to clarify what the PR is fixing b108bb 0000
Add devise_zxcvbn server-side password validation **Why**: Match password validation rules on the server with same library used on the client. **How**: The configuration calls for a level of 3 out of 4 (Good) password strength. We can adjust as necessary. 87abaa 0000
Add contact us testz, tweak its UI (#482) **Why**: crossing the t's, dotting the i's, making it pretty 723c3a 0000
Small refactor in controller method (#530) **Why**: I like to DO the TODOs ba1995 0000
Move active job config to `application.rb` (#533) **Why**: This is where it lives more typically and where ppl would go to find it 9dd4f2 0000
Move active job config to `application.rb` **Why**: This is where it lives more typically and where ppl would go to find it c98559 0000
Move active job config to `application.rb` **Why**: This is where it lives more typically and where ppl would go to find it 850d62 0000
Small refactor in controller method **Why**: I like to DO the TODOs dc74b9 0000
Small refactor in controller method **Why**: I like to DO the TODOs 281dfc 0000
add missing specs df374f 0000
add missing specs d85753 0000
move MFA reauthn kick-off to its own controller 65b827 0000
move MFA reauthn kick-off to its own controller be76eb 0000
move MFA reauthn kick-off to its own controller 72bb31 0000
Add contact us testz, tweak its UI **Why**: crossing the t's, dotting the i's, making it pretty 3d5b32 0000
Add contact us testz, tweak its UI **Why**: crossing the t's, dotting the i's, making it pretty 8a85a7 0000
Clean up basic info page (#529) **Why**: Small visual and copy changes for Basic information IDV page c0d794 0000
Add contact us testz, tweak its UI **Why**: crossing the t's, dotting the i's, making it pretty 65d31d 0000
Add contact us testz, tweak its UI **Why**: crossing the t's, dotting the i's, making it pretty 5ffbfb 0000
Clean up basic info page **Why**: Small visual and copy changes for Basic information IDV page bb6af0 0000
Clean up basic info page **Why**: Small visual and copy changes for Basic information IDV page 169ec4 0000
Clean up basic info page **Why**: Small visual and copy changes for Basic information IDV page ae8eed 0000
Clean up basic info page **Why**: Small visual and copy changes for Basic information IDV page 8c36ca 0000
pbkdf2 iterations at 100_000 de3fab 0000
pbkdf2 iterations at 100_000 3616e4 0000
Small tweaks to USA banner (#527) **Why**: higher resolution image (for Retina screens), better spacing, better accomodations for line wrapping on tiny screens 5be8c8 0000
Small tweaks to USA banner **Why**: higher resolution image (for Retina screens), better spacing, better accomodations for line wrapping on tiny screens 9a3550 0000
Small tweaks to USA banner **Why**: higher resolution image (for Retina screens), better spacing, better accomodations for line wrapping on tiny screens c4b168 0000
bump up pbkdf2 iterations to ~0.5sec 3f39cd 0000
bump up pbkdf2 iterations to ~0.5sec e420bd 0000
Remove unnecessary Reek exclusions (#526) **Why**: Classes were being excluded even though they don't violate the TooManyMethods offense. a49076 0000
Remove unnecessary Reek exclusions **Why**: Classes were being excluded even though they don't violate the TooManyMethods offense. 67c792 0000
Remove unnecessary Reek exclusions **Why**: Classes were being excluded even though they don't violate the TooManyMethods offense. fbe75e 0000
Remove unnecessary Reek exclusions **Why**: Classes were being excluded even though they don't violate the TooManyMethods offense. ff9da5 0000
use OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING for encrypt/decrypt 05bcdd 0000
use OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING for encrypt/decrypt 115d5a 0000
codeclimate fixes 82eb09 0000
codeclimate fixes a7b9ed 0000
codeclimate fixes e1d802 0000
review responses 80082d 0000
Add Devise pepper to password encryption (#504) **Why**: NIST guidelines recommend a keyed hash function stored separately. 156889 0000
Store SSN signature digest only **Why**: Requires less space and we are already one-way hashing. f7db86 0000
Store SSN signature digest only **Why**: Requires less space and we are already one-way hashing. c1fbe2 0000
Add autofocus to OTP (#521) **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. 36931d 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. b0ff3a 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. 01dc52 0000
Fix list item bullets in IE (#522) **Why**: Browser compatability fix adcd7d 0000
Fix list item bullets in IE **Why**: Browser compatability fix 0fc010 0000
Fix list item bullets in IE **Why**: Browser compatability fix 65df3e 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. 099165 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. 280f86 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. 0339ea 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. 3fcb2a 0000
Add autofocus to OTP **Why**: Since the OTP pages only contain one form field and is the main focus of the page, readded autofocus w/ aria-describedby. e6e5f4 0000
Fix pw strength module spacing (#520) **Why**: because it was off 7d2c99 0000
Fix pw strength module spacing **Why**: because it was off 50209d 0000
Fix pw strength module spacing **Why**: because it was off 2b9a3d 0000
Replace bcrypt with pbkdf2 hashing **Why**: NIST/FIPS approved password storage d944f5 0000
Replace bcrypt with pbkdf2 hashing **Why**: NIST/FIPS approved password storage d5ab0f 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 91756d 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. aad81e 0000
Re-encrypt PII on password change **Why**: PII is encrypted with the user password. When the password changes, so must the encryption. 2d6270 0000
Deactivate verified profile on password reset **Why**: When PII is encrypted with user password and the password is reset, the PII becomes un-decryptable. 2fb93a 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Upgrade to ActiveRecord::SessionStore 1.0.0 which allows for custom serializer. 23dd1d 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Upgrade to ActiveRecord::SessionStore 1.0.0 which allows for custom serializer. 84daa5 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Upgrade to ActiveRecord::SessionStore 1.0.0 which allows for custom serializer. 450ee4 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Upgrade to ActiveRecord::SessionStore 1.0.0 which allows for custom serializer. cddb5d 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Upgrade to ActiveRecord::SessionStore 1.0.0 which allows for custom serializer. 3ce728 0000
Encrypt Rails session at rest **Why**: Protects PII **How**: Upgrade to ActiveRecord::SessionStore 1.0.0 which allows for custom serializer. 58d0d1 0000
Replace bcrypt with SHA-512 password hashing **Why**: Must use FIPS approved password encryption strategy. 3789f6 0000
Replace bcrypt with SHA-512 password hashing **Why**: Must use FIPS approved password encryption strategy. 70865c 0000
simpler 67903e 0000
simpler 7325a8 0000
Update DOB input fields (#514) **Why**: Because fa6963 0000
Update DOB input fields **Why**: Because 48e670 0000
Update DOB input fields **Why**: Because 8e4274 0000
add slo_session method to mask logged in vs logged out request 9ae09d 0000
add slo_session method to mask logged in vs logged out request a51388 0000
Update DOB input fields **Why**: Because c1b819 0000
Update DOB input fields **Why**: Because a1affe 0000
Update DOB input fields **Why**: Because e4e3ca 0000
Update DOB input fields **Why**: Because 819562 0000
Update DOB input fields **Why**: Because ea0740 0000
make check fixes 95eb6d 0000
make check fixes b73b2e 0000
Adds blank line 9db8f7 0000
Update DOB input fields **Why**: Because b249c1 0000
Update DOB input fields **Why**: Because 2bb10d 0000
Update DOB input fields **Why**: Because 522066 0000
Update DOB input fields **Why**: Because 50dce2 0000
Adds blank line f49a9a 0000
Remove es2015-loose transpile **Why**: messing up deploys (possibly) d11748 0000
Adds blank line 9190d5 0000
Adds blank line ca4b40 0000
add test for reauthn_required_controller 49fcb0 0000
add test for reauthn_required_controller 5f9e11 0000
Hotfix for js compiling **Why**: deploy failing 002a9c 0000
Hotfix for js compiling **Why**: deploy failing 8461b3 0000
Hotfix for js compiling **Why**: deploy failing 264150 0000
Hotfix for js compiling **Why**: deploy failing 805fa3 0000
Hotfix for js compiling **Why**: deploy failing 1c1985 0000
Hotfix for js compiling **Why**: deploy failing c2b756 0000
Remove es2015-loose transpile **Why**: messing up deploys (possibly) 9785ff 0000
Remove es2015-loose transpile **Why**: messing up deploys (possibly) 4d7685 0000
Remove es2015-loose transpile **Why**: messing up deploys (possibly) ba83ba 0000
Iterate visual design **Why**: Based on walkthrough session a5b0b8 0000
Iterate visual design **Why**: Based on walkthrough session 6e7e36 0000
Iterate visual design **Why**: Based on walkthrough session 8aaefd 0000
Iterate visual design **Why**: Based on walkthrough session a0e38d 0000
Verify email page coat of paint **Why**: per end-to-end walkthrough feedback bea42a 0000
Verify email page coat of paint **Why**: per end-to-end walkthrough feedback b98a80 0000
UI touch-ups **Why**: per end-to-end walkthrough feedback bd44b2 0000
UI touch-ups **Why**: per end-to-end walkthrough feedback 29d6c0 0000
UI touch-ups **Why**: per end-to-end walkthrough feedback e04536 0000
Updates README for deployments (#506) 226a07 0000
Updates README for deployments (#506) 5713a2 0000
ApplicationController getting too big 25a7b0 0000
Updates README for deployments (#506) 50afca 0000
Updates README for deployments 5e41d5 0000
Updates README for deployments d7f70a 0000
Visual design tweaks a4bde3 0000
Visual design tweaks 2cac9b 0000
Visual design tweaks e69c7e 0000
Add Devise pepper to password encryption **Why**: NIST guidelines recommend a keyed hash function stored separately. b9fa9f 0000
Add Devise pepper to password encryption **Why**: NIST guidelines recommend a keyed hash function stored separately. 9c5537 0000
Fix SP-initiated SLO bug **Why**: If a SP initiates SLO at the IdP, but the user is not actively logged in to the IdP, would throw an exception. **How**: Verify `user_session` exists before we access it. 0b398a 0000
Fix SP-initiated SLO bug **Why**: If a SP initiates SLO at the IdP, but the user is not actively logged in to the IdP, would throw an exception. **How**: Verify `user_session` exists before we access it. 6499a5 0000
Mix Event and Identity objects in recent events **Why**: Removing Agency activity section on profile page simplifies UX. **How**: Combines Agency and Account histories. Adds IdentityDecorator class and a .recent_events method to UserDecorator. f55c92 0000
Mix Event and Identity objects in recent events **Why**: Removing Agency activity section on profile page simplifies UX. **How**: Combines Agency and Account histories. Adds IdentityDecorator class and a .recent_events method to UserDecorator. 96916a 0000
add missing tests 24dad4 0000
add missing tests 1caea5 0000
rubocop clean up 069704 0000
rubocop clean up 069ea4 0000
fix class name 82e393 0000
fix class name 87b449 0000
zap unused locale strings 889c61 0000
zap unused locale strings ba2872 0000
interleave Event and Identity objects in Account history 892172 0000
Add test coverage for Idv::Session (#501) **Why**: 100% test coverage is a virtue a92fd1 0000
Add test coverage for Idv::Session **Why**: 100% test coverage is a virtue 280d93 0000
Add test coverage for Idv::Session **Why**: 100% test coverage is a virtue 3ccf3c 0000
Fix rate limit error page styles **Why**: Updated path to location of images/css 826a35 0000
Add test coverage for Idv::Session **Why**: 100% test coverage is a virtue 9e36c3 0000
Update login page UI **Why**: consistency & design considerations f5b6d3 0000
Fix rate limit error page styles **Why**: Updated path to location of images/css 43ac69 0000
Add test coverage for Idv::Session **Why**: 100% test coverage is a virtue a6f3c5 0000
Fix rate limit error page styles **Why**: Updated path to location of images/css ae1561 0000
whitespace only 2cfc90 0000
whitespace only f5f73d 0000
Remove duplicate SSN check **Why**: Encrypted PII makes checking for duplicate SSN impractical and/or impossible. 31e60f 0000
Update login page UI **Why**: consistency & design considerations 460c16 0000
Removes unused file (#499) e85e65 0000
[Issue #320] Localizes all the strings (#476) 29b2f1 0000
Removes unused file b2ec87 0000
Removes unused file e6ca12 0000
Fix zip code input field **Why**: Due to the way Babelify was transforming the field-kit js, our custom form inputs were not inserting separators into formatted fields like zip-code in IE<=10 ac04ae 0000
[Issue #320] Localizes all the strings ad52b9 0000
[Issue #320] Localizes all the strings 8f545f 0000
[Issue #320] Localizes all the strings c3c318 0000
[Issue #320] Localizes all the strings a7bf5a 0000
[Issue #320] Localizes all the strings 6183a6 0000
[Issue #320] Localizes all the strings fde505 0000
[Issue #320] Localizes all the strings 869b45 0000
[Issue #320] Localizes all the strings ba1ce1 0000
Fix rate limit error page styles **Why**: Updated path to location of images/css 015979 0000
Fix rate limit error page styles **Why**: Updated path to location of images/css db0876 0000
Fix zip code input field **Why**: Due to the way Babelify was transforming the field-kit js, our custom form inputs were not inserting separators into formatted fields like zip-code in IE<=10 80bde2 0000
Fix zip code input field **Why**: Due to the way Babelify was transforming the field-kit js, our custom form inputs were not inserting separators into formatted fields like zip-code in IE<=10 561059 0000
Require 2FA for admin to access constrained route (#486) **Why**: To better protect access to dashboards such as Sidekiq and Split. 551d87 0000
Update sms message **Why**: Trailing period is causing a 404 error. 4d7f75 0000
Update sms message **Why**: Trailing period is causing a 404 error. 1995f2 0000
Update sms message **Why**: Trailing period is causing a 404 error. 7ca5e6 0000
Update sms message **Why**: Trailing period is causing a 404 error. f7d98d 0000
Update sms message **Why**: Trailing period is causing a 404 error. ae48f9 0000
Update sms message **Why**: Trailing period is causing a 404 error. ccb58f 0000
Update SMS confirmation message **Why**: Remove trailing period which causes 404 on support link 57ff15 0000
Update page titles to sentence case **Why**: To adhere to content style guide 206467 0000
Update page titles to sentence case **Why**: To adhere to content style guide 953509 0000
Remove automatic telephone links on mobile **Why**: Since we are displaying the users own phone number, having it appear as a link may lead to confusion or accidental clicks. 4303b8 0000
Convert profile attributes to JSON blob **Why**: In order to make encryption-at-rest easier, store all PII attributes as a single JSON string. 4279ef 0000
Remove duplicate SSN check **Why**: Encrypted PII makes checking for duplicate SSN impractical and/or impossible. 4da60a 0000
Convert profile attributes to JSON blob **Why**: In order to make encryption-at-rest easier, store all PII attributes as a single JSON string. 0df112 0000
Convert profile attributes to JSON blob **Why**: In order to make encryption-at-rest easier, store all PII attributes as a single JSON string. 61dada 0000
codeclimate clean up a223f9 0000
Remove duplicate SSN check **Why**: Encrypted PII makes checking for duplicate SSN impractical and/or impossible. a3c953 0000
Refactor IdV controllers (#489) **Why**: Easier to test and grok **How**: Split IdvSession controller concern into multiple classes, Idv::Session and Idv::Vendor f4e0cf 0000
Refactor IdV controllers **Why**: Easier to test and grok **How**: Split IdvSession controller concern into multiple classes, Idv::Session and Idv::Vendor 5cc290 0000
Refactor IdV controllers **Why**: Easier to test and grok **How**: Split IdvSession controller concern into multiple classes, Idv::Session and Idv::Vendor c4885b 0000
code review updates d07465 0000
code review updates 342193 0000
code path is unreachable and cannot be tested 78a81f 0000
code path is unreachable and cannot be tested d5c257 0000
add missing Idv::Session unit tests cc7266 0000
add missing Idv::Session unit tests 0e7509 0000
Prevent redundant IdV (#488) **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 80f313 0000
Prevent redundant IdV (#488) **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 43d2c1 0000
add missing method arg 891f85 0000
add missing method arg 343700 0000
Require 2FA for admin to access constrained route **Why**: To better protect access to dashboards such as Sidekiq and Split. 4c36d8 0000
Prevent redundant IdV (#488) **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 30457a 0000
Require 2FA for admin to access constrained route **Why**: To better protect access to dashboards such as Sidekiq and Split. 20eb85 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 7cbef7 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. bbbe4c 0000
add redis service to travis; revert sidekiq/testing 01c0b8 0000
add redis service to travis; revert sidekiq/testing e52e3b 0000
try disabling sidekiq in test env 14e66f 0000
try disabling sidekiq in test env 582c15 0000
add missing method arg 2d0a59 0000
add missing method arg 152659 0000
codeclimate clean up c2d887 0000
use class constant instead of method fdb199 0000
use class constant instead of method dabe78 0000
Require 2FA for admin to access constrained route **Why**: To better protect access to dashboards such as Sidekiq and Split. 811afc 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 8196c3 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. d56e19 0000
Address review comments 159df1 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 13f2a2 0000
Address review comments b5b18c 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 1a69e1 0000
Address review comments 3d909c 0000
Address review comments 6f0103 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. ebc2b0 0000
Prevent redundant IdV **Why**: Users should not be able to self-initiate IdV if they already have an active profile. 1cf348 0000
Refactor IdV controllers **Why**: Easier to test and grok **How**: Split IdvSession controller concern into multiple classes, Idv::Session and Idv::Vendor 7ff2e8 0000
Refactor IdV controllers **Why**: Easier to test and grok **How**: Split IdvSession controller concern into multiple classes, Idv::Session and Idv::Vendor 5db188 0000
Convert profile attributes to JSON blob **Why**: In order to make encryption-at-rest easier, store all PII attributes as a single JSON string. d6b62c 0000
Require 2FA for admin to access constrained route **Why**: To better protect access to dashboards such as Sidekiq and Split. ac42aa 0000
Require 2FA for admin to access constrained route **Why**: To better protect access to dashboards such as Sidekiq and Split. df3b9d 0000
Require 2FA for admin to access constrained route **Why**: To better protect access to dashboards such as Sidekiq and Split. 6c7fb0 0000
Remove duplicate SSN check **Why**: Encrypted PII makes checking for duplicate SSN impractical and/or impossible. a98e30 0000
Add New Relic notification to Capistrano deploy pipeline 4217af 0000
Add New Relic notification to Capistrano deploy pipeline 6cda81 0000
Address PR comments ffdc77 0000
Address PR comments da8823 0000
Do not track GET requests to the /active endpoint (#484) **Why**: To keep our analytics logs free of noise. The `/active` endpoint currently gets hit every 30 seconds as part of the session timeout feature. 3dcd6c 0000
Do not track GET requests to the /active endpoint **Why**: To keep our analytics logs free of noise. The `/active` endpoint currently gets hit every 30 seconds as part of the session timeout feature. ed0185 0000
Do not track GET requests to the /active endpoint **Why**: To keep our analytics logs free of noise. The `/active` endpoint currently gets hit every 30 seconds as part of the session timeout feature. 19340f 0000
Do not track GET requests to the /active endpoint **Why**: To keep our analytics logs free of noise. The `/active` endpoint currently gets hit every 30 seconds as part of the session timeout feature. 30e973 0000
Do not track GET requests to the /active endpoint **Why**: To keep our analytics logs free of noise. The `/active` endpoint currently gets hit every 30 seconds as part of the session timeout feature. 8857f9 0000
Track active SP session with session_uuid (#481) **Why**: Distinguish a SP (Identity) history as *ever* logged in vs *currently* logged in by using `session_uuid` to indicate current status. 2014e0 0000
Fix SMS and Voice fallback links for TOTP user **Why**: Cause bugs are bad. 06c60c 0000
Fix SMS and Voice fallback links for TOTP user **Why**: Cause bugs are bad. 1cf13e 0000
Adds spec to show error for TOTP users bb5f29 0000
Add view testz **Why**: crossing the t's, dotting the i's 53f876 0000
Add view testz **Why**: crossing the t's, dotting the i's 97307e 0000
Add contact page (#472) **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) f2d550 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) 28f995 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) e34998 0000
Add styles / js to IDV finance form (#477) **Why**: when users select a radio option, the text input below should update accordingly a9c6c2 0000
Track active SP session with session_uuid **Why**: Distinguish a SP (Identity) history as *ever* logged in vs *currently* logged in by using `session_uuid` to indicate current status. 35db2a 0000
Track active SP session with session_uuid **Why**: Distinguish a SP (Identity) history as *ever* logged in vs *currently* logged in by using `session_uuid` to indicate current status. 74e88a 0000
Add styles / js to IDV finance form (#477) **Why**: when users select a radio option, the text input below should update accordingly 7bf3f8 0000
fix regressions d35a27 0000
fix regressions 769e55 0000
Clean up CSS **Why**: removes stale styles, better file organization f84270 0000
Clean up CSS **Why**: removes stale styles, better file organization 111057 0000
refactor IdvSession controller concern into multiple services dfd67f 0000
refactor IdvSession controller concern into multiple services c4daca 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly 8c376d 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly 2f0407 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) b1b447 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) d85879 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) 389ff3 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) a6839a 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) b36dd7 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) 18bdfb 0000
Use dynamic routes for OTP verification **Why**: To make the code easy to extend without having to duplicate routes each time a new delivery method is added. 75cf56 0000
Use dynamic routes for OTP verification **Why**: To make the code easy to extend without having to duplicate routes each time a new delivery method is added. d976a4 0000
Use dynamic routes for OTP verification **Why**: To make the code easy to extend without having to duplicate routes each time a new delivery method is added. ddacbd 0000
Use dynamic routes for OTP verification **Why**: To make the code easy to extend without having to duplicate routes each time a new delivery method is added. d8baad 0000
add confirm_idv_needed to /idv/session aa57f1 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly 3dc299 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly 1d942d 0000
add confirm_idv_needed to /idv/session baea3c 0000
Throttle IdV attempts (#463) **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 2cbf36 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. fb4767 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 977566 0000
add tests for idv attempts reset b6a083 0000
add tests for idv attempts reset e13f9c 0000
Fix spacing/stylez re: account history **Why**: improves look & feelz 7721f9 0000
Fix spacing/stylez re: account history **Why**: improves look & feelz 8032f6 0000
Fix spacing/stylez re: account history **Why**: improves look & feelz f9aebe 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly bd497f 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly e98f97 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly 111176 0000
Add styles / js to IDV finance form **Why**: when users select a radio option, the text input below should update accordingly 6f951e 0000
Localizes copy a43ad7 0000
Localizes copy 11e4b7 0000
fix test regressions 1b7732 0000
fix test regressions 3d75bc 0000
fix reset logic for idv_attempts 2f1c8b 0000
fix reset logic for idv_attempts 4312f5 0000
users.idv_attempts db schema default of 0 d19fee 0000
users.idv_attempts db schema default of 0 74e387 0000
Rework IdvAttempter logic **Why**: Track idv_attempts on the User so that the count persists across sessions. b4e7f0 0000
Rework IdvAttempter logic **Why**: Track idv_attempts on the User so that the count persists across sessions. 535612 0000
Localizes copy 73437f 0000
Localizes copy c79f91 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) 1ac79e 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) 8638f9 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) aba063 0000
Add contact page **Why**: so people can easily get in touch **How**: user fills out form -> info gets emailed to us -> :) 10083d 0000
Swap session store gems and configure initializer. 4324a0 0000
Swap session store gems and configure initializer. 4f2a0c 0000
Swap session store gems and configure initializer. cb7ece 0000
Swap session store gems and configure initializer. 650ce0 0000
Swap session store gems and configure initializer. 63e1f0 0000
Swap session store gems and configure initializer. ed528a 0000
Swap session store gems and configure initializer. 3e5334 0000
Swap session store gems and configure initializer. d38b9a 0000
[Issue #320] Localizes all the strings 09fcb5 0000
Add contact page **Why**: so people can easily get in touch 7c4cf0 0000
Add contact page **Why**: so people can easily get in touch 05bd51 0000
Add contact page **Why**: so people can easily get in touch 58ae6c 0000
Add contact page **Why**: so people can easily get in touch 0257b8 0000
Add alert role to flash messages (#471) **Why**: For better accessibility b2ecba 0000
Add alert role to flash messages **Why**: For better accessibility 18759b 0000
Add alert role to flash messages **Why**: For better accessibility 204a4e 0000
add _in_hours to variable name a72c89 0000
add _in_hours to variable name a3e17e 0000
refactor to save a line (see what I did there?) c17992 0000
refactor to save a line (see what I did there?) da72ce 0000
tests for IdvAttempter 47c508 0000
tests for IdvAttempter a98cef 0000
tests for IdvAttempter 8e8e5b 0000
split IdV attempt tester into PORO 2dc1b7 0000
Remove playbook code **Why**: now managed in separate repo cd23d2 0000
Remove playbook code **Why**: now managed in separate repo ef3f86 0000
Remove playbook code **Why**: now managed in separate repo 48e0cc 0000
Remove playbook code **Why**: now managed in separate repo 2941a8 0000
Add favicons for all browsers, devices **Why**: spirit of inclusion 1f2827 0000
Remove playbook code **Why**: now managed in separate repo 600908 0000
Remove playbook code **Why**: now managed in separate repo d5eaf6 0000
Add favicons for all browsers, devices **Why**: spirit of inclusion 973295 0000
Add favicons for all browsers, devices **Why**: spirit of inclusion bbf690 0000
Add idv section tooltip on profile **Why**: per latest designs / content 62ddca 0000
Add idv section tooltip on profile **Why**: per latest designs / content b78019 0000
Add idv section tooltip on profile **Why**: per latest designs / content 2819e3 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 2e18dd 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. c59322 0000
Add idv section tooltip on profile **Why**: per latest designs / content 828a21 0000
Add idv section tooltip on profile **Why**: per latest designs / content 124461 0000
Add ISSUE_TEMPLATE.md (#462) **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. ba7bd1 0000
codeclimate fixes cfb48c 0000
codeclimate fixes b7d700 0000
Add test: submitting form after dismissing alert e43e15 0000
Add test: submitting form after dismissing alert 20fbe3 0000
Add test: submitting form after dismissing alert 68b5c8 0000
Add test: submitting form after dismissing alert 4a4f05 0000
fix failing tests for session config move 73774a 0000
fix failing tests for session config move 8eae72 0000
move session config wholly to application.yml 47d9cd 0000
move session config wholly to application.yml 81cb96 0000
add test for idv_attempt_window 67669d 0000
add test for idv_attempt_window 21eca3 0000
whitespace only 812e39 0000
whitespace only 6f9823 0000
page unload js does not need dynamic content f8f814 0000
page unload js does not need dynamic content 5a6ac9 0000
simplify env check bb78d6 0000
simplify env check 9fd259 0000
Add ISSUE_TEMPLATE.md **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. 7d99f1 0000
Add ISSUE_TEMPLATE.md **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. ad9e5d 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 2ced46 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 904e1a 0000
Add ISSUE_TEMPLATE.md **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. ac9941 0000
Add ISSUE_TEMPLATE.md **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. 384ab8 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. edcda5 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 80a489 0000
Throttle IdV attempts **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. fd97bb 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 444013 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. b44d03 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 475eb0 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 53bdea 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. b10f5c 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 8143a6 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 0d1136 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. acbe82 0000
Migrate profiles.dob to date column (#464) **Why**: Adding db constraint prevents bad data. 427679 0000
Migrate profiles.dob to date column **Why**: Adding db constraint prevents bad data. 9f244f 0000
Migrate profiles.dob to date column **Why**: Adding db constraint prevents bad data. f9fbd5 0000
Migrate profiles.dob to date column **Why**: Adding db constraint prevents bad data. 70e2cd 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. fe5470 0000
Migrate profiles.dob to date column **Why**: Adding db constraint prevents bad data. 0533c7 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 6b03fa 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. be7548 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 356e84 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 3f9fd5 0000
Migrate profiles.dob to date column **Why**: Adding db constraint prevents bad data. 71695b 0000
Migrate profiles.dob to date column **Why**: Adding db constraint prevents bad data. 9179df 0000
Always require state from dropdown (#460) **Why**: If we ask for state, we want a valid value. 8439d1 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. 20fbf9 0000
Disallow more than 2 IdV attempts in 24 hours **Why**: Throttling of IdV attempts helps keep costs down and UX success rate high. abc636 0000
Add ISSUE_TEMPLATE.md **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. d6e40b 0000
Add ISSUE_TEMPLATE.md **Why**: To encourage people who submit issues to provide as much information as possible to help us troubleshoot. f431a7 0000
Always require state from dropdown **Why**: If we ask for state, we want a valid value. a90403 0000
Always require state from dropdown **Why**: If we ask for state, we want a valid value. 13a4f6 0000
Always require state from dropdown e86129 0000
Enables caching for PhantomJS in Travis (#457) 14d305 0000
Enables caching for PhantomJS in Travis 861c99 0000
Enables caching for PhantomJS in Travis 8e4f40 0000
Make rack_mini_profiler optional in development (#456) **Why**: To reduce noise in the browser developer tools console due to the CSP issues caused by the gem using inline scripts. ff45fe 0000
Add -R flag to rubocop in Makefile (#455) **Why**: To include Rails-specific offenses cb56e3 0000
Make rack_mini_profiler optional in development **Why**: To reduce noise in the browser developer tools console due to the CSP issues caused by the gem using inline scripts. 39c8ac 0000
Make rack_mini_profiler optional in development **Why**: To reduce noise in the browser developer tools console due to the CSP issues caused by the gem using inline scripts. 7df02d 0000
Add -R flag to rubocop in Makefile **Why**: To include Rails-specific offenses ff71e6 0000
Add -R flag to rubocop in Makefile **Why**: To include Rails-specific offenses 9b5034 0000
Decrease idle session timeout to 8 minutes (#454) **Why**: Mitigate session vulnerability. NOTE this also alphabetizes the application.yml settings and removes a couple of duplicates. 991e1b 0000
Add server-side IdV validation (#447) **Why**: Form validation should happen client- and server-side. **How**: Add checks for DOB and finance account string (CCN). 988a40 0000
Add server-side IdV validation **Why**: Form validation should happen client- and server-side. **How**: Add checks for DOB and finance account string (CCN). 15b6bf 0000
Decrease idle session timeout to 8 minutes **Why**: Mitigate session vulnerability. NOTE this also alphabetizes the application.yml settings and removes a couple of duplicates. efc4c0 0000
Decrease idle session timeout to 8 minutes **Why**: Mitigate session vulnerability. NOTE this also alphabetizes the application.yml settings and removes a couple of duplicates. ddf0b0 0000
Simply OTP method selection **Why**: The logic for OTP method was split between `current_otp_method` and `use_totp`. This change means that `current_otp_method` contains all the logic and will never return nil. 24d834 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. 94b174 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. ec891b 0000
Refactor dob checks e2758f 0000
Add server-side IdV validation **Why**: Form validation should happen client- and server-side. **How**: Add checks for DOB and finance account string (CCN). 10513e 0000
Simply OTP method selection **Why**: The logic for OTP method was split between `current_otp_method` and `use_totp`. This change means that `current_otp_method` contains all the logic and will never return nil. 7a0b42 0000
Update UI around passcode delivery (#451) **Why**: a bit easier to use, and a more common pattern for selecting passcode delivery methods 69d26f 0000
Update UI around passcode delivery **Why**: a bit easier to use, and a more common pattern for selecting passcode delivery methods 63e2d3 0000
Use custom message with built-in validator 0a8b87 0000
Use custom message with built-in validator 292f6d 0000
Consolidate DOB error messages 3f8d4e 0000
Consolidate DOB error messages a4f765 0000
Refactor to only parse date string once 7d0580 0000
Refactor to only parse date string once d7e7b5 0000
Refactor CCN validation to use if: option 26ba39 0000
Refactor CCN validation to use if: option fb14fe 0000
Update UI around passcode delivery **Why**: a bit easier to use, and a more common pattern for selecting passcode delivery methods fcee8b 0000
Update UI around passcode delivery **Why**: a bit easier to use, and a more common pattern for selecting passcode delivery methods 4fdedc 0000
Update UI around passcode delivery **Why**: a bit easier to use, and a more common pattern for selecting passcode delivery methods 091679 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. f5519c 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. ea7ce6 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. b5084b 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. e18748 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. ae9e96 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. 64e9f3 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. 8cc864 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. 2962df 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. dae402 0000
Add support for login via recue codes **Why**: The user needs to be able to recover thier account in case they loose access to thier phone. a13551 0000
Add server-side IdV validation **Why**: Form validation should happen client- and server-side. **How**: Add checks for DOB and finance account string (CCN). f566f2 0000
Add server-side IdV validation **Why**: Form validation should happen client- and server-side. **How**: Add checks for DOB and finance account string (CCN). c6208a 0000
Refactor idv sessions into separate controllers (#431) **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 817db5 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 064248 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 5cf975 0000
Limit number of history events stored per user **Why** We don't want this table to grow unbounded or create a UI for multiple pages of events. 7c0454 0000
Limit number of history events stored per user **Why** We don't want this table to grow unbounded or create a UI for multiple pages of events. 6388a0 0000
Limit number of history events stored per user d02513 0000
Refactor idv/review before_action tests fdecba 0000
Refactor idv/review before_action tests bc5645 0000
Update default from email (#441) **Why**: 18F/identity-private#374 We have a dedicated domain **How**: Update default from email to pull from application.yml ced278 0000
Update default from email **Why**: 18F/identity-private#374 We have a dedicated domain **How**: Update default from email to pull from application.yml 99f7dc 0000
Update default from email **Why**: 18F/identity-private#374 We have a dedicated domain **How**: Update default from email to pull from application.yml a35d91 0000
[Issue #374] Updates default from email 348734 0000
[Issue #374] Updates default from email cf3f89 0000
codeclimate fixes 8be20b 0000
codeclimate fixes 8a3aea 0000
add finance form validation tests 6bdcb5 0000
add finance form validation tests e3c9da 0000
Add bin script flair :) **Why**: why not?! ddd1ee 0000
Add bin script flair :) **Why**: why not?! d15050 0000
Add bin script flair :) **Why**: why not?! 1383d3 0000
Symlink New Relic config across deploys (#444) __Why__ This is needed to add the .gitignored New Relic config to the remote server across deploys. __How__ Add to Capistrano's list of linked files. 25798c 0000
Symlink New Relic config across deploys __Why__ This is needed to add the .gitignored New Relic config to the remote server across deploys. __How__ Add to Capistrano's list of linked files. cf00ca 0000
Symlink New Relic config across deploys __Why__ This is needed to add the .gitignored New Relic config to the remote server across deploys. __How__ Add to Capistrano's list of linked files. f49b7a 0000
Update test.rb 1a3eba 0000
Update test.rb b9c69f 0000
Update test.rb 48585b 0000
Update production.rb 86b0a2 0000
Update test.rb 27abcb 0000
Update development.rb df5dd7 0000
Update development.rb 2fdc4e 0000
Update development.rb 646da8 0000
Remove the commented portion of the sidekiq monit config template 16438a 0000
Remove the commented portion of the sidekiq monit config template cf792c 0000
[Issue #374] Updates default from email f8811b 0000
[Issue #374] Updates default from email eaf9cb 0000
Removes test routes from production 3da815 0000
[Issue #332] Update environment detection **Why** We are currently checking the value of the domain name in application.yml to determine when we are in production. **How** Update lower envs to use 'staging' env and use 'production' for actual production. c53a43 0000
Limit number of history events stored per user c3e0d2 0000
Add bin script flair :) **Why**: why not?! eb2fe0 0000
Add bin script flair :) **Why**: why not?! 1ff24b 0000
Tweak idv cancel page (#439) **Why**: per latest ux / content guidance 17727d 0000
Rename constant, consistent use of private attr_writer 7da383 0000
Remove splash page (#438) **Why**: now hosted elsewhere (separate repo) 1c4cee 0000
Tweak idv cancel page **Why**: per latest ux / content guidance 6576be 0000
Tweak idv cancel page **Why**: per latest ux / content guidance 04529b 0000
Remove splash page (#438) **Why**: now hosted elsewhere (separate repo) fa0360 0000
Remove splash page **Why**: now hosted elsewhere (separate repo) 6bfb14 0000
Remove splash page **Why**: now hosted elsewhere (separate repo) 6b92df 0000
Finance form does not require a User object f7d4a9 0000
Finance form does not require a User object ebd231 0000
Remove dob validation checks (will implement in diff PR) bbe30f 0000
Remove dob validation checks (will implement in diff PR) cabfa7 0000
Combines specs for performance 03ba22 0000
Combines specs for performance e6dd3b 0000
Removes duplication 193fb6 0000
Removes duplication 09bd85 0000
standardize idv routes 5ef4b9 0000
standardize idv routes ad3489 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 619551 0000
Combines expectations for performance f82012 0000
Combines expectations for performance 04f1b1 0000
Moves delivery selection view to shared 180533 0000
Moves delivery selection view to shared 8246ed 0000
Removes unnecessary phone form helper b5e545 0000
Removes unnecessary phone form helper 05caaa 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 84d333 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. a1dfd4 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 2be8e9 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 8c8405 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. e703f7 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 7979e7 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. e7f555 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. d09b34 0000
Add explicit sign_out in /users/sessions/timeout (#429) **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 1cc1cb 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 38f37e 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 7d9639 0000
bump up devise timeout so we do not immediately expire on login fa306c 0000
bump up devise timeout so we do not immediately expire on login 4136f2 0000
debug travis flickering timing failure de2832 0000
debug travis flickering timing failure 36120e 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 3acb1e 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. ab6036 0000
Address PR review comments c2a1fd 0000
Address PR review comments cb136a 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. fd160e 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 356eab 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. f6aabb 0000
Add Playbook **Why**: Login.gov Playbook implementation as per visual designs. 8b6c09 0000
Updates string for invalid phone number 99354f 0000
Updates string for invalid phone number cff7f0 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 699096 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. dad83e 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. d73104 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 0061b0 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. b7bce2 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 899e1c 0000
bump sleep to account for slow network at travis 2205a2 0000
bump sleep to account for slow network at travis 72f7e3 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. f1e249 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 7af1e4 0000
Tweaks to alert messages (#435) **Why**: mainly to accomodate new session timeout design treatment 1c2841 0000
Move email From to application.yml (#432) **Why**: Consolidate environment settings df19f7 0000
Tweaks to alert messages **Why**: mainly to accomodate new session timeout design treatment 590007 0000
Tweaks to alert messages **Why**: mainly to accomodate new session timeout design treatment 5b8c98 0000
Move email From to application.yml (#432) **Why**: Consolidate environment settings 3cd803 0000
Move email From to application.yml **Why**: Consolidate environment settings b7505a 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 663ba6 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 0fa418 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 270048 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 3fdd72 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 797670 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. 940363 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. e6786e 0000
Refactor idv sessions into separate controllers **Why**: Better separation of concerns. All form validation now encapsulated in form-specific classes. b0ab9b 0000
Move email From to application.yml **Why**: Consolidate environment settings 454eca 0000
test fixes 8ec3dd 0000
test fixes 769484 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. e49cb2 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 441499 0000
Change Devise mailer From value **Why**: Should match UserMailer 3db103 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. df0555 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. ef7d87 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 494aec 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. aae81b 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 1266e5 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 17c2cf 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 90c250 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 9f8046 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 4bc96f 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 4b8e5d 0000
Don't use Warden for session timeout tests (#430) **Why**: I believe we need to simulate an actual sign in event to properly test session timeout with a JS driver. 57c447 0000
finance form specs eecc91 0000
finance form specs 21890d 0000
Don't use Warden for session timeout tests **Why**: I believe we need to simulate an actual sign in event to properly test session timeout with a JS driver. 7916db 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. 43b15d 0000
Add explicit sign_out in /users/sessions/timeout **Why**: Devise was not always signing out the current_user in sync with session[:session_expires_at]. The explicit sign_out call prevents automatic session extension on redirect to root_path. eb27b1 0000
Fix Rubocop offenses (#428) **Why**: We had some lingering Rails-specific offenses that you can check for by adding the `-R` flag, as in `rubocop -R`. 91f55c 0000
Fix Rubocop offenses (#428) **Why**: We had some lingering Rails-specific offenses that you can check for by adding the `-R` flag, as in `rubocop -R`. 557dec 0000
Fix Rubocop offenses **Why**: We had some lingering Rails-specific offenses that you can check for by adding the `-R` flag, as in `rubocop -R`. 59fdf5 0000
Fix Rubocop offenses **Why**: We had some lingering Rails-specific offenses that you can check for by adding the `-R` flag, as in `rubocop -R`. 6ae0c6 0000
Fix Rubocop offenses **Why**: We had some lingering Rails-specific offenses that you can check for by adding the `-R` flag, as in `rubocop -R`. 77ec15 0000
Fix Rubocop offenses **Why**: We had some lingering Rails-specific offenses that you can check for by adding the `-R` flag, as in `rubocop -R`. 92ef34 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. bda0a7 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 7e7b4c 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 5141e9 0000
Restore link to IdV cancel message (#424) **Why**: Anchor link got dropped in the text update. 108af6 0000
Restore link to IdV cancel message **Why**: Anchor link got dropped in the text update. cd8338 0000
Restore link to IdV cancel message **Why**: Anchor link got dropped in the text update. 06b7f7 0000
Tweak alert message (#422) **Why**: serif font only for short messages 8207bb 0000
Fix field-kit from stealing focus (#423) **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. cfb5b2 0000
Fix field-kit from stealing focus **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. 0a1d6a 0000
Fix field-kit from stealing focus **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. 0db0cb 0000
Fix field-kit from stealing focus **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. b2a7f4 0000
Fix field-kit from stealing focus **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. 4a0609 0000
Fix field-kit from stealing focus **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. ba07ef 0000
Fix field-kit from stealing focus **Why**: Our input formatting library causes the focus to be set on the incorrect field on page load in Safari and IE, this is a workaround for that. 2117d1 0000
Tweak alert message **Why**: serif font only for short messages 56080b 0000
Tweak alert message **Why**: serif font only for short messages c26eb5 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 0ba703 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 467462 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 96ac0b 0000
Update session timeout display (#421) **Why**: more modalish now, too easy to miss before 31c84b 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 143e7d 0000
Update session timeout display (#421) **Why**: more modalish now, too easy to miss before 29d981 0000
Update session timeout display **Why**: more modalish now, too easy to miss before 72a64b 0000
Update session timeout display **Why**: more modalish now, too easy to miss before 7baa3c 0000
Change default From email address **Why**: login.gov is alive 9896e1 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. 5cd808 0000
Duplicate SSN on IdV gets special error page **Why**: Asserting an already-verified SSN requires special messaging. fe2e5f 0000
Tweak to inline form **Why**: needed for client side error positioning 9fe069 0000
Tweak to inline form **Why**: needed for client side error positioning 9e67c8 0000
Tweak to inline form **Why**: needed for client side error positioning d28a4b 0000
Tweak to inline form **Why**: needed for client side error positioning 1bf3a2 0000
rename method 7bb5ad 0000
rename method 592831 0000
Fix footer appearance **Why**: footer was missing class, not getting flex:none fae0aa 0000
Fix footer appearance **Why**: footer was missing class, not getting flex:none cf2db8 0000
Fix IE9 form validation **Why**: Removed use of pseudo classes for better IE9 support 807112 0000
Fix footer appearance **Why**: footer was missing class, not getting flex:none 1c584f 0000
Fix IE9 form validation **Why**: Removed use of pseudo classes for better IE9 support a46949 0000
Fix IE9 form validation **Why**: Removed use of pseudo classes for better IE9 support c0ae3a 0000
Refactor phone_confirmation_controller event handling Simplify the confirmation of new vs existing phone numbers. ec4f5a 0000
Add ssn to profile, ui tweaks **Why**: so users can see what we store 90d2b1 0000
Add ssn to profile, ui tweaks **Why**: so users can see what we store 0e86ac 0000
add test for profile data on profile page 8c4f14 0000
add test for profile data on profile page a77431 0000
fix idv feature tests dd1310 0000
fix idv feature tests 72394f 0000
Add idv info to profile page **Why**: so user can see their data 90648c 0000
Add idv info to profile page **Why**: so user can see their data 6c1b77 0000
placeholder for /profile active_profile attributes dee894 0000
placeholder for /profile active_profile attributes 3bce79 0000
Add radio input indicators **Why**: so users can see / click on them :) 060148 0000
Add radio input indicators **Why**: so users can see / click on them :) 494a15 0000
fix tests 4cec57 0000
fix tests 70cb82 0000
fix failing tests 31e54a 0000
fix failing tests 06dede 0000
Proofing cancel copy **Why**: needed updated 7052fb 0000
Proofing cancel copy **Why**: needed updated bd0163 0000
Proofing cancel copy **Why**: needed updated db9fd1 0000
yank unnecessary file e40333 0000
yank unnecessary file ff730d 0000
fix reek issue d53f2b 0000
fix reek issue 525303 0000
fix reek issue 2cb1e8 0000
Refactor OmniauthCallbacksController (#414) **Why**: To address Reek offense **How**: Use a simple one-liner to detect unauthorized access as opposed to using a Pundit policy. Using a third-party gem for something this simple isn't worth it. 84a608 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location 9c044c 0000
flash messages afa020 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location c85720 0000
Reduces risk of failures b566fe 0000
Improves Fake twilio services f9bc39 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location 1856c5 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location c2851b 0000
Refactor OmniauthCallbacksController **Why**: To address Reek offense **How**: Use a simple one-liner to detect unauthorized access as opposed to using a Pundit policy. Using a third-party gem for something this simple isn't worth it. 0677e2 0000
Refactor OmniauthCallbacksController **Why**: To address Reek offense **How**: Use a simple one-liner to detect unauthorized access as opposed to using a Pundit policy. Using a third-party gem for something this simple isn't worth it. 7dafc9 0000
removes unused file [s] 7ceea3 0000
Refactor OmniauthCallbacksController **Why**: To address Reek offense **How**: Use a simple one-liner to detect unauthorized access as opposed to using a Pundit policy. Using a third-party gem for something this simple isn't worth it. 8cd10b 0000
Remove unused code **Why**: To keep our house free of clutter. As a bonus, this gets rid of several Reek warnings. b00a6d 0000
Remove unused code **Why**: To keep our house free of clutter. As a bonus, this gets rid of several Reek warnings. 82d01c 0000
add IdV phone OTP b72814 0000
add IdV phone OTP a7dbd6 0000
UI touch-ups **Why**: per design review 470492 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs b05548 0000
UI touch-ups **Why**: per design review e4f9fa 0000
UI touch-ups **Why**: per design review 917478 0000
UI touch-ups **Why**: per design review ab2e35 0000
UI touch-ups **Why**: per design review 47f7b1 0000
UI touch-ups **Why**: per design review 0145ae 0000
UI touch-ups **Why**: per design review 4e1e9f 0000
UI touch-ups **Why**: per design review 5dabd9 0000
UI touchups **Why**: per design review 6d1e46 0000
UI touchups **Why**: per design review 558881 0000
UI touchups **Why**: per design review a23546 0000
Review page tweaks **Why**: dynamic display of finance info 2e5918 0000
Review page tweaks **Why**: dynamic display of finance info ff7efd 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location 0cbacf 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location f64665 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location 96e8f4 0000
Fix inline form validation **Why**: Moves validation message to end of form instead of after input on inline forms in order to preserve submit button location 367d7d 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs 596ee4 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs 311894 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs 08549b 0000
Review page tweaks **Why**: dynamic display of finance info 828178 0000
Review page tweaks **Why**: dynamic display of finance info 25e876 0000
Add dob formatting **Why**: more human readable 52006f 0000
Add dob formatting **Why**: more human readable 90def5 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs 1f8711 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs b56921 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs 0f8504 0000
Improve checkbox and radio inputs **Why**: As per visual design, implemented wtf-forms css for checkbox and radio inputs 7376da 0000
Add dob formatting **Why**: more human readable e698ef 0000
Add dob formatting **Why**: more human readable ddb29a 0000
Stylez for review page (start) **Why**: needs it fc5b65 0000
Stylez for index, basic, finance, phone **Why**: so they look nice :) 48cd23 0000
Stylez for index, basic, finance, phone **Why**: so they look nice :) 966db9 0000
Address PR feedback 4b8b59 0000
Address PR feedback 6379a1 0000
codeclimate clean up 817515 0000
codeclimate clean up a6472a 0000
Address PR feedback db2aa4 0000
Address PR feedback 3d984e 0000
merge sticky form tests 5bd98b 0000
merge sticky form tests 77d9d7 0000
Add stylez **Why**: need it 1157a1 0000
Add stylez **Why**: need it dcf6c9 0000
fix slim-lint fails 8e5c6c 0000
fix slim-lint fails 69675e 0000
stylez for basic info, finance, phone pages c785fe 0000
stylez for basic info, finance, phone pages 27d335 0000
Small UI tweaks **Why**: making it prettier edd200 0000
Small UI tweaks **Why**: making it prettier 2d40c3 0000
Small UI tweaks **Why**: making it prettier 2a24ed 0000
Small UI tweaks **Why**: making it prettier a73d57 0000
Small UI tweaks **Why**: making it prettier 287842 0000
Small UI tweaks **Why**: making it prettier 70cd14 0000
Small UI tweaks **Why**: making it prettier 45fb3f 0000
Small UI tweaks **Why**: making it prettier 62da14 0000
Small UI tweaks **Why**: making it prettier b4f02f 0000
Nav, footer, btn tweaks **Why**: per visual designs 185822 0000
Nav, footer, btn tweaks **Why**: per visual designs bb6a4b 0000
Nav, footer, btn tweaks **Why**: per visual designs 36da86 0000
Tweak to login / signup header **Why**: per visual designs 21b14f 0000
Tweak to login / signup header **Why**: per visual designs f98a9e 0000
Tweak to login / signup header **Why**: per visual designs e8c96d 0000
Enables color in rspec output 69618e 0000
Enables color in rspec output d4f827 0000
Enables color in rspec output 6802d4 0000
Add more events to track **Why**: To have more complete analytics b69dd5 0000
Add more events to track **Why**: To have more complete analytics f8f14e 0000
fix slim-lint fails 8c5157 0000
fix slim-lint fails 85db60 0000
fix feature tests for new idv routing 68f447 0000
fix feature tests for new idv routing 806cac 0000
Design polish **Why**: Lots of visual tweaks; better spacing, sizing, etc. d2360e 0000
codeclimate clean up cfd4d6 0000
codeclimate clean up deb3aa 0000
Design polish **Why**: Lots of visual tweaks; better spacing, sizing, etc. 294435 0000
Design polish **Why**: Lots of visual tweaks; better spacing, sizing, etc. 0c6234 0000
fix tests for routing refactor 296706 0000
fix tests for routing refactor c3ba22 0000
refactor to avoid kludgy routing and instead use Rails routing 12bf59 0000
refactor to avoid kludgy routing and instead use Rails routing 48eb19 0000
Update top nav links **Why**: As per visual design, my account link in top nav should be disabled when you are on the actual account overview page 9b02da 0000
use custom 404 page 642b37 0000
use custom 404 page 87f008 0000
Update top nav links **Why**: As per visual design, my account link in top nav should be disabled when you are on the actual account overview page c105a6 0000
Update top nav links **Why**: As per visual design, my account link in top nav should be disabled when you are on the actual account overview page d38087 0000
Add default attribute bundle for demo apps (#393) **Why**: All demo apps require at least email for LOA1, so include that attribute by default. f83c2a 0000
Add default attribute bundle for demo apps (#393) **Why**: All demo apps require at least email for LOA1, so include that attribute by default. 10f447 0000
Remove unused `addons` key from .travis.yml (#396) **Why**: There was an extra `addons` entry that was inadvertently added. It wasn't causing issues, but it can cause confusion, so it's best to remove it. 2bcf38 0000
Use phone instead of user id as discriminator 4b724f 0000
Use phone instead of user id as discriminator 83c6a7 0000
Update SVG images **Why**: As per visual design 348fce 0000
Update SVG images **Why**: As per visual design 316626 0000
Remove unused `addons` key from .travis.yml **Why**: There was an extra `addons` entry that was inadvertently added. It wasn't causing issues, but it can cause confusion, so it's best to remove it. 52546c 0000
Remove unused `addons` key from .travis.yml **Why**: There was an extra `addons` entry that was inadvertently added. It wasn't causing issues, but it can cause confusion, so it's best to remove it. 5cb99b 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. bf347f 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. 6c0ca8 0000
Landing page for decline to verify identity (#397) **Why**: For users who lack or refuse to provide verification data. 506b65 0000
Update SP demo app certificates (#394) **Why**: Certs now expire in 10 years. Also, Rails and Sinatra have different certs. a0c696 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. 757180 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. 77925d 0000
Update SP demo app certificates **Why**: Certs now expire in 10 years. Also, Rails and Sinatra have different certs. 96eb87 0000
Update SP demo app certificates **Why**: Certs now expire in 10 years. Also, Rails and Sinatra have different certs. 14dd0a 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. ace5a4 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. 4671eb 0000
rewrap lines 673508 0000
rewrap lines 3ffc17 0000
rewrap lines 0e3c55 0000
rewrap lines 55340d 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 4673ab 0000
rewrap lines da640b 0000
rewrap lines ccf0e7 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. 0de5a5 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. da0ad7 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. cdba95 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. cbb47c 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 3f363d 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 140a6c 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS a1643e 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS e6ac19 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 2e39a2 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 9f7075 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 23ad38 0000
Fix .travis.yml **Why**: There was an extra `addons` entry 620251 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 92adef 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS f846f3 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. a49f9d 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. 06db23 0000
Landing page for decline to verify identity **Why**: For users who lack or refuse to provide verification data. b818e6 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS fc048c 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 169c40 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS e5fce1 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS f81842 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. cd906e 0000
Add default attribute bundle for demo apps **Why**: All demo apps require at least email for LOA1, so include that attribute by default. 2353a2 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS 13b248 0000
Update form field formatter **Why**: There were some issues with the previous library we were using, this instead uses Field-Kit which is more flexible, and also being implemented by the USWDS a517ca 0000
Track password reset request events **Why**: So we can see how often people request password resets, and for what types of user roles. c8ba36 0000
Track password reset request events **Why**: So we can see how often people request password resets, and for what types of user roles. 2aefc4 0000
Track password reset request events **Why**: So we can see how often people request password resets, and for what types of user roles. 7b027e 0000
Track password reset request events **Why**: So we can see how often people request password resets, and for what types of user roles. ec3da5 0000
Update copy on splash page (#388) **Why**: Small copy updates 4681fc 0000
Track password reset request events **Why**: So we can see how often people request password resets, and for what types of user roles. d33a33 0000
Track password reset request events **Why**: So we can see how often people request password resets, and for what types of user roles. 88ffdd 0000
Update copy on splash page **Why**: Small copy updates 6eb959 0000
Update copy on splash page **Why**: Small copy updates bea0ca 0000
Visual design feedback (#387) **Why**: Small visual tweaks 59e273 0000
Remove unused controller (#386) **Why**: It was inadvertently added back during a rebase 62d6a2 0000
Visual design feedback **Why**: Small visual tweaks 09c2e0 0000
Visual design feedback **Why**: Small visual tweaks 77c19f 0000
Visual design feedback **Why**: Small visual tweaks d42bd6 0000
Visual design feedback **Why**: Small visual tweaks e1d57b 0000
Visual design feedback **Why**: Small visual tweaks 3a8c93 0000
Visual design feedback **Why**: Small visual tweaks ee21e0 0000
Visual design feedback **Why**: Small visual tweaks feb6fa 0000
Visual design feedback **Why**: Small visual tweaks 8ca34f 0000
Visual design feedback **Why**: Small visual tweaks c3c5eb 0000
Visual design feedback **Why**: Small visual tweaks fff7dd 0000
Remove unused controller **Why**: It was inadvertently added back during a rebase 3491f5 0000
Remove unused controller **Why**: It was inadvertently added back during a rebase bf0979 0000
Add more events to track **Why**: To have more complete analytics 8b8219 0000
Add more events to track **Why**: To have more complete analytics bc92ae 0000
Add more events to track **Why**: To have more complete analytics adaaa9 0000
Add more events to track **Why**: To have more complete analytics f38fa2 0000
Add more events to track **Why**: To have more complete analytics 0840fd 0000
Add more events to track **Why**: To have more complete analytics c860e9 0000
Renames User mobile to phone (#375) Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model b5c00d 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model ea8b0e 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model b7c769 0000
[Issue #592] Re-enables spec (#384) Why This spec was disabled because of intermittent failures How PhantomJS was upgraded to 2.1.1 and now this spec is passing 18addc 0000
[Issue #592] Re-enables spec (#384) Why This spec was disabled because of intermittent failures How PhantomJS was upgraded to 2.1.1 and now this spec is passing 04e37d 0000
[Issue #592] Re-enables spec (#384) Why This spec was disabled because of intermittent failures How PhantomJS was upgraded to 2.1.1 and now this spec is passing 107069 0000
[Issue #592] Re-enables spec Why This spec was disabled because of intermittent failures How PhantomJS was upgraded to 2.1.1 and now this spec is passing dddb62 0000
[Issue #592] Re-enables spec Why This spec was disabled because of intermittent failures How PhantomJS was upgraded to 2.1.1 and now this spec is passing 19b79e 0000
Disable KBV by default. (#383) **Why**: - We're most likely gonna go to market without KBV. **How**: - Make test for `=='true'` rather than `!='false'`. - Adjust `application.yml.example` to specify false. 402331 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 7ef7e9 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 963281 0000
Disable KBV by default. **Why**: - We're most likely gonna go to market without KBV. **How**: - Make test for `=='true'` rather than `!='false'`. - Adjust `application.yml.example` to specify false. 21ce9b 0000
Disable KBV by default. **Why**: - We're most likely gonna go to market without KBV. **How**: - Make test for `=='true'` rather than `!='false'`. - Adjust `application.yml.example` to specify false. cb802a 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model b07e16 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 3e7b3b 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 4daf23 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model a60347 0000
Visual tweaks **Why**: Visual improvements d0fa8d 0000
Visual tweaks **Why**: Visual improvements 6b5f89 0000
Fix DuplicateMethodCall Reek offenses (#370) **Why**: To improve performance. 1c63e7 0000
Temporarily disable account deletion (#358) **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 5b6ae0 0000
Refactor SamlTestController (#355) **Why**: To address Reek and Rubocop offenses bd737a 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model c811e8 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model de0d3c 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 4cc011 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model ac00f2 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 6d11c4 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 329e76 0000
Fix Simple Form deprecation warnings **Why**: `form_class` will be replaced with `default_form_class` in 4.0 adc1e2 0000
Fix Simple Form deprecation warnings **Why**: `form_class` will be replaced with `default_form_class` in 4.0 997b43 0000
Fix Simple Form deprecation warnings **Why**: `form_class` will be replaced with `default_form_class` in 4.0 ad3211 0000
Visual tweaks **Why**: Visual improvements 2064ea 0000
Visual tweaks **Why**: Visual improvements 629012 0000
Visual tweaks **Why**: Visual improvements a94c39 0000
Visual tweaks **Why**: Visual improvements 1f7a5e 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. f89cc3 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 234ca0 0000
Update uglifier from 3.0.0 to 3.0.1 73d517 0000
Update uglifier from 3.0.0 to 3.0.1 28c2d8 0000
Update uglifier from 3.0.0 to 3.0.1 cacc1f 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 4d4613 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 1db167 0000
Fix alert icon (#378) **Why**: svgs > png e03d39 0000
Fix alert icon **Why**: svgs > png c89dcf 0000
Fix alert icon **Why**: svgs > png 9fd5e1 0000
UI tweaks / fixes **Why**: why not bd8ec7 0000
UI tweaks / fixes **Why**: why not a5b1c4 0000
UI tweaks / fixes **Why**: why not cd5279 0000
Refactor SamlTestController **Why**: To address Reek and Rubocop offenses 336458 0000
Refactor SamlTestController **Why**: To address Reek and Rubocop offenses cc98e4 0000
Iterate on visual design cont. (#376) **Why**: Continued improvements based on visual design feedback db8a03 0000
Iterate on visual design cont. **Why**: Continued improvements based on visual design feedback 7839f6 0000
Iterate on visual design cont. **Why**: Continued improvements based on visual design feedback a17484 0000
Iterate on visual design cont. **Why**: Continued improvements based on visual design feedback ef77e6 0000
Iterate on visual design cont. **Why**: Continued improvements based on visual design feedback aa6822 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 01cccd 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 6d417b 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model a7ccb0 0000
Renames User mobile to phone Why Our application will now support SMS and Voice OTP How Rename the :mobile attribute to :phone on User model 7c595a 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. 9f8707 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. f762b1 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. df8a5a 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. ec6324 0000
[Issue #591] Install latest PhantomJS in Travis (#363) Why The older version of PhantomJS is causing intermittent errors in our CI pipeline How Manually install PhantomJS 2.1.1 in Travis fd0194 0000
Remove unnecessary conditionals from email form (#373) **Why**: To simplify the code 21b015 0000
Updates endpoints for sp-rails demo d76eef 0000
Updates endpoints for sp-rails demo (#374) 4d0752 0000
Updates endpoints for sp-rails demo ffc202 0000
Updates endpoints for sp-rails demo 0489b0 0000
Fix UnusedParameters Reek offenses (#369) **Why**: To clean up methods. d7b23f 0000
Update Reek and Rubocop (#371) **Why**: To get the latest versions so our analysis can be accurate. 5b83a2 0000
Remove unnecessary conditionals from email form **Why**: To simplify the code 9bd57a 0000
Remove unnecessary conditionals from email form **Why**: To simplify the code ba7011 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. 4f6ce8 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. 301cf0 0000
Update Reek and Rubocop **Why**: To get the latest versions so our analysis can be accurate. 5a0dfc 0000
Update Reek and Rubocop **Why**: To get the latest versions so our analysis can be accurate. 8a5b35 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. 714857 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. 9630c1 0000
Refactor PasswordsController#create **Why**: To fix Reek and Rubocop offenses 1648b9 0000
Refactor PasswordsController#create **Why**: To fix Reek and Rubocop offenses 9aa561 0000
Fix Reek NilCheck and Rubocop offenses **Why**: To remove unnecessary conditionals, using the 'Tell, don't ask' principle where possible. 183e3a 0000
Update Reek and Rubocop **Why**: To get the latest versions so our analysis can be accurate. 9f83ea 0000
Update Reek and Rubocop **Why**: To get the latest versions so our analysis can be accurate. 6bcf70 0000
Fix DuplicateMethodCall Reek offenses **Why**: To improve performance. 57d759 0000
Fix UnusedParameters Reek offenses **Why**: To clean up methods. 792770 0000
Fix UnusedParameters Reek offenses **Why**: To clean up methods. 6533c7 0000
Upgrades to latest stable node version in Travis (#368) Why npm install fails intermittently with node v0.10 How Have the latest stable node version installed prior to installing packages ef63a0 0000
Upgrades to latest stable node version in Travis (#368) Why npm install fails intermittently with node v0.10 How Have the latest stable node version installed prior to installing packages ae7816 0000
Iterate on landing copy / design **Why**: making it better 94542f 0000
Iterate on landing copy / design **Why**: making it better f327d7 0000
Upgrades to latest stable node version in Travis Why npm install fails intermittently with node v0.10 How Have the latest stable node version installed prior to installing packages 76d869 0000
Upgrades to latest stable node version in Travis Why npm install fails intermittently with node v0.10 How Have the latest stable node version installed prior to installing packages bac952 0000
Iterate on landing copy / design **Why**: making it better 02ec0d 0000
Iterate on landing copy / design **Why**: making it better fab184 0000
Iterate on visual design (#367) **Why**: Made server side form validation errors match client side, along with various spacing and font size adjustments ef4d6b 0000
Iterate on visual design **Why**: Made server side form validation errors match client side, along with various spacing and font size adjustments 730370 0000
Iterate on visual design **Why**: Made server side form validation errors match client side, along with various spacing and font size adjustments d08ac2 0000
Disable flaky test (#365) **Why**: it intermittently fails on Travis and slows down dev workflow 90595c 0000
Disable flaky test **Why**: it intermittently fails on Travis and slows down dev workflow de94c3 0000
Disable flaky test **Why**: it intermittently fails on Travis and slows down dev workflow 8c5208 0000
Iterate on visual design **Why**: Made server side form validation errors match client side, along with various spacing and font size adjustments b69dbc 0000
Iterate on visual design **Why**: Made server side form validation errors match client side, along with various spacing and font size adjustments 7f3145 0000
Iterate on landing copy / design **Why**: making it better fc9b77 0000
Iterate on visual design **Why**: Made server side form validation errors match client side, along with various spacing and font size adjustments 1d434e 0000
[Issue #591] Install latest PhantomJS in Travis Why The older version of PhantomJS is causing intermittent errors in our CI pipeline How Manually install PhantomJS 2.1.1 in Travis b912fb 0000
[Issue #591] Install latest PhantomJS in Travis Why The older version of PhantomJS is causing intermittent errors in our CI pipeline How Manually install PhantomJS 2.1.1 in Travis 1d2258 0000
Iterate on landing copy / design **Why**: making it better a9b307 0000
Iterate on landing copy / design **Why**: making it better bdd6c1 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. e564f6 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. b455d2 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 558f4b 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. d01c49 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 1c69d4 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. d2eddc 0000
Disable flaky test **Why**: it intermittently fails on Travis and slows down dev workflow 2c0e39 0000
Disable flaky test **Why**: it intermittently fails on Travis and slows down dev workflow d1e39f 0000
Make landing page tweaks (#359) **Why**: per feedback from Joel 033ae9 0000
[Issue #591] Install latest PhantomJS in Travis Why The older version of PhantomJS is causing intermittent errors in our CI pipeline How Manually install PhantomJS 2.1.1 in Travis 26b75d 0000
[Issue #591] Install latest PhantomJS in Travis Why The older version of PhantomJS is causing intermittent errors in our CI pipeline How Manually install PhantomJS 2.1.1 in Travis cd5c6d 0000
Add the :web role to the list of hosts to be restarted __Why__ Capistrano was only restarting the worker hosts and not the web role hosts that have are serving the app. __How__ Add the :web role to the list of hosts to be restarted in the deploy.rb e9fe4c 0000
Removes unused file 233ad8 40913
Add the :web role to the list of hosts to be restarted __Why__ Capistrano was only restarting the worker hosts and not the web role hosts that have are serving the app. __How__ Add the :web role to the list of hosts to be restarted in the deploy.rb 69c589 0000
Disable cop for a specific method bce295 40913
Make landing page tweaks (#359) **Why**: per feedback from Joel d6c3b4 0000
Make landing page tweaks (#359) **Why**: per feedback from Joel 06a690 0000
Remove autofocus from form fields **Why**: we made decision to remove these across app for accessibility reasons ae8cd9 0000
Make landing page tweaks (#359) **Why**: per feedback from Joel 53f4fa 0000
Disable brittle test **Why**: it intermittently fails on Travis and slows down dev workflow 660202 0000
Disable brittle test **Why**: it intermittently fails on Travis and slows down dev workflow d5c6a0 0000
Make landing page tweaks **Why**: per feedback from Joel c882ca 0000
Make landing page tweaks **Why**: per feedback from Joel 956fc4 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 7700c0 0000
Fix UnusedParameters Reek offenses **Why**: To clean up methods. e145b6 0000
Fix UnusedParameters Reek offenses **Why**: To clean up methods. da7827 0000
Temporarily disable account deletion **Why**: We haven't yet figured out whether or not (and how) to guarantee that when the same user comes back, they should end up with the same MBUN. 9cfa1d 0000
Fix Reek NilCheck and Rubocop offenses **Why**: To remove unnecessary conditionals, using the 'Tell, don't ask' principle where possible. ce34cd 0000
Fix Reek NilCheck and Rubocop offenses **Why**: To remove unnecessary conditionals, using the 'Tell, don't ask' principle where possible. a7fd2a 0000
Disable cop for a specific method 8aed71 40913
Disable cop for a specific method 2c1520 40913
Creates concern related to session in confirmations 802436 40913
Cleans up fallback links and adds specs 043594 40913
Cleans up fallback links and adds specs 95cbdd 40913
Fix Reek NilCheck and Rubocop offenses **Why**: To remove unnecessary conditionals, using the 'Tell, don't ask' principle where possible. a73fc3 0000
Fix Reek NilCheck and Rubocop offenses **Why**: To remove unnecessary conditionals, using the 'Tell, don't ask' principle where possible. a92cd5 0000
Removes duplication related to phone confirmation 3c4547 40913
Add error icon to invalid form field (#357) **Why**: better indication of something user needs to address 4ead38 0000
Add error icon to invalid form field **Why**: better indication of something user needs to address 19df3f 0000
Add error icon to invalid form field **Why**: better indication of something user needs to address 1d14e2 0000
Improves climate of code Removes smells Improves smell of form d2fba0 40913
Improves smell of form ada8e3 40913
Adds specs for Update Profile form 4a9e14 40913
Add edit password functionality **Why**: this is a feature we want to provide 46c90d 0000
Add edit password functionality **Why**: this is a feature we want to provide 7063ea 0000
Add edit password functionality **Why**: this is a feature we want to provide b70581 0000
Add edit password functionality **Why**: this is a feature we want to provide a09ff1 0000
Remove inline style **Why**: inline styles are blocked 7a6736 0000
Add edit password functionality **Why**: this is a feature we want to provide 45bf69 40913
Remove inline style **Why**: inline styles are blocked 05bc60 0000
Remove inline style **Why**: inline styles are blocked c51b3f 0000
Update development guide links in CONTRIBUTING.md (#354) **Why**: 404s are bad. 9f0e0b 0000
Update development guide links in CONTRIBUTING.md (#354) **Why**: 404s are bad. 152327 0000
Refactor SamlTestController **Why**: To address Reek and Rubocop offenses e47dd6 0000
Refactor SamlTestController **Why**: To address Reek and Rubocop offenses ea948b 0000
Refactor SamlTestController **Why**: To address Reek and Rubocop offenses 3b6af6 0000
Update development guide links in CONTRIBUTING.md **Why**: 404s are bad. 77bec9 0000
Update development guide links in CONTRIBUTING.md **Why**: 404s are bad. ea8917 0000
Test identity.uuid via IdentityLinker (#352) **Why**: Verify that IdentityLinker is creating the appropriate UUID on Identity model. cf57d8 0000
Improves climate of code Removes smells Skips instance variable max :cop: 5f19c8 40913
Skips instance variable max :cop: d4169a 40913
Removes smells c3b198 40913
Improves climate of code 0040cb 40913
Updates Sinatra SP endpoints Why Sinatra SP has updated endpoints https://github.com/18F/identity-sp-sinatra/pull/28/files How Update endpoints configured in Sinatra SP c85de0 0000
Enables SMS preference for phone 077db4 40913
Test identity.uuid via IdentityLinker **Why**: Verify that IdentityLinker is creating the appropriate UUID on Identity model. b8fb70 0000
Test identity.uuid via IdentityLinker **Why**: Verify that IdentityLinker is creating the appropriate UUID on Identity model. c47ea7 0000
Configure reek for specs and fix offenses (#351) **Why**: To define offenses we don't care about in tests, and to fix the ones we care about. 4d01bb 0000
Configure reek for specs and fix offenses **Why**: To define offenses we don't care about in tests, and to fix the ones we care about. 146704 0000
Configure reek for specs and fix offenses **Why**: To define offenses we don't care about in tests, and to fix the ones we care about. 2a96fc 0000
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 53b418 0000
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. e0a5e6 40913
Make login.gov (b)landing page (#350) **Why**: a pretty page that introduces what we are doing :) a3ea51 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 45f7c9 40913
Make login.gov (b)landing page **Why**: a pretty page that introduces what we are doing :) c58cd8 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 5ecf3f 40913
Make login.gov (b)landing page **Why**: a pretty page that introduces what we are doing :) c66411 40913
Separate reading and writing anayltics service **Why**: To keep the concerns separated. 1a7ac7 0000
Separate reading and writing anayltics service **Why**: To keep the concerns separated. 07d175 0000
Separate reading and writing anayltics service **Why**: To keep the concerns separated. 562093 0000
Separate reading and writing anayltics service **Why**: To keep the concerns separated. 179e32 0000
MBUN is unique per Service Provider (#332) **Why**: NIST requires unique MBUN per user per service provider. f056c7 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 1d9713 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 6c2762 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 577389 40913
MBUN is unique per Service Provider (#332) **Why**: NIST requires unique MBUN per user per service provider. c8f0a3 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 6240f7 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. b5124c 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. a366ba 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 28e387 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. befbe9 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. d5b605 40913
Attempt to fix flakey capybara test **Why**: We are seeing intermittent timout failures for this one test on travis. My guess is that the 1 second timeout is being hit occationaly during the login process rather than after it, as intended by the test. a8acad 40913
Attempt to fix flakey capybara test **Why**: We are seeing intermittent timout failures for this one test on travis. My guess is that the 1 second timeout is being hit occationaly during the login process rather than after it, as intended by the test. 50dabb 40913
Add edit password functionality **Why**: this is a feature we want to provide 1dd161 40913
Add edit password functionality **Why**: this is a feature we want to provide 57dd71 40913
Add edit password functionality **Why**: this is a feature we want to provide 79c538 40913
Add edit password functionality **Why**: this is a feature we want to provide b27f19 40913
Add edit password functionality **Why**: this is a feature we want to provide 7bb97f 40913
Add edit password functionality **Why**: this is a feature we want to provide 980af9 40913
Add edit password functionality **Why**: this is a feature we want to provide 6db0a1 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 42d80f 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. b8c958 40913
Make SMS message consistent **Why**: consistency is nice 4a8618 40913
Make SMS message consistent **Why**: consistency is nice b4929b 40913
Removes sms-spec gem Why The sms-spec gem only handled SMS messages even though it hooked in to the twilio-ruby REST client. How Remove sms-spec gem and create custom mock client for handling Twilio API requests. Separate SMS and Voice services c85370 40913
Re-land of 'Remove #edit and #update from registrations_controller (#303)' (#335) This is a re-land of 4ee002e426f490db4adbb88a9d0ee795c5348ccb. d5e704 40913
Do not install foreman every time setup runs (#344) **Why**: We setup far more often than foreman gets updated. 3c2e42 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 13e666 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. e12ba1 40913
Re-land of 'Remove #edit and #update from registrations_controller (#303)' (#335) This is a re-land of 4ee002e426f490db4adbb88a9d0ee795c5348ccb. 3a316b 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 66fa29 40913
Add edit password functionality **Why**: this is a feature we want to provide ab1ac1 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 4d1ce6 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. a13cdd 40913
Use explicit methods instead of yielding **Why**: It's cleaner and avoids string vs symbol vs CONSTANT battles e83008 40913
Use explicit methods instead of yielding **Why**: It's cleaner and avoids string vs symbol vs CONSTANT battles 3ad8a6 0099
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. c469a9 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. d4b404 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 20ff97 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. cc82e4 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 605534 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. 530c8b 40913
Catch duplicate SSN attempt during IdV **Why**: SSN must be unique, so alert the user as early as possible of the problem. ecab0c 40913
Make SMS message consistent **Why**: consistency is nice 1f0229 40913
Make SMS message consistent **Why**: consistency is nice f013e7 40913
Refactor form validation (#333) **Why**: To consolidate the various client side methods we are using. 85c0f2 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. a3cf4c 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. bb313a 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 486948 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 95ab42 40913
Remove unused ial field from identities table The IAL of a given user is now signaled by an active proofing record in the `profiles` table. This field is unused. fb6402 40913
Remove unused ial field from identities table The IAL of a given user is now signaled by an active proofing record in the `profiles` table. This field is unused. 123fd6 40913
Remove unused ial field from identities table aa8738 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 61bc32 40913
Do not install foreman every time setup runs **Why**: We setup far more often than foreman gets updated. abd87a 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 9b246f 40913
Do not install foreman every time setup runs **Why**: We setup far more often than foreman gets updated. 147d2b 40913
Do not install foreman every time setup runs **Why**: We setup far more often than foreman gets updated. fd1911 40913
Add User.decorate method (#342) **Why**: Encourage use of UserDecorator by making it easier to construct. 09bfa1 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 69b98a 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 4b6cad 40913
Restore authorization model spec 0f54c6 40913
Restore authorization model spec c8ae13 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 39a0b3 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. d42211 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 9519a5 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. cdec4f 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 72ee53 40913
Refactor form validation **Why**: To consolidate the various client side methods we are using. 4f362f 40913
Update capistrano for two host setup + login.gov domain (#328) This adds support for deploying to the TF and DEV envs via Capistrano. de4e41 40913
Address PR feedback a1b2f6 0099
Address PR feedback 3d26e6 40913
Changes instances of mobile to phone Adds ability to enable SMS with phone Allows fallback to SMS or phone when confirming phone 7184a9 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. d28a27 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. c8b45e 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 26013e 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 5cfbe1 40913
Add User.decorate method **Why**: Encourage use of UserDecorator by making it easier to construct. ed9465 40913
Add User.decorate method **Why**: Encourage use of UserDecorator by making it easier to construct. 176e0d 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. bbb8ab 40913
MBUN is unique per Service Provider **Why**: NIST requires unique MBUN per user per service provider. 6f536b 40913
Removes old cloud.gov entry d6efc4 40913
Removes old cloud.gov entry 542ce1 40913
Removes old cloud.gov entry 816969 40913
Updates dashboard SP entries 493558 40913
Updates dashboard SP entries d53d29 40913
Re-land of 'Remove #edit and #update from registrations_controller (#303)' This is a re-land of 4ee002e426f490db4adbb88a9d0ee795c5348ccb. a8e020 40913
Re-land of 'Remove #edit and #update from registrations_controller (#303)' This is a re-land of 4ee002e426f490db4adbb88a9d0ee795c5348ccb.