RC 457

User-Facing Improvements

• Content Legibility: Avoid orphaned punctuation using non-breaking whitespace (#11929)

Bug Fixes

• Sign-In: Maintain partner link when session times out at sign-in (#11930)
• accessibility: Slow down countdown frequency (#11899)

Internal

• Anti-Fraud Tooling: Submit reCAPTCHA annotations through worker job (#11926)
• Dependencies: Update dependencies to latest versions (#11928)
• Lexis Nexis Request: Add uuid to threatmetrix job (#11938)
• Reporting: Add idv_level to ProfileSummary report (#11935)

RC 456

Internal

• Performance: Offload reCAPTCHA annotations to worker job (#11883)

RC 455

User-Facing Improvements

• Auth & Account Management: Add password strength feedback when focus on password field (#11907)
• Authentication: LQA update sprint 331 (#11911)
• Authentication: Dont show account presenter (#11903)

Bug Fixes

• Auth & Acct Management: Fix section heading for backup codes in account dashboard (#11918)
• Doc Auth: Acuant security patch for manual uploads (#11894)

Internal

• Document Authentication: Add doc_auth_vendor as a column to document_capture_sessions database table (#11905)
• In-person Proofing: Remove usps_ipp_transliteration_enabled flag (#11909)
• In-person proofing: Added option to throw Timeout Error to IPP mock proofer when requesting USPS facilities (#11910)
• Maintenance: Update phonelib dependency (#11908)
• doc capture routing: Refactor doc capture routing to route directly yo correct vendor controller (#11897)

Upcoming Features

• Attempts API: Adding token validation (#11889)

RC 454

This release was reverted

User-Facing Improvements

• Auth & Account Management: Add password strength feedback when focus on password field (#11907)

Bug Fixes

• Doc Auth: Acuant security patch for manual uploads (#11894)

Internal

• Document Authentication: Add doc_auth_vendor as a column to document_capture_sessions database table (#11905)
• Maintenance: Update phonelib dependency (#11908)
• Document Capture: Refactor document capture routing to route directly to correct vendor controller (#11897)

RC 453.1

User-Facing Improvements

• Sign In: Improve design clarity of "Sign In" / "Create an Account" tabs (#11898)

RC 453

User-Facing Improvements

• Account Management: Add user event type for backup code removal (#11888)
• In-person Proofing: Allow users to perform password reset on pending in-person profiles in fraud review without losing progress if the user supplies their personal key. (#11855)
• In-person Proofing: Hide the warning banner on the password reset page when feature_pending_in_person_password_reset_enabled is true (#11885)

Bug Fixes

• Document Authentication: Validate DocV state ID type (#11895)

Internal

• Analytics: Update FormResponse error detail serialization as default behavior (#11850)
• Dependencies: Update dependencies to resolve security advisories (#11896)
• Document Authentication: Rate limiting on last attempt to evaulate vendor and pii validation (#11875)
• Maintenance: Remove NewRelic monkey patch (#11901)
• Monitoring: Disable distributed tracing in NewRelic (#11900)
• reCaptcha optimization: Load reCAPTCHA script earlier in page (#11880)

RC 452

User-Facing Improvements

• Account reset: Update account reset styling (#11879)
• In-person Proofing: Add higher dpi images for warning and info alert email icons (#11566)
• Sign In: Improve design clarity of "Sign In" / "Create an Account" tabs (#11872)
• Translations: Improve translations for Face or Touch Unlock account history actions (#11877)

Internal

• Dependencies: Update dependencies to latest versions (#11886)
• Dependencies: Update dependency to resolve security advisory (#11882)
• Linting: Include MJS and CJS files in ESLint lint (#11881)
• Performance: Remove some NewRelic method tracing (#11887)
• Socure: Add Socure's error status and message to analytics when present. (#11851)
• allow_direct_ipp: Refactor allow direct ipp to not use skip_doc_auth_from_handoff as it is not an accurate representation (#11871)

Upcoming Features

• Passport: Adding env variables for passport doc auth development (#11884)
• Attempts API: Adds initial draft of API spec (#11689)

RC 451

User-Facing Improvements

• Rate limit language: Updating language show on doc auth rate limit screen (#11849)

Bug Fixes

• Analytics: Log correct DLDV requested attributes (#11826)
• Accessibility and Authorization: Modal has been added/included that gives the user the ability to extend time with current session (#11783)
• Document Capture: Remove space from document capture layout. (#11842)

Internal

• A/B Tests: Add support for A/B tests daily reporting (#11835)
• A/B Tests: Add persistence option for A/B tests (#11853)
• Analytics: Add list of integrations not including openid scope (#11864) (#11864)
• Analytics: Log errors for profile reactivity password submitted (#11822)
• Analytics: Update AnalyticsEventsDocumenter to require exact "**extra" (#11860)
• Analytics: Invert default logging behavior for A/B test (#11862)
• Analytics: Omit errors from serialized form response if details present (#11846)
• Dependencies: Update dependencies to latest versions (#11863)
• Dependencies: Update dependency to resolve security advisory (#11865)
• Documentation: Add A/B testing documentation (#11859)
• In-person proofing: Integrates the flow policy into the state id and address controllers (#11815)
• Maintenance: Update to Ruby 3.4.1 (#11856)
• Performance: Remove fetch to avoid unnecessary hash allocation (#11854)
• Reporting: Stale data check updates (#11797)
• Sign in Analyticsg: Tab tracking analytics event added (#11839)
• Socure: Removed unnecessary before: filter bypasses (#11861)
• Source code: Optimize dynamic method access (#11857)

RC 450

User-Facing Improvements

• Account History: Improve history label when adding or removing Face or Touch Unlock (#11823)

Bug Fixes

• Account History: Avoid showing label for unknown event type (#11834)
• Identity verification: Fix rare issue where user may get stuck on "Verify your information" (#11820)
• rate limit: Allow succeful submission for last attempt in hybrid flow (#11837)

Internal

• Analytics: Add tracking for response AAL fix (#11817)
• IDV: Update ProofingComponents to only take an idv_session (#11771)
• In-person Proofing: Remove old single field address search from both the address-search package and step components that use it (#11829) (#11829)
• Maintenance: Update css_parser gem (#11847)
• Performance: Reduce object allocations in identity verification (#11841)
• Performance: Reduce repeated decoding in AesEncryptor (#11844)
• Source code: Update source documentation (#11843)

Upcoming Features

• Partner Email Selection: Only redirect to select email screen if feature enabled (#11845)
• Recaptcha: Annotate sign-in reCAPTCHA from 2-factor attempts (#11801)

RC 449

User-Facing Improvements

• In-person Proofing: Allow users to perform a password reset on pending in-person profiles without losing progress if the user supplies their personal key. (#11762)

Bug Fixes

• socure: Changing is_defined to defined method (#11828)
• socure: Socure user set uuid nil issue fix (#11827) (#11827)

Internal

• Analytics: Omit errors from analytics when error_details available (#11810)
• Dependencies: Update dependencies to latest versions (#11825)

Upcoming Features

• Account History: Improve history label when adding or removing Face or Touch Unlock (#11833)
• Authentication: Allow all_emails and email to return last sign in email (#11717)