Releases: GSA/smartpay-training
Releases · GSA/smartpay-training
SmartPay Training Sprint 31 Release v3.8
Sprint 31 release includes the following:
- BUG: Update the GSPC URL
#562 - User can view GSPC Certificates on Access Past Certificates
#556 - Question 14: Purchase A/OPC Training: Deactivation and reactivation
#563 - Question 3. Purchase Card/Account Holder Training Quiz
#551 - Question 23: Card/Account Holders and Approving Officials Purchase Training Quiz
#462
SmartPay Training Sprint 30 Release v3.7
This sprint release includes the following:
- Create a table or modify a table to store the data from GSPC
#553 - GSPC | Create Content for Email that goes to individuals who have completed GSPC coursework and experience requirements
#450 - Verify Experience for User Who Has Met GSPC Course Requirements
#21 - Issue Certificate to User Who Has Met GSPC Course and Experience Requirements
#26 - Training Website Content Changes - May
#552
SmartPay Training Sprint 29 Release v3.6
SmartPay Training emergency Release v3.5
The following was included in the emergency release:
- Remove the cost-benefit savings information From Lesson One on all five Training
#544
SmartPay Training Sprint 28 Release v3.4
This release contains the following:
- GSPC Date picker Issues
#537 - GSPC | Duplicate Loginless Screens Used on the Current Training Website
#449 - Update State Taxes Link within training
#533 - Add button to the Send Invitations for GSA SmartPay Program Certification screen
#509 - Bug: Update content in email sent to GSPC Attendees
#510 - Dependabot Alert: Path traversal in webpack-dev-middleware
#521 - Change 560 federal agencies/organizations and Native American tribal governments to 250
#526
SmartPay Training Sprint 27 Release v3.3
SmartPay Training v3.2
Emergency Release v3.1
Emergency Release to fix broken URL for the Admin Page - Search.
SmartPay Training 3.0
This release contains the following:
- GSPC | Email Title and Content Once User Initially Attempts to Begin GSPC Verification
#456 - Administrator | Loading GSPC Eligible List into the Training System
#19 - Create Training - Admin Landing Page
#494 - Dependabot Alert: FastAPI Content-Type Header ReDoS
#496 - Dependabot Alert: python-multipart vulnerable to Content-Type Header ReDoS
#499
SmartPay Training Sprint 23 v2.2
This release includes the following:
- Dependabot Alert: crypto-js PBKDF2 is 1,000 times weaker than specified in 1993 and 1.3M times weaker than the current standard
- Dependabot Alert: Zod denial of service vulnerability
- Dependabot Alert: Undici's cookie header is not cleared on cross-origin redirect in the fetch
- Dependabot Alert: Follow Redirects improperly handles URLs in the url.parse() function
- Dependabot Alert: Axios Cross-Site Request Forgery Vulnerability
- Dependabot Alert: Babel is vulnerable to arbitrary code execution when compiling specifically crafted malicious code
- Dependabot Alert: Vite XSS vulnerability in server.transformIndexHtml via URL payload
- Dependabot Alert: Vite dev server option server.fs.deny can be bypassed when hosted on case-insensitive filesystem
What's Changed
- Production Release (sprint 23) by @felder101 in #495
Full Changelog: smartpay-training-v2.1...smartpay-training-v2.2