add PoC for chaining filestream with gzip stream #2863
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## 🎫 Ticket https://jira.cms.gov/browse/DPC-5053 ## 🛠 Changes - Invitation error component renamed so can be used more generally - Login IAL/1 without existing user shows error message with ability to log out of login.gov ## ℹ️ Context If a user without an account tries to log in to the portal from the sign in page (rather than via the invitation flow), we reject the attempt. However, as the user was still logged in to login.gov, hitting the log in button just sent them to login.gov, which redirected them back to us, which led them back to the sign in page. Now, instead of the sign in page, we send them to an error page with the option to log out of login.gov. As we already have a fairly generic error page set up for the invitation flow, I just used that. ## 🧪 Validation Manual and automated testing. ### No account <img width="846" height="456" alt="no_account" src="https://github.com/user-attachments/assets/1ea7a62e-29f1-4edd-b512-bab9b28820a2" /> ### Failed Invite <img width="834" height="419" alt="failed_invite" src="https://github.com/user-attachments/assets/8efaafd6-84f9-49e4-9679-8cd82f61c804" />
…le (#2864) ## 🎫 Ticket https://jira.cms.gov/browse/DPC-5068 ## 🛠 Changes Attribute added to IP Address hash ## ℹ️ Context When developing the table, we did not know the exact IP Address data model we would receive from the API. The address is returned in a nested attribute. Instead of making the view components more complex, it seemed easier to just bring the attribute up to the root of the hash, using the key we had already applied. ## 🧪 Validation Manual and automated testing. <img width="809" height="928" alt="ip_addr" src="https://github.com/user-attachments/assets/47ea28b5-77e9-41c3-a2c2-6e1ee2e655f7" />
## 🎫 Ticket No Ticket ## 🛠 Changes Added resolutions stanza to dpc-load-testing/package.json to boost version of transitive dependency. ## ℹ️ Context Resolves CWE-1321 security issue in js-yaml by dependabot: - https://github.com/CMSgov/dpc-app/security/dependabot/751 - https://github.com/CMSgov/dpc-app/security/dependabot/754 ## 🧪 Validation yarn still runs lint and test yarn.lock file points to good versions
## 🎫 Ticket https://jira.cms.gov/browse/DPC-5103 ## 🛠 Changes - added skip value to matrix in check_deploy - added skip possibility in check-deployment-status script ## ℹ️ Context Changes to monitoring ecs deploy included removing a not-great mechanism for skipping the check for services that are not deployed to a given environment -- for example, we don't deploy dpc-admin or dpc-web to prod. This PR makes deciding which services to check in deployment explicit in the check_deploy matrix. ## 🧪 Validation Ran truncated versions of ecs-deploy to verify things run unless skipped (used "test" instead of "sandbox" for actual test). - All checks run: https://github.com/CMSgov/dpc-app/actions/runs/20467399219/job/58814423116 - Portal skipped: https://github.com/CMSgov/dpc-app/actions/runs/20467410691/job/58814458362
…ew (#2868) ## 🎫 Ticket https://jira.cms.gov/browse/DPC-5105 ## 🛠 Changes Upgrade `unique_providers_served_all_time` view for better performance. ## ℹ️ Context The `unique_providers_served_all_time` view runs in a few seconds in dev, test and sandbox, but hits the 20 minute time out in prod. This new version runs in prod in about 2 seconds. ## 🧪 Validation - Ran the underlying query in prod to test performance. - Ran the query against our persisted environments to verify the results are the same as the existing view. - Successfully deployed to dev [here](https://github.com/CMSgov/dpc-app/actions/runs/20489128182).
## 🎫 Ticket https://jira.cms.gov/browse/DPC-4626 ## 🛠 Changes Div tag with scrollable class now wraps tables for organizations, credential delegate invitations, client tokens, public keys, and ip addresses. ## ℹ️ Context We want the tables to function OK on very narrow screens. The [uswds has a way to do this](https://designsystem.digital.gov/components/table/#scrollable-table-2), and we followed their advice. ## 🧪 Validation Manual and automated testing. ### Organizations table #### Wide <img width="694" height="760" alt="orgs_wide" src="https://github.com/user-attachments/assets/aa9d6af7-3449-4476-b412-bc74f1c8ad4b" /> #### Narrow <img width="498" height="961" alt="orgs_narrow" src="https://github.com/user-attachments/assets/a56b30d2-9d3c-4cf2-bf9a-47128c4c3b07" /> ### Credential Delegate Invitations tables #### Wide <img width="666" height="816" alt="cds_wide" src="https://github.com/user-attachments/assets/9745d610-33d5-48d8-9547-9530ef11ea34" /> #### Narrow <img width="488" height="928" alt="cds_narrow" src="https://github.com/user-attachments/assets/a119fc03-8512-4f37-995d-cb7f32c2468a" /> ### Configuration tables #### Wide <img width="739" height="907" alt="conf_wide" src="https://github.com/user-attachments/assets/f443db95-63b7-4016-b2d9-85c6142db210" /> #### Narrow <img width="502" height="908" alt="conf_narrow" src="https://github.com/user-attachments/assets/ce401c6f-0ff2-4ac5-9505-b694dd8e6e6f" />
## 🎫 Ticket [DPC-5062](https://jira.cms.gov/browse/DPC-5062) ## 🛠 Changes Adds new css class `header-top-border-in-body` that adds the top border back to `<th>` elements within a table body and uses it on the org list. ## ℹ️ Context At some point, USWDS removed the top border from `<th>` elements in `usa-table--borderless`, which makes sense on its face since the table's supposed to be borderless. The problem is that we use a `<th>` as the first column in our org table, and removing the top border messes up the line between the top row and the header. This change adds the top border back in so we get a uniform line across the table. An easier solution would've been to change our `<th>` to a `<td>`, but then SonarQube complains that `<td>`s can't have the `scope` attribute and we need that to be compatible with screen readers. ## 🧪 Validation - Deployed to [dev](https://github.com/CMSgov/dpc-app/actions/runs/20601441198) - Tested locally. Before: <img width="899" height="394" alt="before" src="https://github.com/user-attachments/assets/fc3581f7-7813-4827-bd22-19198de08b55" /> After: <img width="975" height="439" alt="after" src="https://github.com/user-attachments/assets/31fd6973-766d-49fc-a5d8-ab94b94c1ad3" />
…oup across 1 directory (#2871) Bumps the bundler group with 1 update in the /engines/api_client directory: [uri](https://github.com/ruby/uri). Updates `uri` from 1.0.3 to 1.0.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ruby/uri/releases">uri's releases</a>.</em></p> <blockquote> <h2>v1.0.4</h2> <h3>Security fixes</h3> <ul> <li><a href="https://www.ruby-lang.org/en/news/2025/10/07/uri-cve-2025-61594/">CVE-2025-61594</a></li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/ruby/uri/compare/v1.0.3...v1.0.4">https://github.com/ruby/uri/compare/v1.0.3...v1.0.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ruby/uri/commit/e5074739c3f28e03a26f6a1daa2a051fdbc3e774"><code>e507473</code></a> Bump up to v1.0.4</li> <li><a href="https://github.com/ruby/uri/commit/d3116ca66a3b1c97dc7577f9d2d6e353f391cd6a"><code>d3116ca</code></a> Merge branch 'CVE-2025-61594-3-4' into HEAD</li> <li><a href="https://github.com/ruby/uri/commit/6c6449e15ffae7027bfe83134f0419f682e0b1ad"><code>6c6449e</code></a> Add authority accessor</li> <li><a href="https://github.com/ruby/uri/commit/5cec76b9e8777764344fd4aee140e309ad207b68"><code>5cec76b</code></a> Clear user info totally at setting any of authority info</li> <li>See full diff in <a href="https://github.com/ruby/uri/compare/v1.0.3...v1.0.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/CMSgov/dpc-app/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…p across 1 directory (#2872) Bumps the npm_and_yarn group with 1 update in the /dpc-portal directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.13.0 to 6.14.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> <h2><strong>6.14.0</strong></h2> <ul> <li>[New] <code>parse</code>: add <code>throwOnParameterLimitExceeded</code> option (<a href="https://redirect.github.com/ljharb/qs/issues/517">#517</a>)</li> <li>[Refactor] <code>parse</code>: use <code>utils.combine</code> more</li> <li>[patch] <code>parse</code>: add explicit <code>throwOnLimitExceeded</code> default</li> <li>[actions] use shared action; re-add finishers</li> <li>[meta] Fix changelog formatting bug</li> <li>[Deps] update <code>side-channel</code></li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>has-bigints</code>, <code>has-proto</code>, <code>has-symbols</code></li> <li>[Tests] increase coverage</li> </ul> <h2><strong>6.13.1</strong></h2> <ul> <li>[Fix] <code>stringify</code>: avoid a crash when a <code>filter</code> key is <code>null</code></li> <li>[Fix] <code>utils.merge</code>: functions should not be stringified into keys</li> <li>[Fix] <code>parse</code>: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset</li> <li>[Fix] <code>stringify</code>: ensure a non-string <code>filter</code> does not crash</li> <li>[Refactor] use <code>__proto__</code> syntax instead of <code>Object.create</code> for null objects</li> <li>[Refactor] misc cleanup</li> <li>[Tests] <code>utils.merge</code>: add some coverage</li> <li>[Tests] fix a test case</li> <li>[actions] split out node 10-20, and 20+</li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>mock-property</code>, <code>object-inspect</code>, <code>tape</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/3fa11a5f643c76896387bd2d86904a2d0141fdf7"><code>3fa11a5</code></a> v6.14.1</li> <li><a href="https://github.com/ljharb/qs/commit/a62670423c1ccab0dd83c621bfb98c7c024e314d"><code>a626704</code></a> [Dev Deps] update <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"><code>3086902</code></a> [Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li><a href="https://github.com/ljharb/qs/commit/fc7930e86c2264c1568c9f5606830e19b0bc2af2"><code>fc7930e</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/0b06aac566abee45ef0327667a7cc89e7aed8b58"><code>0b06aac</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/64951f6200a1fb72cc003c6e8226dde3d2ef591f"><code>64951f6</code></a> [Refactor] <code>parse</code>: extract key segment splitting helper</li> <li><a href="https://github.com/ljharb/qs/commit/e1bd2599cdff4c936ea52fb1f16f921cbe7aa88c"><code>e1bd259</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/f4b3d39709fef6ddbd85128d1ba4c6b566c4902e"><code>f4b3d39</code></a> [eslint] add eslint 9 optional peer dep</li> <li><a href="https://github.com/ljharb/qs/commit/6e94d9596ca50dffafcef40a5f64eca89962cf34"><code>6e94d95</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/973dc3c51c86da9f4e30edeb4b1725158d439102"><code>973dc3c</code></a> [actions] add workflow permissions</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.13.0...v6.14.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/CMSgov/dpc-app/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
## 🎫 Ticket https://jira.cms.gov/browse/DPC-5102 ## 🛠 Changes Github Action Workflow for generating token validates token before loading into parameter store ## ℹ️ Context We ran this workflow when the API was down, and an html page was entered as the golden macaroon, which made everything else fail. ## 🧪 Validation - Ran the workflow with api up and verified golden macaroon in dev parameter store changed: https://github.com/CMSgov/dpc-app/actions/runs/20664928982 - Ran the workflow with api down and verified the workflow failed and that the token was not updated: https://github.com/CMSgov/dpc-app/actions/runs/20665012110
… ls/task-gzipped-ndjson-poc
## 🎫 Ticket https://jira.cms.gov/browse/DPC-4950 ## 🛠 Changes Adds exception class to JSON log format. ## ℹ️ Context Allows for faster log searches. ## 🧪 Validation Test updated. log example from smoke test: ``` {"timestamp":"2026-01-05T18:03:49.477+0000", "level":"ERROR", "thread":"RxComputationThreadPool-1", "logger":"gov.cms.dpc.aggregation.engine.JobBatchProcessor", "message":"Failed to retrieve Patient", "exception":"ca.uhn.fhir.rest.server.exceptions.ResourceNotFoundException: No patient found with ID: \n\tat gov.cms.dpc.bluebutton.client.MockBlueButtonClient.formNoPatientException(MockBlueButtonClient.java:242)...", "mdc":{"jobID":"e6fec28a-abe0-4906-88ad-2a738ce289b9","is_bulk":"true","organization_id":"0ab352f1-2bf1-44c4-aa7a-3004a1ffef12","aggregatorId":"fbc25203-a54e-4d88-83b5-d34134504962","batchID":"d7f12dae-db60-4d26-82ef-7f4575a14fe0","is_v2":"false"}, "environment":"local", "application":"dpc-aggregation", "version":"unknown_version", "exceptionClass":"ResourceNotFoundException"} ```
… ls/task-gzipped-ndjson-poc
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🎫 Ticket
DPC-5040
🛠 Changes
add new endpoint for unzipping file contents before sending file download to client
ℹ️ Context
🧪 Validation
tbd