v2.12.14

What's Changed

• Bump immutable from 4.0.0 to 4.3.8 in /auth-web by @dependabot[bot] in #3683
• Update sbc-common-components by @seeker25 in #3681
• Sbc common components upgrade by @seeker25 in #3685
• 32678 - GOVM account can't receive email if no admin email set - fix by @Jxio in #3682
• chore(config): migrate Renovate config by @renovate[bot] in #3692
• 32013 - Manual Refunds - Recording details in UI by @Jxio in #3687
• chore(deps): pin dependency ruff to 0.14.1 by @renovate[bot] in #3698
• 32595 - AUTH-API - Change response on accept from 404 to 400 if affiliation invitation was deleted by @Jxio in #3699
• 32595 - DELETE affiliation invitation should be a soft delete by @seeker25 in #3703
• Email notification wording tweaks by @Jxio in #3705
• 32013 - Add Origin Receipt Download and Hide Refund Receipt for Manual Refund by @Jxio in #3700
• Bump tornado from 6.5.1 to 6.5.5 in /auth-api by @dependabot[bot] in #3707
• Bump tornado from 6.5.1 to 6.5.5 in /queue_services/auth-queue by @dependabot[bot] in #3710
• Bump tornado from 6.5.1 to 6.5.5 in /queue_services/account-mailer by @dependabot[bot] in #3709
• 32811 - AUTH-API - User/Contact performance issues by @seeker25 in #3711
• 32773 & 32774 - BN admin dashboard update by @vysakh-menon-aot in #3706
• Bump orjson from 3.10.15 to 3.11.6 in /queue_services/auth-queue by @dependabot[bot] in #3712
• 32774 add blob to frame-src to load pdf in iframe by @vysakh-menon-aot in #3713
• Fix performance by @seeker25 in #3714
• Bump orjson from 3.10.15 to 3.11.6 in /auth-api by @dependabot[bot] in #3719
• Bump orjson from 3.10.15 to 3.11.6 in /queue_services/account-mailer by @dependabot[bot] in #3720
• Performance Fix 3 by @Jxio in #3721
• chore: upgrade auth-web to Node.js 26 by @panish16 in #3722
• Bump pyasn1 from 0.6.2 to 0.6.3 in /queue_services/account-mailer by @dependabot[bot] in #3725
• Revert "Bump pyasn1 from 0.6.2 to 0.6.3 in /queue_services/account-mailer" by @Jxio in #3728
• Bump pyjwt from 2.10.1 to 2.12.0 in /auth-api by @dependabot[bot] in #3717
• Bump pyjwt from 2.10.1 to 2.12.0 in /queue_services/account-mailer by @dependabot[bot] in #3715
• Bump pyjwt from 2.10.1 to 2.12.0 in /queue_services/auth-queue by @dependabot[bot] in #3716
• Bump picomatch from 2.3.1 to 2.3.2 in /auth-web by @dependabot[bot] in #3731
• 32405 - SAF email template update, create affiliation confirmation email by @deetz99 in #3752
• 32405 - affiliation invitation email update by @deetz99 in #3755
• 33203 - affiliation confirmation email by @ochiu in #3757
• Update CODEOWNERS by @ochiu in #3759
• 33203 - Fix missing config variable by @ochiu in #3758

New Contributors

• @panish16 made their first contribution in #3722
• @deetz99 made their first contribution in #3752

Full Changelog: v2.12.13...v2.12.14

v2.12.13

What's Changed

• Delete fix by @seeker25 in #3645
• 14853 - Restore Create Task When New Product Add by GOVM/GOVN (#3630) by @Jxio in #3632
• 32632 - Add in org_id and org_uuid to affiliations by @seeker25 in #3644
• fix(deps): update dependency flask to v3.1.3 [security] by @renovate[bot] in #3650
• Bump minimatch from 3.1.2 to 3.1.5 in /auth-web by @dependabot[bot] in #3651
• Unit test for affiliation invitation expired token by @seeker25 in #3652
• chore(deps): update dependency lovely-pytest-docker to v1 by @renovate[bot] in #3654
• 32485 - Email notification for new accounts by @Jxio in #3642
• Remove id from affiliations call by @seeker25 in #3659
• 32485 - Correct login source displayed in account creation email by @Jxio in #3660
• 32485 - Downgrade flask to "3.0.2" and a bug fixing by @Jxio in #3661
• fix(deps): update dependency certifi to v2026 by @renovate[bot] in #3664
• 32485 - Account creation template wording tweaks by @Jxio in #3663
• Update poetry version by @seeker25 in #3666
• Fix dep by @seeker25 in #3667
• 14853 - Use request JWT for get_account_fees instead of service account by @Jxio in #3668
• fix(deps): update dependency gunicorn to v25 by @renovate[bot] in #3670
• 14853 - Tweaks: use UserContext bearer token for pay-api account fees call by @Jxio in #3671
• 32485 - UXA: bold account labels in account creation notification email by @Jxio in #3674
• 14853 - Fetch account fees from GET /accounts/{id} not /accounts/{id}/fees by @Jxio in #3675
• 32485 - New Account Email Notification Wording Tweaks by @Jxio in #3678

Full Changelog: v2.12.12...v2.12.13

v2.12.12

What's Changed

• 26873 - AUTH - upload new affidavit template and new Account Agreement by @Jxio in #3621
• 32356 - Remove Old Director Search by @seeker25 in #3613
• 32331 - UXA Commissioners change - capital T and capital A for "...Taking Affidavit" by @Jxio in #3622
• 32331 - UXA - Commissioner wording updated by @Jxio in #3624
• chore(deps): update dependency werkzeug to v3.1.6 [security] by @renovate[bot] in #3625
• Bump werkzeug from 3.1.5 to 3.1.6 in /queue_services/account-mailer by @dependabot[bot] in #3623
• Bump werkzeug from 3.1.5 to 3.1.6 in /queue_services/auth-queue by @dependabot[bot] in #3636
• Bump ajv from 6.12.6 to 6.14.0 in /auth-web by @dependabot[bot] in #3635
• Add delete to entity service for affiliation invitations by @seeker25 in #3628
• Remove apt-get upgrade by @seeker25 in #3638
• Fix CD image by @seeker25 in #3639
• Bump rollup in /auth-web by @dependabot[bot] in #3643

Full Changelog: v2.12.11...v2.12.12

v2.12.11

What's Changed

• 26991 - EFT notifications - update email reference to be SBC FIN by @Jxio in #3577
• Small tweak on logging by @seeker25 in #3579
• 30877 - AUTH-WEB - Add accountId to dashboard URL by @Jxio in #3578
• Add FIN to email list when an account got eft enabled by @Jxio in #3580
• Bump pyasn1 from 0.6.1 to 0.6.2 in /auth-api by @dependabot[bot] in #3582
• Bump pyasn1 from 0.6.1 to 0.6.2 in /queue_services/account-mailer by @dependabot[bot] in #3583
• 30817 - AUTH-API - Retry keycloak add/remove groups on failure by @Jxio in #3581
• Add in LD flag to control nsf suspended accounts from creating new ac… by @seeker25 in #3585
• Add 429 error code to keycloak retry by @Jxio in #3586
• 32077 - EFT notifications - add account number/name by @Jxio in #3587
• 32143 - Transaction table concurrency fix by @Jxio in #3588
• Add in endpoint to create_org that includes contact & Fix contact validation by @seeker25 in #3561
• Add product emailer account number fix by @Jxio in #3592
• 21361 - Add BCROS acct number to all correspondence, emails, and notifications by @seeker25 in #3593
• 32101 - Handle gateway and non gateway errors by @seeker25 in #3590
• Bump protobuf from 5.29.5 to 6.33.5 in /auth-api by @dependabot[bot] in #3594
• Bump protobuf from 4.25.8 to 6.33.5 in /queue_services/auth-queue by @dependabot[bot] in #3595
• 31942 - combine credit card search method by @ochiu in #3596
• 31770 - Prevent /makepayment when invoice deleted by @Jxio in #3597
• 32269 - Remove hotjar by @seeker25 in #3598
• 32252 - Fix Launch Darkly banner styling by @seeker25 in #3600
• Bump webpack from 5.94.0 to 5.105.0 in /auth-web by @dependabot[bot] in #3599
• 32355 - Remove Director Search Account Management and invitation flow by @seeker25 in #3601
• 32396 - Create new UNAFFILIATED_EMAIL flow for affiliation invitation by @seeker25 in #3603
• Bump axios from 1.12.1 to 1.13.5 in /auth-web by @dependabot[bot] in #3604
• Small tweak for Account-Id or business identifier undefined by @seeker25 in #3605
• 32101 - Small fix for BCOL validation by @seeker25 in #3607
• Bump cryptography from 44.0.2 to 46.0.5 in /queue_services/account-mailer by @dependabot[bot] in #3609
• Bump cryptography from 44.0.1 to 46.0.5 in /auth-api by @dependabot[bot] in #3608
• 32396 - Add in tweak for delete by @seeker25 in #3610
• chore: Configure Renovate by @renovate[bot] in #3611
• Bump cryptography from 44.0.1 to 46.0.5 in /queue_services/auth-queue by @dependabot[bot] in #3614

New Contributors

• @renovate[bot] made their first contribution in #3611

Full Changelog: v2.12.10...v2.12.11

v2.12.10

What's Changed

• 31071 - Fix Apigee mock unit tests by @seeker25 in #3531
• 28785 - Affidavit on hold fixes by @seeker25 in #3532
• Bump pg8000 from 1.31.2 to 1.31.5 in /jobs/notebook-report by @dependabot[bot] in #3533
• Fix affidavit 404 by @seeker25 in #3534
• 31183 - Update Suspended Accounts to include filtering and sorting by @seeker25 in #3535
• Affiliation performance fix by @ochiu in #3536
• Transactions table payment method filter update by @ochiu in #3539
• Bump js-yaml in /auth-web by @dependabot[bot] in #3537
• 28671 - setAccountChangedHandler can't call itself by @seeker25 in #3541
• 31398 - AUTH-API - Digital Business Card - Auth Event changes by @seeker25 in #3542
• 31398_2 - Digital Business Card changes by @seeker25 in #3543
• moved out notebook report by @bolyachevets in #3544
• Bump werkzeug from 3.1.3 to 3.1.4 in /queue_services/account-mailer by @dependabot[bot] in #3547
• Bump werkzeug from 3.1.3 to 3.1.4 in /queue_services/auth-queue by @dependabot[bot] in #3546
• 27014 - emails fix for inherited roles from group by @ochiu in #3548
• Bump urllib3 from 2.5.0 to 2.6.0 in /queue_services/account-mailer by @dependabot[bot] in #3552
• Bump urllib3 from 2.5.0 to 2.6.0 in /queue_services/auth-queue by @dependabot[bot] in #3551
• Bump urllib3 from 2.5.0 to 2.6.0 in /auth-api by @dependabot[bot] in #3550
• 31558 - Remove redirect from Products/Payments if contact info is incorrect by @seeker25 in #3553
• Bump werkzeug from 3.1.3 to 3.1.4 in /auth-api by @dependabot[bot] in #3549
• Fix logging for headers remove by @seeker25 in #3554
• 29718 - Update auth-web transactions to show receipt download button for refunds by @Jxio in #3555
• Add in deleted invoices to transactions dashboard by @seeker25 in #3556
• Bump marshmallow from 3.26.1 to 3.26.2 in /queue_services/account-mailer by @dependabot[bot] in #3558
• Bump marshmallow from 3.26.0 to 3.26.2 in /queue_services/auth-queue by @dependabot[bot] in #3557
• 31100 - AUTH-WEB - Migrate to PAY Gateway URL by @Jxio in #3559
• Bump marshmallow from 3.26.0 to 3.26.2 in /auth-api by @dependabot[bot] in #3560
• Reject invalid 'undefined' Account-Id header with 400 response by @Jxio in #3565
• Add feature flag to receipt download button by @Jxio in #3564
• Bump aiohttp from 3.12.14 to 3.13.3 in /queue_services/account-mailer by @dependabot[bot] in #3566
• Bump aiohttp from 3.12.14 to 3.13.3 in /queue_services/auth-queue by @dependabot[bot] in #3567
• Bump aiohttp from 3.12.14 to 3.13.3 in /auth-api by @dependabot[bot] in #3568
• 31915 - Fix Vuetify CVE8082 CVE8083 and Vue CVE6783 by @seeker25 in #3569
• Bump micromatch from 4.0.5 to 4.0.8 in /auth-web by @dependabot[bot] in #3571
• 31916 - Fix comma check for firms_party auth check by @seeker25 in #3563
• 29718 - Bug fix - show receipt button for refund receipt download by @Jxio in #3570
• Bump urllib3 from 2.6.0 to 2.6.3 in /queue_services/account-mailer by @dependabot[bot] in #3572
• 31950 - Fix dropdown item missing in Staff Dashboard transactions by @Jxio in #3573
• Bump werkzeug from 3.1.4 to 3.1.5 in /auth-api by @dependabot[bot] in #3574
• Fix urllib dep by @seeker25 in #3575
• Bump urllib3 from 2.6.0 to 2.6.3 in /queue_services/auth-queue by @dependabot[bot] in #3576

Full Changelog: v2.12.9...v2.12.10

v2.12.9

What's Changed

• 30088 Better handle error responses by @severinbeauvais in #3498
• 30425 & 30422 - Bad request on large org_id & clean up logging for skip_404_logging by @seeker25 in #3499
• 30307 - Activity log entry for account suspension by @seeker25 in #3500
• Fix for try catch for invalid param by @seeker25 in #3501
• Remove product activity by @seeker25 in #3502
• 30577 - Fix for versioning table for users by @seeker25 in #3503
• 30577 - Exclude user fields from triggering history table by @seeker25 in #3504
• 30577_2 - Exclude user fields from triggering history table by @seeker25 in #3505
• 30308 - Activity log for statement settings / recipients by @seeker25 in #3506
• Activity log changes by @seeker25 in #3507
• 30308 - Handle statement notification emails toggle by @seeker25 in #3509
• Minor tweak activity log by @seeker25 in #3510
• 30306 - Add in activity log for PAD NSF and EFT overdue by @seeker25 in #3496
• 30406 Update affiliation_invitation.py to allow users to initialize affiliation invitations by @severinbeauvais in #3508
• 30306 - Activity Log for PAD / NSF unlock by @seeker25 in #3511
• 30406 Delegation tweaks, allow user to view affiliation invitations by @seeker25 in #3514
• 29535 - Add in Original-Username and Original-Sub to pay-api calls for activity log by @seeker25 in #3513
• Activity Log Enhancement - change date so it includes time, refactor composition-api by @seeker25 in #3515
• Change account ordering by @seeker25 in #3517
• Revert "Change account ordering" by @seeker25 in #3518
• Bump axios from 1.8.2 to 1.12.1 in /auth-web by @dependabot[bot] in #3516
• 30421 - mailing address fix by @circuit-breaker-bc in #3519
• 30878 - Fix duplicate activity log entries when creating account by @seeker25 in #3521
• Bump jupyterlab from 4.4.3 to 4.4.8 in /jobs/notebook-report by @dependabot[bot] in #3520
• 30308 - Activity Log - Statement Interval by @seeker25 in #3522
• Bump happy-dom from 15.10.2 to 20.0.0 in /auth-web by @dependabot[bot] in #3523
• Small tweak for affiliation invitations by @seeker25 in #3524
• Bump happy-dom from 20.0.0 to 20.0.2 in /auth-web by @dependabot[bot] in #3525
• 30881 - AUTH to use Ruff by @seeker25 in #3527
• Bump pg8000 from 1.31.2 to 1.31.5 in /auth-api by @dependabot[bot] in #3529
• Update pg8000 by @seeker25 in #3530

Full Changelog: v2.12.8...v2.12.9

v2.12.8

What's Changed

• match concurrency to threads by @bolyachevets in #3494
• 28398 - Team Admin receives 403 Forbidden when attempting to reset OTP for another team member by @seeker25 in #3493
• 30309 - Activity Log - Changes to support payment method from and to changes by @seeker25 in #3495

Full Changelog: v2.12.7...v2.12.8

v2.12.7

What's Changed

• Bump aiohttp from 3.11.11 to 3.12.14 in /queue_services/auth-queue by @dependabot[bot] in #3463
• Exclude app name header for Orgbook by @seeker25 in #3464
• Update staff account search account type filter by @ochiu in #3465
• Fix affiliation delete for Maximus and Contact Centre by @seeker25 in #3466
• Fix entity check for external staff by @seeker25 in #3467
• Bump form-data from 4.0.2 to 4.0.4 in /auth-web by @dependabot[bot] in #3468
• 26504 - Transactions Partial Credits / Applied Credits / Partial Refund grouping by @seeker25 in #3469
• 29772 - remove refund view by @circuit-breaker-bc in #3475
• 28456 - Fix for when account credit covers entire amount and partial refund e… by @seeker25 in #3482
• 28812 - use common cloudsql lib, use passwordless sa connections, use custom … by @bolyachevets in #3481
• Security fixes by @seeker25 in #3484
• 30049 changed magic link expiration to 12 hours by @severinbeauvais in #3485
• 30049 - updated expiry in email template by @severinbeauvais in #3486
• 30049 - updated expiry in email template by @severinbeauvais in #3488
• 29740 - Remove Consumed Temp/Bootstrap Identifier by @Rajandeep98 in #3489
• fix jinja2 security by @seeker25 in #3490
• Update cloudbuild-pr.yaml by @meawong in #3491
• 30320 - Fixed incorrect key for navigating to Business Dashboard by @severinbeauvais in #3492

New Contributors

• @circuit-breaker-bc made their first contribution in #3475

Full Changelog: v2.12.6...v2.12.7

v2.12.6

What's Changed

• 29447 - Remove minio by @seeker25 in #3457
• 26980 - Split Credits into PAD and ONLINE Banking Credits by @seeker25 in #3455
• Bump aiohttp from 3.11.14 to 3.12.14 in /queue_services/account-mailer by @dependabot[bot] in #3460
• Bump aiohttp from 3.12.13 to 3.12.14 in /jobs/notebook-report by @dependabot[bot] in #3459
• Bump aiohttp from 3.11.11 to 3.12.14 in /auth-api by @dependabot[bot] in #3458
• 28809 - permissions updates for maximus and CC by @ochiu in #3462
• 28809 - Add in new role for affiliation allowed, add in maximus and contact c… by @seeker25 in #3461

Full Changelog: v2.12.5...v2.12.6

v2.12.5

What's Changed

• 26420 - Affiliation Pagination via Entity Mapping (#3399) by @seeker25 in #3418
• Fix performance issues by @seeker25 in #3425
• 28843 - staff-authentication-method-change by @ochiu in #3426
• Business Dashboard fixes by @seeker25 in #3427
• Business Dashboard changes continued by @seeker25 in #3428
• Bump requests from 2.32.2 to 2.32.4 in /jobs/notebook-report by @dependabot in #3429
• 28784 - data model change by @hanlunBCRegistries in #3431
• 28735 - Fix logging revert to flask logging so we use logging.conf by @seeker25 in #3430
• Update logging.conf by @seeker25 in #3433
• Add in is_loaded_lear True by @seeker25 in #3435
• is_loaded_lear by @seeker25 in #3436
• 28977 - Add in hasMore, more unit tests by @seeker25 in #3437
• Bump protobuf from 4.25.6 to 4.25.8 in /queue_services/auth-queue by @dependabot in #3440
• Bump protobuf from 5.29.3 to 5.29.5 in /auth-api by @dependabot in #3439
• Bump requests from 2.32.3 to 2.32.4 in /auth-api by @dependabot in #3441
• 25816 - Jupyter Notebook Error Notification from sbc-auth for processin… by @stevenc987 in #3438
• 25816-Jupyter Notebook Error Notification from sbc-auth for processing (need to move job to GCP) by @stevenc987 in #3443
• Bump protobuf from 4.25.6 to 4.25.8 in /queue_services/account-mailer by @dependabot in #3442
• Update notebook-report-cd.yml by @bolyachevets in #3444
• Bump urllib3 from 2.3.0 to 2.5.0 in /auth-api by @dependabot in #3445
• add notebook cron by @bolyachevets in #3446
• Bump urllib3 from 2.2.2 to 2.5.0 in /queue_services/account-mailer by @dependabot in #3447
• Bump urllib3 from 2.2.2 to 2.5.0 in /queue_services/auth-queue by @dependabot in #3449
• 28974 - Search pagination by @Rajandeep98 in #3448
• Bump pillow from 11.2.1 to 11.3.0 in /jobs/notebook-report by @dependabot in #3451
• Bump urllib3 from 2.4.0 to 2.5.0 in /jobs/notebook-report by @dependabot in #3450
• 28692 - statement dashboard updates for total and horizontal scroll by @ochiu in #3452
• Remove sentry by @ochiu in #3453
• Add in loader for refund button by @seeker25 in #3454
• 28974 - Namex Requests Response Handling by @Rajandeep98 in #3456

Full Changelog: v2.12.4...v2.12.5