Release 2026.03.1

.github/workflows/_build-deploy.yaml

@@ -46,7 +46,7 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         name: Checkout
         with:
           ref: ${{ inputs.git-ref }}
@@ -56,7 +56,7 @@ jobs:
           echo "NODE_VERSION=$(cat .nvmrc)" >> $GITHUB_ENV
 
       - name: Configure aws credentials for secrets
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@v6
         with:
           role-to-assume: arn:aws:iam::917902836630:role/cmiml-devops-oidc-github-role
           role-session-name: OIDC-GHA-Build-Secrets
@@ -133,7 +133,7 @@ jobs:
     needs:
       - build-deploy
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: "Send Slack message on failure"
         uses: rtCamp/action-slack-notify@v2
         env:

.github/workflows/_notify-jira.yaml

@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout devops
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           repository: ChildMindInstitute/cmiml-devops
           ssh-key: ${{ secrets.devops-repo-key }}

.github/workflows/_setup.yaml

@@ -32,7 +32,7 @@ jobs:
           ENV_NAME="${{ inputs.env-name }}"
           case "$ENV_NAME" in
             "dev")
-              echo 'role=arn:aws:iam::017925157769:role/cmiml-dev-oidc-github-role' >> "$GITHUB_OUTPUT"
+              echo 'role=arn:aws:iam::017925157769:role/github-oidc-deploy20260311132710794900000001' >> "$GITHUB_OUTPUT"
             ;;
             "test")
               echo 'role=arn:aws:iam::641513112151:role/cmiml-test-oidc-github-role' >> "$GITHUB_OUTPUT"

.github/workflows/ci.yml

@@ -6,7 +6,7 @@ jobs:
     name: Lint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Setup node version
         run: |
           echo "NODE_VERSION=$(cat .nvmrc)" >> $GITHUB_ENV
@@ -35,7 +35,7 @@ jobs:
     name: Tests
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Setup node version
         run: |
           echo "NODE_VERSION=$(cat .nvmrc)" >> $GITHUB_ENV
@@ -59,7 +59,7 @@ jobs:
     name: Build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - name: Setup node version
         run: |
           echo "NODE_VERSION=$(cat .nvmrc)" >> $GITHUB_ENV

.github/workflows/run_build_deploy_dev.yaml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Get git short sha
         id: sha
         run: |

.github/workflows/update-jira-tickets.yaml

@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Get current tag
         id: get-tag

package.json

@@ -41,7 +41,6 @@
     "lodash.isequal": "^4.5.0",
     "lodash.uniqby": "^4.7.0",
     "lodash.uniqueid": "^4.0.1",
-    "markdown-it": "^13.0.1",
     "markdown-it-abbr": "^2.0.0",
     "markdown-it-container": "^4.0.0",
     "markdown-it-deflist": "^3.0.0",
@@ -53,13 +52,12 @@
     "markdown-it-ins": "^4.0.0",
     "markdown-it-katex-external": "^1.0.0",
     "markdown-it-mark": "^4.0.0",
-    "markdown-it-sub": "^2.0.0",
-    "markdown-it-sup": "^2.0.0",
     "markdown-it-task-lists": "^2.1.1",
     "md-editor-rt": "^4.7.0",
     "mixpanel-browser": "^2.47.0",
     "popper-max-size-modifier": "0.2.0",
     "qrcode.react": "^4.2.0",
+    "qs": ">=6.14.1",
     "react": "^18.3.1",
     "react-beautiful-dnd": "^13.1.1",
     "react-big-calendar": "^1.18.0",
@@ -73,7 +71,7 @@
     "react-image-crop": "^10.1.8",
     "react-player": "^2.16.0",
     "react-redux": "^8.1.3",
-    "react-router-dom": "^6.30.0",
+    "react-router-dom": "^6.30.3",
     "react-secure-storage": "^1.3.2",
     "react-transition-group": "^4.4.5",
     "react-virtualized-auto-sizer": "^1.0.26",
@@ -133,13 +131,13 @@
     "@types/lodash.uniqby": "^4.7.7",
     "@types/lodash.uniqueid": "^4.0.7",
     "@types/luxon": "^3.4.2",
-    "@types/markdown-it-container": "^2.0.7",
+    "@types/markdown-it-container": "^4.0.0",
     "@types/markdown-it-emoji": "^3.0.0",
     "@types/markdown-it-footnote": "^3.0.1",
     "@types/marked": "^5.0.2",
     "@types/mixpanel": "^2.14.6",
     "@types/mixpanel-browser": "^2.47.3",
-    "@types/node": "^20.7.1",
+    "@types/node": "^24.11.0",
     "@types/react": "^18.2.43",
     "@types/react-beautiful-dnd": "^13.1.5",
     "@types/react-big-calendar": "^1.6.5",
@@ -167,6 +165,7 @@
     "jsdom": "~16.7.0",
     "mock-local-storage": "^1.0.4",
     "prettier": "^3.0.3",
+    "rollup-plugin-sourcemaps": "^0.6.3",
     "typescript": "^5.8.2",
     "unenv": "^1.10.0",
     "vite": "^6.2.1",
@@ -178,13 +177,14 @@
   },
   "resolutions": {
     "@testing-library/dom": "9.3.3",
+    "@testing-library/jest-dom": "6.9.1",
     "@testing-library/react": "14.3.1",
     "@testing-library/user-event": "14.6.1",
-    "@testing-library/jest-dom": "6.9.1",
-    "aria-query": "5.1.3",
     "@types/react": "18.3.26",
     "@types/react-dom": "18.3.7",
-    "js-yaml": ">=4.1.1"
+    "aria-query": "5.1.3",
+    "js-yaml": ">=4.1.1",
+    "qs": ">=6.14.1"
   },
   "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"
 }

src/modules/Auth/layouts/AuthLayout/AuthLayout.tsx

@@ -5,7 +5,7 @@ import curiousLogo from 'assets/images/curious_logo--white.png';
 import { auth } from 'modules/Auth/state';
 import { Footer, Spinner } from 'shared/components';
 import { Banners } from 'shared/components/Banners';
-// import { AnnouncementBanner } from 'shared/components/Banners/AnnouncementBanner';
+import { AnnouncementBanner } from 'shared/components/Banners/AnnouncementBanner';
 
 import {
   StyledAuthLayout,
@@ -30,7 +30,7 @@ export const AuthLayout = () => {
         </StyledLogoWrapper>
         <Banners />
       </StyledHeader>
-      {/* <AnnouncementBanner /> */}
+      <AnnouncementBanner />
       <StyledOutlet>
         <StyledAuthWrapper>
           <StyledAuthWrapperInner>

src/modules/Dashboard/features/AccountSettings/MFASetup/MFASetup.const.ts

@@ -8,12 +8,12 @@ export const MFA_CONSTANTS = {
 } as const;
 
 export const MFA_ERROR_MESSAGES = {
-  INVALID_CODE: 'Invalid Code',
-  EXPIRED_SETUP: 'Setup expired. Please reinitiate MFA',
-  SETUP_NOT_FOUND: 'No setup found. Please reinitiate MFA',
-  NETWORK_ERROR: 'Network Error',
-  UNKNOWN_ERROR: 'Something went wrong. Please try again.',
-  ALREADY_ENABLED: 'Two-factor authentication is already enabled for your account.',
+  INVALID_CODE: 'invalidMFACode',
+  EXPIRED_SETUP: 'mfaSessionExpired',
+  SETUP_NOT_FOUND: 'mfaSessionExpired',
+  NETWORK_ERROR: 'networkError',
+  UNKNOWN_ERROR: 'somethingWentWrong',
+  ALREADY_ENABLED: 'mfaAlreadyEnabled',
 } as const;
 
 // Backend error message patterns for matching

src/modules/Dashboard/features/AccountSettings/RemoveMFA/RemoveMFA.constants.ts

@@ -2,20 +2,18 @@
  * Error messages for MFA disable operations
  */
 export const MFA_DISABLE_ERROR_MESSAGES = {
-  NOT_ENABLED: 'Two-factor authentication is not enabled on this account.',
-  INVALID_CODE: 'Invalid code. Please check your authenticator app and try again.', // Fallback, same as INVALID_VERIFICATION_CODE
-  INVALID_VERIFICATION_CODE:
-    'Invalid TOTP code. Please check your authenticator app and try again.',
-  INVALID_RECOVERY_CODE: 'Invalid recovery code. Please check the code and try again.',
-  RECOVERY_CODE_USED: 'This recovery code has already been used. Each code can only be used once.',
-  SESSION_EXPIRED: 'Your verification session has expired. Please start over.',
-  EXPIRED_SESSION: 'Your verification session has expired. Please start over.', // Alias for SESSION_EXPIRED, used in useRemoveMFA
-  MAX_ATTEMPTS: 'Too many invalid attempts. Please try again later.',
-  GLOBAL_LOCKOUT:
-    'Account temporarily locked due to multiple failed attempts. Please try again later.',
-  SESSION_MISMATCH: 'Invalid verification session. Please start over.',
-  NETWORK_ERROR: 'Network error. Please check your connection and try again.',
-  UNKNOWN_ERROR: 'An unexpected error occurred. Please try again.',
+  NOT_ENABLED: 'mfaNotEnabled',
+  INVALID_CODE: 'invalidCode', // Fallback, same as INVALID_VERIFICATION_CODE
+  INVALID_VERIFICATION_CODE: 'invalidMFACode',
+  INVALID_RECOVERY_CODE: 'invalidRecoveryCode',
+  RECOVERY_CODE_USED: 'recoveryCodeAlreadyUsed',
+  SESSION_EXPIRED: 'mfaSessionExpired',
+  EXPIRED_SESSION: 'mfaSessionExpired', // Alias for SESSION_EXPIRED, used in useRemoveMFA
+  MAX_ATTEMPTS: 'tooManyAttempts',
+  GLOBAL_LOCKOUT: 'tooManyAttempts',
+  SESSION_MISMATCH: 'mfaSessionExpired',
+  NETWORK_ERROR: 'networkError',
+  UNKNOWN_ERROR: 'somethingWentWrong',
 } as const;
 
 /**

src/modules/Dashboard/features/AccountSettings/ViewRecoveryCodes/ViewRecoveryCodes.utils.ts

@@ -17,17 +17,16 @@ const STATUS_CODES = {
 };
 
 const ERROR_MESSAGES = {
-  INVALID_CODE: 'Invalid TOTP code. Please check your authenticator app and try again.', // Fallback, same as INVALID_VERIFICATION_CODE
-  INVALID_VERIFICATION_CODE:
-    'Invalid TOTP code. Please check your authenticator app and try again.',
-  INVALID_RECOVERY_CODE: 'Invalid recovery code. Please check the code and try again.',
-  MAX_ATTEMPTS: 'Too many invalid attempts. Please try again.',
-  SESSION_EXPIRED: 'Your session has expired. Please try again.',
-  GLOBAL_LOCKOUT: 'Too many failed attempts. Please try again later.',
-  MFA_NOT_ENABLED: 'MFA is not enabled for your account.',
-  NO_RECOVERY_CODES: 'No recovery codes found. Please set up MFA first.',
-  NETWORK_ERROR: 'Network error. Please check your connection and try again.',
-  UNKNOWN_ERROR: 'An error occurred. Please try again.',
+  INVALID_CODE: 'invalidCode', // Fallback, same as INVALID_VERIFICATION_CODE
+  INVALID_VERIFICATION_CODE: 'invalidMFACode',
+  INVALID_RECOVERY_CODE: 'invalidRecoveryCode',
+  MAX_ATTEMPTS: 'tooManyAttempts',
+  SESSION_EXPIRED: 'mfaSessionExpired',
+  GLOBAL_LOCKOUT: 'tooManyAttempts',
+  MFA_NOT_ENABLED: 'mfaNotEnabled',
+  NO_RECOVERY_CODES: 'mfaNotEnabled',
+  NETWORK_ERROR: 'networkError',
+  UNKNOWN_ERROR: 'somethingWentWrong',
 };
 
 export const parseError = createErrorParser(ERROR_MESSAGES, BACKEND_ERROR_PATTERNS, STATUS_CODES);

src/modules/Dashboard/features/AccountSettings/ViewRecoveryCodes/useViewRecoveryCodes.test.ts

@@ -119,9 +119,7 @@ describe('useViewRecoveryCodes', () => {
         expect(verifyResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe(
-        'Invalid TOTP code. Please check your authenticator app and try again.',
-      );
+      expect(result.current.error).toBe('invalidMFACode');
     });
 
     it('should handle MFA not enabled error (403)', async () => {
@@ -147,7 +145,7 @@ describe('useViewRecoveryCodes', () => {
         expect(initiateResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe('MFA is not enabled for your account.');
+      expect(result.current.error).toBe('mfaNotEnabled');
     });
 
     it('should handle no recovery codes found (404)', async () => {
@@ -173,7 +171,7 @@ describe('useViewRecoveryCodes', () => {
         expect(initiateResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe('No recovery codes found. Please set up MFA first.');
+      expect(result.current.error).toBe('mfaNotEnabled');
     });
   });
 
@@ -238,9 +236,7 @@ describe('useViewRecoveryCodes', () => {
         expect(verifyResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe(
-        'Invalid recovery code. Please check the code and try again.',
-      );
+      expect(result.current.error).toBe('invalidRecoveryCode');
     });
 
     it('should handle rate limiting (429)', async () => {
@@ -274,7 +270,7 @@ describe('useViewRecoveryCodes', () => {
         expect(verifyResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe('Too many invalid attempts. Please try again.');
+      expect(result.current.error).toBe('tooManyAttempts');
     });
   });
 
@@ -299,9 +295,7 @@ describe('useViewRecoveryCodes', () => {
         expect(initiateResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe(
-        'Network error. Please check your connection and try again.',
-      );
+      expect(result.current.error).toBe('networkError');
     });
 
     it('should handle missing codes from verify response', async () => {
@@ -332,9 +326,7 @@ describe('useViewRecoveryCodes', () => {
         expect(verifyResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe(
-        'Network error. Please check your connection and try again.',
-      );
+      expect(result.current.error).toBe('networkError');
     });
 
     it('should handle network errors', async () => {
@@ -356,9 +348,7 @@ describe('useViewRecoveryCodes', () => {
         expect(initiateResult?.success).toBe(false);
       });
 
-      expect(result.current.error).toBe(
-        'Network error. Please check your connection and try again.',
-      );
+      expect(result.current.error).toBe('networkError');
     });
   });
 
@@ -475,9 +465,7 @@ describe('useViewRecoveryCodes', () => {
       });
 
       await waitFor(() => {
-        expect(result.current.error).toBe(
-          'Invalid TOTP code. Please check your authenticator app and try again.',
-        );
+        expect(result.current.error).toBe('invalidMFACode');
       });
 
       // Clear error before next test
@@ -500,9 +488,7 @@ describe('useViewRecoveryCodes', () => {
       });
 
       await waitFor(() => {
-        expect(result.current.error).toBe(
-          'Invalid recovery code. Please check the code and try again.',
-        );
+        expect(result.current.error).toBe('invalidRecoveryCode');
       });
     });
   });

src/modules/Dashboard/features/AccountSettings/ViewRecoveryCodes/useViewRecoveryCodes.ts

@@ -72,7 +72,7 @@ export const useViewRecoveryCodes = () => {
 
   const handleVerifyCode = async (_code: string): Promise<VerificationResult> => {
     if (!mfaToken) {
-      setError('Session expired. Please try again.');
+      setError('mfaSessionExpired');
 
       return { success: false };
     }
@@ -123,7 +123,7 @@ export const useViewRecoveryCodes = () => {
 
   const handleVerifyRecoveryCode = async (_code: string): Promise<VerificationResult> => {
     if (!mfaToken) {
-      setError('Session expired. Please try again.');
+      setError('mfaSessionExpired');
 
       return { success: false };
     }