Skip to content

Release to Production - 2026-01-22#1637

Merged
transphorm merged 90 commits intomainfrom
staging
Feb 10, 2026
Merged

Release to Production - 2026-01-22#1637
transphorm merged 90 commits intomainfrom
staging

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Jan 22, 2026
edited by cursor bot
Loading

🎯 Production Release

Release Date: January 22, 2026
Commits ahead: 16

This automated PR promotes tested changes from staging to main for production deployment.

What's Included

All changes that have been verified in the staging environment.

Note: This PR is directly from staging, so new commits merged to staging will automatically appear here.

Pre-Deployment Checklist

  • All staging tests passed
  • QA sign-off received
  • Stakeholder approval obtained
  • Deployment plan reviewed
  • Rollback plan confirmed

Deployment Notes

Merging this PR will trigger production deployment.

This PR was automatically created by the Release Calendar workflow on January 22, 2026

Note

Medium Risk
Introduces a new third-party KYC SDK and alters mobile build/permissions/privacy and verification flow routing, which can impact release behavior across iOS/Android; CI-only workflow changes are lower risk but wide-ranging.

Overview
Adds Sumsub/Idensic KYC integration wiring to the mobile app (new dependency + SUMSUB_TEE_URL env, fetchAccessToken + launchSumsub, dev test screen, navigation routes for fallback/failure/success flows, and Jest mocks), plus related Android/iOS build tweaks (new Sumsub Maven/CocoaPods sources, ML Kit dependency override, iOS privacy declaration for device ID, and E2E_TESTING conditional compilation to exclude NFC modules).

Hardens and speeds up CI by introducing composite cache actions for SDK builds, adding cache-miss fallbacks, updating circuits build runners/steps (including register_kyc), expanding mobile E2E diagnostics/caching around Maestro, and making npm publishing optionally strict with token checks.

Also includes app version bumps to 2.9.15, assorted dependency updates, and a feedback UX change to route users to an external support form; plus minor navigation typing refactor and iOS/Android UI/system bar adjustments.

Written by Cursor Bugbot for commit c5915d5. This will update automatically on new commits. Configure here.

github-actions bot and others added 16 commits January 13, 2026 18:47
@github-actions
chore: bump mobile app version to 2.9.11 (#1605)
5d08ca4 
Update build numbers and deployment timestamps after successful deployment.

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@transphorm
agent feedback (#1614)
f8179c9
@transphorm
Replace email support with Notion form (#1613)
544d60f 
* Replace email support with Discord

* Add Discord support prompts

* Remove command log

* formatting, agent feedback

* update strings

* save wip

* fix button color

* update text and change support from discord to notion support form

* remove settings support form text

* rename component and update feedback modal to redirect to users to notion form

* formatting

* update text
@transphorm
bump android build for 2.9.12 (#1615)
22c35db
@transphorm
[SELF-810] Edge-to-edge: add iOS-only SystemBars wrapper and update A…
5b51109 
…ndroid handling (#1610)

* Update edge-to-edge handling

* update lock file

* formatting

* agent feedback
@Nesopie @Vishalkulkarni45 @Tranquil-Flow
Feat/kyc (#1623)
e77247f 
* feat: selfrica circuit and tests

* chore: remove unused code

* feat: test for ofac,date and olderthan

* fix: public signal constant

* feat: add contract tests

* feat: helper function to gen TEE input

* feat: gen circuit inputs with signature

* feat: seralized base64

* fix: DateIsLessFullYear componenet

* feat: register circuit for selfrica

* feat: selfrica disclose circuit and test

* fix: common module error

* feat: add more test and fix constant

* fix: commitment calculation

* feat: selfrica contracts

* test: selfrica register using unified circuit

* feat: register persona and selfrica circuit

* feat: selfrica circuit and tests

* chore: remove unused code

* feat: test for ofac,date and olderthan

* fix: public signal constant

* feat: add contract tests

* feat: helper function to gen TEE input

* feat: gen circuit inputs with signature

* feat: seralized base64

* fix: DateIsLessFullYear componenet

* feat: register circuit for selfrica

* feat: selfrica disclose circuit and test

* fix: common module error

* feat: add more test and fix constant

* fix: commitment calculation

* feat: selfrica contracts

* test: selfrica register using unified circuit

* feat: register persona and selfrica circuit

* refactor: contract size reduction for IdentityVerificationHubImplV2

export function logic to external libs, reduce compiler runs to 200, update deploy scripts to link new libs

* feat: disclose circuit for persona

* feat: update  persona ofac trees

* feat; register circuit for selfper

* feat: disclose test for selfper

* chore: refactor

* chore : remove unused circuits

* chore: rename selfper to kyc

* chore: update comments

* feat: constrain s to be 251 bit

* feat: add range check on majority ASCII and comments

* feat: range check on neg_r_inv

* chore: remove is pk zero constrain

* merge dev

* feat: add registerPubkey function to Selfrica with GCPJWT Verification

* test: add testing for GCPJWT verification on Selfrica

* fix: script that calls register_selfrica circuits (ptau:14 -> ptau:15)

* fix: get remaining Selfrica tests working with proper import paths

* refactor: store pubkeys as string

also add some comment code for registerPubkey function

* refactor: remove registerPubkeyCommitment function

some tests now skipped as awaiting changes to how pubkeys are stored (string instead of uint256)

* feat: use hex decoding for the pubkey commitment

* test: adjust tests for pubkey being string again

* fix: remove old references to registerPubkey

* docs: add full natspec for IdentityRegistrySelfricaImplV1

* docs: update files in rest of the repo for Selfrica attestation type

* test: fix broken tests

* fix: builds and move to kyc from selfrica

* fix: constrain r_inv, Rx, s, T

* feat: eddsa

* feat: add onlyTEE check to registerPubkeyCommitment

onlyOwner is able to change onlyTEE

* refactor: update gcpRootCAPubkeyHash to be changeable by owner

* feat: add events for update functions

* style: move functions to be near other similar functions

* fix: kyc happy flow

* fix: all contract tests passing

| fix: timestamp conversion with Date(), migrate to V2 for endToEnd test, scope formatting, fix register aadhaar issue by using block.timestamp instead of Date.now(), fix changed getter function name, enable MockGCPJWTVerifier with updated file paths, add missing LeanIMT import, fix user identifier format

* audit: bind key offset-value offset and ensure image_digest only occurs once in the payload

* fix: constrain bracket

* chore: update comment

* audit: hardcode attestation id

* audit: make sure R and pubkey are on the curve

* audit: ensure pubkey is within bounds

* fix: all contract tests passing

* feat: change max length to 99 from 74

* audit: don't check sha256 padding

* audit: check the last window as well

* audit: single occurance for eat_nonce and image_digest

* audit: check if the certs are expired

* audit: add the timestamp check to the contract

* audit: make sure the person is less than 255 years of age

* audit fixes

* chore: yarn.lock

* fix: build fixes

* fix: aadhaar timestamp

* lint

* fix: types

* format

---------

Co-authored-by: vishal <vishalkoolkarni0045@gmail.com>
Co-authored-by: Evi Nova <tranquil_flow@protonmail.com>
@Nesopie
fix: ecdsa (#1625)
13d81c5
@seshanthS @transphorm
SELF-1497: add keychain patch (#1607)
d5b843d 
* add keychain patch - wip

* centralise useStrongbox flag usage

* set allowBackup to false

* bump to version 2.9.12

* bump android build for 2.9.12

* improve keychain error detection

* Disable Strongbox by default

---------

Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
@seshanthS
hide not regsitered docs from DocumentSelectorForProvingScreen (#1619)
e32a2a3
@seshanthS
add debug logging switch to NFCMethodSelectionScreen (#1626)
62f602a
@transphorm
Always skip document selector for single valid document; remove toggl…
04f67ed 
…e and info text (#1622)

* Remove skip info text

* prettier

* fix test
@transphorm
update gitleaks ignore (#1632)
a0c6745
@kartikmehta8 @transphorm @jcortejoso
QR code SDK Redesign (#1536)
bebaebc 
* Refactor NFC scanner tests to use a global variable for platform OS, allowing dynamic switching between iOS and Android during tests. This change improves test isolation and avoids hoisting issues with jest.mock.

* Triggering GitHub workflows

* Add status animations and self logos

* Update utilities and styles for statuses

* Remove old LED implementation and occurences

* Update Self QR Code with new design

* Add status banner

* Remove console and use QRcodeSteps in styles

* Add ARIA and use Memo to prevent re-renders

* Add refs for success and error callbacks

* Use ref for self app in qrcode

* Use selfapp ref consistently

* Update connected state animtion

* Skip 'parses Android response' test in nfcScanner

---------

Co-authored-by: Justin Hernandez <justin.hernandez@self.xyz>
Co-authored-by: Javier Cortejoso <javier.cortejoso@gmail.com>
@transphorm
Update mobile sdk test config to fix test running (#1635)
3f2fb11 
* fix mobile sdk tests

* fix mobile sdk tests
@transphorm
bump version to 2.9.13 (#1636)
c5e0ca4
@transphorm
Merge pull request #1620 from selfxyz/release/staging-2026-01-16
8a77c87 
Release to Staging - 2026-01-16
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 22, 2026
edited
Loading

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@transphorm transphorm closed this Jan 22, 2026
@transphorm transphorm reopened this Jan 22, 2026
cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

github-actions bot and others added 13 commits February 4, 2026 16:40
@github-actions
chore: bump mobile app version to 2.9.15 (#1704)
21a5a9a 
Update build numbers and deployment timestamps after successful deployment.

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@transphorm
enable foreground service permissions (#1705)
c8be124
@transphorm
update build number and updae gemfile lock (#1706)
e2fae7d
@Nesopie
Feat/kyc sdk (#1709)
4c8ffbd 
* feat: kyc sdk

* lint

* bump: minor sdk version
@transphorm
update xcode version (#1699)
2ccc660
@transphorm
chore: clean up navigation index (#1703)
63fd92d 
* abstract nav types

* fix points flow callbacks
@transphorm
chore: fix failing mobile demo ios e2e tests (#1710)
7acc9bb 
* fix failing mobile demo ios e2e tests

* temp test

* add patch. update files

* run demo e2e patch

* sort package json

* disable running on dev
@transphorm
chore: accept xcode suggestions 2026 02 (#1711)
141fcb6 
* xcode suggestionsn rd1

* disable sandbox
@Tranquil-Flow
Feat/add logo confirmation screen (#1666)
73ca37f 
* feat: initial logoConfirmation screen

* fix: center text in buttons

* fix: ensure biometric logo is not cropped

* fix: add spacing to logo confirm screen, consistent padding for buttons

* feat: add popup to logo confirmation screen

* fix: handle Sumsub cancellation correctly in Other ID flow

* feat: add pathway from logo confirmation -> sumsub -> success

* feat: add document type pre-selection for Sumsub SDK

* feat: add KycFailureScreen for when user clicks on failure notification

* feat: add KycConnectionErrorScreen for sumsub_initiation error

* refactor: edit RegistrationFallbackScreen for new design

Now only to be used for MRZ/NFC scan errors, instead of kyc connection/registration issues. Also updated to newest design for screen from Figma

* refactor: update AadhaarUploadErrorScreen for new design

* fix: removed unused countryCode variable and useRoute import

* fix: Sorted imports (moved kyc after documents/selection imports)

fix CI

* chore: lint/prettier

* fix: CI error

* refactor: Split RegistrationFallbackScreen into MRZ/NFC error versions

* feat: add link from RegistrationFallbackNFCScreen -> DocumentNFCTrouble

Clicking on the question mark now takes user to this screen that can help them diagnose issue

* fix: on clicking question mark, dismiss screen returns to correct screen

* chore: yarn prettier

* test: fix failing test for CI
@transphorm
chore: hide kyc entry points for release 2.9.15 (#1712)
c8191aa 
* hide kyc entry points

* formatting
@transphorm @cursoragent
chore: enable SumSub Fisherman device intelligence with privacy compl…
a1b04f2 
…iance (#1714)

* clean up permissions

* updates for permissions

* update permissions and packages

* fix: mark device ID collection as linked in privacy manifest

Address CodeRabbit feedback:
- Set NSPrivacyCollectedDataTypeLinked to true (device signals are tied to applicant identity)
- Clarify Android Data Safety checklist requirements with explicit data-linking declaration

Co-authored-by: Cursor <cursoragent@cursor.com>

* remove for now

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
@transphorm
chore: fix staging pipelines for 2.9.15 (#1715)
df208e7 
* fix versions

* update publish logic
@transphorm
Merge pull request #1713 from selfxyz/release/staging-2026-02-06
9845288 
Release to Staging - 2026-02-06
cursor[bot]
cursor bot reviewed Feb 6, 2026
View reviewed changes
Tranquil-Flow and others added 6 commits February 9, 2026 12:43
@Tranquil-Flow
Fix/logo confirmation screen header (#1717)
ac69e32 
* fix: logo confirmation screen header matching background

* refactor: match code patterns in logo confirmation screen to others

use Tamgui instead of react-native, don't show raw errors, inline objects
@Nesopie
feat: read issuing state from revealed data packed (#1718)
03876a8
@github-actions
chore: bump mobile app version to 2.9.15 (#1716)
ccf3a3e 
Update build numbers and deployment timestamps after successful deployment.

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@Nesopie
Feat/new gcp verifier (#1719)
14a6cbb 
* feat: new gcp jwt verifier

* lint: contracts
@transphorm
SELF-1959: reset isDecoding on OCR failure (#1720)
c886ed1 
* add try catch to set isDecoding on failure

* call mrz listener with failure

* remove redundant log call
@transphorm
Merge pull request #1721 from selfxyz/release/staging-2026-02-09
c5915d5 
Release Build v2.9.15 - 2026-02-09
cursor[bot]
cursor bot reviewed Feb 9, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

@transphorm transphorm merged commit 147eaac into main Feb 10, 2026
59 of 60 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

automated production release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@transphorm @Nesopie @seshanthS @kartikmehta8 @Tranquil-Flow @shazarre @jcortejoso