Release v2.0.0-rc3

• CHORE AS/AJ Fix linting errors (96b6b68)
• VIA-834 AJ/AS Use global provider specific for terraform aws version (b69a0b0)
• VIA-834 AJ/AS Add WAF rules to match app routes (8b494d6)

Release v1.0.10-rc

• VIA-834 AJ/AS Use global provider specific for terraform aws version (b70904e)
• VIA-834 AJ/AS Add WAF rules to match app routes (3f010c1)

Release 2026-03-06

• VIA-834 AJ/AS Use global provider specific for terraform aws version (bc523b6)
• TASK: rename vaccine page hr test to match updated behaviour (48c6476)
• VIA-832 Refactor: Move 'howToGet' fallback into components that use it (8b3b354)
• TASK Update local E2E tests to match local elid mocks (e69db5d)
• VIA-834 AS/AJ Read nextjs manifest via fs instead of static import (1b791bc)
• VIA-834 AS Exclude app-routes.test.ts in tsconfig (1bb37b7)
• VIA-834 AS Add tests to ensure app routes satisfy WAF rules (672746b)
• VIA-832 Refactor: move ShowHowToGetExpander logic into MoreInformation compoenent (466855f)
• VIA-832 TS/DB Refactor Campaign states, extract campaign logic from Vaccine.ts (2fb9fbe)
• Bump dompurify from 3.3.1 to 3.3.2 (86362b8)
• VIA-834 AJ/AS Fix script to run app route tests post-build (9631fe0)
• Bump es-check from 9.6.1 to 9.6.2 (2175ac6)
• VIA-834 AJ/AS Add tests for URL regex (fa3271f)
• VIA-834 AJ/AS Disable WAF for developer workspaces (0060936)
• VIA-832 TS/DB Moved FindOutMoreLink component to MoreInformationSection (1b6accf)
• VIA-832 TS/DB Extract More Information section to dedicated component (8d65b4e)
• VIA-834 AJ/AS Add WAF rules to prevent unauthorized access (645c5e7)
• Bump @types/node from 25.3.2 to 25.3.3 (9663370)
• Bump immutable from 5.1.4 to 5.1.5 (b5e01bb)
• CHORE AS Update README with instructions to create and assume restricted role (5ece839)
• VIA-832 TS/DB Moved non-personalised vaccine content to dedicated component (42d06f2)

Release v2.0.0-rc2

• VIA-867 SP/EO Reorder booking options for Covid (4bdaac0)
• Bump axios from 1.13.5 to 1.13.6 (169b98f)
• CHORE allow fake-api to accept x-nhs-number header (41036d5)
• FIX AS Increase test timeouts for NBS Assurance (439a084)
• FIX AS Increase timeouts for NBS Scheduled Assurance (8473df7)
• Bump eslint-plugin-compat from 6.2.0 to 7.0.0 in the eslint group (e0983d8)
• Bump @types/node from 25.3.0 to 25.3.2 (b821f91)
• Bump @types/aws-lambda from 8.10.160 to 8.10.161 (7282a05)
• Bump actions/upload-artifact from 6 to 7 in the artifact group (feb31ec)
• Bump actions/download-artifact from 7 to 8 in the artifact group (ba15b64)
• CHORE npm audit fix (294470f)
• Bump @eslint/eslintrc from 3.3.3 to 3.3.4 in the eslint group (c256563)
• Bump the aws-sdk group with 2 updates (8664497)

Release 2026-03-04

• VIA-867 SP/EO Reorder booking options for Covid (5006c9e)
• Bump axios from 1.13.5 to 1.13.6 (c9e5ac0)
• CHORE allow fake-api to accept x-nhs-number header (f94707c)

Release 2026-03-03-1

• FIX AS Increase test timeouts for NBS Assurance (97c3e9a)

Release 2026-03-03

• FIX AS Increase timeouts for NBS Scheduled Assurance (5a27472)
• Bump eslint-plugin-compat from 6.2.0 to 7.0.0 in the eslint group (4ed0f9f)
• Bump @types/node from 25.3.0 to 25.3.2 (db92374)
• Bump @types/aws-lambda from 8.10.160 to 8.10.161 (e77172e)
• Bump actions/upload-artifact from 6 to 7 in the artifact group (e252db7)
• Bump actions/download-artifact from 7 to 8 in the artifact group (82c6281)
• CHORE npm audit fix (965d7fc)
• Bump @eslint/eslintrc from 3.3.3 to 3.3.4 in the eslint group (0b7bd7a)
• Bump the aws-sdk group with 2 updates (dde7135)
• VIA-655 AJ/DB/AS Allow assurance tests for R2.0 just before cutoff (ebbbc20)

Release v2.0.0-rc

• VIA-655 AJ/DB/AS Bump major version as first commit after cutoff (6c9610b)
• VIA-655 AJ/DB/AS Allow assurance tests for R2.0 just before cutoff (ebbbc20)

Release 2026-02-27

• FIX SP/AJ/AS Expand cookies list in snapshot test (dc44f92)
• VIA-851 Add Github Action for campaign config validation to test stage (b44e6ac)
• VIA-851 Add dedicated precommit step for Campaign config validation (3c47858)
• VIA-851 Log reason for campaign config validation failure (aea70f9)
• CHORE AS Update isomorphic-dompurify (73b0f42)
• Bump es-check from 9.5.4 to 9.6.1 (175fa06)
• VIA-851 TS/SP/DB Test all envs campaign configs contain valid PreOpen dates (e472f18)

Release v1.0.9

• FIX npm audit fix (b1ee1a4)
• VIA-806 AJ/SP/DB Raise alert threshold for 4xx server lambda (99374f0)
• VIA-806 AJ/SP/DB Remove static asset paths from middleware exceptions (a1cac6b)
• VIA-775 AJ Add new cookie to the policy (f8957be)
• VIA-738 MD/DB Ensure RequestContext is logged on auth callbacks (0d00ee5)
• VIA-738 Add unit test for session-id cookie expiry time (68ee4bd)
• VIA-738 Enhance operational logs of NBS jump off (5d56f56)
• VIA-738 Refactor: move SessionId name to constants file (b76f980)
• VIA-738 Refactor operational logs to reduce noise (13e2a40)
• VIA-738 Set a new sessionId at the start of each /sso route call (b8ca8b1)
• VIA-738 MD/DB Generate sessionId cookie at entry point of SSO route (b785b6e)
• VIA-738 Use middleware on NBS handover route (7d4a2f1)
• VIA-738 Add operational logs to API endpoints and callbacks (eec3d5b)
• VIA-738 Set sessionId on user login and persist for duration of session (59d889b)
• VIA-738 AJ/DB Add special headers for operational debugging (92371de)
• VIA-699 AJ/AS Update the failure page path in CloudFront error pages (e296b88)
• VIA-699 AS/AJ Add permissions to chatbot iam role, update metric alarm permissions (6c391de)
• VIA-699 AS Add global region permissions for SNS and Cloudwatch Alarms (03c435e)
• VIA-699 AS/EO Add IAM permission to tag wafv2 resource (37aca7f)
• VIA-699 AS/EO/AJ Deploy WAF in test or prod only (abf6ba3)
• VIA-699 AS/EO Add WAF to application (8c6bee3)