From 7e49aa9a8617f28b6e169baa0683258680604014 Mon Sep 17 00:00:00 2001
From: Andrew Duthie <andrew.duthie@gsa.gov>
Date: Thu, 7 Nov 2024 13:42:02 -0500
Subject: [PATCH 1/4] Add FormResponse#to_hash as alias of #to_h

changelog: Internal, Form Validation, Alias FormResponse#to_hash to #to_h
---
 app/services/form_response.rb       |  2 ++
 spec/services/form_response_spec.rb | 15 +++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/app/services/form_response.rb b/app/services/form_response.rb
index e62f67c9613..3fdbbe93384 100644
--- a/app/services/form_response.rb
+++ b/app/services/form_response.rb
@@ -25,6 +25,8 @@ def to_h
     hash
   end
 
+  alias_method :to_hash, :to_h
+
   def merge(other)
     self.class.new(
       success: success? && other.success?,
diff --git a/spec/services/form_response_spec.rb b/spec/services/form_response_spec.rb
index 5efcefb17ac..dbd1880aa64 100644
--- a/spec/services/form_response_spec.rb
+++ b/spec/services/form_response_spec.rb
@@ -273,6 +273,21 @@
     end
   end
 
+  describe '#to_hash' do
+    it 'allows for splatting response as alias of #to_h' do
+      errors = ActiveModel::Errors.new(build_stubbed(:user))
+      errors.add(:email_language, :blank, message: 'Language cannot be blank')
+      response = FormResponse.new(success: false, errors:, serialize_error_details_only: true)
+
+      expect(**response).to eq(
+        success: false,
+        error_details: {
+          email_language: { blank: true },
+        },
+      )
+    end
+  end
+
   describe '#extra' do
     it 'returns the extra hash' do
       extra = { foo: 'bar' }

From 42dc7442f68c5e6d1f1197de44760aabb0abbc36 Mon Sep 17 00:00:00 2001
From: Andrew Duthie <andrew.duthie@gsa.gov>
Date: Thu, 7 Nov 2024 13:46:31 -0500
Subject: [PATCH 2/4] Replace splatted FormResponse#to_h with implicit

Search: \*\*(\w*)(result|response).to_h([),])
Replace: **$1$2$3
---
 app/controllers/account_reset/cancel_controller.rb          | 4 ++--
 app/controllers/account_reset/delete_account_controller.rb  | 2 +-
 app/controllers/account_reset/request_controller.rb         | 2 +-
 .../connected_accounts/selected_email_controller.rb         | 2 +-
 app/controllers/accounts/personal_keys_controller.rb        | 2 +-
 .../two_factor_authentication/auth_app_controller.rb        | 4 ++--
 .../two_factor_authentication/piv_cac_controller.rb         | 4 ++--
 .../two_factor_authentication/webauthn_controller.rb        | 4 ++--
 app/controllers/concerns/idv/verify_info_concern.rb         | 2 +-
 .../concerns/two_factor_authenticatable_methods.rb          | 2 +-
 app/controllers/event_disavowal_controller.rb               | 6 +++---
 app/controllers/idv/by_mail/enter_code_controller.rb        | 2 +-
 app/controllers/idv/in_person/address_controller.rb         | 2 +-
 app/controllers/idv/in_person/state_id_controller.rb        | 2 +-
 app/controllers/idv/otp_verification_controller.rb          | 2 +-
 app/controllers/idv/phone_controller.rb                     | 2 +-
 app/controllers/idv/resend_otp_controller.rb                | 2 +-
 app/controllers/openid_connect/user_info_controller.rb      | 2 +-
 app/controllers/risc/security_events_controller.rb          | 2 +-
 app/controllers/sign_up/email_confirmations_controller.rb   | 2 +-
 app/controllers/sign_up/passwords_controller.rb             | 2 +-
 app/controllers/sign_up/registrations_controller.rb         | 2 +-
 app/controllers/sign_up/select_email_controller.rb          | 2 +-
 .../two_factor_authentication/options_controller.rb         | 2 +-
 .../personal_key_verification_controller.rb                 | 2 +-
 app/controllers/users/auth_app_controller.rb                | 4 ++--
 app/controllers/users/edit_phone_controller.rb              | 2 +-
 app/controllers/users/email_confirmations_controller.rb     | 2 +-
 app/controllers/users/email_language_controller.rb          | 2 +-
 app/controllers/users/emails_controller.rb                  | 4 ++--
 app/controllers/users/passwords_controller.rb               | 2 +-
 app/controllers/users/phone_setup_controller.rb             | 2 +-
 app/controllers/users/piv_cac_controller.rb                 | 4 ++--
 app/controllers/users/piv_cac_login_controller.rb           | 2 +-
 app/controllers/users/reset_passwords_controller.rb         | 6 +++---
 app/controllers/users/rules_of_use_controller.rb            | 2 +-
 app/controllers/users/sessions_controller.rb                | 2 +-
 .../users/two_factor_authentication_controller.rb           | 4 ++--
 .../users/two_factor_authentication_setup_controller.rb     | 2 +-
 app/controllers/users/verify_personal_key_controller.rb     | 2 +-
 app/controllers/users/webauthn_controller.rb                | 4 ++--
 app/forms/idv/api_image_upload_form.rb                      | 2 +-
 app/jobs/account_creation_threat_metrix_job.rb              | 2 +-
 app/jobs/socure_reason_code_download_job.rb                 | 2 +-
 docs/backend.md                                             | 2 +-
 45 files changed, 58 insertions(+), 58 deletions(-)

diff --git a/app/controllers/account_reset/cancel_controller.rb b/app/controllers/account_reset/cancel_controller.rb
index 66df8081df5..f2224c4e2e9 100644
--- a/app/controllers/account_reset/cancel_controller.rb
+++ b/app/controllers/account_reset/cancel_controller.rb
@@ -6,7 +6,7 @@ def show
       return render :show unless token
 
       result = AccountReset::ValidateCancelToken.new(token).call
-      analytics.account_reset_cancel_token_validation(**result.to_h)
+      analytics.account_reset_cancel_token_validation(**result)
 
       if result.success?
         handle_valid_token
@@ -18,7 +18,7 @@ def show
     def create
       result = AccountReset::Cancel.new(session[:cancel_token]).call
 
-      analytics.account_reset_cancel(**result.to_h)
+      analytics.account_reset_cancel(**result)
 
       if result.success?
         handle_success
diff --git a/app/controllers/account_reset/delete_account_controller.rb b/app/controllers/account_reset/delete_account_controller.rb
index 4377dc69bcd..d4e80ee579b 100644
--- a/app/controllers/account_reset/delete_account_controller.rb
+++ b/app/controllers/account_reset/delete_account_controller.rb
@@ -6,7 +6,7 @@ def show
       render :show and return unless token
 
       result = AccountReset::ValidateGrantedToken.new(token, request, analytics).call
-      analytics.account_reset_granted_token_validation(**result.to_h)
+      analytics.account_reset_granted_token_validation(**result)
 
       if result.success?
         handle_valid_token
diff --git a/app/controllers/account_reset/request_controller.rb b/app/controllers/account_reset/request_controller.rb
index 904716a59c2..dc16c0d3c50 100644
--- a/app/controllers/account_reset/request_controller.rb
+++ b/app/controllers/account_reset/request_controller.rb
@@ -23,7 +23,7 @@ def create
 
     def create_account_reset_request
       response = AccountReset::CreateRequest.new(current_user, sp_session[:issuer]).call
-      analytics.account_reset_request(**response.to_h, **analytics_attributes)
+      analytics.account_reset_request(**response, **analytics_attributes)
     end
 
     def confirm_two_factor_enabled
diff --git a/app/controllers/accounts/connected_accounts/selected_email_controller.rb b/app/controllers/accounts/connected_accounts/selected_email_controller.rb
index 5a7466decda..9add839cf12 100644
--- a/app/controllers/accounts/connected_accounts/selected_email_controller.rb
+++ b/app/controllers/accounts/connected_accounts/selected_email_controller.rb
@@ -20,7 +20,7 @@ def update
 
         result = @select_email_form.submit(form_params)
 
-        analytics.sp_select_email_submitted(**result.to_h)
+        analytics.sp_select_email_submitted(**result)
 
         if result.success?
           flash[:email_updated_identity_id] = identity.id
diff --git a/app/controllers/accounts/personal_keys_controller.rb b/app/controllers/accounts/personal_keys_controller.rb
index 9888fd45696..3dbbd850ba7 100644
--- a/app/controllers/accounts/personal_keys_controller.rb
+++ b/app/controllers/accounts/personal_keys_controller.rb
@@ -19,7 +19,7 @@ def create
       analytics.profile_personal_key_create
       create_user_event(:new_personal_key)
       result = send_new_personal_key_notifications
-      analytics.profile_personal_key_create_notifications(**result.to_h)
+      analytics.profile_personal_key_create_notifications(**result)
 
       flash[:info] = t('account.personal_key.old_key_will_not_work')
       redirect_to manage_personal_key_url
diff --git a/app/controllers/api/internal/two_factor_authentication/auth_app_controller.rb b/app/controllers/api/internal/two_factor_authentication/auth_app_controller.rb
index e2c62d05f74..4fb8f491c94 100644
--- a/app/controllers/api/internal/two_factor_authentication/auth_app_controller.rb
+++ b/app/controllers/api/internal/two_factor_authentication/auth_app_controller.rb
@@ -19,7 +19,7 @@ def update
             configuration_id: params[:id],
           ).submit(name: params[:name])
 
-          analytics.auth_app_update_name_submitted(**result.to_h)
+          analytics.auth_app_update_name_submitted(**result)
 
           if result.success?
             render json: { success: true }
@@ -34,7 +34,7 @@ def destroy
             configuration_id: params[:id],
           ).submit
 
-          analytics.auth_app_delete_submitted(**result.to_h)
+          analytics.auth_app_delete_submitted(**result)
 
           if result.success?
             create_user_event(:authenticator_disabled)
diff --git a/app/controllers/api/internal/two_factor_authentication/piv_cac_controller.rb b/app/controllers/api/internal/two_factor_authentication/piv_cac_controller.rb
index 135cd3ab39e..ca0425b1cf7 100644
--- a/app/controllers/api/internal/two_factor_authentication/piv_cac_controller.rb
+++ b/app/controllers/api/internal/two_factor_authentication/piv_cac_controller.rb
@@ -20,7 +20,7 @@ def update
             configuration_id: params[:id],
           ).submit(name: params[:name])
 
-          analytics.piv_cac_update_name_submitted(**result.to_h)
+          analytics.piv_cac_update_name_submitted(**result)
 
           if result.success?
             render json: { success: true }
@@ -35,7 +35,7 @@ def destroy
             configuration_id: params[:id],
           ).submit
 
-          analytics.piv_cac_delete_submitted(**result.to_h)
+          analytics.piv_cac_delete_submitted(**result)
 
           if result.success?
             create_user_event(:piv_cac_disabled)
diff --git a/app/controllers/api/internal/two_factor_authentication/webauthn_controller.rb b/app/controllers/api/internal/two_factor_authentication/webauthn_controller.rb
index a73bb42d332..d34aef733e6 100644
--- a/app/controllers/api/internal/two_factor_authentication/webauthn_controller.rb
+++ b/app/controllers/api/internal/two_factor_authentication/webauthn_controller.rb
@@ -19,7 +19,7 @@ def update
             configuration_id: params[:id],
           ).submit(name: params[:name])
 
-          analytics.webauthn_update_name_submitted(**result.to_h)
+          analytics.webauthn_update_name_submitted(**result)
 
           if result.success?
             render json: { success: true }
@@ -34,7 +34,7 @@ def destroy
             configuration_id: params[:id],
           ).submit
 
-          analytics.webauthn_delete_submitted(**result.to_h)
+          analytics.webauthn_delete_submitted(**result)
 
           if result.success?
             create_user_event(:webauthn_key_removed)
diff --git a/app/controllers/concerns/idv/verify_info_concern.rb b/app/controllers/concerns/idv/verify_info_concern.rb
index e2608ab854e..78add678c47 100644
--- a/app/controllers/concerns/idv/verify_info_concern.rb
+++ b/app/controllers/concerns/idv/verify_info_concern.rb
@@ -219,7 +219,7 @@ def async_state_done(current_async_state)
         flash[:success] = t('doc_auth.forms.doc_success')
         redirect_to next_step_url
       end
-      analytics.idv_doc_auth_verify_proofing_results(**analytics_arguments, **form_response.to_h)
+      analytics.idv_doc_auth_verify_proofing_results(**analytics_arguments, **form_response)
     end
 
     def next_step_url
diff --git a/app/controllers/concerns/two_factor_authenticatable_methods.rb b/app/controllers/concerns/two_factor_authenticatable_methods.rb
index 9a3502ae4ef..6701a85a985 100644
--- a/app/controllers/concerns/two_factor_authenticatable_methods.rb
+++ b/app/controllers/concerns/two_factor_authenticatable_methods.rb
@@ -14,7 +14,7 @@ def auth_methods_session
   def handle_verification_for_authentication_context(result:, auth_method:, extra_analytics: nil)
     increment_mfa_selection_attempt_count(auth_method)
     analytics.multi_factor_auth(
-      **result.to_h,
+      **result,
       multi_factor_auth_method: auth_method,
       enabled_mfa_methods_count: mfa_context.enabled_mfa_methods_count,
       new_device: new_device?,
diff --git a/app/controllers/event_disavowal_controller.rb b/app/controllers/event_disavowal_controller.rb
index 0c765c96ff6..32001154b46 100644
--- a/app/controllers/event_disavowal_controller.rb
+++ b/app/controllers/event_disavowal_controller.rb
@@ -10,13 +10,13 @@ def new
       success: true,
       extra: EventDisavowal::BuildDisavowedEventAnalyticsAttributes.call(disavowed_event),
     )
-    analytics.event_disavowal(**result.to_h)
+    analytics.event_disavowal(**result)
     @forbidden_passwords = forbidden_passwords
   end
 
   def create
     result = password_reset_from_disavowal_form.submit(password_reset_params)
-    analytics.event_disavowal_password_reset(**result.to_h)
+    analytics.event_disavowal_password_reset(**result)
     if result.success?
       handle_successful_password_reset
     else
@@ -50,7 +50,7 @@ def validate_disavowed_event
       return
     end
 
-    analytics.event_disavowal_token_invalid(**result.to_h)
+    analytics.event_disavowal_token_invalid(**result)
     flash[:error] = (result.errors[:event] || result.errors.first.last).first
     redirect_to root_url
   end
diff --git a/app/controllers/idv/by_mail/enter_code_controller.rb b/app/controllers/idv/by_mail/enter_code_controller.rb
index 519f5105c8e..88fe02b3782 100644
--- a/app/controllers/idv/by_mail/enter_code_controller.rb
+++ b/app/controllers/idv/by_mail/enter_code_controller.rb
@@ -53,7 +53,7 @@ def create
         @gpo_verify_form = build_gpo_verify_form
 
         result = @gpo_verify_form.submit(resolved_authn_context_result.enhanced_ipp?)
-        analytics.idv_verify_by_mail_enter_code_submitted(**result.to_h)
+        analytics.idv_verify_by_mail_enter_code_submitted(**result)
 
         if !result.success?
           if rate_limiter.limited?
diff --git a/app/controllers/idv/in_person/address_controller.rb b/app/controllers/idv/in_person/address_controller.rb
index b289c440ed7..20ed3a563a2 100644
--- a/app/controllers/idv/in_person/address_controller.rb
+++ b/app/controllers/idv/in_person/address_controller.rb
@@ -25,7 +25,7 @@ def update
         form_result = form.submit(flow_params)
 
         analytics.idv_in_person_proofing_residential_address_submitted(
-          **analytics_arguments.merge(**form_result.to_h),
+          **analytics_arguments.merge(**form_result),
         )
 
         if form_result.success?
diff --git a/app/controllers/idv/in_person/state_id_controller.rb b/app/controllers/idv/in_person/state_id_controller.rb
index ad9bc723cee..8ea1678d6dc 100644
--- a/app/controllers/idv/in_person/state_id_controller.rb
+++ b/app/controllers/idv/in_person/state_id_controller.rb
@@ -31,7 +31,7 @@ def update
           end
 
           analytics.idv_in_person_proofing_state_id_submitted(
-            **analytics_arguments.merge(**form_result.to_h),
+            **analytics_arguments.merge(**form_result),
           )
           # Accept Date of Birth from both memorable date and input date components
           formatted_dob = MemorableDateComponent.extract_date_param flow_params&.[](:dob)
diff --git a/app/controllers/idv/otp_verification_controller.rb b/app/controllers/idv/otp_verification_controller.rb
index 8132aff6da8..68eb539ac1e 100644
--- a/app/controllers/idv/otp_verification_controller.rb
+++ b/app/controllers/idv/otp_verification_controller.rb
@@ -22,7 +22,7 @@ def show
     def update
       clear_future_steps!
       result = phone_confirmation_otp_verification_form.submit(code: params[:code])
-      analytics.idv_phone_confirmation_otp_submitted(**result.to_h, **ab_test_analytics_buckets)
+      analytics.idv_phone_confirmation_otp_submitted(**result, **ab_test_analytics_buckets)
 
       if result.success?
         idv_session.mark_phone_step_complete!
diff --git a/app/controllers/idv/phone_controller.rb b/app/controllers/idv/phone_controller.rb
index f6be81bd270..5665976b566 100644
--- a/app/controllers/idv/phone_controller.rb
+++ b/app/controllers/idv/phone_controller.rb
@@ -55,7 +55,7 @@ def create
       Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer).
         call(:verify_phone, :update, result.success?)
 
-      analytics.idv_phone_confirmation_form_submitted(**result.to_h, **ab_test_analytics_buckets)
+      analytics.idv_phone_confirmation_form_submitted(**result, **ab_test_analytics_buckets)
       if result.success?
         submit_proofing_attempt
         redirect_to idv_phone_path
diff --git a/app/controllers/idv/resend_otp_controller.rb b/app/controllers/idv/resend_otp_controller.rb
index d33f42b79da..5e2b5dde4ed 100644
--- a/app/controllers/idv/resend_otp_controller.rb
+++ b/app/controllers/idv/resend_otp_controller.rb
@@ -13,7 +13,7 @@ class ResendOtpController < ApplicationController
 
     def create
       result = send_phone_confirmation_otp
-      analytics.idv_phone_confirmation_otp_resent(**result.to_h)
+      analytics.idv_phone_confirmation_otp_resent(**result)
       if result.success?
         redirect_to idv_otp_verification_url
       else
diff --git a/app/controllers/openid_connect/user_info_controller.rb b/app/controllers/openid_connect/user_info_controller.rb
index 3e8b5f5d6d7..a1df4ba00f3 100644
--- a/app/controllers/openid_connect/user_info_controller.rb
+++ b/app/controllers/openid_connect/user_info_controller.rb
@@ -18,7 +18,7 @@ def show
     def authenticate_identity_via_bearer_token
       verifier = AccessTokenVerifier.new(request.env['HTTP_AUTHORIZATION'])
       response, identity = verifier.submit
-      analytics.openid_connect_bearer_token(**response.to_h)
+      analytics.openid_connect_bearer_token(**response)
 
       if response.success?
         @current_identity = identity
diff --git a/app/controllers/risc/security_events_controller.rb b/app/controllers/risc/security_events_controller.rb
index 15dc5bb0024..12a037a52ca 100644
--- a/app/controllers/risc/security_events_controller.rb
+++ b/app/controllers/risc/security_events_controller.rb
@@ -11,7 +11,7 @@ def create
       form = SecurityEventForm.new(body: request.body.read)
       result = form.submit
 
-      analytics.security_event_received(**result.to_h)
+      analytics.security_event_received(**result)
 
       if result.success?
         head :accepted
diff --git a/app/controllers/sign_up/email_confirmations_controller.rb b/app/controllers/sign_up/email_confirmations_controller.rb
index 968fd8ad0fe..7a241a685ec 100644
--- a/app/controllers/sign_up/email_confirmations_controller.rb
+++ b/app/controllers/sign_up/email_confirmations_controller.rb
@@ -22,7 +22,7 @@ def create
 
     def log_validator_result
       analytics.user_registration_email_confirmation(
-        **email_confirmation_token_validator_result.to_h,
+        **email_confirmation_token_validator_result,
       )
     end
 
diff --git a/app/controllers/sign_up/passwords_controller.rb b/app/controllers/sign_up/passwords_controller.rb
index 51312a862f4..7f72f5fc4f0 100644
--- a/app/controllers/sign_up/passwords_controller.rb
+++ b/app/controllers/sign_up/passwords_controller.rb
@@ -42,7 +42,7 @@ def render_page
     end
 
     def track_analytics(result)
-      analytics.password_creation(**result.to_h)
+      analytics.password_creation(**result)
     end
 
     def permitted_params
diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb
index 60e5c39c790..9a24e460b83 100644
--- a/app/controllers/sign_up/registrations_controller.rb
+++ b/app/controllers/sign_up/registrations_controller.rb
@@ -24,7 +24,7 @@ def create
 
       result = @register_user_email_form.submit(permitted_params.merge(request_id:))
 
-      analytics.user_registration_email(**result.to_h)
+      analytics.user_registration_email(**result)
 
       if result.success?
         process_successful_creation
diff --git a/app/controllers/sign_up/select_email_controller.rb b/app/controllers/sign_up/select_email_controller.rb
index c98f451027e..d46a2fbf297 100644
--- a/app/controllers/sign_up/select_email_controller.rb
+++ b/app/controllers/sign_up/select_email_controller.rb
@@ -21,7 +21,7 @@ def create
 
       result = @select_email_form.submit(form_params)
 
-      analytics.sp_select_email_submitted(**result.to_h, needs_completion_screen_reason:)
+      analytics.sp_select_email_submitted(**result, needs_completion_screen_reason:)
 
       if result.success?
         user_session[:selected_email_id_for_linked_identity] = form_params[:selected_email_id]
diff --git a/app/controllers/two_factor_authentication/options_controller.rb b/app/controllers/two_factor_authentication/options_controller.rb
index 9d74854fad7..1871073aa52 100644
--- a/app/controllers/two_factor_authentication/options_controller.rb
+++ b/app/controllers/two_factor_authentication/options_controller.rb
@@ -34,7 +34,7 @@ def index
     def create
       @two_factor_options_form = TwoFactorLoginOptionsForm.new(current_user)
       result = @two_factor_options_form.submit(two_factor_options_form_params)
-      analytics.multi_factor_auth_option_list(**result.to_h)
+      analytics.multi_factor_auth_option_list(**result)
 
       if result.success?
         process_valid_form
diff --git a/app/controllers/two_factor_authentication/personal_key_verification_controller.rb b/app/controllers/two_factor_authentication/personal_key_verification_controller.rb
index 88e4ff4b2f3..0a87a1dbb43 100644
--- a/app/controllers/two_factor_authentication/personal_key_verification_controller.rb
+++ b/app/controllers/two_factor_authentication/personal_key_verification_controller.rb
@@ -61,7 +61,7 @@ def handle_result(result)
 
     def alert_user_about_personal_key_sign_in(disavowal_token)
       response = UserAlerts::AlertUserAboutPersonalKeySignIn.call(current_user, disavowal_token)
-      analytics.personal_key_alert_about_sign_in(**response.to_h)
+      analytics.personal_key_alert_about_sign_in(**response)
     end
 
     def remove_personal_key
diff --git a/app/controllers/users/auth_app_controller.rb b/app/controllers/users/auth_app_controller.rb
index 729ca14469d..34b07987fe5 100644
--- a/app/controllers/users/auth_app_controller.rb
+++ b/app/controllers/users/auth_app_controller.rb
@@ -14,7 +14,7 @@ def edit; end
     def update
       result = form.submit(name: params.dig(:form, :name))
 
-      analytics.auth_app_update_name_submitted(**result.to_h)
+      analytics.auth_app_update_name_submitted(**result)
 
       if result.success?
         flash[:success] = t('two_factor_authentication.auth_app.renamed')
@@ -28,7 +28,7 @@ def update
     def destroy
       result = form.submit
 
-      analytics.auth_app_delete_submitted(**result.to_h)
+      analytics.auth_app_delete_submitted(**result)
 
       if result.success?
         flash[:success] = t('two_factor_authentication.auth_app.deleted')
diff --git a/app/controllers/users/edit_phone_controller.rb b/app/controllers/users/edit_phone_controller.rb
index 85eb00f8b3b..9642cece9e4 100644
--- a/app/controllers/users/edit_phone_controller.rb
+++ b/app/controllers/users/edit_phone_controller.rb
@@ -18,7 +18,7 @@ def edit
     def update
       @edit_phone_form = EditPhoneForm.new(current_user, phone_configuration)
       result = @edit_phone_form.submit(edit_phone_params)
-      analytics.phone_change_submitted(**result.to_h)
+      analytics.phone_change_submitted(**result)
       if result.success?
         redirect_to account_url
       else
diff --git a/app/controllers/users/email_confirmations_controller.rb b/app/controllers/users/email_confirmations_controller.rb
index 7e7e87e9f8b..b8f78f1801f 100644
--- a/app/controllers/users/email_confirmations_controller.rb
+++ b/app/controllers/users/email_confirmations_controller.rb
@@ -4,7 +4,7 @@ module Users
   class EmailConfirmationsController < ApplicationController
     def create
       result = email_confirmation_token_validator.submit
-      analytics.add_email_confirmation(**result.to_h)
+      analytics.add_email_confirmation(**result)
       if result.success?
         process_successful_confirmation(email_address)
       else
diff --git a/app/controllers/users/email_language_controller.rb b/app/controllers/users/email_language_controller.rb
index 33eb44d1f57..a7ef4f0369d 100644
--- a/app/controllers/users/email_language_controller.rb
+++ b/app/controllers/users/email_language_controller.rb
@@ -10,7 +10,7 @@ def show
 
     def update
       form_response = UpdateEmailLanguageForm.new(current_user).submit(update_email_params)
-      analytics.email_language_updated(**form_response.to_h)
+      analytics.email_language_updated(**form_response)
 
       flash[:success] = I18n.t('account.email_language.updated') if form_response.success?
 
diff --git a/app/controllers/users/emails_controller.rb b/app/controllers/users/emails_controller.rb
index b52c7625d8c..f4000bb7277 100644
--- a/app/controllers/users/emails_controller.rb
+++ b/app/controllers/users/emails_controller.rb
@@ -25,7 +25,7 @@ def add
       result = @add_user_email_form.submit(
         current_user, permitted_params
       )
-      analytics.add_email_request(**result.to_h)
+      analytics.add_email_request(**result)
 
       if result.success?
         process_successful_creation
@@ -58,7 +58,7 @@ def confirm_delete
 
     def delete
       result = DeleteUserEmailForm.new(current_user, email_address).submit
-      analytics.email_deletion_request(**result.to_h)
+      analytics.email_deletion_request(**result)
       if result.success?
         handle_successful_delete
       else
diff --git a/app/controllers/users/passwords_controller.rb b/app/controllers/users/passwords_controller.rb
index 1667142e54e..8c974d98a3d 100644
--- a/app/controllers/users/passwords_controller.rb
+++ b/app/controllers/users/passwords_controller.rb
@@ -26,7 +26,7 @@ def update
 
       result = @update_user_password_form.submit(user_password_params)
 
-      analytics.password_changed(**result.to_h)
+      analytics.password_changed(**result)
 
       if result.success?
         handle_valid_password
diff --git a/app/controllers/users/phone_setup_controller.rb b/app/controllers/users/phone_setup_controller.rb
index 1f5af564354..3369ff2e973 100644
--- a/app/controllers/users/phone_setup_controller.rb
+++ b/app/controllers/users/phone_setup_controller.rb
@@ -33,7 +33,7 @@ def index
     def create
       @new_phone_form = NewPhoneForm.new(user: current_user, analytics: analytics)
       result = @new_phone_form.submit(new_phone_form_params)
-      analytics.multi_factor_auth_phone_setup(**result.to_h)
+      analytics.multi_factor_auth_phone_setup(**result)
 
       if result.success?
         handle_create_success(@new_phone_form.phone)
diff --git a/app/controllers/users/piv_cac_controller.rb b/app/controllers/users/piv_cac_controller.rb
index d540809d666..ec87ff792ad 100644
--- a/app/controllers/users/piv_cac_controller.rb
+++ b/app/controllers/users/piv_cac_controller.rb
@@ -16,7 +16,7 @@ def edit; end
     def update
       result = form.submit(name: params.dig(:form, :name))
 
-      analytics.piv_cac_update_name_submitted(**result.to_h)
+      analytics.piv_cac_update_name_submitted(**result)
 
       if result.success?
         flash[:success] = presenter.rename_success_alert_text
@@ -30,7 +30,7 @@ def update
     def destroy
       result = form.submit
 
-      analytics.piv_cac_delete_submitted(**result.to_h)
+      analytics.piv_cac_delete_submitted(**result)
 
       if result.success?
         create_user_event(:piv_cac_disabled)
diff --git a/app/controllers/users/piv_cac_login_controller.rb b/app/controllers/users/piv_cac_login_controller.rb
index 57785762f1f..7e6c31cbe8f 100644
--- a/app/controllers/users/piv_cac_login_controller.rb
+++ b/app/controllers/users/piv_cac_login_controller.rb
@@ -54,7 +54,7 @@ def process_piv_cac_login
       else
         process_invalid_submission
       end
-      analytics.piv_cac_login(**result.to_h, new_device: @new_device)
+      analytics.piv_cac_login(**result, new_device: @new_device)
     end
 
     def piv_cac_login_form
diff --git a/app/controllers/users/reset_passwords_controller.rb b/app/controllers/users/reset_passwords_controller.rb
index 47fb962aac9..49d1b6374f8 100644
--- a/app/controllers/users/reset_passwords_controller.rb
+++ b/app/controllers/users/reset_passwords_controller.rb
@@ -17,7 +17,7 @@ def create
       @password_reset_email_form = PasswordResetEmailForm.new(email)
       result = @password_reset_email_form.submit
 
-      analytics.password_reset_email(**result.to_h)
+      analytics.password_reset_email(**result)
 
       if result.success?
         handle_valid_email
@@ -32,7 +32,7 @@ def edit
       else
         result = PasswordResetTokenValidator.new(token_user).submit
 
-        analytics.password_reset_token(**result.to_h)
+        analytics.password_reset_token(**result)
         if result.success?
           @reset_password_form = ResetPasswordForm.new(user: build_user)
           @forbidden_passwords = forbidden_passwords(token_user.email_addresses)
@@ -54,7 +54,7 @@ def update
 
       result = @reset_password_form.submit(user_params)
 
-      analytics.password_reset_password(**result.to_h)
+      analytics.password_reset_password(**result)
 
       if result.success?
         session.delete(:reset_password_token)
diff --git a/app/controllers/users/rules_of_use_controller.rb b/app/controllers/users/rules_of_use_controller.rb
index 39b2c2ed6b2..c711c0f8174 100644
--- a/app/controllers/users/rules_of_use_controller.rb
+++ b/app/controllers/users/rules_of_use_controller.rb
@@ -19,7 +19,7 @@ def create
 
       result = @rules_of_use_form.submit(permitted_params)
 
-      analytics.rules_of_use_submitted(**result.to_h)
+      analytics.rules_of_use_submitted(**result)
 
       if result.success?
         process_successful_agreement_to_rules_of_use
diff --git a/app/controllers/users/sessions_controller.rb b/app/controllers/users/sessions_controller.rb
index b77e7351c39..aed6d671f5c 100644
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@@ -208,7 +208,7 @@ def track_authentication_attempt
                 (recaptcha_response.success? || log_captcha_failures_only?)
 
       analytics.email_and_password_auth(
-        **recaptcha_response.to_h,
+        **recaptcha_response,
         success: success,
         user_id: user.uuid,
         user_locked_out: user_locked_out?(user),
diff --git a/app/controllers/users/two_factor_authentication_controller.rb b/app/controllers/users/two_factor_authentication_controller.rb
index 57a5444489e..3a63ff6acb5 100644
--- a/app/controllers/users/two_factor_authentication_controller.rb
+++ b/app/controllers/users/two_factor_authentication_controller.rb
@@ -20,7 +20,7 @@ def show
 
     def send_code
       result = otp_delivery_selection_form.submit(delivery_params)
-      analytics.otp_delivery_selection(**result.to_h)
+      analytics.otp_delivery_selection(**result)
       if result.success?
         handle_valid_otp_params(
           result,
@@ -80,7 +80,7 @@ def phone_configuration
 
     def validate_otp_delivery_preference_and_send_code
       result = otp_delivery_selection_form.submit(otp_delivery_preference: delivery_preference)
-      analytics.otp_delivery_selection(**result.to_h)
+      analytics.otp_delivery_selection(**result)
       phone_is_confirmed = UserSessionContext.authentication_or_reauthentication_context?(context)
       phone_capabilities = PhoneNumberCapabilities.new(
         parsed_phone,
diff --git a/app/controllers/users/two_factor_authentication_setup_controller.rb b/app/controllers/users/two_factor_authentication_setup_controller.rb
index 304a63afc5d..34b5370f2ce 100644
--- a/app/controllers/users/two_factor_authentication_setup_controller.rb
+++ b/app/controllers/users/two_factor_authentication_setup_controller.rb
@@ -23,7 +23,7 @@ def index
 
     def create
       result = submit_form
-      analytics.user_registration_2fa_setup(**result.to_h)
+      analytics.user_registration_2fa_setup(**result)
       user_session[:platform_authenticator_available] =
         params[:platform_authenticator_available] == 'true'
 
diff --git a/app/controllers/users/verify_personal_key_controller.rb b/app/controllers/users/verify_personal_key_controller.rb
index 30914e01b6e..baba6de0794 100644
--- a/app/controllers/users/verify_personal_key_controller.rb
+++ b/app/controllers/users/verify_personal_key_controller.rb
@@ -30,7 +30,7 @@ def create
         result = personal_key_form.submit
 
         analytics.personal_key_reactivation_submitted(
-          **result.to_h,
+          **result,
           pii_like_keypaths: [
             [:errors, :personal_key],
             [:error_details, :personal_key],
diff --git a/app/controllers/users/webauthn_controller.rb b/app/controllers/users/webauthn_controller.rb
index ddc13846239..c7dee0cf2a8 100644
--- a/app/controllers/users/webauthn_controller.rb
+++ b/app/controllers/users/webauthn_controller.rb
@@ -15,7 +15,7 @@ def edit; end
     def update
       result = form.submit(name: params.dig(:form, :name))
 
-      analytics.webauthn_update_name_submitted(**result.to_h)
+      analytics.webauthn_update_name_submitted(**result)
 
       if result.success?
         flash[:success] = presenter.rename_success_alert_text
@@ -29,7 +29,7 @@ def update
     def destroy
       result = form.submit
 
-      analytics.webauthn_delete_submitted(**result.to_h)
+      analytics.webauthn_delete_submitted(**result)
 
       if result.success?
         flash[:success] = presenter.delete_success_alert_text
diff --git a/app/forms/idv/api_image_upload_form.rb b/app/forms/idv/api_image_upload_form.rb
index fb775b3f9ce..3372422bfc3 100644
--- a/app/forms/idv/api_image_upload_form.rb
+++ b/app/forms/idv/api_image_upload_form.rb
@@ -83,7 +83,7 @@ def validate_form
         extra: extra_attributes,
       )
 
-      analytics.idv_doc_auth_submitted_image_upload_form(**response.to_h)
+      analytics.idv_doc_auth_submitted_image_upload_form(**response)
       response
     end
 
diff --git a/app/jobs/account_creation_threat_metrix_job.rb b/app/jobs/account_creation_threat_metrix_job.rb
index 4d1dd53fe32..c541ebdb44f 100644
--- a/app/jobs/account_creation_threat_metrix_job.rb
+++ b/app/jobs/account_creation_threat_metrix_job.rb
@@ -15,7 +15,7 @@ def perform(
     )
   ensure
     user = User.find_by(id: user_id)
-    analytics(user).account_creation_tmx_result(**device_profiling_result.to_h)
+    analytics(user).account_creation_tmx_result(**device_profiling_result)
   end
 
   def analytics(user)
diff --git a/app/jobs/socure_reason_code_download_job.rb b/app/jobs/socure_reason_code_download_job.rb
index 7cbf521e4cd..16c4be2a1de 100644
--- a/app/jobs/socure_reason_code_download_job.rb
+++ b/app/jobs/socure_reason_code_download_job.rb
@@ -11,7 +11,7 @@ def perform
     return unless IdentityConfig.store.idv_socure_reason_code_download_enabled
 
     result = Proofing::Socure::ReasonCodes::Importer.new.synchronize
-    analytics.idv_socure_reason_code_download(**result.to_h)
+    analytics.idv_socure_reason_code_download(**result)
   end
 
   def analytics
diff --git a/docs/backend.md b/docs/backend.md
index 33494c7ecce..b476f2fd9e0 100644
--- a/docs/backend.md
+++ b/docs/backend.md
@@ -129,7 +129,7 @@ class MyController < ApplicationController
     form = MyForm.new(params)
 
     result = form.submit
-    analytics.my_event(**result.to_h)
+    analytics.my_event(**result)
 
     if result.success?
       do_something(form.sensitive_value_here)

From f90357410d5fcc6ce50b9866e06e0cc2131eb403 Mon Sep 17 00:00:00 2001
From: Andrew Duthie <andrew.duthie@gsa.gov>
Date: Thu, 7 Nov 2024 13:48:32 -0500
Subject: [PATCH 3/4] Collapse line breaks of splatted FormResponse#to_hash

---
 app/controllers/sign_up/email_confirmations_controller.rb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/app/controllers/sign_up/email_confirmations_controller.rb b/app/controllers/sign_up/email_confirmations_controller.rb
index 7a241a685ec..972d73c959c 100644
--- a/app/controllers/sign_up/email_confirmations_controller.rb
+++ b/app/controllers/sign_up/email_confirmations_controller.rb
@@ -21,9 +21,7 @@ def create
     private
 
     def log_validator_result
-      analytics.user_registration_email_confirmation(
-        **email_confirmation_token_validator_result,
-      )
+      analytics.user_registration_email_confirmation(**email_confirmation_token_validator_result)
     end
 
     def clear_setup_piv_cac_from_sign_in

From 1516638b304c083e770bd96e4c6d4e276b9c9772 Mon Sep 17 00:00:00 2001
From: Andrew Duthie <andrew.duthie@gsa.gov>
Date: Thu, 7 Nov 2024 14:31:07 -0500
Subject: [PATCH 4/4] Revert DDP proofer hashing result

---
 app/jobs/account_creation_threat_metrix_job.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/jobs/account_creation_threat_metrix_job.rb b/app/jobs/account_creation_threat_metrix_job.rb
index c541ebdb44f..4d1dd53fe32 100644
--- a/app/jobs/account_creation_threat_metrix_job.rb
+++ b/app/jobs/account_creation_threat_metrix_job.rb
@@ -15,7 +15,7 @@ def perform(
     )
   ensure
     user = User.find_by(id: user_id)
-    analytics(user).account_creation_tmx_result(**device_profiling_result)
+    analytics(user).account_creation_tmx_result(**device_profiling_result.to_h)
   end
 
   def analytics(user)