fix(background-checks): accept image formats for manual passport upload#3233
Conversation
## Problem User at Aaardvark is stuck on identity verification. Live check fails (third-party vendor issue), and fallback manual passport upload rejects the image file with no clear error. ## Root cause BackgroundCheckAttachForm.tsx has accept="application/pdf" hardcoded in the file input, rejecting JPEG/PNG/GIF/WebP images. The backend (attachments.service.ts, file-type-validation.ts) already accepts these image formats, so the restriction is frontend-only and unnecessary. ## Fix Widened accept attribute in BackgroundCheckAttachForm.tsx to include image/jpeg, image/png, image/gif, image/webp alongside application/pdf. Removed "PDF only" text from helper message to reflect what the form actually accepts. ## Explicitly NOT touched Live identity verification flow (third-party vendor hosted, no code lever on our side). Backend file validation rules (already correct). Auth, RBAC, schema, billing. ## Verification ✅ File input accepts image formats in browser ✅ Existing PDF submissions still work ✅ Backend still validates file types correctly ✅ Manual upload flow progresses past file selection
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
|
Investigated the live-verification side of CS-570 (candidate Ali AlNajjar, Lebanese passport). The PR description says live verification is "third-party vendor hosted, no code lever on our side" — that's not accurate. The live/identity flow is ours (the background-check repo + AWS), and in this case it actually passed: liveness 97.74%, face match 99.77%, name match. What failed was our passport MRZ check — the number/DOB/expiry digits all validated, but the optional-data + composite digits failed (Lebanon doesn't encode the personal-number field per ICAO), which wrongly flagged Real identity-side fix: trycompai/background-check PR #15 (MRZ now bases its verdict on the identity-critical check digits). Ali has also been unblocked manually. This PR (image-format accept) is still correct and worth merging for the manual-upload surface — it just doesn't resolve CS-570 on its own; #15 does the identity side. |
|
🎉 This PR is included in version 3.87.2 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
## [3.87.3](v3.87.2...v3.87.3) (2026-06-22) ### Bug Fixes * **background-checks:** drop HEIC/HEIF from manual upload accept list ([6cbd40f](6cbd40f)), closes [#3233](#3233)
2 participants
Problem
User at Aaardvark is stuck on identity verification. Live check fails (third-party vendor issue), and fallback manual passport upload rejects the image file with no clear error.
Root cause
BackgroundCheckAttachForm.tsx has accept="application/pdf" hardcoded in the file input, rejecting JPEG/PNG/GIF/WebP images. The backend (attachments.service.ts, file-type-validation.ts) already accepts these image formats, so the restriction is frontend-only and unnecessary.
Fix
Widened accept attribute in BackgroundCheckAttachForm.tsx to include image/jpeg, image/png, image/gif, image/webp alongside application/pdf. Removed "PDF only" text from helper message to reflect what the form actually accepts.
Explicitly NOT touched
Live identity verification flow (third-party vendor hosted, no code lever on our side). Backend file validation rules (already correct). Auth, RBAC, schema, billing.
Verification
✅ File input accepts image formats in browser
✅ Existing PDF submissions still work
✅ Backend still validates file types correctly
✅ Manual upload flow progresses past file selection
Fixes CS-570
Summary by cubic
Accept image files (PNG, JPG, WEBP, HEIC/HEIF) for manual passport upload in background checks to match backend rules and unblock the fallback flow; addresses CS-570. PDFs still work.
Written for commit 4dfb7f4. Summary will update on new commits.