Revert "Add RST support in Sandbox (#2917)" (#2982)

PR 2917 added two `get(tld)` methods to ClaimsListDao and
SignedMarkRevocationList so that RST test TLDs can have separate claims
and smdr lists.

RST tests are completed and this functionality is no longer needed. we
are replaceing all invocations of the above to `get()`.

README.md

@@ -59,8 +59,6 @@ Nomulus has the following capabilities:
     implementation that works with BIND. If you are using Google Cloud DNS, you
     may need to understand its capabilities and provide your own
     multi-[AS](https://en.wikipedia.org/wiki/Autonomous_system_\(Internet\)) solution.
-*   **[WHOIS](https://en.wikipedia.org/wiki/WHOIS)**: A text-based protocol that
-    returns ownership and contact information on registered domain names.
 *   **[Registration Data Access Protocol
     (RDAP)](https://en.wikipedia.org/wiki/Registration_Data_Access_Protocol)**:
     A JSON API that returns structured, machine-readable information about

console-webapp/angular.json

@@ -15,7 +15,7 @@
       "prefix": "app",
       "architect": {
         "build": {
-          "builder": "@angular-devkit/build-angular:application",
+          "builder": "@angular/build:application",
           "options": {
             "outputPath": {
               "base": "staged/dist/",
@@ -112,7 +112,7 @@
           "defaultConfiguration": "production"
         },
         "serve": {
-          "builder": "@angular-devkit/build-angular:dev-server",
+          "builder": "@angular/build:dev-server",
           "configurations": {
             "production": {
               "buildTarget": "console-webapp:build:production"
@@ -136,16 +136,18 @@
           "defaultConfiguration": "development"
         },
         "extract-i18n": {
-          "builder": "@angular-devkit/build-angular:extract-i18n",
+          "builder": "@angular/build:extract-i18n",
           "options": {
             "buildTarget": "console-webapp:build"
           }
         },
         "test": {
-          "builder": "@angular-devkit/build-angular:karma",
+          "builder": "@angular/build:karma",
           "options": {
             "main": "src/test.ts",
-            "polyfills": "src/polyfills.ts",
+            "polyfills": [
+              "src/polyfills.ts"
+            ],
             "tsConfig": "tsconfig.spec.json",
             "karmaConfig": "karma.conf.js",
             "inlineStyleLanguage": "scss",
@@ -183,5 +185,31 @@
     "schematicCollections": [
       "@angular-eslint/schematics"
     ]
+  },
+  "schematics": {
+    "@schematics/angular:component": {
+      "type": "component"
+    },
+    "@schematics/angular:directive": {
+      "type": "directive"
+    },
+    "@schematics/angular:service": {
+      "type": "service"
+    },
+    "@schematics/angular:guard": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:interceptor": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:module": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:pipe": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:resolver": {
+      "typeSeparator": "."
+    }
   }
 }

console-webapp/dev-proxy.config.json

@@ -1,7 +1,7 @@
 {
   "/console-api":
   {
-    "target": "http://[::1]:8080",
+    "target": "http://localhost:8080",
     "secure": false,
     "logLevel": "debug",
     "changeOrigin": true

console-webapp/karma.conf.js

@@ -21,7 +21,7 @@ module.exports = function (config) {
       require('karma-chrome-launcher'),
       require('karma-jasmine-html-reporter'),
       require('karma-coverage'),
-      require('@angular-devkit/build-angular/plugins/karma')
+      
     ],
     client: {
       jasmine: {

console-webapp/package.json

@@ -16,29 +16,29 @@
   },
   "private": true,
   "dependencies": {
-    "@angular/animations": "^19.1.4",
-    "@angular/cdk": "^19.1.2",
-    "@angular/common": "^19.1.4",
-    "@angular/compiler": "^19.1.4",
-    "@angular/core": "^19.1.4",
-    "@angular/forms": "^19.1.4",
-    "@angular/material": "^19.1.2",
-    "@angular/platform-browser": "^19.1.4",
-    "@angular/platform-browser-dynamic": "^19.1.4",
-    "@angular/router": "^19.1.4",
+    "@angular/animations": "^21.1.5",
+    "@angular/cdk": "^21.1.5",
+    "@angular/common": "^21.1.5",
+    "@angular/compiler": "^21.1.5",
+    "@angular/core": "^21.1.5",
+    "@angular/forms": "^21.1.5",
+    "@angular/material": "^21.1.5",
+    "@angular/platform-browser": "^21.1.5",
+    "@angular/platform-browser-dynamic": "^21.1.5",
+    "@angular/router": "^21.1.5",
     "rxjs": "~7.5.0",
     "tslib": "^2.3.0",
     "zone.js": "~0.15.0"
   },
   "devDependencies": {
-    "@angular-devkit/build-angular": "^19.1.5",
     "@angular-eslint/builder": "19.0.2",
     "@angular-eslint/eslint-plugin": "19.0.2",
     "@angular-eslint/eslint-plugin-template": "19.0.2",
     "@angular-eslint/schematics": "19.0.2",
     "@angular-eslint/template-parser": "19.0.2",
-    "@angular/cli": "~19.1.5",
-    "@angular/compiler-cli": "^19.1.4",
+    "@angular/build": "^21.1.4",
+    "@angular/cli": "~21.1.4",
+    "@angular/compiler-cli": "^21.1.5",
     "@types/jasmine": "~4.0.0",
     "@types/node": "^18.19.74",
     "@typescript-eslint/eslint-plugin": "^7.2.0",
@@ -52,6 +52,6 @@
     "karma-jasmine": "~5.1.0",
     "karma-jasmine-html-reporter": "~2.0.0",
     "prettier": "2.8.7",
-    "typescript": "^5.7.3"
+    "typescript": "^5.9.3"
   }
-}
+}

console-webapp/src/app/app.component.html

@@ -1,10 +1,9 @@
 <div class="console-app mat-typography">
   <app-header (toggleNavOpen)="toggleSidenav()"></app-header>
   <div class="console-app__global-spinner">
-    <mat-progress-bar
-      mode="indeterminate"
-      *ngIf="globalLoader.isLoading"
-    ></mat-progress-bar>
+    @if (globalLoader.isLoading) {
+    <mat-progress-bar mode="indeterminate"></mat-progress-bar>
+    }
   </div>
   <mat-sidenav-container class="console-app__container">
     <mat-sidenav-content class="console-app__content-wrapper">

console-webapp/src/app/domains/domainList.component.html

@@ -143,13 +143,14 @@
             <ng-container matColumnDef="domainName">
               <mat-header-cell *matHeaderCellDef>Domain Name</mat-header-cell>
               <mat-cell *matCellDef="let element">
+                @if (getOperationMessage(element.domainName)) {
                 <mat-icon
-                  *ngIf="getOperationMessage(element.domainName)"
                   [matTooltip]="getOperationMessage(element.domainName)"
                   matTooltipPosition="above"
                   class="primary-text"
                   >info</mat-icon
                 >
+                }
                 <span>{{ element.domainName }}</span>
               </mat-cell>
             </ng-container>
@@ -209,9 +210,9 @@
             <mat-row *matRowDef="let row; columns: displayedColumns"></mat-row>
 
             <!-- Row shown when there is no matching data. -->
-            <mat-row *matNoDataRow>
-              <mat-cell colspan="6">No domains found</mat-cell>
-            </mat-row>
+            <tr class="mat-row" *matNoDataRow>
+              <td class="mat-cell" colspan="6">No domains found</td>
+            </tr>
           </mat-table>
           <mat-paginator
             [length]="totalResults"

console-webapp/src/app/domains/domainList.component.ts

@@ -33,6 +33,7 @@ import {
   MatDialogRef,
 } from '@angular/material/dialog';
 import { RESTRICTED_ELEMENTS } from '../shared/directives/userLevelVisiblity.directive';
+import { CdkColumnDef } from '@angular/cdk/table';
 
 interface DomainResponse {
   message: string;
@@ -114,6 +115,7 @@ export class ReasonDialogComponent {
   templateUrl: './domainList.component.html',
   styleUrls: ['./domainList.component.scss'],
   standalone: false,
+  providers: [CdkColumnDef],
 })
 export class DomainListComponent {
   public static PATH = 'domain-list';

console-webapp/src/app/header/header.component.html

@@ -1,14 +1,15 @@
 <p class="console-app__header">
   <mat-toolbar>
+    @if (breakpointObserver.isMobileView()) {
     <button
       mat-icon-button
       aria-label="Open navigation menu"
       (click)="toggleNavPane()"
-      *ngIf="breakpointObserver.isMobileView()"
       class="console-app__menu-btn"
     >
       <mat-icon>menu</mat-icon>
     </button>
+    }
     <a
       [routerLink]="'/home'"
       routerLinkActive="active"
@@ -65,7 +66,9 @@
       </svg>
     </a>
     <span class="spacer"></span>
-    <app-registrar-selector *ngIf="!breakpointObserver.isMobileView()" />
+    @if (!breakpointObserver.isMobileView()) {
+    <app-registrar-selector />
+    }
     <button
       class="console-app__header-user-icon"
       mat-mini-fab
@@ -79,5 +82,7 @@
       <button mat-menu-item (click)="logOut()">Log out</button>
     </mat-menu>
   </mat-toolbar>
-  <app-registrar-selector *ngIf="breakpointObserver.isMobileView()" />
+  @if (breakpointObserver.isMobileView()) {
+  <app-registrar-selector />
+  }
 </p>

console-webapp/src/app/history/historyList.component.html

@@ -9,41 +9,36 @@
 <mat-card>
   <mat-card-content>
     <mat-list role="list">
-      <ng-container *ngFor="let item of historyRecords; let last = last">
-        <mat-list-item class="history-list__item">
-          <mat-icon
-            [ngClass]="getIconClass(item.type)"
-            class="history-list__icon"
-          >
-            {{ getIconForType(item.type) }}
-          </mat-icon>
-
-          <div class="history-list__content">
-            <div class="history-list__description">
-              <span class="history-list__description--main">{{
-                item.type
-              }}</span>
-              <div>
-                <mat-chip
-                  *ngIf="parseDescription(item.description).detail"
-                  class="history-list__chip"
-                >
-                  {{ parseDescription(item.description).detail }}
-                </mat-chip>
-              </div>
-            </div>
-            <div class="history-list__user">
-              <b>User - {{ item.actingUser.emailAddress }}</b>
+      @for (item of historyRecords; track item; let last = $last) {
+      <mat-list-item class="history-list__item">
+        <mat-icon
+          [ngClass]="getIconClass(item.type)"
+          class="history-list__icon"
+        >
+          {{ getIconForType(item.type) }}
+        </mat-icon>
+        <div class="history-list__content">
+          <div class="history-list__description">
+            <span class="history-list__description--main">{{ item.type }}</span>
+            <div>
+              @if (parseDescription(item.description).detail) {
+              <mat-chip class="history-list__chip">
+                {{ parseDescription(item.description).detail }}
+              </mat-chip>
+              }
             </div>
           </div>
-
-          <span class="history-list__timestamp">
-            {{ item.modificationTime | date : "MMM d, y, h:mm a" }}
-          </span>
-        </mat-list-item>
-
-        <mat-divider *ngIf="!last"></mat-divider>
-      </ng-container>
+          <div class="history-list__user">
+            <b>User - {{ item.actingUser.emailAddress }}</b>
+          </div>
+        </div>
+        <span class="history-list__timestamp">
+          {{ item.modificationTime | date : "MMM d, y, h:mm a" }}
+        </span>
+      </mat-list-item>
+      @if (!last) {
+      <mat-divider></mat-divider>
+      } }
     </mat-list>
   </mat-card-content>
 </mat-card>

console-webapp/src/app/home/home.component.spec.ts

@@ -17,6 +17,9 @@ import { ComponentFixture, TestBed } from '@angular/core/testing';
 import { HomeComponent } from './home.component';
 import { MaterialModule } from '../material.module';
 import { AppModule } from '../app.module';
+import { BackendService } from '../shared/services/backend.service';
+import { provideHttpClient } from '@angular/common/http';
+import { provideHttpClientTesting } from '@angular/common/http/testing';
 
 describe('HomeComponent', () => {
   let component: HomeComponent;
@@ -26,6 +29,11 @@ describe('HomeComponent', () => {
     await TestBed.configureTestingModule({
       imports: [MaterialModule, AppModule],
       declarations: [HomeComponent],
+      providers: [
+        BackendService,
+        provideHttpClient(),
+        provideHttpClientTesting(),
+      ],
     }).compileComponents();
 
     fixture = TestBed.createComponent(HomeComponent);

console-webapp/src/app/navigation/navigation.component.html

@@ -12,9 +12,11 @@
     [class.active]="router.url.includes(node.path)"
     [elementId]="getElementId(node)"
   >
-    <mat-icon class="console-app__nav-icon" *ngIf="node.iconName">
+    @if (node.iconName) {
+    <mat-icon class="console-app__nav-icon">
       {{ node.iconName }}
     </mat-icon>
+    }
     {{ node.title }}
   </mat-tree-node>
   <mat-nested-tree-node
@@ -34,9 +36,11 @@
           {{ treeControl.isExpanded(node) ? "expand_more" : "chevron_right" }}
         </mat-icon>
       </button>
-      <mat-icon class="console-app__nav-icon" *ngIf="node.iconName">
+      @if (node.iconName) {
+      <mat-icon class="console-app__nav-icon">
         {{ node.iconName }}
       </mat-icon>
+      }
       {{ node.title }}
     </div>
     <div

console-webapp/src/app/ote/oteStatus.component.html

@@ -1,25 +1,28 @@
 <h1 class="mat-headline-4">OT&E Status Check</h1>
 @if(registrarId() === null) {
 <h1>Missing registrarId param</h1>
-} @else if(isOte()) {
-<h1 *ngIf="oteStatusResponse().length">
+} @else if(isOte()) { @if (oteStatusResponse().length) {
+<h1>
   Status:
   <span>{{ oteStatusUnfinished().length ? "Unfinished" : "Completed" }}</span>
 </h1>
+}
 <div class="console-app__ote-status">
   @if(oteStatusCompleted().length) {
   <div class="console-app__ote-status_completed">
     <h1>Completed</h1>
-    <div *ngFor="let entry of oteStatusCompleted()">
-      <mat-icon>check_box</mat-icon>{{ entry.description }}
-    </div>
+    @for (entry of oteStatusCompleted(); track entry) {
+    <div><mat-icon>check_box</mat-icon>{{ entry.description }}</div>
+    }
   </div>
   } @if(oteStatusUnfinished().length) {
   <div class="console-app__ote-status_unfinished">
     <h1>Unfinished</h1>
-    <div *ngFor="let entry of oteStatusUnfinished()">
+    @for (entry of oteStatusUnfinished(); track entry) {
+    <div>
       <mat-icon>check_box_outline_blank</mat-icon>{{ entry.description }}
     </div>
+    }
   </div>
   }
 </div>

console-webapp/src/app/ote/oteStatus.component.ts

@@ -18,7 +18,7 @@ import { MatSnackBar } from '@angular/material/snack-bar';
 import { RegistrarService } from '../registrar/registrar.service';
 import { MaterialModule } from '../material.module';
 import { SnackBarModule } from '../snackbar.module';
-import { CommonModule } from '@angular/common';
+
 import { ActivatedRoute, ParamMap } from '@angular/router';
 import { take } from 'rxjs';
 
@@ -31,7 +31,7 @@ export interface OteStatusResponse {
 
 @Component({
   selector: 'app-ote-status',
-  imports: [MaterialModule, SnackBarModule, CommonModule],
+  imports: [MaterialModule, SnackBarModule],
   templateUrl: './oteStatus.component.html',
   styleUrls: ['./oteStatus.component.scss'],
 })

console-webapp/src/app/registrar/registrarDetails.component.html

@@ -11,9 +11,8 @@
         <mat-icon>arrow_back</mat-icon>
       </button>
       <div class="spacer"></div>
-      @if(!inEdit && !registrarNotFound) {
+      @if(!inEdit && !registrarNotFound) { @if (oteButtonVisible) {
       <button
-        *ngIf="oteButtonVisible"
         mat-stroked-button
         (click)="checkOteStatus()"
         aria-label="Check OT&E account status"
@@ -21,6 +20,7 @@
       >
         Check OT&E Status
       </button>
+      }
       <button
         mat-flat-button
         color="primary"
@@ -39,10 +39,11 @@
     <h1>Registrar not found</h1>
     } @else {
     <h1>{{ registrarInEdit.registrarId }}</h1>
-    <h2 *ngIf="registrarInEdit.registrarName !== registrarInEdit.registrarId">
+    @if (registrarInEdit.registrarName !== registrarInEdit.registrarId) {
+    <h2>
       {{ registrarInEdit.registrarName }}
     </h2>
-    @if(inEdit) {
+    } @if(inEdit) {
     <form (ngSubmit)="saveAndClose()">
       <div>
         <mat-form-field appearance="outline">
@@ -60,15 +61,14 @@
         <mat-form-field appearance="outline">
           <mat-label>Onboarded TLDs: </mat-label>
           <mat-chip-grid #chipGrid aria-label="Enter TLD">
-            <mat-chip-row
-              *ngFor="let tld of registrarInEdit.allowedTlds"
-              (removed)="removeTLD(tld)"
-            >
+            @for (tld of registrarInEdit.allowedTlds; track tld) {
+            <mat-chip-row (removed)="removeTLD(tld)">
               {{ tld }}
               <button matChipRemove aria-label="'remove ' + tld">
                 <mat-icon>cancel</mat-icon>
               </button>
             </mat-chip-row>
+            }
           </mat-chip-grid>
           <input
             placeholder="New tld..."

console-webapp/src/app/registrar/registrarsTable.component.html

@@ -5,15 +5,16 @@
   <div class="console-app__registrars-header">
     <h1 class="mat-headline-4" forceFocus>Registrars</h1>
     <div class="spacer"></div>
+    @if (oteButtonVisible) {
     <button
       mat-stroked-button
-      *ngIf="oteButtonVisible"
       (click)="createOteAccount()"
       aria-label="Generate OT&E accounts"
       [elementId]="getElementIdForOteBlock()"
     >
       Create OT&E accounts
     </button>
+    }
     <button
       class="console-app__registrars-new"
       mat-flat-button
@@ -43,10 +44,8 @@
         class="console-app__registrars-table"
         matSort
       >
-        <ng-container
-          *ngFor="let column of columns"
-          [matColumnDef]="column.columnDef"
-        >
+        @for (column of columns; track column) {
+        <ng-container [matColumnDef]="column.columnDef">
           <mat-header-cell *matHeaderCellDef>
             {{ column.header }}
           </mat-header-cell>
@@ -55,6 +54,7 @@
             [innerHTML]="column.cell(row)"
           ></mat-cell>
         </ng-container>
+        }
         <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
         <mat-row
           *matRowDef="let row; columns: displayedColumns"

console-webapp/src/app/settings/contact/contact.component.html

@@ -22,13 +22,12 @@
   </div>
   } @else {
   <mat-table [dataSource]="dataSource" class="mat-elevation-z0">
-    <ng-container
-      *ngFor="let column of columns"
-      [matColumnDef]="column.columnDef"
-    >
+    @for (column of columns; track column) {
+    <ng-container [matColumnDef]="column.columnDef">
       <mat-header-cell *matHeaderCellDef> {{ column.header }} </mat-header-cell>
       <mat-cell *matCellDef="let row" [innerHTML]="column.cell(row)"></mat-cell>
     </ng-container>
+    }
     <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
     <mat-row
       *matRowDef="let row; columns: displayedColumns"

console-webapp/src/app/settings/contact/contactDetails.component.html

@@ -1,9 +1,5 @@
-<div
-  class="console-app__contact"
-  *ngIf="contactService.contactInEdit"
-  cdkTrapFocus
-  [cdkTrapFocusAutoCapture]="true"
->
+@if (contactService.contactInEdit) {
+<div class="console-app__contact" cdkTrapFocus [cdkTrapFocusAutoCapture]="true">
   <div class="console-app__contact-controls">
     <button
       mat-icon-button
@@ -32,7 +28,6 @@
     </button>
     }
   </div>
-
   @if(isEditing || contactService.isContactNewView) {
   <h1>Contact Details</h1>
   <form (ngSubmit)="save($event)">
@@ -46,7 +41,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Primary account email: </mat-label>
         <input
@@ -64,7 +58,6 @@
           "
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Phone: </mat-label>
         <input
@@ -74,7 +67,6 @@
           placeholder="+0.0000000000"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Fax: </mat-label>
         <input
@@ -84,7 +76,6 @@
         />
       </mat-form-field>
     </section>
-
     <section>
       <h1>Contact Type</h1>
       <p class="console-app__contact-required">
@@ -92,21 +83,18 @@
         (primary contact can't be updated)
       </p>
       <div class="">
-        <ng-container
-          *ngFor="let contactType of contactTypeToTextMap | keyvalue"
+        @for (contactType of contactTypeToTextMap | keyvalue; track contactType)
+        { @if (shouldDisplayCheckbox(contactType.key)) {
+        <mat-checkbox
+          [checked]="checkboxIsChecked(contactType.key)"
+          (change)="checkboxOnChange($event, contactType.key)"
+          [disabled]="checkboxIsDisabled(contactType.key)"
         >
-          <mat-checkbox
-            *ngIf="shouldDisplayCheckbox(contactType.key)"
-            [checked]="checkboxIsChecked(contactType.key)"
-            (change)="checkboxOnChange($event, contactType.key)"
-            [disabled]="checkboxIsDisabled(contactType.key)"
-          >
-            {{ contactType.value }}
-          </mat-checkbox>
-        </ng-container>
+          {{ contactType.value }}
+        </mat-checkbox>
+        } }
       </div>
     </section>
-
     <section>
       <h1>RDAP Preferences</h1>
       <div>
@@ -116,7 +104,6 @@
           >Show in Registrar RDAP record as admin contact</mat-checkbox
         >
       </div>
-
       <div>
         <mat-checkbox
           [(ngModel)]="contactService.contactInEdit.visibleInRdapAsTech"
@@ -124,7 +111,6 @@
           >Show in Registrar RDAP record as technical contact</mat-checkbox
         >
       </div>
-
       <div>
         <mat-checkbox
           [(ngModel)]="contactService.contactInEdit.visibleInDomainRdapAsAbuse"
@@ -198,15 +184,13 @@
         </mat-list-item>
         } @if(contactService.contactInEdit.visibleInRdapAsTech) {
         <mat-divider></mat-divider>
-        <mat-list-item
-          role="listitem"
-          *ngIf="contactService.contactInEdit.visibleInRdapAsTech"
-        >
+        @if (contactService.contactInEdit.visibleInRdapAsTech) {
+        <mat-list-item role="listitem">
           <span class="console-app__list-value"
             >Show in Registrar RDAP record as technical contact</span
           >
         </mat-list-item>
-        } @if(contactService.contactInEdit.visibleInDomainRdapAsAbuse) {
+        } } @if(contactService.contactInEdit.visibleInDomainRdapAsAbuse) {
         <mat-divider></mat-divider>
         <mat-list-item role="listitem">
           <span class="console-app__list-value"
@@ -220,3 +204,4 @@
   </mat-card>
   }
 </div>
+}

console-webapp/src/app/settings/rdap/rdapEdit.component.html

@@ -1,6 +1,6 @@
+@if (registrarInEdit) {
 <div
   class="console-app__rdap-edit"
-  *ngIf="registrarInEdit"
   cdkTrapFocus
   [cdkTrapFocusAutoCapture]="true"
 >
@@ -12,7 +12,6 @@
   >
     <mat-icon>arrow_back</mat-icon>
   </button>
-
   <div class="console-app__rdap-edit-controls">
     <span>
       General registrar information for your RDAP record. This information is
@@ -20,10 +19,8 @@
     </span>
     <div class="spacer"></div>
   </div>
-
   <div class="console-app__rdap-edit">
     <h1>Personal info</h1>
-
     <form (ngSubmit)="save($event)">
       <mat-form-field appearance="outline">
         <mat-label>Email: </mat-label>
@@ -34,7 +31,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Phone: </mat-label>
         <input
@@ -44,7 +40,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Fax: </mat-label>
         <input
@@ -54,7 +49,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Street Address (line 1): </mat-label>
         <input
@@ -64,7 +58,6 @@
           [(ngModel)]="registrarInEdit.localizedAddress.street![0]"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Street Address (line 2): </mat-label>
         <input
@@ -74,7 +67,6 @@
           [(ngModel)]="registrarInEdit.localizedAddress.street![1]"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>City: </mat-label>
         <input
@@ -84,7 +76,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).city"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>State or Province: </mat-label>
         <input
@@ -94,7 +85,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).state"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Country: </mat-label>
         <input
@@ -104,7 +94,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).countryCode"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Postal code: </mat-label>
         <input
@@ -114,7 +103,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).zip"
         />
       </mat-form-field>
-
       <button
         mat-flat-button
         color="primary"
@@ -126,3 +114,4 @@
     </form>
   </div>
 </div>
+}

console-webapp/src/app/settings/security/eppPasswordEdit.component.html

@@ -21,7 +21,6 @@
     [formGroup]="passwordUpdateForm"
     (submitResults)="save($event)"
   />
-  @if(userDataService.userData()?.isAdmin) {
   <div class="settings-security__reset-password-field">
     <h2>Need to reset your EPP password?</h2>
     <button
@@ -33,5 +32,4 @@
       Reset EPP password via email
     </button>
   </div>
-  }
 </div>

console-webapp/src/app/settings/security/eppPasswordEdit.component.ts

@@ -20,7 +20,7 @@ import { RegistrarService } from 'src/app/registrar/registrar.service';
 import { SecurityService } from './security.service';
 import { UserDataService } from 'src/app/shared/services/userData.service';
 import { MatDialog, MatDialogRef } from '@angular/material/dialog';
-import { CommonModule } from '@angular/common';
+
 import { MaterialModule } from 'src/app/material.module';
 import { filter, switchMap, take } from 'rxjs';
 import { BackendService } from 'src/app/shared/services/backend.service';
@@ -41,7 +41,7 @@ import {
       <button mat-button color="warn" (click)="onSave()">Confirm</button>
     </mat-dialog-actions>
   `,
-  imports: [CommonModule, MaterialModule],
+  imports: [MaterialModule],
 })
 export class ResetEppPasswordComponent {
   constructor(public dialogRef: MatDialogRef<ResetEppPasswordComponent>) {}

console-webapp/src/app/settings/security/security.component.html

@@ -68,7 +68,7 @@
           >
         </mat-list-item>
         <mat-divider></mat-divider>
-        @for (item of dataSource.ipAddressAllowList; track item.value) {
+        @for (item of dataSource.ipAddressAllowList; track $index){
         <mat-list-item role="listitem">
           <span class="console-app__list-value">{{ item.value }}</span>
         </mat-list-item>

console-webapp/src/app/settings/security/security.component.spec.ts

@@ -12,7 +12,13 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { ComponentFixture, TestBed, waitForAsync } from '@angular/core/testing';
+import {
+  ComponentFixture,
+  fakeAsync,
+  TestBed,
+  tick,
+  waitForAsync,
+} from '@angular/core/testing';
 
 import { provideHttpClient } from '@angular/common/http';
 import { provideHttpClientTesting } from '@angular/common/http/testing';
@@ -30,43 +36,32 @@ import { MOCK_REGISTRAR_SERVICE } from 'src/testdata/registrar/registrar.service
 describe('SecurityComponent', () => {
   let component: SecurityComponent;
   let fixture: ComponentFixture<SecurityComponent>;
-  let fetchSecurityDetailsSpy: Function;
   let saveSpy: Function;
+  let securityServiceStub: Partial<SecurityService>;
 
   beforeEach(async () => {
-    const securityServiceSpy = jasmine.createSpyObj(SecurityService, [
-      'fetchSecurityDetails',
-      'saveChanges',
-    ]);
-
-    fetchSecurityDetailsSpy =
-      securityServiceSpy.fetchSecurityDetails.and.returnValue(of());
-
-    saveSpy = securityServiceSpy.saveChanges.and.returnValue(of());
+    securityServiceStub = {
+      isEditingSecurity: false,
+      isEditingPassword: false,
+      saveChanges: jasmine.createSpy('saveChanges').and.returnValue(of({})),
+    };
 
     await TestBed.configureTestingModule({
       declarations: [SecurityEditComponent, SecurityComponent],
       imports: [MaterialModule, BrowserAnimationsModule, FormsModule],
       providers: [
         BackendService,
-        SecurityService,
+        { provide: SecurityService, useValue: securityServiceStub },
         { provide: RegistrarService, useValue: MOCK_REGISTRAR_SERVICE },
         provideHttpClient(),
         provideHttpClientTesting(),
       ],
-    })
-      .overrideComponent(SecurityComponent, {
-        set: {
-          providers: [
-            { provide: SecurityService, useValue: securityServiceSpy },
-          ],
-        },
-      })
-      .compileComponents();
+    }).compileComponents();
+
+    saveSpy = securityServiceStub.saveChanges as jasmine.Spy;
 
     fixture = TestBed.createComponent(SecurityComponent);
     component = fixture.componentInstance;
-    fixture.detectChanges();
   });
 
   it('should create', () => {
@@ -93,17 +88,36 @@ describe('SecurityComponent', () => {
     });
   }));
 
-  it('should remove ip', waitForAsync(() => {
-    component.dataSource.ipAddressAllowList =
-      component.dataSource.ipAddressAllowList?.splice(1);
-    fixture.whenStable().then(() => {
-      fixture.detectChanges();
-      let listElems: Array<HTMLElement> = Array.from(
-        fixture.nativeElement.querySelectorAll('span.console-app__list-value')
-      );
-      expect(listElems.map((e) => e.textContent)).toContain(
-        'No IP addresses on file.'
-      );
+  it('should remove ip', fakeAsync(() => {
+    fixture.detectChanges();
+    tick();
+
+    const editBtn = fixture.nativeElement.querySelector(
+      'button[aria-label="Edit security settings"]'
+    );
+    editBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
+    const removeIpBtn = fixture.nativeElement.querySelector(
+      '.console-app__removeIp'
+    );
+    removeIpBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
+    const saveBtn = fixture.nativeElement.querySelector(
+      '.settings-security__edit-save'
+    );
+    saveBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
+    expect(saveSpy).toHaveBeenCalledWith({
+      ipAddressAllowList: [],
     });
   }));
 
@@ -119,21 +133,34 @@ describe('SecurityComponent', () => {
     expect(component.securityService.isEditingPassword).toBeTrue();
   });
 
-  it('should call save', waitForAsync(async () => {
-    component.editSecurity();
-    await fixture.whenStable();
+  it('should call save', fakeAsync(() => {
     fixture.detectChanges();
+    tick();
+
+    const editBtn = fixture.nativeElement.querySelector(
+      'button[aria-label="Edit security settings"]'
+    );
+    editBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
     const el = fixture.nativeElement.querySelector(
       '.console-app__clientCertificateValue'
     );
     el.value = 'test';
     el.dispatchEvent(new Event('input'));
+
+    tick();
     fixture.detectChanges();
-    await fixture.whenStable();
-    fixture.nativeElement
-      .querySelector('.settings-security__edit-save')
-      .click();
-    expect(saveSpy).toHaveBeenCalledOnceWith({
+
+    const saveBtn = fixture.nativeElement.querySelector(
+      '.settings-security__edit-save'
+    );
+    saveBtn.click();
+
+    tick();
+    expect(saveSpy).toHaveBeenCalledWith({
       ipAddressAllowList: [{ value: '123.123.123.123' }],
       clientCertificate: 'test',
     });

console-webapp/src/app/settings/security/securityEdit.component.html

@@ -23,9 +23,11 @@
       <button
         matSuffix
         mat-icon-button
+        class="console-app__removeIp"
         [attr.aria-label]="'Remove IP entry ' + ip.value"
         (click)="removeIpEntry(ip)"
         [disabled]="isUpdating"
+        type="button"
       >
         <mat-icon>close</mat-icon>
       </button>

console-webapp/src/app/shared/components/passwordReset/passwordInputForm.component.html

@@ -14,9 +14,9 @@
         required
         autocomplete="current-password"
       />
-      <mat-error *ngIf="hasError('oldPassword') as errorText">{{
-        errorText
-      }}</mat-error>
+      @if (hasError('oldPassword'); as errorText) {
+      <mat-error>{{ errorText }}</mat-error>
+      }
     </mat-form-field>
   </div>
   }
@@ -30,9 +30,9 @@
         required
         autocomplete="new-password"
       />
-      <mat-error *ngIf="hasError('newPassword') as errorText">{{
-        errorText
-      }}</mat-error>
+      @if (hasError('newPassword'); as errorText) {
+      <mat-error>{{ errorText }}</mat-error>
+      }
     </mat-form-field>
   </div>
   <div class="console-app__password-input-form-field">
@@ -45,9 +45,9 @@
         required
         autocomplete="new-password"
       />
-      <mat-error *ngIf="hasError('newPasswordRepeat') as errorText">{{
-        errorText
-      }}</mat-error>
+      @if (hasError('newPasswordRepeat'); as errorText) {
+      <mat-error>{{ errorText }}</mat-error>
+      }
     </mat-form-field>
   </div>
   <button

console-webapp/src/app/shared/directives/userLevelVisiblity.directive.ts

@@ -29,10 +29,9 @@ export const DISABLED_ELEMENTS_PER_ROLE = {
     RESTRICTED_ELEMENTS.REGISTRAR_ELEMENT,
     RESTRICTED_ELEMENTS.OTE,
     RESTRICTED_ELEMENTS.SUSPEND,
-    RESTRICTED_ELEMENTS.ACTIVITY_PER_USER,
   ],
   SUPPORT_LEAD: [],
-  SUPPORT_AGENT: [RESTRICTED_ELEMENTS.ACTIVITY_PER_USER],
+  SUPPORT_AGENT: [],
 };
 
 @Directive({

console-webapp/src/app/users/userDetails.component.html

@@ -50,15 +50,17 @@
       <mat-icon>delete</mat-icon>
     </button>
   </div>
-  <div *ngIf="isNewUser" class="console-app__user-details-save-password">
+  @if (isNewUser) {
+  <div class="console-app__user-details-save-password">
     <mat-icon>priority_high</mat-icon>
     Please save the password. For your security, we do not store passwords in a
     recoverable format.
   </div>
-
-  <p *ngIf="isLoading">
+  } @if (isLoading) {
+  <p>
     <mat-progress-bar mode="query"></mat-progress-bar>
   </p>
+  }
 
   <mat-card appearance="outlined">
     <mat-card-content>

console-webapp/src/app/users/userDetails.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import { Component, computed } from '@angular/core';
 import { MatSnackBar } from '@angular/material/snack-bar';
 import { SelectedRegistrarModule } from '../app.module';
@@ -31,7 +30,6 @@ import { UserEditFormComponent } from './userEditForm.component';
     FormsModule,
     MaterialModule,
     SnackBarModule,
-    CommonModule,
     SelectedRegistrarModule,
     UserEditFormComponent,
   ],

console-webapp/src/app/users/userEditForm.component.html

@@ -1,6 +1,7 @@
 <div class="console-app__user-edit">
   <form (ngSubmit)="saveEdit($event)" #form>
-    <p *ngIf="isNew()">
+    @if (isNew()) {
+    <p>
       <mat-form-field appearance="outline">
         <mat-label
           >User name prefix:
@@ -19,6 +20,7 @@
         />
       </mat-form-field>
     </p>
+    }
     <p>
       <mat-form-field appearance="outline">
         <mat-label
@@ -44,7 +46,6 @@
       Save
     </button>
   </form>
-  @if(userDataService.userData()?.isAdmin) {
   <button
     mat-flat-button
     color="primary"
@@ -53,5 +54,4 @@
   >
     Reset registry lock password
   </button>
-  }
 </div>

console-webapp/src/app/users/userEditForm.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import {
   Component,
   ElementRef,
@@ -50,7 +49,7 @@ import { HttpErrorResponse } from '@angular/common/http';
       <button mat-button color="warn" (click)="onSave()">Confirm</button>
     </mat-dialog-actions>
   `,
-  imports: [CommonModule, MaterialModule],
+  imports: [MaterialModule],
 })
 export class ResetRegistryLockPasswordComponent {
   constructor(
@@ -72,7 +71,7 @@ export class ResetRegistryLockPasswordComponent {
   selector: 'app-user-edit-form',
   templateUrl: './userEditForm.component.html',
   styleUrls: ['./userEditForm.component.scss'],
-  imports: [FormsModule, MaterialModule, CommonModule],
+  imports: [FormsModule, MaterialModule],
   providers: [],
 })
 export class UserEditFormComponent {

console-webapp/src/app/users/users.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import { HttpErrorResponse } from '@angular/common/http';
 import { Component, effect } from '@angular/core';
 import { MatSnackBar } from '@angular/material/snack-bar';
@@ -35,7 +34,6 @@ import { UserEditFormComponent } from './userEditForm.component';
     FormsModule,
     MaterialModule,
     SnackBarModule,
-    CommonModule,
     SelectedRegistrarModule,
     UsersListComponent,
     UserEditFormComponent,

console-webapp/src/app/users/usersList.component.html

@@ -5,15 +5,14 @@
     class="console-app__users-table"
     matSort
   >
-    <ng-container
-      *ngFor="let column of columns"
-      [matColumnDef]="column.columnDef"
-    >
+    @for (column of columns; track column) {
+    <ng-container [matColumnDef]="column.columnDef">
       <mat-header-cell *matHeaderCellDef>
         {{ column.header }}
       </mat-header-cell>
       <mat-cell *matCellDef="let row" [innerHTML]="column.cell(row)"></mat-cell>
     </ng-container>
+    }
     <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
     <mat-row
       *matRowDef="let row; columns: displayedColumns"

console-webapp/src/app/users/usersList.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import {
   Component,
   effect,
@@ -43,7 +42,7 @@ export const columns = [
   selector: 'app-users-list',
   templateUrl: './usersList.component.html',
   styleUrls: ['./usersList.component.scss'],
-  imports: [MaterialModule, CommonModule],
+  imports: [MaterialModule],
   providers: [],
 })
 export class UsersListComponent {

console-webapp/src/main.ts

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { enableProdMode } from '@angular/core';
+import { enableProdMode, provideZoneChangeDetection } from '@angular/core';
 import { platformBrowserDynamic } from '@angular/platform-browser-dynamic';
 
 import { AppModule } from './app/app.module';
@@ -23,5 +23,7 @@ if (environment.production || environment.sandbox) {
 }
 
 platformBrowserDynamic()
-  .bootstrapModule(AppModule)
+  .bootstrapModule(AppModule, {
+    applicationProviders: [provideZoneChangeDetection()],
+  })
   .catch((err) => console.error(err));

console-webapp/tsconfig.json

@@ -14,14 +14,10 @@
     "sourceMap": true,
     "declaration": false,
     "experimentalDecorators": true,
-    "moduleResolution": "node",
+    "moduleResolution": "bundler",
     "importHelpers": true,
     "target": "ES2022",
     "module": "es2020",
-    "lib": [
-      "es2020",
-      "dom"
-    ],
     "useDefineForClassFields": false
   },
   "angularCompilerOptions": {

core/src/main/java/google/registry/flows/domain/DomainClaimsCheckFlow.java

@@ -108,8 +108,7 @@ public final class DomainClaimsCheckFlow implements TransactionalFlow {
           verifyClaimsPeriodNotEnded(tld, now);
         }
       }
-      Optional<String> claimKey =
-          ClaimsListDao.get(tldStr).getClaimKey(parsedDomain.parts().get(0));
+      Optional<String> claimKey = ClaimsListDao.get().getClaimKey(parsedDomain.parts().get(0));
       launchChecksBuilder.add(
           LaunchCheck.create(
               LaunchCheckName.create(claimKey.isPresent(), domainName), claimKey.orElse(null)));

core/src/main/java/google/registry/flows/domain/DomainCreateFlow.java

@@ -279,7 +279,7 @@ public final class DomainCreateFlow implements MutatingFlow {
       checkAllowedAccessToTld(registrarId, tld.getTldStr());
       checkHasBillingAccount(registrarId, tld.getTldStr());
       boolean isValidReservedCreate = isValidReservedCreate(domainName, allocationToken);
-      ClaimsList claimsList = ClaimsListDao.get(tld.getTldStr());
+      ClaimsList claimsList = ClaimsListDao.get();
       verifyIsGaOrSpecialCase(
           tld,
           claimsList,
@@ -311,8 +311,7 @@ public final class DomainCreateFlow implements MutatingFlow {
       // at this point so that we can verify it before the "after validation" extension point.
       signedMarkId =
           tmchUtils
-              .verifySignedMarks(
-                  tld.getTldStr(), launchCreate.get().getSignedMarks(), domainLabel, now)
+              .verifySignedMarks(launchCreate.get().getSignedMarks(), domainLabel, now)
               .getId();
     }
     verifyNotBlockedByBsa(domainName, tld, now, allocationToken);

core/src/main/java/google/registry/flows/domain/DomainFlowTmchUtils.java

@@ -55,7 +55,7 @@ public final class DomainFlowTmchUtils {
   }
 
   public SignedMark verifySignedMarks(
-      String tld, ImmutableList<AbstractSignedMark> signedMarks, String domainLabel, DateTime now)
+      ImmutableList<AbstractSignedMark> signedMarks, String domainLabel, DateTime now)
       throws EppException {
     if (signedMarks.size() > 1) {
       throw new TooManySignedMarksException();
@@ -63,8 +63,7 @@ public final class DomainFlowTmchUtils {
     if (!(signedMarks.get(0) instanceof EncodedSignedMark)) {
       throw new SignedMarksMustBeEncodedException();
     }
-    SignedMark signedMark =
-        verifyEncodedSignedMark(tld, (EncodedSignedMark) signedMarks.get(0), now);
+    SignedMark signedMark = verifyEncodedSignedMark((EncodedSignedMark) signedMarks.get(0), now);
     return verifySignedMarkValidForDomainLabel(signedMark, domainLabel);
   }
 
@@ -76,9 +75,8 @@ public final class DomainFlowTmchUtils {
     return signedMark;
   }
 
-  // TODO(b/412715713): remove the tld parameter when RST completes.
-  public SignedMark verifyEncodedSignedMark(
-      String tld, EncodedSignedMark encodedSignedMark, DateTime now) throws EppException {
+  public SignedMark verifyEncodedSignedMark(EncodedSignedMark encodedSignedMark, DateTime now)
+      throws EppException {
     if (!encodedSignedMark.getEncoding().equals("base64")) {
       throw new Base64RequiredForEncodedSignedMarksException();
     }
@@ -96,7 +94,7 @@ public final class DomainFlowTmchUtils {
       throw new SignedMarkParsingErrorException();
     }
 
-    if (SignedMarkRevocationList.get(tld).isSmdRevoked(signedMark.getId(), now)) {
+    if (SignedMarkRevocationList.get().isSmdRevoked(signedMark.getId(), now)) {
       throw new SignedMarkRevokedErrorException();
     }
 

core/src/main/java/google/registry/flows/domain/DomainTransferRequestFlow.java

@@ -76,7 +76,7 @@ import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
 import google.registry.model.tld.Tld;
 import google.registry.model.transfer.DomainTransferData;
-import google.registry.model.transfer.TransferData.TransferServerApproveEntity;
+import google.registry.model.transfer.DomainTransferData.TransferServerApproveEntity;
 import google.registry.model.transfer.TransferResponse.DomainTransferResponse;
 import google.registry.model.transfer.TransferStatus;
 import jakarta.inject.Inject;

core/src/main/java/google/registry/flows/domain/DomainTransferUtils.java

@@ -36,8 +36,7 @@ import google.registry.model.poll.PollMessage;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
 import google.registry.model.tld.Tld;
 import google.registry.model.transfer.DomainTransferData;
-import google.registry.model.transfer.TransferData;
-import google.registry.model.transfer.TransferData.TransferServerApproveEntity;
+import google.registry.model.transfer.DomainTransferData.TransferServerApproveEntity;
 import google.registry.model.transfer.TransferResponse.DomainTransferResponse;
 import google.registry.model.transfer.TransferStatus;
 import google.registry.persistence.VKey;
@@ -51,7 +50,7 @@ import org.joda.time.DateTime;
  */
 public final class DomainTransferUtils {
 
-  /** Sets up {@link TransferData} for a domain with links to entities for server approval. */
+  /** Sets up {@link DomainTransferData} for a domain with links to entities for server approval. */
   public static DomainTransferData createPendingTransferData(
       String domainRepoId,
       Long historyId,
@@ -179,7 +178,7 @@ public final class DomainTransferUtils {
   /** Create a poll message for the gaining client in a transfer. */
   public static PollMessage createGainingTransferPollMessage(
       String targetId,
-      TransferData transferData,
+      DomainTransferData transferData,
       @Nullable DateTime extendedRegistrationExpirationTime,
       DateTime now,
       HistoryEntryId domainHistoryId) {
@@ -202,7 +201,7 @@ public final class DomainTransferUtils {
   /** Create a poll message for the losing client in a transfer. */
   public static PollMessage createLosingTransferPollMessage(
       String targetId,
-      TransferData transferData,
+      DomainTransferData transferData,
       @Nullable DateTime extendedRegistrationExpirationTime,
       HistoryEntryId domainHistoryId) {
     return new PollMessage.OneTime.Builder()
@@ -216,10 +215,10 @@ public final class DomainTransferUtils {
         .build();
   }
 
-  /** Create a {@link DomainTransferResponse} off of the info in a {@link TransferData}. */
+  /** Create a {@link DomainTransferResponse} off of the info in a {@link DomainTransferData}. */
   static DomainTransferResponse createTransferResponse(
       String targetId,
-      TransferData transferData,
+      DomainTransferData transferData,
       @Nullable DateTime extendedRegistrationExpirationTime) {
     return new DomainTransferResponse.Builder()
         .setDomainName(targetId)

core/src/main/java/google/registry/model/EppResource.java

@@ -34,7 +34,6 @@ import com.google.common.collect.ImmutableSet;
 import com.google.gson.annotations.Expose;
 import google.registry.config.RegistryConfig;
 import google.registry.model.eppcommon.StatusValue;
-import google.registry.model.transfer.TransferData;
 import google.registry.persistence.VKey;
 import google.registry.util.NonFinalForTesting;
 import jakarta.persistence.Access;
@@ -207,27 +206,6 @@ public abstract class EppResource extends UpdateAutoTimestampEntity implements B
   /** EppResources that are loaded via foreign keys should implement this marker interface. */
   public interface ForeignKeyedEppResource {}
 
-  /** An interface for resources that have transfer data. */
-  public interface ResourceWithTransferData<T extends TransferData> {
-    T getTransferData();
-
-    /**
-     * The time that this resource was last transferred.
-     *
-     * <p>Can be null if the resource has never been transferred.
-     */
-    DateTime getLastTransferTime();
-  }
-
-  /** An interface for builders of resources that have transfer data. */
-  public interface BuilderWithTransferData<
-      T extends TransferData, B extends BuilderWithTransferData<T, B>> {
-    B setTransferData(T transferData);
-
-    /** Set the time when this resource was transferred. */
-    B setLastTransferTime(DateTime lastTransferTime);
-  }
-
   /** Abstract builder for {@link EppResource} types. */
   public abstract static class Builder<T extends EppResource, B extends Builder<T, B>>
       extends GenericBuilder<T, B> {

core/src/main/java/google/registry/model/ResourceTransferUtils.java

@@ -29,7 +29,6 @@ import google.registry.model.poll.PendingActionNotificationResponse.DomainPendin
 import google.registry.model.poll.PollMessage;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.transfer.DomainTransferData;
-import google.registry.model.transfer.TransferData;
 import google.registry.model.transfer.TransferResponse;
 import google.registry.model.transfer.TransferResponse.DomainTransferResponse;
 import google.registry.model.transfer.TransferStatus;
@@ -79,7 +78,7 @@ public final class ResourceTransferUtils {
     if (!domain.getStatusValues().contains(StatusValue.PENDING_TRANSFER)) {
       return;
     }
-    TransferData oldTransferData = domain.getTransferData();
+    DomainTransferData oldTransferData = domain.getTransferData();
     tm().delete(oldTransferData.getServerApproveEntities());
     tm().put(
             new PollMessage.OneTime.Builder()
@@ -99,8 +98,8 @@ public final class ResourceTransferUtils {
    * Turn a domain into a builder with its pending transfer resolved.
    *
    * <p>This removes the {@link StatusValue#PENDING_TRANSFER} status, sets the {@link
-   * TransferStatus}, clears all the server-approve fields on the {@link TransferData}, and sets the
-   * expiration time of the last pending transfer to now.
+   * TransferStatus}, clears all the server-approve fields on the {@link DomainTransferData}, and
+   * sets the expiration time of the last pending transfer to now.
    */
   private static Domain.Builder resolvePendingTransfer(
       Domain domain, TransferStatus transferStatus, DateTime now) {
@@ -125,9 +124,9 @@ public final class ResourceTransferUtils {
    * Resolve a pending transfer by awarding it to the gaining client.
    *
    * <p>This removes the {@link StatusValue#PENDING_TRANSFER} status, sets the {@link
-   * TransferStatus}, clears all the server-approve fields on the {@link TransferData}, sets the new
-   * client id, and sets the last transfer time and the expiration time of the last pending transfer
-   * to now.
+   * TransferStatus}, clears all the server-approve fields on the {@link DomainTransferData}, sets
+   * the new client id, and sets the last transfer time and the expiration time of the last pending
+   * transfer to now.
    */
   public static Domain approvePendingTransfer(
       Domain domain, TransferStatus transferStatus, DateTime now) {
@@ -143,9 +142,9 @@ public final class ResourceTransferUtils {
    * Resolve a pending transfer by denying it.
    *
    * <p>This removes the {@link StatusValue#PENDING_TRANSFER} status, sets the {@link
-   * TransferStatus}, clears all the server-approve fields on the {@link TransferData}, sets the
-   * expiration time of the last pending transfer to now, sets the last EPP update time to now, and
-   * sets the last EPP update client id to the given client id.
+   * TransferStatus}, clears all the server-approve fields on the {@link DomainTransferData}, sets
+   * the expiration time of the last pending transfer to now, sets the last EPP update time to now,
+   * and sets the last EPP update client id to the given client id.
    */
   public static Domain denyPendingTransfer(
       Domain domain, TransferStatus transferStatus, DateTime now, String lastEppUpdateRegistrarId) {

core/src/main/java/google/registry/model/billing/BillingBase.java

@@ -26,7 +26,7 @@ import google.registry.model.UnsafeSerializable;
 import google.registry.model.annotations.IdAllocation;
 import google.registry.model.domain.DomainHistory;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
-import google.registry.model.transfer.TransferData.TransferServerApproveEntity;
+import google.registry.model.transfer.DomainTransferData.TransferServerApproveEntity;
 import google.registry.persistence.VKey;
 import jakarta.persistence.Column;
 import jakarta.persistence.EnumType;

core/src/main/java/google/registry/model/common/FeatureFlag.java

@@ -68,6 +68,10 @@ public class FeatureFlag extends ImmutableObject implements Buildable {
     /** Feature flag name used for testing only. */
     TEST_FEATURE(FeatureStatus.INACTIVE),
 
+    /** True if Fee Extension 1.0 (RFC 8748) is enabled in production. */
+    // TODO(b/159033801) Delete this flag after 1.0 is hardened in prod.
+    FEE_EXTENSION_1_DOT_0_IN_PROD(FeatureStatus.INACTIVE),
+
     /** If we're not requiring the presence of contact data on domain EPP commands. */
     MINIMUM_DATASET_CONTACTS_OPTIONAL(FeatureStatus.INACTIVE),
 

core/src/main/java/google/registry/model/domain/DomainBase.java

@@ -43,7 +43,6 @@ import com.google.common.collect.Sets;
 import com.google.gson.annotations.Expose;
 import google.registry.flows.ResourceFlowUtils;
 import google.registry.model.EppResource;
-import google.registry.model.EppResource.ResourceWithTransferData;
 import google.registry.model.billing.BillingRecurrence;
 import google.registry.model.domain.launch.LaunchNotice;
 import google.registry.model.domain.rgp.GracePeriodStatus;
@@ -96,8 +95,7 @@ import org.joda.time.Interval;
 @MappedSuperclass
 @Embeddable
 @Access(AccessType.FIELD)
-public class DomainBase extends EppResource
-    implements ResourceWithTransferData<DomainTransferData> {
+public class DomainBase extends EppResource {
 
   /** The max number of years that a domain can be registered for, as set by ICANN policy. */
   public static final int MAX_REGISTRATION_YEARS = 10;
@@ -319,12 +317,10 @@ public class DomainBase extends EppResource
     return Optional.ofNullable(autorenewEndTime.equals(END_OF_TIME) ? null : autorenewEndTime);
   }
 
-  @Override
   public DomainTransferData getTransferData() {
     return Optional.ofNullable(transferData).orElse(DomainTransferData.EMPTY);
   }
 
-  @Override
   public DateTime getLastTransferTime() {
     return lastTransferTime;
   }
@@ -605,7 +601,7 @@ public class DomainBase extends EppResource
 
   /** A builder for constructing {@link Domain}, since it is immutable. */
   public static class Builder<T extends DomainBase, B extends Builder<T, B>>
-      extends EppResource.Builder<T, B> implements BuilderWithTransferData<DomainTransferData, B> {
+      extends EppResource.Builder<T, B> {
 
     public Builder() {}
 
@@ -783,13 +779,11 @@ public class DomainBase extends EppResource
       return thisCastToDerived();
     }
 
-    @Override
     public B setTransferData(DomainTransferData transferData) {
       getInstance().transferData = transferData;
       return thisCastToDerived();
     }
 
-    @Override
     public B setLastTransferTime(DateTime lastTransferTime) {
       getInstance().lastTransferTime = lastTransferTime;
       return thisCastToDerived();

core/src/main/java/google/registry/model/eppcommon/EppXmlTransformer.java

@@ -123,8 +123,7 @@ public class EppXmlTransformer  {
 
   public static byte[] marshal(EppOutput root, ValidationMode validation) throws XmlException {
     byte[] bytes = marshal(OUTPUT_TRANSFORMER, root, validation);
-    if (!RegistryEnvironment.PRODUCTION.equals(RegistryEnvironment.get())
-        && hasFeeExtension(root)) {
+    if (hasFeeExtension(root)) {
       return FeeExtensionXmlTagNormalizer.normalize(new String(bytes, UTF_8)).getBytes(UTF_8);
     }
     return bytes;

core/src/main/java/google/registry/model/eppcommon/ProtocolDefinition.java

@@ -16,11 +16,14 @@ package google.registry.model.eppcommon;
 
 import static com.google.common.collect.ImmutableSet.toImmutableSet;
 import static com.google.common.collect.Maps.uniqueIndex;
+import static google.registry.model.common.FeatureFlag.FeatureName.FEE_EXTENSION_1_DOT_0_IN_PROD;
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.VerifyException;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
+import google.registry.model.common.FeatureFlag;
 import google.registry.model.domain.fee06.FeeCheckCommandExtensionV06;
 import google.registry.model.domain.fee06.FeeCheckResponseExtensionV06;
 import google.registry.model.domain.fee11.FeeCheckCommandExtensionV11;
@@ -58,7 +61,7 @@ public class ProtocolDefinition {
   /** Enum representing which environments should have which service extensions enabled. */
   private enum ServiceExtensionVisibility {
     ALL,
-    ONLY_IN_NON_PRODUCTION,
+    FEE_1_DOT_0_EXTENSION_VISIBILITY,
     NONE
   }
 
@@ -82,7 +85,7 @@ public class ProtocolDefinition {
     FEE_1_00(
         FeeCheckCommandExtensionStdV1.class,
         FeeCheckResponseExtensionStdV1.class,
-        ServiceExtensionVisibility.ONLY_IN_NON_PRODUCTION),
+        ServiceExtensionVisibility.FEE_1_DOT_0_EXTENSION_VISIBILITY),
     METADATA_1_0(MetadataExtension.class, null, ServiceExtensionVisibility.NONE);
 
     private final Class<? extends CommandExtension> commandExtensionClass;
@@ -138,8 +141,9 @@ public class ProtocolDefinition {
     public boolean isVisible() {
       return switch (visibility) {
         case ALL -> true;
-        case ONLY_IN_NON_PRODUCTION ->
-            !RegistryEnvironment.get().equals(RegistryEnvironment.PRODUCTION);
+        case FEE_1_DOT_0_EXTENSION_VISIBILITY ->
+            !RegistryEnvironment.get().equals(RegistryEnvironment.PRODUCTION)
+                || tm().transact(() -> FeatureFlag.isActiveNow(FEE_EXTENSION_1_DOT_0_IN_PROD));
         case NONE -> false;
       };
     }

core/src/main/java/google/registry/model/host/HostBase.java

@@ -24,7 +24,6 @@ import static google.registry.util.DomainNameUtils.canonicalizeHostname;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.EppResource;
 import google.registry.model.domain.Domain;
-import google.registry.model.transfer.TransferData;
 import google.registry.persistence.VKey;
 import google.registry.persistence.converter.InetAddressSetUserType;
 import jakarta.persistence.Access;
@@ -41,8 +40,8 @@ import org.joda.time.DateTime;
 /**
  * A persistable Host resource including mutable and non-mutable fields.
  *
- * <p>A host's {@link TransferData} is stored on the superordinate domain. Non-subordinate hosts
- * don't carry a full set of TransferData; all they have is lastTransferTime.
+ * <p>A host's full transfer data is stored on the superordinate domain. Non-subordinate hosts don't
+ * carry a full set of TransferData; all they have is lastTransferTime.
  *
  * <p>This class deliberately does not include an {@link jakarta.persistence.Id} so that any
  * foreign-keyed fields can refer to the proper parent entity's ID, whether we're storing this in

core/src/main/java/google/registry/model/poll/PollMessage.java

@@ -32,14 +32,12 @@ import google.registry.model.domain.DomainRenewData;
 import google.registry.model.eppoutput.EppResponse.ResponseData;
 import google.registry.model.host.Host;
 import google.registry.model.host.HostHistory;
-import google.registry.model.poll.PendingActionNotificationResponse.ContactPendingActionNotificationResponse;
 import google.registry.model.poll.PendingActionNotificationResponse.DomainPendingActionNotificationResponse;
 import google.registry.model.poll.PendingActionNotificationResponse.HostPendingActionNotificationResponse;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
-import google.registry.model.transfer.TransferData.TransferServerApproveEntity;
+import google.registry.model.transfer.DomainTransferData.TransferServerApproveEntity;
 import google.registry.model.transfer.TransferResponse;
-import google.registry.model.transfer.TransferResponse.ContactTransferResponse;
 import google.registry.model.transfer.TransferResponse.DomainTransferResponse;
 import google.registry.persistence.VKey;
 import google.registry.persistence.WithVKey;
@@ -406,12 +404,8 @@ public abstract class PollMessage extends ImmutableObject
       if (pendingActionNotificationResponse != null) {
         // Promote the pending action notification response to its specialized type.
         if (contactId != null) {
-          pendingActionNotificationResponse =
-              ContactPendingActionNotificationResponse.create(
-                  pendingActionNotificationResponse.nameOrId.value,
-                  pendingActionNotificationResponse.getActionResult(),
-                  pendingActionNotificationResponse.getTrid(),
-                  pendingActionNotificationResponse.processedDate);
+          // Contacts are no longer supported
+          pendingActionNotificationResponse = null;
         } else if (domainName != null) {
           pendingActionNotificationResponse =
               DomainPendingActionNotificationResponse.create(
@@ -432,16 +426,8 @@ public abstract class PollMessage extends ImmutableObject
         // The transferResponse is currently an unspecialized TransferResponse instance, create the
         // appropriate subclass so that the value is consistently specialized
         if (contactId != null) {
-          transferResponse =
-              new ContactTransferResponse.Builder()
-                  .setContactId(contactId)
-                  .setGainingRegistrarId(transferResponse.getGainingRegistrarId())
-                  .setLosingRegistrarId(transferResponse.getLosingRegistrarId())
-                  .setTransferStatus(transferResponse.getTransferStatus())
-                  .setTransferRequestTime(transferResponse.getTransferRequestTime())
-                  .setPendingTransferExpirationTime(
-                      transferResponse.getPendingTransferExpirationTime())
-                  .build();
+          // Contacts are no longer supported
+          transferResponse = null;
         } else if (domainName != null) {
           transferResponse =
               new DomainTransferResponse.Builder()
@@ -488,9 +474,6 @@ public abstract class PollMessage extends ImmutableObject
 
         // Set identifier fields based on the type of the notification response.
         if (instance.pendingActionNotificationResponse
-            instanceof ContactPendingActionNotificationResponse) {
-          instance.contactId = instance.pendingActionNotificationResponse.nameOrId.value;
-        } else if (instance.pendingActionNotificationResponse
             instanceof DomainPendingActionNotificationResponse) {
           instance.domainName = instance.pendingActionNotificationResponse.nameOrId.value;
         } else if (instance.pendingActionNotificationResponse
@@ -507,9 +490,7 @@ public abstract class PollMessage extends ImmutableObject
                 .orElse(null);
 
         // Set the identifier according to the TransferResponse type.
-        if (instance.transferResponse instanceof ContactTransferResponse) {
-          instance.contactId = ((ContactTransferResponse) instance.transferResponse).getContactId();
-        } else if (instance.transferResponse instanceof DomainTransferResponse response) {
+        if (instance.transferResponse instanceof DomainTransferResponse response) {
           instance.domainName = response.getDomainName();
           instance.extendedRegistrationExpirationTime =
               response.getExtendedRegistrationExpirationTime();

core/src/main/java/google/registry/model/smd/SignedMarkRevocationList.java

@@ -21,7 +21,6 @@ import static google.registry.util.DateTimeUtils.isBeforeOrAt;
 import com.google.common.base.Supplier;
 import com.google.common.collect.ImmutableMap;
 import google.registry.model.ImmutableObject;
-import google.registry.tmch.RstTmchUtils;
 import jakarta.persistence.CollectionTable;
 import jakarta.persistence.Column;
 import jakarta.persistence.ElementCollection;
@@ -72,11 +71,6 @@ public class SignedMarkRevocationList extends ImmutableObject {
     return CACHE.get();
   }
 
-  // TODO(b/412715713): remove the tld parameter when RST completes.
-  public static SignedMarkRevocationList get(String tld) {
-    return RstTmchUtils.getSmdrList(tld).orElseGet(SignedMarkRevocationList::get);
-  }
-
   /** Create a new {@link SignedMarkRevocationList} without saving it. */
   public static SignedMarkRevocationList create(
       DateTime creationTime, ImmutableMap<String, DateTime> revokes) {

core/src/main/java/google/registry/model/tmch/ClaimsListDao.java

@@ -22,7 +22,6 @@ import com.github.benmanes.caffeine.cache.LoadingCache;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableMap;
 import google.registry.model.CacheUtils;
-import google.registry.tmch.RstTmchUtils;
 import java.time.Duration;
 import java.util.Optional;
 
@@ -73,11 +72,6 @@ public class ClaimsListDao {
     return CACHE.get(ClaimsListDao.class);
   }
 
-  // TODO(b/412715713): remove the tld parameter when RST completes.
-  public static ClaimsList get(String tld) {
-    return RstTmchUtils.getClaimsList(tld).orElseGet(ClaimsListDao::get);
-  }
-
   /**
    * Returns the most recent revision of the {@link ClaimsList} in SQL or an empty list if it
    * doesn't exist.

core/src/main/java/google/registry/model/transfer/BaseTransferObject.java

@@ -25,7 +25,7 @@ import jakarta.xml.bind.annotation.XmlElement;
 import jakarta.xml.bind.annotation.XmlTransient;
 import org.joda.time.DateTime;
 
-/** Fields common to {@link TransferData} and {@link TransferResponse}. */
+/** Fields common to {@link DomainTransferData} and {@link TransferResponse}. */
 @XmlTransient
 @MappedSuperclass
 public abstract class BaseTransferObject extends ImmutableObject implements UnsafeSerializable {

core/src/main/java/google/registry/model/transfer/ContactTransferData.java

@@ -1,48 +0,0 @@
-// Copyright 2020 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.transfer;
-
-import jakarta.persistence.Embeddable;
-
-/** Transfer data for contact. */
-@Embeddable
-public class ContactTransferData extends TransferData {
-  public static final ContactTransferData EMPTY = new ContactTransferData();
-
-  @Override
-  public boolean isEmpty() {
-    return EMPTY.equals(this);
-  }
-
-  @Override
-  protected Builder createEmptyBuilder() {
-    return new Builder();
-  }
-
-  @Override
-  public Builder asBuilder() {
-    return new Builder(clone(this));
-  }
-
-  public static class Builder extends TransferData.Builder<ContactTransferData, Builder> {
-    /** Create a {@link Builder} wrapping a new instance. */
-    public Builder() {}
-
-    /** Create a {@link Builder} wrapping the given instance. */
-    private Builder(ContactTransferData instance) {
-      super(instance);
-    }
-  }
-}

core/src/main/java/google/registry/model/transfer/DomainTransferData.java

@@ -14,14 +14,20 @@
 
 package google.registry.model.transfer;
 
+import static com.google.common.base.Preconditions.checkState;
+import static com.google.common.collect.ImmutableList.toImmutableList;
 import static google.registry.util.CollectionUtils.isNullOrEmpty;
+import static google.registry.util.CollectionUtils.nullToEmpty;
 
+import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
+import google.registry.model.Buildable;
 import google.registry.model.billing.BillingCancellation;
 import google.registry.model.billing.BillingEvent;
 import google.registry.model.billing.BillingRecurrence;
 import google.registry.model.domain.Period;
 import google.registry.model.domain.Period.Unit;
+import google.registry.model.eppcommon.Trid;
 import google.registry.model.poll.PollMessage;
 import google.registry.persistence.VKey;
 import google.registry.util.NullIgnoringCollectionBuilder;
@@ -36,9 +42,41 @@ import org.joda.time.DateTime;
 
 /** Transfer data for domain. */
 @Embeddable
-public class DomainTransferData extends TransferData {
+public class DomainTransferData extends BaseTransferObject implements Buildable {
   public static final DomainTransferData EMPTY = new DomainTransferData();
 
+  /** The transaction id of the most recent transfer request (or null if there never was one). */
+  @Embedded
+  @AttributeOverrides({
+    @AttributeOverride(
+        name = "serverTransactionId",
+        column = @Column(name = "transfer_server_txn_id")),
+    @AttributeOverride(
+        name = "clientTransactionId",
+        column = @Column(name = "transfer_client_txn_id"))
+  })
+  Trid transferRequestTrid;
+
+  @Column(name = "transfer_repo_id")
+  String repoId;
+
+  @Column(name = "transfer_history_entry_id")
+  Long historyEntryId;
+
+  // The pollMessageId1 and pollMessageId2 are used to store the IDs for gaining and losing poll
+  // messages in Cloud SQL.
+  //
+  // In addition, there may be a third poll message for the autorenew poll message on domain
+  // transfer if applicable.
+  @Column(name = "transfer_poll_message_id_1")
+  Long pollMessageId1;
+
+  @Column(name = "transfer_poll_message_id_2")
+  Long pollMessageId2;
+
+  @Column(name = "transfer_poll_message_id_3")
+  Long pollMessageId3;
+
   /**
    * The period to extend the registration upon completion of the transfer.
    *
@@ -107,15 +145,19 @@ public class DomainTransferData extends TransferData {
   @Column(name = "transfer_autorenew_poll_message_history_id")
   Long serverApproveAutorenewPollMessageHistoryId;
 
-  @Override
-  public Builder copyConstantFieldsToBuilder() {
-    return ((Builder) super.copyConstantFieldsToBuilder()).setTransferPeriod(transferPeriod);
-  }
-
   public Period getTransferPeriod() {
     return transferPeriod;
   }
 
+  public Long getHistoryEntryId() {
+    return historyEntryId;
+  }
+
+  @Nullable
+  public Trid getTransferRequestTrid() {
+    return transferRequestTrid;
+  }
+
   @Nullable
   public DateTime getTransferredRegistrationExpirationTime() {
     return transferredRegistrationExpirationTime;
@@ -141,12 +183,13 @@ public class DomainTransferData extends TransferData {
     return serverApproveAutorenewPollMessageHistoryId;
   }
 
-  @Override
   public ImmutableSet<VKey<? extends TransferServerApproveEntity>> getServerApproveEntities() {
     ImmutableSet.Builder<VKey<? extends TransferServerApproveEntity>> builder =
         new ImmutableSet.Builder<>();
-    builder.addAll(super.getServerApproveEntities());
     return NullIgnoringCollectionBuilder.create(builder)
+        .add(pollMessageId1 != null ? VKey.create(PollMessage.class, pollMessageId1) : null)
+        .add(pollMessageId2 != null ? VKey.create(PollMessage.class, pollMessageId2) : null)
+        .add(pollMessageId3 != null ? VKey.create(PollMessage.class, pollMessageId3) : null)
         .add(serverApproveBillingEvent)
         .add(serverApproveAutorenewEvent)
         .add(billingCancellationId)
@@ -154,16 +197,10 @@ public class DomainTransferData extends TransferData {
         .build();
   }
 
-  @Override
   public boolean isEmpty() {
     return EMPTY.equals(this);
   }
 
-  @Override
-  protected Builder createEmptyBuilder() {
-    return new Builder();
-  }
-
   @Override
   public Builder asBuilder() {
     return new Builder(clone(this));
@@ -186,7 +223,72 @@ public class DomainTransferData extends TransferData {
     }
   }
 
-  public static class Builder extends TransferData.Builder<DomainTransferData, Builder> {
+  /**
+   * Returns a fresh Builder populated only with the constant fields of this TransferData, i.e.
+   * those that are fixed and unchanging throughout the transfer process.
+   *
+   * <p>These fields are:
+   *
+   * <ul>
+   *   <li>transferRequestTrid
+   *   <li>transferRequestTime
+   *   <li>gainingClientId
+   *   <li>losingClientId
+   *   <li>transferPeriod
+   * </ul>
+   */
+  public Builder copyConstantFieldsToBuilder() {
+    return new Builder()
+        .setTransferPeriod(transferPeriod)
+        .setTransferRequestTrid(transferRequestTrid)
+        .setTransferRequestTime(transferRequestTime)
+        .setGainingRegistrarId(gainingClientId)
+        .setLosingRegistrarId(losingClientId);
+  }
+
+  /** Maps serverApproveEntities set to the individual fields. */
+  static void mapServerApproveEntitiesToFields(
+      Set<VKey<? extends TransferServerApproveEntity>> serverApproveEntities,
+      DomainTransferData transferData) {
+    if (isNullOrEmpty(serverApproveEntities)) {
+      transferData.pollMessageId1 = null;
+      transferData.pollMessageId2 = null;
+      transferData.pollMessageId3 = null;
+      return;
+    }
+    ImmutableList<Long> sortedPollMessageIds = getSortedPollMessageIds(serverApproveEntities);
+    if (!sortedPollMessageIds.isEmpty()) {
+      transferData.pollMessageId1 = sortedPollMessageIds.get(0);
+    }
+    if (sortedPollMessageIds.size() >= 2) {
+      transferData.pollMessageId2 = sortedPollMessageIds.get(1);
+    }
+    if (sortedPollMessageIds.size() >= 3) {
+      transferData.pollMessageId3 = sortedPollMessageIds.get(2);
+    }
+  }
+
+  /**
+   * Gets poll message IDs from the given serverApproveEntities and sorts the IDs in natural order.
+   */
+  private static ImmutableList<Long> getSortedPollMessageIds(
+      Set<VKey<? extends TransferServerApproveEntity>> serverApproveEntities) {
+    return nullToEmpty(serverApproveEntities).stream()
+        .filter(vKey -> PollMessage.class.isAssignableFrom(vKey.getKind()))
+        .map(vKey -> (long) vKey.getKey())
+        .sorted()
+        .collect(toImmutableList());
+  }
+
+  /**
+   * Marker interface for objects that are written in anticipation of a server approval, and
+   * therefore need to be deleted under any other outcome.
+   */
+  public interface TransferServerApproveEntity {
+    VKey<? extends TransferServerApproveEntity> createVKey();
+  }
+
+  public static class Builder extends BaseTransferObject.Builder<DomainTransferData, Builder> {
     /** Create a {@link Builder} wrapping a new instance. */
     public Builder() {}
 
@@ -195,6 +297,20 @@ public class DomainTransferData extends TransferData {
       super(instance);
     }
 
+    @Override
+    public DomainTransferData build() {
+      if (getInstance().pollMessageId1 != null) {
+        checkState(getInstance().repoId != null, "Repo id undefined");
+        checkState(getInstance().historyEntryId != null, "History entry undefined");
+      }
+      return super.build();
+    }
+
+    public Builder setTransferRequestTrid(Trid transferRequestTrid) {
+      getInstance().transferRequestTrid = transferRequestTrid;
+      return this;
+    }
+
     public Builder setTransferPeriod(Period transferPeriod) {
       getInstance().transferPeriod = transferPeriod;
       return this;
@@ -223,12 +339,13 @@ public class DomainTransferData extends TransferData {
       return this;
     }
 
-    @Override
     public Builder setServerApproveEntities(
         String repoId,
         Long historyId,
         ImmutableSet<VKey<? extends TransferServerApproveEntity>> serverApproveEntities) {
-      super.setServerApproveEntities(repoId, historyId, serverApproveEntities);
+      getInstance().repoId = repoId;
+      getInstance().historyEntryId = historyId;
+      mapServerApproveEntitiesToFields(serverApproveEntities, getInstance());
       mapBillingCancellationEntityToField(serverApproveEntities, getInstance());
       return this;
     }

core/src/main/java/google/registry/model/transfer/TransferData.java

@@ -1,205 +0,0 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.model.transfer;
-
-import static com.google.common.base.Preconditions.checkState;
-import static com.google.common.collect.ImmutableList.toImmutableList;
-import static google.registry.util.CollectionUtils.isNullOrEmpty;
-import static google.registry.util.CollectionUtils.nullToEmpty;
-
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
-import google.registry.model.Buildable;
-import google.registry.model.EppResource;
-import google.registry.model.eppcommon.Trid;
-import google.registry.model.poll.PollMessage;
-import google.registry.persistence.VKey;
-import google.registry.util.NullIgnoringCollectionBuilder;
-import jakarta.persistence.AttributeOverride;
-import jakarta.persistence.AttributeOverrides;
-import jakarta.persistence.Column;
-import jakarta.persistence.Embedded;
-import jakarta.persistence.MappedSuperclass;
-import java.util.Set;
-import javax.annotation.Nullable;
-
-/**
- * Common transfer data for {@link EppResource} types. Only applies to domains and contacts; hosts
- * are implicitly transferred with their superordinate domain.
- */
-@MappedSuperclass
-public abstract class TransferData extends BaseTransferObject implements Buildable {
-
-  /** The transaction id of the most recent transfer request (or null if there never was one). */
-  @Embedded
-  @AttributeOverrides({
-    @AttributeOverride(
-        name = "serverTransactionId",
-        column = @Column(name = "transfer_server_txn_id")),
-    @AttributeOverride(
-        name = "clientTransactionId",
-        column = @Column(name = "transfer_client_txn_id"))
-  })
-  Trid transferRequestTrid;
-
-  @Column(name = "transfer_repo_id")
-  String repoId;
-
-  @Column(name = "transfer_history_entry_id")
-  Long historyEntryId;
-
-  // The pollMessageId1 and pollMessageId2 are used to store the IDs for gaining and losing poll
-  // messages in Cloud SQL.
-  //
-  // In addition, there may be a third poll message for the autorenew poll message on domain
-  // transfer if applicable.
-  @Column(name = "transfer_poll_message_id_1")
-  Long pollMessageId1;
-
-  @Column(name = "transfer_poll_message_id_2")
-  Long pollMessageId2;
-
-  @Column(name = "transfer_poll_message_id_3")
-  Long pollMessageId3;
-
-  public abstract boolean isEmpty();
-
-  public Long getHistoryEntryId() {
-    return historyEntryId;
-  }
-
-  @Nullable
-  public Trid getTransferRequestTrid() {
-    return transferRequestTrid;
-  }
-
-  public ImmutableSet<VKey<? extends TransferServerApproveEntity>> getServerApproveEntities() {
-    return NullIgnoringCollectionBuilder.create(
-            new ImmutableSet.Builder<VKey<? extends TransferServerApproveEntity>>())
-        .add(pollMessageId1 != null ? VKey.create(PollMessage.class, pollMessageId1) : null)
-        .add(pollMessageId2 != null ? VKey.create(PollMessage.class, pollMessageId2) : null)
-        .add(pollMessageId3 != null ? VKey.create(PollMessage.class, pollMessageId3) : null)
-        .getBuilder()
-        .build();
-  }
-
-  @Override
-  public abstract Builder<?, ?> asBuilder();
-
-  protected abstract Builder<?, ?> createEmptyBuilder();
-
-  /**
-   * Returns a fresh Builder populated only with the constant fields of this TransferData, i.e.
-   * those that are fixed and unchanging throughout the transfer process.
-   *
-   * <p>These fields are:
-   *
-   * <ul>
-   *   <li>transferRequestTrid
-   *   <li>transferRequestTime
-   *   <li>gainingClientId
-   *   <li>losingClientId
-   *   <li>transferPeriod
-   * </ul>
-   */
-  public Builder<?, ?> copyConstantFieldsToBuilder() {
-    Builder<?, ?> newBuilder = createEmptyBuilder();
-    newBuilder
-        .setTransferRequestTrid(transferRequestTrid)
-        .setTransferRequestTime(transferRequestTime)
-        .setGainingRegistrarId(gainingClientId)
-        .setLosingRegistrarId(losingClientId);
-    return newBuilder;
-  }
-
-  /** Maps serverApproveEntities set to the individual fields. */
-  static void mapServerApproveEntitiesToFields(
-      Set<VKey<? extends TransferServerApproveEntity>> serverApproveEntities,
-      TransferData transferData) {
-    if (isNullOrEmpty(serverApproveEntities)) {
-      transferData.pollMessageId1 = null;
-      transferData.pollMessageId2 = null;
-      transferData.pollMessageId3 = null;
-      return;
-    }
-    ImmutableList<Long> sortedPollMessageIds = getSortedPollMessageIds(serverApproveEntities);
-    if (sortedPollMessageIds.size() >= 1) {
-      transferData.pollMessageId1 = sortedPollMessageIds.get(0);
-    }
-    if (sortedPollMessageIds.size() >= 2) {
-      transferData.pollMessageId2 = sortedPollMessageIds.get(1);
-    }
-    if (sortedPollMessageIds.size() >= 3) {
-      transferData.pollMessageId3 = sortedPollMessageIds.get(2);
-    }
-  }
-
-  /**
-   * Gets poll message IDs from the given serverApproveEntities and sorted the IDs in natural order.
-   */
-  private static ImmutableList<Long> getSortedPollMessageIds(
-      Set<VKey<? extends TransferServerApproveEntity>> serverApproveEntities) {
-    return nullToEmpty(serverApproveEntities).stream()
-        .filter(vKey -> PollMessage.class.isAssignableFrom(vKey.getKind()))
-        .map(vKey -> (long) vKey.getKey())
-        .sorted()
-        .collect(toImmutableList());
-  }
-
-  /** Builder for {@link TransferData} because it is immutable. */
-  public abstract static class Builder<T extends TransferData, B extends Builder<T, B>>
-      extends BaseTransferObject.Builder<T, B> {
-
-    /** Create a {@link Builder} wrapping a new instance. */
-    protected Builder() {}
-
-    /** Create a {@link Builder} wrapping the given instance. */
-    protected Builder(T instance) {
-      super(instance);
-    }
-
-    public B setTransferRequestTrid(Trid transferRequestTrid) {
-      getInstance().transferRequestTrid = transferRequestTrid;
-      return thisCastToDerived();
-    }
-
-    public B setServerApproveEntities(
-        String repoId,
-        Long historyId,
-        ImmutableSet<VKey<? extends TransferServerApproveEntity>> serverApproveEntities) {
-      getInstance().repoId = repoId;
-      getInstance().historyEntryId = historyId;
-      mapServerApproveEntitiesToFields(serverApproveEntities, getInstance());
-      return thisCastToDerived();
-    }
-
-    @Override
-    public T build() {
-      if (getInstance().pollMessageId1 != null) {
-        checkState(getInstance().repoId != null, "Repo id undefined");
-        checkState(getInstance().historyEntryId != null, "History entry undefined");
-      }
-      return super.build();
-    }
-  }
-
-  /**
-   * Marker interface for objects that are written in anticipation of a server approval, and
-   * therefore need to be deleted under any other outcome.
-   */
-  public interface TransferServerApproveEntity {
-    VKey<? extends TransferServerApproveEntity> createVKey();
-  }
-}

core/src/main/java/google/registry/rde/DomainToXjcConverter.java

@@ -23,7 +23,6 @@ import google.registry.model.domain.secdns.DomainDsData;
 import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.rde.RdeMode;
 import google.registry.model.transfer.DomainTransferData;
-import google.registry.model.transfer.TransferData;
 import google.registry.util.Idn;
 import google.registry.xjc.domain.XjcDomainNsType;
 import google.registry.xjc.domain.XjcDomainStatusType;
@@ -221,7 +220,7 @@ final class DomainToXjcConverter {
         && !Strings.isNullOrEmpty(model.getTransferData().getLosingRegistrarId());
   }
 
-  /** Converts {@link TransferData} to {@link XjcRdeDomainTransferDataType}. */
+  /** Converts {@link DomainTransferData} to {@link XjcRdeDomainTransferDataType}. */
   private static XjcRdeDomainTransferDataType convertTransferData(DomainTransferData model) {
     XjcRdeDomainTransferDataType bean = new XjcRdeDomainTransferDataType();
     bean.setTrStatus(

core/src/main/java/google/registry/tmch/RstTmchUtils.java

@@ -1,120 +0,0 @@
-// Copyright 2025 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.tmch;
-
-import static com.google.common.base.Suppliers.memoize;
-import static com.google.common.io.Resources.getResource;
-import static com.google.common.io.Resources.readLines;
-import static google.registry.tmch.RstTmchUtils.RstEnvironment.OTE;
-import static google.registry.tmch.RstTmchUtils.RstEnvironment.PROD;
-import static google.registry.util.RegistryEnvironment.SANDBOX;
-import static java.nio.charset.StandardCharsets.UTF_8;
-
-import com.google.common.base.Supplier;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.flogger.FluentLogger;
-import google.registry.model.smd.SignedMarkRevocationList;
-import google.registry.model.tmch.ClaimsList;
-import google.registry.util.RegistryEnvironment;
-import java.io.IOException;
-import java.net.URL;
-import java.util.Locale;
-import java.util.Optional;
-
-/**
- * Utilities supporting TMCH-related RST testing in the Sandbox environment.
- *
- * <p>For logistic reasons we must conduct RST testing in the Sandbox environments. RST tests
- * require the use of special labels hosted on their website. To isolate these labels from regular
- * customers conducting onboarding tests, we manually download the test files as resources, and
- * serve them up only to RST TLDs.
- */
-public class RstTmchUtils {
-  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
-
-  /**
-   * The RST environments.
-   *
-   * <p>We conduct both OTE and PROD RST tests in Sandbox.
-   */
-  enum RstEnvironment {
-    OTE,
-    PROD
-  }
-
-  private static final ImmutableMap<RstEnvironment, Supplier<Optional<ClaimsList>>> CLAIMS_CACHE =
-      ImmutableMap.of(
-          OTE, memoize(() -> getClaimsList(OTE)), PROD, memoize(() -> getClaimsList(PROD)));
-
-  private static final ImmutableMap<RstEnvironment, Supplier<Optional<SignedMarkRevocationList>>>
-      SMDRL_CACHE =
-          ImmutableMap.of(
-              OTE, memoize(() -> getSmdrList(OTE)), PROD, memoize(() -> getSmdrList(PROD)));
-
-  /** Returns appropriate test labels if {@code tld} is for RST testing; otherwise returns empty. */
-  public static Optional<ClaimsList> getClaimsList(String tld) {
-    return getRstEnvironment(tld).map(CLAIMS_CACHE::get).flatMap(Supplier::get);
-  }
-
-  /** Returns appropriate test labels if {@code tld} is for RST testing; otherwise returns empty. */
-  public static Optional<SignedMarkRevocationList> getSmdrList(String tld) {
-    return getRstEnvironment(tld).map(SMDRL_CACHE::get).flatMap(Supplier::get);
-  }
-
-  static Optional<RstEnvironment> getRstEnvironment(String tld) {
-    if (!RegistryEnvironment.get().equals(SANDBOX)) {
-      return Optional.empty();
-    }
-    if (tld.startsWith("cc-rst-test-")) {
-      return Optional.of(OTE);
-    }
-    if (tld.startsWith("zz--")) {
-      return Optional.of(PROD);
-    }
-    return Optional.empty();
-  }
-
-  private static Optional<ClaimsList> getClaimsList(RstEnvironment rstEnvironment) {
-    if (!RegistryEnvironment.get().equals(SANDBOX)) {
-      return Optional.empty();
-    }
-    String resourceName = rstEnvironment.name().toLowerCase(Locale.ROOT) + ".rst.dnl.csv";
-    URL resource = getResource(RstTmchUtils.class, resourceName);
-    try {
-      return Optional.of(ClaimsListParser.parse(readLines(resource, UTF_8)));
-    } catch (IOException e) {
-      // Do not throw.
-      logger.atSevere().withCause(e).log(
-          "Could not load Claims list %s for %s in Sandbox.", resourceName, rstEnvironment);
-      return Optional.empty();
-    }
-  }
-
-  private static Optional<SignedMarkRevocationList> getSmdrList(RstEnvironment rstEnvironment) {
-    if (!RegistryEnvironment.get().equals(SANDBOX)) {
-      return Optional.empty();
-    }
-    String resourceName = rstEnvironment.name().toLowerCase(Locale.ROOT) + ".rst.smdrl.csv";
-    URL resource = getResource(RstTmchUtils.class, resourceName);
-    try {
-      return Optional.of(SmdrlCsvParser.parse(readLines(resource, UTF_8)));
-    } catch (IOException e) {
-      // Do not throw.
-      logger.atSevere().withCause(e).log(
-          "Could not load SMDR list %s for %s in Sandbox.", resourceName, rstEnvironment);
-      return Optional.empty();
-    }
-  }
-}

core/src/main/java/google/registry/tools/BulkDomainTransferCommand.java

@@ -65,7 +65,7 @@ public class BulkDomainTransferCommand extends ConfirmingCommand implements Comm
 
   @Parameter(
       names = {"-d", "--domain_names_file"},
-      description = "A file with a list of newline-delimited domain names to create tokens for")
+      description = "A file with a list of newline-delimited domain names to transfer")
   private String domainNamesFile;
 
   @Parameter(
@@ -82,7 +82,7 @@ public class BulkDomainTransferCommand extends ConfirmingCommand implements Comm
 
   @Parameter(
       names = {"--reason"},
-      description = "Reason to transfer the domains",
+      description = "Reason to transfer the domains, possibly a bug number",
       required = true)
   private String reason;
 

core/src/main/java/google/registry/tools/RegistryToolEnvironment.java

@@ -91,7 +91,7 @@ public enum RegistryToolEnvironment {
 
   /** Sets up execution environment. Call this method before any classes are loaded. */
   @VisibleForTesting
-  void setup(SystemPropertySetter systemPropertySetter) {
+  public void setup(SystemPropertySetter systemPropertySetter) {
     instance = this;
     actualEnvironment.setup(systemPropertySetter);
     for (Map.Entry<String, String> entry : extraProperties.entrySet()) {

core/src/main/java/google/registry/ui/server/console/PasswordResetRequestAction.java

@@ -61,10 +61,6 @@ public class PasswordResetRequestAction extends ConsoleApiAction {
 
   @Override
   protected void postHandler(User user) {
-    // Temporary flag when testing email sending etc
-    if (!user.getUserRoles().isAdmin()) {
-      setFailedResponse("", HttpServletResponse.SC_FORBIDDEN);
-    }
     tm().transact(() -> performRequest(user));
     consoleApiParams.response().setStatus(HttpServletResponse.SC_OK);
   }

core/src/main/java/google/registry/ui/server/console/PasswordResetVerifyAction.java

@@ -23,6 +23,7 @@ import static google.registry.ui.server.console.PasswordResetRequestAction.check
 import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableMap;
 import google.registry.model.console.ConsolePermission;
+import google.registry.model.console.ConsoleUpdateHistory;
 import google.registry.model.console.PasswordResetRequest;
 import google.registry.model.console.User;
 import google.registry.model.registrar.Registrar;
@@ -59,11 +60,6 @@ public class PasswordResetVerifyAction extends ConsoleApiAction {
 
   @Override
   protected void getHandler(User user) {
-    // Temporary flag when testing email sending etc
-    if (!user.getUserRoles().isAdmin()) {
-      setFailedResponse("", HttpServletResponse.SC_FORBIDDEN);
-      return;
-    }
     PasswordResetRequest request = tm().transact(() -> loadAndValidateResetRequest(user));
     ImmutableMap<String, ?> result =
         ImmutableMap.of("type", request.getType(), "registrarId", request.getRegistrarId());
@@ -73,11 +69,6 @@ public class PasswordResetVerifyAction extends ConsoleApiAction {
 
   @Override
   protected void postHandler(User user) {
-    // Temporary flag when testing email sending etc
-    if (!user.getUserRoles().isAdmin()) {
-      setFailedResponse("", HttpServletResponse.SC_FORBIDDEN);
-      return;
-    }
     checkArgument(!Strings.isNullOrEmpty(newPassword.orElse(null)), "Password must be provided");
     tm().transact(
             () -> {
@@ -87,6 +78,16 @@ public class PasswordResetVerifyAction extends ConsoleApiAction {
                 case REGISTRY_LOCK -> handleRegistryLockPasswordReset(request);
               }
               tm().put(request.asBuilder().setFulfillmentTime(tm().getTransactionTime()).build());
+
+              finishAndPersistConsoleUpdateHistory(
+                  new ConsoleUpdateHistory.Builder()
+                      .setType(ConsoleUpdateHistory.Type.EPP_PASSWORD_UPDATE)
+                      .setDescription(
+                          String.format(
+                              "%s%s%s",
+                              request.getRegistrarId(),
+                              ConsoleUpdateHistory.DESCRIPTION_SEPARATOR,
+                              "Password reset fulfilled via verification code")));
             });
     consoleApiParams.response().setStatus(HttpServletResponse.SC_OK);
   }
@@ -110,6 +111,11 @@ public class PasswordResetVerifyAction extends ConsoleApiAction {
     PasswordResetRequest request =
         tm().loadByKeyIfPresent(VKey.create(PasswordResetRequest.class, verificationCode))
             .orElseThrow(this::createVerificationCodeException);
+
+    if (request.getFulfillmentTime().isPresent()) {
+      throw new IllegalArgumentException("This reset request has already been used.");
+    }
+
     ConsolePermission requiredVerifyPermission =
         switch (request.getType()) {
           case EPP -> ConsolePermission.MANAGE_USERS;

core/src/main/resources/google/registry/tmch/ote.rst.dnl.csv

@@ -1,10 +0,0 @@
-1,2024-09-13T02:21:12.0Z
-DNL,lookup-key,insertion-datetime
-test---validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test--validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test-and-validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test-andvalidate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test-validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-testand-validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-testandvalidate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-testvalidate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z

core/src/main/resources/google/registry/tmch/ote.rst.smdrl.csv

@@ -1,7 +0,0 @@
-1,2022-11-22T01:49:36.9Z
-smd-id,insertion-datetime
-0000001761385117375880-65535,2013-07-15T00:00:00.0Z
-0000001751501056761969-65535,2017-07-26T10:12:41.9Z
-000000541526299609231-65535,2018-05-14T17:52:23.7Z
-000000541602140609520-65535,2020-10-08T07:07:25.0Z
-000000541669081776937-65535,2022-11-22T01:49:36.9Z

core/src/main/resources/google/registry/tmch/prod.rst.dnl.csv

@@ -1,10 +0,0 @@
-1,2024-09-13T02:21:12.0Z
-DNL,lookup-key,insertion-datetime
-test---validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test--validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test-and-validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test-andvalidate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-test-validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-testand-validate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-testandvalidate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-testvalidate,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z

core/src/main/resources/google/registry/tmch/prod.rst.smdrl.csv

@@ -1,7 +0,0 @@
-1,2022-11-22T01:49:36.9Z
-smd-id,insertion-datetime
-0000001761385117375880-65535,2013-07-15T00:00:00.0Z
-0000001751501056761969-65535,2017-07-26T10:12:41.9Z
-000000541526299609231-65535,2018-05-14T17:52:23.7Z
-000000541602140609520-65535,2020-10-08T07:07:25.0Z
-000000541669081776937-65535,2022-11-22T01:49:36.9Z

core/src/test/java/google/registry/beam/rde/RdePipelineTest.java

@@ -235,10 +235,7 @@ public class RdePipelineTest {
     persistHostHistory(host1);
     Domain helloDomain =
         persistEppResource(
-            newDomain("hello.soy")
-                .asBuilder()
-                .addNameserver(host1.createVKey())
-                .build());
+            newDomain("hello.soy").asBuilder().addNameserver(host1.createVKey()).build());
     persistDomainHistory(helloDomain);
     persistHostHistory(persistActiveHost("not-used-subordinate.hello.soy"));
     Host host2 = persistActiveHost("ns1.hello.soy");

core/src/test/java/google/registry/flows/domain/DomainTransferFlowTestCase.java

@@ -41,7 +41,7 @@ import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.host.Host;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.tld.Tld;
-import google.registry.model.transfer.TransferData;
+import google.registry.model.transfer.DomainTransferData;
 import google.registry.model.transfer.TransferStatus;
 import google.registry.persistence.transaction.JpaTransactionManagerExtension;
 import org.joda.time.DateTime;
@@ -161,7 +161,8 @@ abstract class DomainTransferFlowTestCase<F extends Flow, R extends EppResource>
         .build();
   }
 
-  void assertTransferFailed(Domain domain, TransferStatus status, TransferData oldTransferData) {
+  void assertTransferFailed(
+      Domain domain, TransferStatus status, DomainTransferData oldTransferData) {
     assertAboutDomains()
         .that(domain)
         .doesNotHaveStatusValue(StatusValue.PENDING_TRANSFER)

core/src/test/java/google/registry/flows/domain/DomainTransferRejectFlowTest.java

@@ -54,7 +54,7 @@ import google.registry.model.poll.PollMessage;
 import google.registry.model.reporting.DomainTransactionRecord;
 import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.tld.Tld;
-import google.registry.model.transfer.TransferData;
+import google.registry.model.transfer.DomainTransferData;
 import google.registry.model.transfer.TransferResponse;
 import google.registry.model.transfer.TransferStatus;
 import org.joda.time.DateTime;
@@ -90,7 +90,7 @@ class DomainTransferRejectFlowTest
     assertMutatingFlow(true);
     DateTime originalExpirationTime = domain.getRegistrationExpirationTime();
     ImmutableSet<GracePeriod> originalGracePeriods = domain.getGracePeriods();
-    TransferData originalTransferData = domain.getTransferData();
+    DomainTransferData originalTransferData = domain.getTransferData();
     runFlowAssertResponse(loadFile(expectedXmlFilename));
     // Transfer should have been rejected. Verify correct fields were set.
     domain = reloadResourceByForeignKey();

core/src/test/java/google/registry/flows/domain/ProductionSimulatingFeeExtensionsTest.java

@@ -15,15 +15,21 @@
 package google.registry.flows.domain;
 
 import static com.google.common.truth.Truth.assertThat;
+import static google.registry.model.common.FeatureFlag.FeatureName.FEE_EXTENSION_1_DOT_0_IN_PROD;
+import static google.registry.tools.RegistryToolEnvironment.PRODUCTION;
+import static google.registry.util.DateTimeUtils.START_OF_TIME;
 
 import google.registry.model.eppcommon.ProtocolDefinition;
+import google.registry.tools.CommandTestCase;
+import google.registry.tools.ConfigureFeatureFlagCommand;
 import google.registry.util.RegistryEnvironment;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
 /** Class for testing the XML extension definitions loaded in the prod environment. */
-public class ProductionSimulatingFeeExtensionsTest {
+public class ProductionSimulatingFeeExtensionsTest
+    extends CommandTestCase<ConfigureFeatureFlagCommand> {
 
   private RegistryEnvironment previousEnvironment;
 
@@ -59,7 +65,7 @@ public class ProductionSimulatingFeeExtensionsTest {
   }
 
   @Test
-  void testProdEnvironment() {
+  void testProdEnvironment_feeExtensionFeatureNotSet() {
     RegistryEnvironment.PRODUCTION.setup();
     ProtocolDefinition.reloadServiceExtensionUris();
     // prod shouldn't have the fee extension version 1.0
@@ -72,4 +78,47 @@ public class ProductionSimulatingFeeExtensionsTest {
             "urn:ietf:params:xml:ns:fee-0.11",
             "urn:ietf:params:xml:ns:fee-0.12");
   }
+
+  @Test
+  void testProdEnvironment_feeExtensionFeatureActiveInTheFuture() throws Exception {
+    runCommandInEnvironment(
+        PRODUCTION,
+        FEE_EXTENSION_1_DOT_0_IN_PROD.name(),
+        "--force",
+        "--status_map",
+        String.format("%s=INACTIVE,%s=ACTIVE", START_OF_TIME, fakeClock.nowUtc().plusMillis(1)));
+    RegistryEnvironment.PRODUCTION.setup();
+    ProtocolDefinition.reloadServiceExtensionUris();
+    // prod shouldn't have the fee extension version 1.0
+    assertThat(ProtocolDefinition.getVisibleServiceExtensionUris())
+        .containsExactly(
+            "urn:ietf:params:xml:ns:launch-1.0",
+            "urn:ietf:params:xml:ns:rgp-1.0",
+            "urn:ietf:params:xml:ns:secDNS-1.1",
+            "urn:ietf:params:xml:ns:fee-0.6",
+            "urn:ietf:params:xml:ns:fee-0.11",
+            "urn:ietf:params:xml:ns:fee-0.12");
+  }
+
+  @Test
+  void testProdEnvironment_feeExtensionFeatureActiveInThePast() throws Exception {
+    runCommandInEnvironment(
+        PRODUCTION,
+        FEE_EXTENSION_1_DOT_0_IN_PROD.name(),
+        "--force",
+        "--status_map",
+        String.format("%s=INACTIVE,%s=ACTIVE", START_OF_TIME, fakeClock.nowUtc().minusMillis(1)));
+    RegistryEnvironment.PRODUCTION.setup();
+    ProtocolDefinition.reloadServiceExtensionUris();
+    // prod should have the fee extension version 1.0
+    assertThat(ProtocolDefinition.getVisibleServiceExtensionUris())
+        .containsExactly(
+            "urn:ietf:params:xml:ns:launch-1.0",
+            "urn:ietf:params:xml:ns:rgp-1.0",
+            "urn:ietf:params:xml:ns:secDNS-1.1",
+            "urn:ietf:params:xml:ns:fee-0.6",
+            "urn:ietf:params:xml:ns:fee-0.11",
+            "urn:ietf:params:xml:ns:fee-0.12",
+            "urn:ietf:params:xml:ns:epp:fee-1.0");
+  }
 }

core/src/test/java/google/registry/model/transfer/DomainTransferDataTest.java

@@ -29,8 +29,8 @@ import org.joda.time.DateTime;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
-/** Unit tests for {@link TransferData}. */
-public class TransferDataTest {
+/** Unit tests for {@link DomainTransferData}. */
+public class DomainTransferDataTest {
 
   private final DateTime now = DateTime.now(UTC);
 

core/src/test/java/google/registry/tmch/RstTmchUtilsIntTest.java

@@ -1,161 +0,0 @@
-// Copyright 2025 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.tmch;
-
-import static com.google.common.truth.Truth.assertThat;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-import static google.registry.util.RegistryEnvironment.PRODUCTION;
-import static google.registry.util.RegistryEnvironment.SANDBOX;
-import static org.joda.time.DateTime.now;
-import static org.joda.time.DateTimeZone.UTC;
-
-import com.google.common.base.Splitter;
-import google.registry.model.smd.SignedMarkRevocationList;
-import google.registry.model.smd.SignedMarkRevocationListDao;
-import google.registry.model.tmch.ClaimsListDao;
-import google.registry.persistence.transaction.JpaTestExtensions;
-import google.registry.testing.FakeClock;
-import google.registry.util.RegistryEnvironment;
-import java.util.stream.Stream;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.extension.RegisterExtension;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.Arguments;
-import org.junit.jupiter.params.provider.MethodSource;
-
-public class RstTmchUtilsIntTest {
-  private final FakeClock clock = new FakeClock();
-
-  @RegisterExtension
-  final JpaTestExtensions.JpaIntegrationTestExtension jpa =
-      new JpaTestExtensions.Builder().withClock(clock).buildIntegrationTestExtension();
-
-  private static final String TMCH_CLAIM_LABEL = "tmch";
-  // RST label found in *.rst.dnl.csv resources. Currently both files are identical
-  private static final String RST_CLAIM_LABEL = "test--validate";
-
-  private static final String TMCH_SMD_ID = "tmch";
-  // RST label found in *.rst.smdrl.csv resources. Currently both files are identical
-  private static final String RST_SMD_ID = "0000001761385117375880-65535";
-
-  private static final String TMCH_DNL =
-      """
-      1,2024-09-13T02:21:12.0Z
-      DNL,lookup-key,insertion-datetime
-      LABEL,2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001,2024-09-13T02:21:12.0Z
-      """
-          .replace("LABEL", TMCH_CLAIM_LABEL);
-
-  private static final String TMCH_SMDRL =
-      """
-      1,2022-11-22T01:49:36.9Z
-      smd-id,insertion-datetime
-      ID,2013-07-15T00:00:00.0Z
-      """
-          .replace("ID", TMCH_SMD_ID);
-
-  @BeforeEach
-  void setup() throws Exception {
-    Splitter lineSplitter = Splitter.on("\n").omitEmptyStrings().trimResults();
-    tm().transact(
-            () -> ClaimsListDao.save(ClaimsListParser.parse(lineSplitter.splitToList(TMCH_DNL))));
-    tm().transact(
-            () ->
-                SignedMarkRevocationListDao.save(
-                    SmdrlCsvParser.parse(lineSplitter.splitToList(TMCH_SMDRL))));
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getClaimsList_production(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      PRODUCTION.setup();
-      var claimsList = ClaimsListDao.get(tld);
-      assertThat(claimsList.getClaimKey(TMCH_CLAIM_LABEL)).isPresent();
-      assertThat(claimsList.getClaimKey(RST_CLAIM_LABEL)).isEmpty();
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getSmdrList_production(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      PRODUCTION.setup();
-      var smdrl = SignedMarkRevocationList.get(tld);
-      assertThat(smdrl.isSmdRevoked(TMCH_SMD_ID, now(UTC))).isTrue();
-      assertThat(smdrl.isSmdRevoked(RST_SMD_ID, now(UTC))).isFalse();
-      assertThat(smdrl.size()).isEqualTo(1);
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getClaimsList_sandbox(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      SANDBOX.setup();
-      var claimsList = ClaimsListDao.get(tld);
-      if (tld.equals("app")) {
-        assertThat(claimsList.getClaimKey(TMCH_CLAIM_LABEL)).isPresent();
-        assertThat(claimsList.getClaimKey(RST_CLAIM_LABEL)).isEmpty();
-      } else {
-        assertThat(claimsList.getClaimKey(TMCH_CLAIM_LABEL)).isEmpty();
-        // Currently ote and prod have the same data.
-        assertThat(claimsList.getClaimKey(RST_CLAIM_LABEL)).isPresent();
-      }
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getSmdrList_sandbox(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      SANDBOX.setup();
-      var smdrList = SignedMarkRevocationList.get(tld);
-      if (tld.equals("app")) {
-        assertThat(smdrList.size()).isEqualTo(1);
-        assertThat(smdrList.isSmdRevoked(TMCH_SMD_ID, now(UTC))).isTrue();
-        assertThat(smdrList.isSmdRevoked(RST_SMD_ID, now(UTC))).isFalse();
-      } else {
-        // Currently ote and prod have the same data.
-        assertThat(smdrList.size()).isEqualTo(5);
-        assertThat(smdrList.isSmdRevoked(TMCH_SMD_ID, now())).isFalse();
-        assertThat(smdrList.isSmdRevoked(RST_SMD_ID, now())).isTrue();
-      }
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  private static Stream<Arguments> provideTestCases() {
-    return Stream.of(
-        Arguments.of("NotRST", "app"),
-        Arguments.of("OTE", "cc-rst-test-tld-1"),
-        Arguments.of("PROD", "zz--idn-123"));
-  }
-}

core/src/test/java/google/registry/tmch/RstTmchUtilsTest.java

@@ -1,117 +0,0 @@
-// Copyright 2025 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.tmch;
-
-import static com.google.common.truth.Truth.assertThat;
-import static google.registry.tmch.RstTmchUtils.getClaimsList;
-import static google.registry.tmch.RstTmchUtils.getSmdrList;
-import static google.registry.util.RegistryEnvironment.PRODUCTION;
-import static google.registry.util.RegistryEnvironment.SANDBOX;
-
-import google.registry.util.RegistryEnvironment;
-import java.util.stream.Stream;
-import org.joda.time.DateTime;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.Arguments;
-import org.junit.jupiter.params.provider.MethodSource;
-
-public class RstTmchUtilsTest {
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getClaimsList_production(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      PRODUCTION.setup();
-      assertThat(getClaimsList(tld)).isEmpty();
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getSmdrList_production(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      PRODUCTION.setup();
-      assertThat(getSmdrList(tld)).isEmpty();
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getClaimsList_sandbox(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      SANDBOX.setup();
-      var claimsListOptional = getClaimsList(tld);
-      if (tld.equals("app")) {
-        assertThat(claimsListOptional).isEmpty();
-      } else {
-        // Currently ote and prod have the same data.
-        var claimsList = claimsListOptional.get();
-        assertThat(claimsList.getClaimKey("test-and-validate")).isPresent();
-        var labelsToKeys = claimsList.getLabelsToKeys();
-        assertThat(labelsToKeys).hasSize(8);
-        assertThat(labelsToKeys)
-            .containsEntry(
-                "test---validate", "2024091300/6/a/b/arJyPPf2CK7f21bVGne0qMgW0000000001");
-      }
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  @ParameterizedTest
-  @MethodSource("provideTestCases")
-  @SuppressWarnings("unused") // testCaseName
-  void getSmdrList_sandbox(String testCaseName, String tld) {
-    var currEnv = RegistryEnvironment.get();
-    try {
-      SANDBOX.setup();
-      var smdrListOptional = getSmdrList(tld);
-      if (tld.equals("app")) {
-        assertThat(smdrListOptional).isEmpty();
-      } else {
-        // Currently ote and prod have the same data.
-        var smdrList = smdrListOptional.get();
-        assertThat(smdrList.size()).isEqualTo(5);
-        assertThat(
-                smdrList.isSmdRevoked(
-                    "000000541526299609231-65535", DateTime.parse("2018-05-14T17:52:23.6Z")))
-            .isFalse();
-        assertThat(
-                smdrList.isSmdRevoked(
-                    "000000541526299609231-65535", DateTime.parse("2018-05-14T17:52:23.7Z")))
-            .isTrue();
-      }
-    } finally {
-      currEnv.setup();
-    }
-  }
-
-  private static Stream<Arguments> provideTestCases() {
-    return Stream.of(
-        Arguments.of("NotRST", "app"),
-        Arguments.of("OTE", "cc-rst-test-tld-1"),
-        Arguments.of("PROD", "zz--idn-123"));
-  }
-}

core/src/test/java/google/registry/tmch/TmchTestDataExpirationTest.java

@@ -57,7 +57,7 @@ class TmchTestDataExpirationTest {
     String tmchData = loadFile(TmchTestDataExpirationTest.class, filePath);
     EncodedSignedMark smd = TmchData.readEncodedSignedMark(tmchData);
     try {
-      tmchUtils.verifyEncodedSignedMark("", smd, DateTime.now(UTC));
+      tmchUtils.verifyEncodedSignedMark(smd, DateTime.now(UTC));
     } catch (EppException e) {
       throw new AssertionError("Error verifying signed mark " + filePath, e);
     }

core/src/test/java/google/registry/tools/CommandTestCase.java

@@ -94,7 +94,8 @@ public abstract class CommandTestCase<C extends Command> {
     System.setErr(oldStderr);
   }
 
-  void runCommandInEnvironment(RegistryToolEnvironment env, String... args) throws Exception {
+  protected void runCommandInEnvironment(RegistryToolEnvironment env, String... args)
+      throws Exception {
     env.setup(systemPropertyExtension);
     try {
       JCommander jcommander = new JCommander(command);

core/src/test/java/google/registry/ui/server/console/PasswordResetVerifyActionTest.java

@@ -34,7 +34,6 @@ import java.util.Optional;
 import javax.annotation.Nullable;
 import org.joda.time.Duration;
 import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
 /** Tests for {@link PasswordResetVerifyAction}. */
@@ -111,28 +110,24 @@ public class PasswordResetVerifyActionTest extends ConsoleActionBaseTestCase {
   }
 
   @Test
-  @Disabled("Enable when testing is done in sandbox and isAdmin check is removed")
   void testFailure_get_epp_badPermission() throws Exception {
     createAction(createTechUser(), "GET", verificationCode, null).run();
     assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN);
   }
 
   @Test
-  @Disabled("Enable when testing is done in sandbox and isAdmin check is removed")
   void testFailure_get_lock_badPermission() throws Exception {
     createAction(createAccountManager(), "GET", verificationCode, null).run();
     assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN);
   }
 
   @Test
-  @Disabled("Enable when testing is done in sandbox and isAdmin check is removed")
   void testFailure_post_epp_badPermission() throws Exception {
     createAction(createTechUser(), "POST", verificationCode, "newPassword").run();
     assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN);
   }
 
   @Test
-  @Disabled("Enable when testing is done in sandbox and isAdmin check is removed")
   void testFailure_post_lock_badPermission() throws Exception {
     createAction(createAccountManager(), "POST", verificationCode, "newPassword").run();
     assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN);

db/src/main/resources/sql/flyway.txt

@@ -218,3 +218,5 @@ V217__drop_contact_fks_pollmessage.sql
 V218__tld_drop_allowedregistrantcontactids.sql
 V219__domain_history_package_token_idx.sql
 V220__domain_package_token_idx.sql
+V221__remove_contact_history.sql
+V222__remove_contact.sql

db/src/main/resources/sql/flyway/V221__remove_contact_history.sql

@@ -0,0 +1,15 @@
+-- Copyright 2026 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DROP TABLE IF EXISTS "ContactHistory";

db/src/main/resources/sql/flyway/V222__remove_contact.sql

@@ -0,0 +1,15 @@
+-- Copyright 2026 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DROP TABLE IF EXISTS "Contact";