.4.0: WIP on feature/opends-0.4.0

.github/workflows/build.yaml

@@ -31,20 +31,27 @@ jobs:
       - name: Trivy - List all vulnerabilities
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: ${{ env.REPO_LC }}
+          image-ref: '${{ github.event.repository.name }}'
           format: 'table'
           ignore-unfixed: true
           vuln-type: 'os,library'
+        env:
+          TRIVY_SKIP_DB_UPDATE: true
+          TRIVY_SKIP_JAVA_DB_UPDATE: true
       - name: Trivy - Stop on Severe Vulnerabilities
         uses: aquasecurity/trivy-action@master
+        if: github.event_name == 'pull_request'
         with:
-          image-ref: ${{ env.REPO_LC }}
+          image-ref: '${{ github.event.repository.name }}'
           format: 'table'
           ignore-unfixed: true
           trivyignores: .github/workflows/.trivyignore
           exit-code: '1'
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
+        env:
+          TRIVY_SKIP_DB_UPDATE: true
+          TRIVY_SKIP_JAVA_DB_UPDATE: true
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v4

.github/workflows/cache-trivy.yml

@@ -0,0 +1,31 @@
+name: Update Trivy Cache
+
+on:
+  schedule:
+    - cron: '0 0 * * *'  # Run daily at midnight UTC
+  workflow_dispatch:  # Allow manual triggering
+
+jobs:
+  update-trivy-db:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
+      - name: Download and extract the Trivy vulnerability DB
+        run: |
+          mkdir -p $GITHUB_WORKSPACE/.cache/trivy/db
+          oras pull ghcr.io/aquasecurity/trivy-db:2
+          tar -xzf db.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/db
+          rm db.tar.gz
+      - name: Download and extract the Trivy Java DB
+        run: |
+          mkdir -p $GITHUB_WORKSPACE/.cache/trivy/java-db
+          oras pull ghcr.io/aquasecurity/trivy-java-db:1
+          tar -xzf javadb.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/java-db
+          rm javadb.tar.gz
+      - name: Cache Trivy DBs
+        uses: actions/cache/save@v4
+        with:
+          path: ${{ github.workspace }}/.cache/trivy
+          key: cache-trivy-${{ steps.date.outputs.date }}

data-model/fdo-type/digital-specimen/0.4.0/schema/digital-specimen.json

@@ -122,6 +122,13 @@
         "Chelicerata collection (TSZCh) The Arctic University Museum of Norway"
       ]
     },
+    "ods:livingOrPreserved": {
+      "description": "Whether the specimen is living or preserved",
+      "enum": [
+        "Living",
+        "Preserved"
+      ]
+    },
     "ods:metadataLanguages": {
       "type": "array",
       "description": "The language of the Digital Specimen metadata. Only indicate, not enforced. Recommended to use three letter code from ISO 639-2 codes found on https://id.loc.gov/vocabulary/iso639-2.html",
@@ -379,6 +386,13 @@
         "% biomass"
       ]
     },
+    "dwc:verbatimLabel": {
+      "type": "string",
+      "description": "The content of this term should include no embellishments, prefixes, headers or other additions made to the text. Abbreviations must not be expanded and supposed misspellings must not be corrected. Lines or breakpoints between blocks of text that could be verified by seeing the original labels or images of them may be used. Examples of material entities include preserved specimens, fossil specimens, and material samples. Best practice is to use UTF-8 for all characters",
+      "examples": [
+        "ILL: Union Co. Wolf Lake by Powder Plant Bridge. 1 March 1975 Coll. S. Ketzler, S. Herbert\n\nMonotoma longicollis 4 ♂ Det TC McElrath 2018\n\nINHS Insect Collection 456782"
+      ]
+    },
     "dwc:dynamicProperties": {
       "type": "string",
       "description": "A list of additional measurements, facts, characteristics, or assertions about the record. Meant to provide a mechanism for structured content",