Skip to content

v11.20.0

Choose a tag to compare

View all tags
@turbomam turbomam released this 10 Jun 21:19
· 40 commits to main since this release
v11.20.0
957134b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

This release adds JGI isolate modeling and moves the MIxS base to v6.3.0.

  • JGI isolate modeling: new Organism, OrganismSample, Isolation, and Culturing classes, updated analysis types, and InstrumentModelEnum additions (sequel_IIe, OBI mappings, is_a hierarchy).
  • OrganismSample slot changes: added expected_organism and sample_isolation_method; removed sample_isolated_from and sample_growth_conditions (#3155).
  • Range/value changes: gc_content is now float with minimum and maximum (#3094); estimated_size is integer base pairs with a maximum (#3091, #3127).
  • MIxS updated to v6.3.0 from v6.2.x (#3177).

No data migration is required.

For consumers: upgrade to nmdc-schema==11.20.0. requires-python is now >=3.10,<3.14, and the internal click cap was widened so linkml 1.11 resolves.

What's Changed

  • Add Organism, OrganismSample, Isolation, Culturing classes for JGI isolate workflows by @turbomam in #2977
  • Bump urllib3 from 2.6.3 to 2.7.0 by @dependabot[bot] in #3062
  • fix: stop CodeQL false-positives on Ruby and JS scans by @turbomam in #3063
  • Upgrade Node20 workflow actions to Node24-compatible pinned versions by @Copilot in #3067
  • Bump pymdown-extensions from 10.20 to 10.21.3 by @dependabot[bot] in #3083
  • Bump idna from 3.10 to 3.15 by @dependabot[bot] in #3082
  • 3017 update analysis types to support isolate modeling by @aclum in #3084
  • estimated_size: integer range, drop bp-suffix machinery (#3090) by @turbomam in #3091
  • Upgrade and pin third-party actions using commit hashes by @pkalita-lbl in #3104
  • Add sequel_IIe to InstrumentModelEnum by @sujaypatil96 in #3106
  • Pin urllib3 and idna to patched versions (2026-05-21 Dependabot alerts) by @Copilot in #3097
  • Resolve CodeQL alerts for regex range parsing and workflow permission hardening by @Copilot in #3103
  • Address targeted CodeQL reliability/maintainability findings in Python and JS utilities by @Copilot in #3099
  • Address AI code-quality findings in migrator, schema customizations, and validation tests by @Copilot in #3101
  • Add OBI meaning: to novaseq, hiseq, nextseq InstrumentModelEnum PVs by @turbomam in #3116
  • Fix code quality findings across hand-written modules by @turbomam in #3115
  • Fix 4 misclassified mapping predicates by @turbomam in #3117
  • Assert PV is_a hierarchies in InstrumentModelEnum by @turbomam in #3121
  • Change gc_content's range to float and add minimum and maximum values by @aclum in #3094
  • Remove unused imports from migrator infrastructure modules by @turbomam in #3119
  • Add CodeQL workflow with path exclusions for generated files by @turbomam in #3128
  • Reduce redundant mapping-source calls and harden ontology alignment embedding flow by @Copilot in #3126
  • Add maximum_value to estimated_size (closes #3122) by @turbomam in #3127
  • Remove SPARQL query files and unreferenced OWL customization artifact by @turbomam in #3132
  • Remove unused FMA prefix and dead commented code by @turbomam in #3133
  • Remove dead scripts: get_json_schema.py and ncbi_postgres_nmdc_exact_term_matching.py by @turbomam in #3139
  • Remove underscores from nitrate/nitrite slot titles by @turbomam in #3142
  • Add SECURITY.md with private vulnerability reporting guidance by @turbomam in #3144
  • Set persist-credentials: false on non-pushing workflow checkouts by @turbomam in #3146
  • CLAUDE.md: routinely run actionlint + zizmor on workflows by @turbomam in #3150
  • Add zizmor workflow security audit (non-blocking, reports to code scanning) by @turbomam in #3149
  • CLAUDE.md: cross-reference contributor docs; add dependency, migrator, and build gotchas by @turbomam in #3151
  • Pin upload-sarif to its commit SHA (fixes zizmor ref-version-mismatch) by @turbomam in #3152
  • gitignore uv.lock (interim, while this is a Poetry repo) by @turbomam in #3153
  • Correct package license to CC0-1.0 to match the LICENSE file by @turbomam in #3154
  • Fix JGI isolate structured_aliases: real source URL, exhaustive subset, sever ref_biomaterial↔Reference Genome by @turbomam in #3157
  • Remove sample_isolated_from and sample_growth_conditions from OrganismSample (#3131) by @turbomam in #3155
  • Resolve open zizmor code-scanning alerts in workflows by @turbomam in #3160
  • Clear zizmor pedantic-persona findings in workflows by @turbomam in #3162
  • Fix two high-importance security findings in src/scripts by @turbomam in #3163
  • Consolidate Python linters into ruff; add lint + dependabot automation by @turbomam in #3167
  • Bump the github-actions group with 2 updates by @dependabot[bot] in #3168
  • Dependabot pip: versioning-strategy lockfile-only (stop propagating floor bumps to consumers) by @turbomam in #3170
  • Use latest linkml 1.11.1 / click 8.4.1 in lock; widen click cap, cap python <3.14 by @turbomam in #3171
  • Make the mixs build reproduce host_taxid/estimated_size/16S curation (close provenance gap) by @turbomam in #3172
  • Replace deprecated linkml lint --validate-only with linkml validate by @turbomam in #3175
  • Pin poetry 2.4.1 in CI + add poetry check gate (fix lock-sync drift) by @turbomam in #3176
  • Implement function that returns mapping from class name to typecodes by @eecavanna in #3174
  • Bump all MIxS version references to v6.3.0 by @turbomam in #3177

Full Changelog: v11.19.1...v11.20.0

Contributors

aclum, sujaypatil96, and 4 other contributors
Assets 2
Loading