V4.21.0

Liquibase v4.21.0 is a major release

Notable Changes

[PRO] Observability Initiative - Structured Logging

Structured Logging makes Liquibase operation data easily available for automated monitoring and analysis tools to read, query, and act upon in automated workflows. This feature significantly improves the way Liquibase logs its actions and events to make records machine-readable, easily-ingested, and queryable by industry-standard observability and analysis tools. Learn more at https://docs.liquibase.com/structured-logging

Command refactoring

• Refactor update-to-tag command step (DAT-6641) by @StevenMassaro in #3916
• Refactor update-to-tag-SQL command step (DAT-6642) by @StevenMassaro in #3917
• Refactor Rollback and RollbackSQL command by @filipelautert in #3991
• Refactor ListLocksCommand by @filipelautert in #3952
• Refactor ReleaseLocksCommand by @filipelautert in #3953
• Refactoring of rollbackCount[SQL] commands by @filipelautert in #4077
• Refactor update, updateSql, updateCount, updateCountSql to use Command framework (DAT-6600/DAT-6601) by @abrackx in #3866
• Refactor update to use command framework DAT-6600 by @abrackx in liquibase/liquibase-pro#849

Enhancements

• [PRO] New runWithSpoolFile attribute for runWith changesets DAT-12881 by @wwillard7800 in #3864
• New update summary output table for update commands DAT-13182 by @wwillard7800 in #3812

Security, Driver and other updates

• [PRO] Bump logback-classic from 1.4.5 to 1.4.6 by @dependabot in liquibase/liquibase-pro#884
• [PRO] Bump flatten-maven-plugin from 1.3.0 to 1.4.0 by @dependabot in liquibase/liquibase-pro#893
• [PRO] Bump postgresql from 42.5.4 to 42.6.0 by @dependabot in liquibase/liquibase-pro#892
• [PRO] Bump jacoco-maven-plugin from 0.8.8 to 0.8.9 by @dependabot in liquibase/liquibase-pro#925
• [PRO] Snakeyaml 2.0 by @filipelautert in liquibase/liquibase-pro#858
• Bump targetMavenVersion from 3.8.7 to 3.9.0 by @dependabot in #3785
• Bump actions/cache from 3.2.6 to 3.3.0 by @dependabot in #3936
• Bump maven-plugin-plugin from 3.7.1 to 3.8.1 by @dependabot in #3871
• Bump maven-compiler-plugin from 3.10.1 to 3.11.0 by @dependabot in #3870
• Bump snowflake-jdbc from 3.13.27 to 3.13.28 by @dependabot in #3863
• Bump sqlite-jdbc from 3.40.1.0 to 3.41.0.0 by @dependabot in #3862
• Bump maven-assembly-plugin from 3.4.2 to 3.5.0 by @dependabot in #3
• Bump snowflake-jdbc from 3.13.28 to 3.13.29 by @dependabot in #3981
• Bump postgresql from 42.5.4 to 42.6.0 by @dependabot in #3982
• Bump maven-resources-plugin from 3.3.0 to 3.3.1 by @dependabot in #4025
• Bump mariadb-java-client from 3.1.2 to 3.1.3 by @dependabot in #4006
• Bump slf4j-jdk14 from 2.0.6 to 2.0.7 by @dependabot in #3979
• Bump targetMavenVersion from 3.9.0 to 3.9.1 by @dependabot in #3980
• Bump actions/cache from 3.3.0 to 3.3.1 by @dependabot in #3948
• Bump maven-deploy-plugin from 3.1.0 to 3.1.1 by @dependabot in #4026
• Bump maven-install-plugin from 3.1.0 to 3.1.1 by @dependabot in #4027
• Bump sqlite-jdbc from 3.41.0.0 to 3.41.2.1 by @dependabot in #4028
• Upgrade maven-javadoc-plugin version to 3.5.0 by @MalloD12 in #3973
• Release liquibase-cdi-jakarta to maven repositories by @DCCSKrezovic in #4001
• Upgrade spring 5 version by @filipelautert in #4015
• Snakeyaml 2.0 by @filipelautert in #3893
• Upgrade AdoptOpenJDK bundled in the JVM installer to version 17.0.6+10 by @MalloD12 in #3900

Fixes

• [PRO] DAT-12881 Implement runWithSpoolFile attribute and createSpool property to control use of Oracle spooling by @wwillard7800 in liquibase/liquibase-pro#843
• [PRO] DAT-12814: '--rollback-on-error' should return ERROR and return code 1 when update fails by @StevenMassaro in liquibase/liquibase-pro#905
• [PRO] DAT-13968 Added missing overwrite property by @wwillard7800 in liquibase/liquibase-pro#895
• [PRO] DAT-13667 Make sure exception from SQLCMD is propagated back to be displayed by @wwillard7800 in liquibase/liquibase-pro#902
• [PRO] DAT-14096 Handle existence of a file extension when creating spool/sql/log files by @wwillard7800 in liquibase/liquibase-pro#913
• [PRO] DAT-13994: strip leading slashes from contexts by @StevenMassaro in liquibase/liquibase-pro#921
• ChangelogSync family to CommandStep refactoring by @filipelautert in #3859
• Improved concurrency support in ReflectionSerializer by @Dasiu in #3840
• Make Pattern instance variables and avoid recalculating each time by @arturobernalg in #3656
• Java 8 improvements by @arturobernalg in #3712
• Map 'double' to SQL type 'DOUBLE PRECISION' for an Oracle database (CORE-3165) by @maartenc in #3707
• Rollback Snakeyaml default config to allow duplicate keys by @filipelautert in #3939
• Upgrades snakeyaml for installer by @filipelautert in #3943
• DAT-12842 by @sayaliM0412 in #3909
• Improve use of generics in code by @arturobernalg in #3797
• DAT-12842 by @sayaliM0412 in #3963
• Performance Improvement: optimized DatabaseChangeLog.normalizePath() by @nvoxland in #3853
• Clear entries from MDC map on scope exit by @amrasarfeiniel in #3927
• [3910] fix missing OSGI manifest entries for service loaders by @jherkel in #3912
• Fixes #3734 MySQL ENUM and SET column type by @nwcm in #3842
• Change Index.setTable method to take a Relation parameter DAT-13676 by @wwillard7800 in #3987
• only set the execType to RERAN, if the changeset was actually executed by @AlexGruebel in #3926
• Create the change exec listener earlier so that it is available if there is an exception DAT-13939 by @wwillard7800 in #3954
• [3906] Don't break Liquibase if a resolveable hostname is not found by @filipelautert in #3960
• Rename ON_MISSING_INCLUDE_FILE configuration and property names by @MalloD12 in #3899
• Load XSD files under OSGI by @ponziani in #3378
• Fixes #3083 MySQL JSON length issue by @nwcm in #3849
• Prevention of NullpointerException (unboxing) in generate-changelog with MS SQL Server by @barthel in #3903
• Issue 3619 - Allow control of recursion for includeAll via minDepth and maxDepth attributes by @jasonlyle88 in #3620
• Avoid String concatenation in loop. by @arturobernalg in #3668
• fix NullPointerException in ResourceAccessor by @StevenMassaro in #4040
• Lowers message log level. by @filipelautert in #4046
• Remove potentially sensitive information from --monitor-performance by @nvoxland in #3640
• Add mirror-console-messages-to-log parameter (DAT-13802) by @abrackx in #4032
• Do not ignore DatabaseException for Snowflake by @filipelautert in #4034
• Fix DB-Doc generation of Unique Constraints for Sybase ASE database. by @crenan in #3911
• Lowers Snakeyaml log level for warning stack traces by @filipelautert in #4062
• Remove unused parameters and local variables by @arturobernalg in #3857
• Do not show update summary for updateCountSql or updateTagSql DAT-14107 by @wwillard7800 in #4060
• add additional infor...

v4.20.0

Liquibase v4.20.0 is a patch release

API Breaking Changes

• Remove Liquibase Hub auto-registration prompts and no longer support new Liquibase Hub registrations. Please get in touch with customer support with any questions. (DAT-13419) by @StevenMassaro in #3886
• Refactor of commands: diff, diffchangelog, generatechangelog DAT-6606, DAT-6607, DAT-6623, DAT-6613 by @filipelautert in #3775

Enhancements

• Automate deployment of XSDs to new beta landing site by @sayaliM0412 in #3867
• Issue 3584: Add support for relativeToChangelogFile for ChangeLogProperty class/property attribute by @jasonlyle88 in #3595
• Jakartaee CDI for liquibase by @xazap in #3642
• Use variable for maven version by @StevenMassaro in #3895
• More maven version pinning by @StevenMassaro in #3887
• Update db changelog xsd to 4.20 by @suryaaki2 in #3918
• [PRO] Refactor of commands: diff, diffchangelog, generatechangelog DAT-6606, DAT-6607 and DAT-6613 by @filipelautert in liquibase/liquibase-pro#824
• [PRO] Update pro xsd and flow schema to 4.20 by @suryaaki2 in liquibase/liquibase-pro#861

Security, Driver and other updates

• Bump actions/cache from 3.2.5 to 3.2.6 by @dependabot in #3851
• [PRO] Bump jsqlparser from 4.5 to 4.6 by @dependabot in liquibase/liquibase-pro#842
• [PRO] Bump mockito-core from 3.8.0 to 3.12.4 by @dependabot in liquibase/liquibase-pro#845
• [PRO] Bump actions/checkout from 2 to 3 by @dependabot in liquibase/liquibase-pro#846
• [PRO] Bump actions/setup-java from 2 to 3 by @dependabot in liquibase/liquibase-pro#847
• [PRO] Bump schdck/create-env-json from 1 to 2 by @dependabot in liquibase/liquibase-pro#848
• [PRO] Bump maven-compiler-plugin from 3.10.1 to 3.11.0 by @dependabot in liquibase/liquibase-pro#850

Fixes

• Safely call snakeyaml methods that have been changed in last versions. by @filipelautert in #3904
• Only show structured log license message after value providers are registered (DAT-13362) by @StevenMassaro in #3850
• Pin maven version for sonar scan by @StevenMassaro in #3880
• Fix CheckSum generation issues + improvements by @MalloD12 in #3616
• Structured logging MdcKey renaming by @StevenMassaro in #3875
• Revert "Fix CheckSum generation issues + CURRENT_CHECKSUM_ALGORITHM_VERSION updated from 8 to 9." by @filipelautert in #3892
• [PRO] only show structured log license message after value providers are registered (DAT-13362) by @StevenMassaro in liquibase/liquibase-pro#839
• [PRO] Pin maven to 3.8.7 by @wwillard7800 in liquibase/liquibase-pro#855
• [PRO] GitHub action maven version pin by @StevenMassaro in liquibase/liquibase-pro#859

New Contributors

• @sayaliM0412 made their first contribution in #3867
• @jasonlyle88 made their first contribution in #3595
• @xazap made their first contribution in #3642

Full Changelog: v4.19.1...v4.20.0

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality
• liquibase-x.y.z.tar.gz -- Archive in tar.gz format
• liquibase-x.y.z.zip -- Archive in zip format
• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows
• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS
• Primary Libraries - For embedding in other software
  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • liquibase-commerical-x.y.z.jar – Additional commercial functionality
• liquibase-additional-x.y.z.zip – Contains additional, less commonly used files
  • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
  • Javadocs for all the libraries
  • Source archives for all the open source libraries
  • ASC/MD5/SHA1 verification hashes for all files

v4.19.1

Liquibase v4.19.1 is a patch release

Enhancements

• Publish liquibase-extension-testing to github packages (DAT-12833) by @abrackx in #3697
• Add support for multiple schemas to dbDoc command by @zpanderson in #1834
• No need redundant conditions. by @arturobernalg in #3553
• Replace expressions with type arguments with diamond type <>. by @arturobernalg in #3591
• Remove duplicate conditions in expressions and branches of if statements. They are used due to oversight. by @arturobernalg in #3548
• Replace constant charset String literal with the predefined StandardC… by @arturobernalg in #3568
• Normalize path of SQL changelog file when parsing (DAT-11891) by @StevenMassaro in #3664
• Delegate change set equality tests by @droy-sandbox in #3550
• (DAT-6636)Refactor of TagExistsCommandStep and extraction of code to new LockServiceCommandStep by @filipelautert in #3667
• Refactors CalculateChecksumCommandStep by @filipelautert in #3696
• CORE-3044 avoid locking if no updates pending by @RichardBradley in #2190
• Warning in case of missing liquibase files instead of throwing an exception by @mhewedy in #3081
• Remove redundant modifiers. by @arturobernalg in #3594
• Update maven-bundle-plugin instructions to export package containing XSD files by @GeertZondervan in #3597
• Remove redundant conditions that covered by a subsequent condition. by @arturobernalg in #3590
• Add support for db2 view comments (DAT-12529) by @abrackx in #3723
• Remove unnecessary cast expressions. by @arturobernalg in #3670
• Performance improvements by @filipelautert in #3588
• Implemented a summary of change sets which get filtered out during update (DAT-12068) by @wwillard7800 in #3730
• Support tabular format for history command by @fbiville in #3541
• Remove Unnecessary operation/modifier: by @arturobernalg in #3657
• Update and rename bug_report.md to bug_report.yaml by @kevin-atx in #3728
• Improve command line help message format by @StevenMassaro in #3829
• Use StandardCharsets constant instead. (DAT-12853) by @arturobernalg in #3725
• Update SnakeYAML usage - do not call deprecated methods by @asomov in #3632
• Avoid global mutable state of Non-final fields in enumeration types. by @arturobernalg in #3727
• Use constants instead of arrays with known lengths of zero by @arturobernalg in #3716
• Simplify lambda expressions when possible by @arturobernalg in #3736
• [PRO] Added new modifyChangeSets tag to support specification of runWith attribute for all change sets in include or includeAll
• [PRO] DAT-7922 Implement a check for one change per changeset by @wwillard7800 in liquibase/liquibase-pro#790
• [PRO] DAT-11915 Correctly escape SQL to enable and disable triggers on PostgreSQL by @wwillard7800 in liquibase/liquibase-pro#799
• [PRO] DAT-10157: add database scope for reserved words checks by @StevenMassaro in liquibase/liquibase-pro#802
• [PRO] DAT-13189 safely set code point limit for SnakeYaml by @StevenMassaro in liquibase/liquibase-pro#827
• [PRO] DAT-13440: show changesetsRolledback only after rollback is complete by @StevenMassaro in liquibase/liquibase-pro#838
• [PRO] DAT-12568 by @jnewton03 in liquibase/liquibase-pro#844

Fixes

• Fixes generate-changelog table/view comment and table/view column comment generation for MSSQL (DAT-12045) by @abrackx in #3563
• Fully qualified path to the changelog or snapshot in S3 is not allowed, so needs better msg (DAT-11478) by @diadiushko in #3564
• (DAT-12039) :detect circular references in includeAll statement by @StevenMassaro in #3695
• improve logging around paths that do not exist (DAT-12038) by @StevenMassaro in #3669
• normalize path of json and yaml changelogs when parsing (DAT-11891) by @StevenMassaro in #3711
• deprecate DefaultLoggerConfiguration (DAT-11970) by @StevenMassaro in #3706
• Rework dropProcedure for Snowflake Log message when dropAll fails (DAT-12916) by @wwillard7800 in #3702
• fix: snowflake has wrong priority by @Yogurt-lei in #3572
• Do not add default schema name to getSchemas method to avoid one schema by @LonwoLonwo in #3704
• #3035 add Double data type class to avoid incorrect double(0) database by @LonwoLonwo in #3703
• Stop publishing liquibase-extension-testing to Github on branch builds (DAT-13038) by @abrackx in #3726
• do not support setting column comments on a view in Snowflake (DAT-12530) by @StevenMassaro in #3710
• Fix NullPointerException for case sensitive collations by @ivan909020 in #3699
• (DAT-13269) pass proper branch name and add required field by @jnewton03 in #3765
• Consistent ARG-suffix for 'defaultSchemaName'-Parameter by @SIEDA-EliasHeydrich in #3662
• Removing explicit LiquibaseServletListener references by @Thunderforge in #3677
• Add Snowflake structured data types to unmodifiable Data Types by @LonwoLonwo in #3752
• Fix #3690 primaryKeyExists does not work on DB2z by @MichaelKern-IVV in #3691
• Replace old stream creation with java.nio. by @arturobernalg in #3686
• github-action (DAT-13527) by @jnewton03 in #3827
• Do not duplicate clearCheckSums logic by @fbiville in #3628
• Fixing #3708 - AddColumn fix for H2 version 1.4.200 by @KarolyNevelos in #3709
• Added default values to private Scope constructor by @MarkTJohnson in #3756
• Improved concurrency support by using ConcurrentHashMaps by @jurgenkleverwal in #3799
• fixing lookahead for last line comment method by @mwiede in #3717
• Do not calculate checksum when loading changelogs by @filipelautert in #3790
• set up maven using simpler GitHub action by @StevenMassaro in #3835
• safely set code point limit for SnakeYaml (DAT-13189) by @StevenMassaro in #3807
• Fix failing EnvironmentValueProviderTest by @nvoxland in #3783
• show changesetsRolledback only after rollback is complete (DAT-13440) by @StevenMassaro in #3846

Security, Driver and other updates

OWASP Dependency Check: Reported Vulnerabilities
snakeyaml.jar - This is a "critical" vulnerability reported against the snakeyaml library. Note: Liquibase code is not vulnerable to this attack, but users can manually upgrade to the newest version of snakeyaml library, and will be upgraded to the unaffected snakeyaml 2.0 version in the next release. If you are interested, you can track the PR at #3865

• Bump junit-jupiter-params from 5.9.1 to 5.9.2 by @dependabot in #3673
• Bump ant from 1.10.11 to 1.10.13 by @dependabot in #3672
• Bump firebird-testcontainers-java from 1.2.0 to 1.3.0 by @dependabot in #3653
• Bump actions/delete-package-versions from 3 to 4 by @dependabot in #3649
• Bump maven-plugin-plugin from 3.7.0 to 3.7.1 by @dependabot in #3698
• Bump assertj-core from 3.23.1 to 3.24.2 by @dependabot in #3705
• Bump jaybird from 4.0.8.java8 to 5.0.0.java8 by @dependabot in #3659
• Bump mariadb-java-client from 3.1.0 to 3.1.2 by @dependabot in #3729
• Bump snowflake-jdbc from 3.13.26 to 3.13.27 by @dependabot in...

v4.19.0

Liquibase v4.19.0 is a patch release with an XSD upgrade.

Enhancements

• Simplify assert calls and replaced with simpler and equivalent calls. by @arturobernalg in #3497
• Delete unused import statement. by @arturobernalg in #3522
• Added call to modifyChangeSet during execute method to allow the changeSet to be correctly set on the executor DAT-12388 by @wwillard7800 in #3511
• Remove unnecessary local variables that add nothing to the comprehensibility of a method. by @arturobernalg in #3373
• Allow loading gzipped data files by @mike-seger in #3379
• Use try-with-resources Statement when is possible. by @arturobernalg in #3374
• Define and reuse constants. Use an empty array styles to convert a collection to an array. by @arturobernalg in #3500
• Add support for block comment rollback commands on SQL changesets by @krishnaenugandula in #1399
• Allow primary key on addColumn for H2 by @nick318 in #3372
• Additional (optional) tableType attribute on the CreateTableChange by @MartinRied in #3108
• Include "path" in databasechangelog's description column for all change types with "path" attributes by @MichaelKern-IVV in #3244
• #1466: Add ignore:true changeset attribute to Formatted SQL changeLogs by @skrivenko in #3377
• #1290: Forbid empty changeSet id and author by @skrivenko in #3397
• Allow to drop and create a view for a Postgres database if replacing the view would fail by @rozenshteyn in #3399
• Rename DatabaseObjectComparator class to be DatabaseObjectCollectionComparator for clarity DAT-10112 by @wwillard7800 in #3544
• Do not lower case the ProvidedValue description if the string is capitalized, i.e. it starts with 2 upper-case characters DAT-12614 by @wwillard7800 in #3589
• Use 'Integer.compare' instead by @arturobernalg in #3528
• Simplify 'Map' operations. by @arturobernalg in #3527
• Remove unnecessary semicolon. by @arturobernalg in #3571
• Missing Override annotations. by @arturobernalg in #3558
• Prevents redundant loop iterations. Early loop exit in 'if' condition. by @arturobernalg in #3547
• DAT 6635 - Implement TagCommand by @filipelautert in #3570
• DAT-12576 update release workflow to attach artifact by run_id by @ap-liquibase in #3629
• DAT-12365 update install4j script to version 10.x by @jnewton03 in #3641
• Upgrades installer JDK version for next release. by @filipelautert in #3440
• remove licenses that were moved to individual extensions (DAT-12784) by @StevenMassaro in #3646
• DAT-12597 include commercial sources and javadoc in reversion by @ap-liquibase in #3671
• DAT-7686 Feature Request to control Sqlplus default liquibase.sqlplus.conf behavior

Security, Driver, and other updates

• Bump mariadb-java-client from 3.0.8 to 3.1.0 by @dependabot in #3471
• Bump testcontainers-bom from 1.17.5 to 1.17.6 by @dependabot in #3477
• Bump snowflake-jdbc from 3.13.22 to 3.13.25 by @dependabot in #3475
• Bump slf4j-jdk14 from 2.0.3 to 2.0.4 by @dependabot in #3485
• Bump maven-install-plugin from 3.0.1 to 3.1.0 by @dependabot in #3484
• Bump castlabs/get-package-version-id-action from 2.0 to 2.1 by @dependabot in #3490
• Bump sqlite-jdbc from 3.39.4.0 to 3.40.0.0 by @dependabot in #3510
• Bump jaybird from 4.0.6.java8 to 4.0.8.java8 by @dependabot in #3509
• Bump mockito-inline from 4.8.1 to 4.10.0 by @dependabot in #3580
• Bump targetMavenVersion from 3.8.5 to 3.8.6 by @dependabot in #3593
• Bump junit-jupiter-params from 5.8.1 to 5.9.1 by @dependabot in #3592
• Bump jaybird from 4.0.6.java8 to 4.0.8.java8 by @dependabot in #3602
• Bump slf4j-jdk14 from 2.0.4 to 2.0.6 by @dependabot in #3566
• Bump snowflake-jdbc from 3.13.25 to 3.13.26 by @dependabot in #3579
• Bump robinraju/release-downloader from 1.6 to 1.7 by @dependabot in #3603
• Bump ojdbc8 from 21.7.0.0 to 21.8.0.0 by @dependabot in #3551
• Bump up the max number of code points for JSON/YAML parser DAT-12657 by @wwillard7800 in #3552
• Bump actions/cache from 3.0.11 to 3.2.3 by @dependabot in #3654
• update changelog version - 4.19 by @suryaaki2 in #3676
• Update changelog xsd 4.19 by @suryaaki2 in #3678
• Bump targetMavenVersion from 3.8.5 to 3.8.7 by @dependabot in #3634
• Update release-published.yml by @jnewton03 in #3540
• DAT-12783 Adding extension license information by @wwillard7800 in #3614

Fixes

• fix overwriteOutputFile parameter for GenerateChangelog (DAT-12036) by @StevenMassaro in #3543
• Avoid ClassCastException when loading LogService from Scope by @mattbertolini in #3518
• Adds exclusions for mariadb newly added waffle dependency. by @filipelautert in #3559
• Correctly handle indexes with descending columns in snapshot DAT-11447 by @wwillard7800 in #3535
• Fix getting default schema issue for firebird by @MalloD12 in #3390
• Fix generatedSQL logic to allow setting up a function as a default value for MySQL version 8 by @MalloD12 in #3362
• DAT-11579: when generating changelogs for MySQL, ignore table column order for PKs by @StevenMassaro in #3486
• Included SQL to return unique constraints for Sybase by @crenan in #3517
• Add varbinary and binary support for DB2 - fixes #3408 by @mihaelaDev in #3428
• Added support for COMPUTED values inside CSV files for loadData change by @zbynekvavros in #944
• Prevent Executors collision due to hash used as a Map's key part by @Dasiu in #3533
• Breaks out of LockService.init loop after validations are completed by @filipelautert in #3576
• implement SingletonObject to solve #2349 by @yairogen in #3624
• Postgresql - Fallback to default schema name in SequenceSnapshotGenerator when this is null by @djochim in #3637

OWASP Dependency Check: Reported Vulnerabilities

• snakeyaml.jar - This is a "critical" vulnerability reported against the snakeyaml library. We are currently on the newest version of snakeyaml and there is no fix for the issue as of yet.

New Contributors

• @mike-seger made their first contribution in #3379
• @crenan made their first contribution in #3517
• @mihaelaDev made their first contribution in #3428
• @krishnaenugandula made their first contribution in #1399
• @skrivenko made their first contribution in #3397
• @zbynekvavros made their first contribution in #944
• @Dasiu made their first contribution in #3533
• @yairogen made their first contribution in #3624
• @djochim made their first contribution in #3637

Full Changelog: v4.18.0...v4.19.0

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.
...

Liquibase v4.18.0

Liquibase v4.18.0

Notable Changes

[PRO] Hashicorp Vault extension and Liquibase Pro

Use together for increased security and convenience of centralized properties. Note: This release works with Vault v1, and a v2 compatible release will follow up soon.

• Security

  Vaults offer much greater security than defaults files or 
environment variables


• Centralization

  Secure your database credentials, Pro license key, secure urls, and more in one central location.
  Update your critical properties in one place, and all linked tools and jobs use the new values
.

[PRO] rollback-on-error command argument

• When set to true will attempt to rollback a failed update operation.
• Note: changesets marked failonerror=false, do not count as error, and so do not rollback-on-error

[OSS] Liquibase Environment variables

• Now free to all users, not just Pro users.
• Learn more at https://docs.liquibase.com/concepts/connections/liquibase-environment-variables.html

Enhancements

• [PRO] Added new modifyChangeSets tag to support specification of runWith attribute for all change sets in include or includeAll

API Breaking Changes

• Use PathHandler for writing log files, which allows using S3 and other extensions (DAT-11515) by @abrackx in #3438

Security, Driver and other updates

• Upgrade mockito-inline from 4.8.0 to 4.8.1 by @dependabot in #3382
• Upgrade actions/cache from 3.0.8 to 3.0.11 by @dependabot in #3370
• Bump robinraju/release-downloader from 1.5 to 1.6 by @dependabot in #3423
• Upgrade postgresql driver from 42.5.0 to 42.5.1 by @dependabot in #3501
• Bump maven-plugin-plugin from 3.6.4 to 3.7.0 by @dependabot in #3450
• Bump sqlite-jdbc from 3.39.3.0 to 3.39.4.0 by @dependabot in #3451
• Bump maven-shade-plugin from 3.4.0 to 3.4.1 by @dependabot in #3422
• Bump gmavenplus-plugin from 1.13.1 to 2.1.0 by @dependabot in #3391
• Bump picocli from 4.6.3 to 4.7.0 by @dependabot in #3432
• Bump jcc from 11.5.7.0 to 11.5.8.0 by @dependabot in #3414
• Upgrade testcontainers-bom from 1.17.3 to 1.17.5 by @dependabot in #3341

Fixes

• Fixes generate-changelog view comments for Postgres (DAT-9410) by @abrackx in #3403

• Adds DefaultChangeExecListener, catches and handles migration errors (DAT-9372) by @abrackx in #3431

• Fixes nullpointer when dealing with LiquibaseException on updates. by @filipelautert in #3447

• Resets changelog cache upon acquiring lock by @filipelautert in #3396

• Allows createSequence field "dataType" to be use with DB2 as the database supports it. by @filipelautert in #3328

• Defines "-- rollback empty" as the way to specify "no rollback needed". by @filipelautert in #3324

• Fix create index on Postgresql and MSSQL using wrong column names when generating a changelog by @filipelautert in #3366

• Fixed input string handling in CompareControl constructor by @filipelautert in #3309

• Add 'ifExists' parameter to the dropView statement by @gzsombor in #3301

• Fix getResourceAccessor logic to avoid setting changeLogDirectory when searchPath has already set by @MalloD12 in #3347

• Ensures that Postgresql works with blob types bytea and oid (large objects) by @filipelautert in #3381

• Improve int/tinyint/smallint/bigint handling in H2 by @MalloD12 in #3274

• The onSqlOutput attribute does not work for preconditions in formatted SQL changelogs. by @dyadyushko in #3436

• [DAT-11899] Modifies deploy plugin and distribution management. by @jnewton03 in #3457

• Adds ChangeExecListener properties to maven plugin (DAT-12219) by @abrackx in #3443

• make BufferedLogService thread safe by @StevenMassaro in #3470

• Improved Sybase ASE Support by @carlos940513 in #665

• Do not write output files for computed columns when executing dbDoc. Fixes #1088 by @rozenshteyn in #3398

• Sequence owned by a table field must be included in database snapshot by @filipelautert in #3335

• Fixes snapshot of case-sensitive views by @filipelautert in #3329

• Fix include/includeAll to correct track relativeToChangelog=true paths using ./ or ../ by @nvoxland in #3355

• Improved readability in the createCDILiquibaseConfig method. by @musttafayildirim in #3316

• testing main and sha builds by @jnewton03 in #3481

• Fix Postgresql autoIncrement Information in snapshot by @filipelautert in #3361

• Treat "," as "or" when parsing context expressions. Fixes #1103 by @rozenshteyn in #3426

• CORE-1127: Filter by context when doing a rollback. by @berryh in #898

• Implement tagExists Maven command (Fix issue 1063) by @rozenshteyn in #3385

• Fixes transaction handling within changesets on DB2 on z/OS by @MichaelKern-IVV in #3342

• Improve dropAllForeignKeyConstraints performance by @Spindl in #2155

• Adds error handling for updateCount (DAT-11950) by @abrackx in #3463

• Adds error handling to update-to-tag (DAT-11951) by @abrackx in #3468

• Adds error handling for update-testing-rollback command and updateTestingRollback goal (DAT-11952) by @abrackx in #3474

• Fixes behaviour of includeAll by keeping the trailing slash on the path by @filipelautert in #3506

• Restore FileSystemResourceAccessor and add tests. by @filipelautert in #3499

• Simplify if statements to a single assignment. Avoid extra works. by @arturobernalg in #3375

• Fixed resolveSibling method by updating URL resource type by @MalloD12 in #3413

• Fix dependency query for PostgreSQL 15 by @Domm98CZ in #3456

• Release liquibase-nochangeloglock extension with the others by @nvoxland in #3452

New Contributors

• @gzsombor made their first contribution in #3301
• @carlos940513 made their first contribution in #665
• @rozenshteyn made their first contribution in #3398
• @musttafayildirim made their first contribution in #3316
• @berryh made their first contribution in #898
• @Spindl made their first contribution in #2155
• @arturobernalg made their first contribution in #3375
• @Domm98CZ made their first contribution in #3456

Full Changelog: v4.17.2...v4.18.0

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality
• liquibase-x.y.z.tar.gz -- Archive in tar.gz format
• liquibase-x.y.z.zip -- Archive in zip format
• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows
• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS
• Primary Libraries - For embedding in other software
  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • **liquibase-c...

v4.17.2

Liquibase 4.17.2 Patch Release

This is a patch release that upgrades the HSQL driver to remove a security vulnerability.
NOTE: The newest HSQL driver requires Java 11, so if you use HSQL and JAVA 8, you will need to upgrade your Java.

Security Updates

• No security updates are necessary

JDBC Driver and Third-Party Library Updates

• Upgrade hsqldb from 2.5.2 to 2.7.1 by @dependabot in #3400
• [opencsv-upgrade] Updates opencsv to 5.7.1 by @abrackx in #3419

Full Changelog: v4.17.1...v4.17.2

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality

• liquibase-x.y.z.tar.gz -- Archive in tar.gz format

• liquibase-x.y.z.zip -- Archive in zip format

• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows

• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS

• Primary Libraries - For embedding in other software

  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • liquibase-commerical-x.y.z.jar – Additional commercial functionality

• liquibase-additional-x.y.z.zip – Contains additional, less commonly used files

  • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
  • Javadocs for all the libraries
  • Source archives for all the open source libraries
  • ASC/MD5/SHA1 verification hashes for all files

  NOTE: liquibase-core-.jar contains only the open-source license. If you use Liquibase Pro or other commercial add-ons, you must also install liquibase-commercial-.jar

v4.17.1

Liquibase 4.17.1 Patch Release

Fixes

• fix: Use default localhost finder for MacOs - fix #2098 by @grzi in #2134
• Allow renameColumn on newer SQLite versions by @MalloD12 in #3264
• Implement logic to validate dbms set at changeset and stored procedure levels by @MalloD12 in #3291
• Fixed URIResource.resolveSibling by @nvoxland in #3354
• Use liquibase StringUtil not lang3.StringUtils by @nvoxland in #3338
• Handle absolute path in getAll method by @wwillard7800 in #3369

Updates

Security Updates

• None

JDBC Driver and Third-Party Library Updates

• Upgraded ojdbc8 from 21.6.0.0.1 to 21.7.0.0 by @dependabot in #3223
• Upgraded maven-shade-plugin from 3.3.0 to 3.4.0 by @dependabot in #3276
• Upgraded slf4j-jdk14 from 2.0.2 to 2.0.3 by @dependabot in #3321
• Upgraded snakeyaml maven reference from 1.32 to 1.33 by @nvoxland in #3359
• Upgraded commons text transitive dependency by @abrackx in #338

OWASP Dependency Check: Reported Vulnerabilities

• hsqldb.jar - This is a vulnerability reported against the hsqldb driver. We are currently on the newest version of hsqldb and there is no fix for the issue as of yet.
• snakeyaml.jar - This is a vulnerability reported against the snakeyaml. We are currently on the snakeyaml 1.33 and this issue has been fixed in 1.32.

New Contributors

• @grzi made their first contribution in #2134

Full Changelog: v4.17.0...v4.17.1

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality
• liquibase-x.y.z.tar.gz -- Archive in tar.gz format
• liquibase-x.y.z.zip -- Archive in zip format
• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows
• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS
• Primary Libraries - For embedding in other software
  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • liquibase-commerical-x.y.z.jar – Additional commercial functionality
• liquibase-additional-x.y.z.zip – Contains additional, less commonly used files
  • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
  • Javadocs for all the libraries
  • Source archives for all the open source libraries
  • ASC/MD5/SHA1 verification hashes for all files

v4.17.0

Liquibase v4.17.0

Notable Changes

• [PRO] The liquibase flow command and flow files are available with a Pro license. It allows you to create portable, platform-independent workflows that can run across different tools without modifying each workflow.

  • Learn more about flow here: liquibase flow file and command
  • If you want to provide feedback or have questions, please visit the forum at https://forum.liquibase.org/

• [PRO] Pro license users can now integrate Amazon S3 with Liquibase. You can extend Liquibase to use remote file locations to enable secure, centralized file management.

  • Learn more here: S3 Remote Files

• [PRO] Pro license users can use searchpath to find files located on S3 that cannot be found by an absolute path.

  • Learn more about the Searchpath command here.
  • Learn more about Searchpath with S3 here.

API Breaking Changes

• The liquibase.resource.ResourceAccessor APIs were updated to take advantage of the new liquibase.resource.Resource abstraction that was introduced. Code that USES the existing ResourceAccessor methods will continue to work as before with no changes, but if you have written custom implementations of ResourceAccessor there are new and changed methods to implement. For more information, see javadocs.liquibase.com

Enhancements

• Created new liquibase.resource.Resource interface by @nvoxland in #3064
• Created ThreadLocalScopeManager by @nvoxland in #3240
• Create liquibase_autocomplete.zsh by @szandany in #3130

Fixes

• AlterSequence: include NOORDER clause ordered="false" is specified by @LeBezout in #1044
• Upper case result columns only for case-insensitive databases by @fbiville in #3102
• Postgresql: Fix for case when current search_path is an empty string by @gadget in #3233
• Fix missing catalog on add column rollback by @jandurovec in #921
• Fix an error which can occur if getAutoCommit is called on a closed connection by @gpsfl in #3135
• apply sqlVisitors to CompoundStatements on DB2z by @MichaelKern-IVV in #3220
• Improved message when precondition onFail : MARK_RAN is set by @MultiM25 in #2238
• Add default catalog condition to SequenceSnapshotGenerator for Oracle by @gabrielnardes in #3152
• Fixed issue with h2 loadUpdateData not correctly handling values with the string " values " in the inserted data by @tomyy in #1831
• Fix the smallserial issue not being parsed as a SmallInt type for Postgres by @MalloD12 in #3234
• Remove snowflake unsupported logging from snapshot command (DAT-11291) by @abrackx in #3277
• Fix "double" handling with H2 by @MalloD12 in #3273
• Firebird: fix createIndex missing space around "computed" by @Markus-Patt in #1500
• Test Race Condititons During Liquibase Locking by @schrieveslaach in #2327
• Use configuration to get 'altTablespace', 'altSchema' and 'altCatalog… by @mehrabisajad in #3124
• Add missing generator for parameterized SQL statements by @fbiville in #3225
• Add catalog null check to fix initializing a MSSQL db issue by @MalloD12 in #3235
• PD-2838: pointing DB list to docs by @adrian-velonis1 in #3280
• Addition of liquibase.update() Enhancement Request #1614 by @Betlista in #1638
• Fixed createView handling of replaceIfExists=true when the string "replace" exists in the view definition by @filipelautert in #3305
• DAT-11407: replace backslashes in NotFoundResource URI by @StevenMassaro in #3322
• Fix generateChangeLog and diffChangeLog logic to avoid including default schema name when it should not by @MalloD12 in #3246

Updates

Security Updates

• None

JDBC Driver and Third-Party Library Updates

• Upgraded snowflake-jdbc from 3.13.21 to 3.13.22 by @dependabot in #3196
• Upgraded opencsv from 5.6 to 5.7.0 by @dependabot in #3243
• Upgraded installer to use JDK 17.0.4.1 by @nvoxland in #3266
• Upgraded sqlite-jdbc from 3.39.2.1 to 3.39.3.0 by @dependabot in #3267
• Upgraded jaxb-core from 4.0.0 to 4.0.1 by @dependabot in #3292
• Upgraded mariadb-java-client from 3.0.7 to 3.0.8 by @dependabot in #3293
• Upgraded jaxb-runtime from 4.0.0 to 4.0.1 by @dependabot in #3294
• Upgraded snakeyaml from 1.32 to 1.33 by @dependabot in #3310

OWASP Dependency Check: Reported Vulnerabilities

• hsqldb.jar - This is a vulnerability reported against the hsqldb driver. We are currently on the newest version of hsqldb and there is no fix for the issue as of yet.
• jackson-databind - This is a vulnerability reported against the jackson-databind library we use internally. This library is repackaged for internal use only and not exposed as otherwise-callable code. We are currently on the newest version and there is no fix for the issue as of yet.

New Contributors

• @trentdm made their first contribution in #3227
• @gadget made their first contribution in #3233
• @jandurovec made their first contribution in #921
• @gpsfl made their first contribution in #3135
• @MichaelKern-IVV made their first contribution in #3220
• @MultiM25 made their first contribution in #2238
• @gabrielnardes made their first contribution in #3152
• @tomyy made their first contribution in #1831
• @neilnaveen made their first contribution in #2997
• @Markus-Patt made their first contribution in #1500
• @adrian-velonis1 made their first contribution in #3280
• @Betlista made their first contribution in #1638
• @filipelautert made their first contribution in #3305

Full Changelog: v4.16.1...v4.17

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality
• liquibase-x.y.z.tar.gz -- Archive in tar.gz format
• liquibase-x.y.z.zip -- Archive in zip format
• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows
• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS
• Primary Libraries - For embedding in other software
  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • liquibase-commerical-x.y.z.jar – Additional commercial functionality
• liquibase-additional-x.y.z.zip – Contains additional, less commonly used files
  • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
  • Javadocs for all the libraries
  • Source archives for all the open source libraries
  • ASC/MD5/SHA1 verification hashes for all files

v4.16.1

New and Notable Capability

• Liquibase 4.16.0 incorrectly included the msal4j.jar and it's dependencies in internal/lib. This release does removes them. If you need the Azure authentication support provided by that library, you can continue to add it to the lib directory.

Enhancements

• None

Fixes

• None

Updates

Security Updates

• None

JDBC Driver and Third-Party Library Updates

• Upgraded mssql-jdbc from 11.2.0.jre8 to 11.2.1.jre8 by @dependabot in #3262

OWASP Dependency Check: Reported Vulnerabilities

• snakeyaml.jar - This is a "medium" vulnerability reported against the snakeyaml library. We are currently on the newest version of snakeyaml and there is no fix for the issue as of yet.

New Contributors

• None this time

Full Changelog: v4.16.0...v4.16.1

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality
• liquibase-x.y.z.tar.gz -- Archive in tar.gz format
• liquibase-x.y.z.zip -- Archive in zip format
• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows
• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS
• Primary Libraries - For embedding in other software
  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • liquibase-commerical-x.y.z.jar – Additional commercial functionality
• liquibase-additional-x.y.z.zip – Contains additional, less commonly used files
  • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
  • Javadocs for all the libraries
  • Source archives for all the open source libraries
  • ASC/MD5/SHA1 verification hashes for all files

v4.16.0

New and Notable Capability

• [LABS] The liquibase flow command and flow files are still available under the Liquibase Labs license.
  • Documentation on flow is here: https://docs.liquibase.com/flow
  • If you want to provide feedback on this capability, please email mario@liquibase.com.
• [PRO] The Quality Checks for Databases are now available to all Pro license users. These checks inspect your active database, or a liquibase-generated snapshot for compliance with your rules. Learn more here: https://docs.liquibase.com/quality-checks
• Introduces "contextFilter" and "labelFilter" replacement settings by @nvoxland in #2971
  • Liquibase has always had a way to use "labels" and "contexts" and then filter on those attributes in order to control which changesets are considered for execution. The new "contextFilter" and "labelFilter" attributes help simplify workflows and prevent confusion.

Enhancements

• Added support for changeset references in rollback for Formatted SQL changelogs by @atzawada in #1386
• Add schemas and includeSchema parameters to maven generateChangeLog by @MalloD12 in #3210
• [PRO] Two new Pro commands update-one-changeset and update-one-changeset-sql serving as complements to rollback-one-changeset and roll-back-one-changeset-sql

Fixes

• Fix addColumn on mysql when including a "value" attribute by @nvoxland in #3070
• Add support for AS <dataType> clause for H2 since version 2.0 by @marcus-nl in #3047
• Fixed NUMBER not compatible with H2 by @nick318 in #3098
• SpringResourceAccessor: fix issue with incorrect match pattern for files from classPath root by @danilmalkin in #3095
• Made liquibase.snapshot.ResultSetCache an extensible class. by @breglerj in #2087
• Added support for \u2116 symbol win1251 cyrillic symbol of number by @Stuchalin in #1324
• Tidy ExecutorService code, remove superfluous map access (Issue 1841) by @jamey-clari in #1842
• Fixed order of enum values on MySQL 8 by @Tantalon in #3150
• Removed invalid warning in Maven by @nvoxland in #3189
• [PRO] DAT-10810 QC: checks show changes (--show-cols flag, drop some, etc) by @dyadyushko in #3187

Updates

Security Updates

• Updates the snakeyaml dependency shipped in the liquibase-maven-plugin pom to address CVE-2022-25857

JDBC Driver and Third-Party Library Updates

• Upgraded postgresql from 42.4.0 to 42.4.1 by @dependabot in #3145
• Upgraded mariadb-java-client from 3.0.6 to 3.0.7 by @dependabot in #3149
• Upgraded sqlite-jdbc from 3.36.0.3 to 3.39.2.0 by @dependabot in #3148
• Upgraded mssql-jdbc from 10.2.1.jre8 to 11.2.0.jre8 by @dependabot in #3162
• Upgraded postgresql from 42.4.1 to 42.5.0 by @dependabot in #3199
• Upgraded sqlite-jdbc from 3.39.2.0 to 3.39.2.1 by @dependabot in #3198
• Upgraded snakeyaml from 1.30 to 1.31 by @dependabot in #3224
• Upgraded snakeyaml in liquibase-maven-plugin from 1.27 to 1.31 by @dependabot in #3263

OWASP Dependency Check: Reported Vulnerabilities

• snakeyaml.jar - This is a "medium" vulnerability reported against the snakeyaml library. We are currently on the newest version of snakeyaml and there is no fix for the issue as of yet.

New Contributors

• @marcus-nl made their first contribution in #3047
• @nick318 made their first contribution in #3098
• @danilmalkin made their first contribution in #3095
• @breglerj made their first contribution in #2087
• @Stuchalin made their first contribution in #1324
• @jamey-clari made their first contribution in #1842
• @Tantalon made their first contribution in #3150
• @atzawada made their first contribution in #1386
• @MalloD12 made their first contribution in #3210
• @dyadyushko made their first contribution in #3187

Full Changelog: v4.15.0...v4.16.0

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code
Make doc updates
Help by asking and answering questions
Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

• Liquibase CLI -- Includes open source + commercial functionality
• liquibase-x.y.z.tar.gz -- Archive in tar.gz format
• liquibase-x.y.z.zip -- Archive in zip format
• liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows
• liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS
• Primary Libraries - For embedding in other software
  • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
  • liquibase-commerical-x.y.z.jar – Additional commercial functionality
• liquibase-additional-x.y.z.zip – Contains additional, less commonly used files
  • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
  • Javadocs for all the libraries
  • Source archives for all the open source libraries
  • ASC/MD5/SHA1 verification hashes for all files