Liquibase 4.11 release
Please report any issues to https://github.com/liquibase/liquibase/issues.
Breaking Changes
Starting with 4.11, we moved the global libraries we ship with the CLI from the lib directory to a new internal directory structure. The lib directory is still included in the classpath as the place users can add whatever additional global drivers/libraries they need.
The liquibase --version output has been enhanced to also include the 3rd party libraries being used and their versions.
Impacts:
- If you are upgrading Liquibase by overwriting an existing directory, you will have duplicate libraries between
libandinternal/lib. You should manually delete any files inlibwhich you did not add yourself. Liquibase will continue to work even with the duplicate libraries, but you may not be running the latest version of ones we ship, since thelibfiles take priority over what is ininternal/lib. New installs are not impacted by this. - If you have any automation that did anything with our shipped files in
libyou will need to update it to reflect the newinternal/liblocation
For security reasons, we have also changed what is logged by the CLI to only log liquibase channel messages by default, rather than all log channels. If you are relying on logging from non-Liquibase libraries, you can add channels with the new --log-channels flag, including --log-channels=all to restore the old functionality.
Enhancements
- Moved shipped jar files out of
liband into a newinternal/libdirectory by @nvoxland in #2850 - To help with performance troubleshooting, there is now a
--monitor-performanceargument for the CLI (and only the CLI) which enables profiling of the Liquibase run. The generated profiling information can help us understand and fix performance issues easier. #2599 - Upgraded Java shipped with the installers from 11 to 17 by @nvoxland in #2602
- Added whitelist for CLI log channels by @nvoxland in #2859
Fixes
- Do not throw a confusing error if a datatype specified as a changelog parameter is not expanded by @nvoxland in #2772
- Fixed SQLite not correctly snapshotting tables with underscores in the name by @nvoxland in #2778
- Fixed local XSD lookup by @nvoxland in #2830
- Standardized "start-h2" commands on "liquibase init start-h2" logic by @nvoxland in #2597
- Support default values in the format
(0)::realby @nvoxland in #2836 - Fix handling of defaultSchemaName on Postgresql by @nvoxland in #2812
- Introduce generateStatementsFromRows for extensions by @fbiville in #2686
- Fixed XSD type of "ordered" and "cycle" attributes to be booleanby @DartVerder in #2725
- Remove custom log message filtering by @nvoxland in #2777
- Spring Boot: better support relativeToChangelogfile when ResourceLoaders return FilteredReactiveWebContextResources by @erik-meuwese-topicus in #2758
- Fix ForeignKeyComparator when foreign key table is not known by @joserebelo in #2565
- Test System Framework: add support for "liquibase.sdk.testSystem.skip" property by @StevenMassaro in #2838
- Test System Framework: stop database containers when spock execution ends by @StevenMassaro in #2843
Updates
Security Updates
- No security updates needed in this release
JDBC Driver and Third-Party Library Updates
- Upgraded picocli from 4.6.1 to 4.6.3 by @dependabot in #2518
- Upgraded jaxb libraries to the newest 2.3.x versions by @nvoxland in #2793
- Upgraded snakeyaml from 1.27 to 1.30 by @dependabot in #2498
OWASP Dependency Check: Reported Vulnerabilities
- jcc.jar - This is a vulnerability reported against the IBM DB2 JDBC driver. It is awaiting reanalysis. We are currently on the newest version [CVE-2008-1997] (https://nvd.nist.gov/vuln/detail/CVE-2008-1997)
- h2.jar - This is a vulnerability reported against the H2 driver. It is awaiting reanalysis. We are currently on the newest version [CVE-2018-14335] (https://nvd.nist.gov/vuln/detail/CVE-2018-14335)
New Contributors
- @nikosmoum made their first contribution in #2630
- @DartVerder made their first contribution in #2725
- @erik-meuwese-topicus made their first contribution in #2758
- @joserebelo made their first contribution in #2565
Full Changelog: v4.10.0...v4.11.0