Skip to content

Bump liquibase-core from 3.8.0 to 4.17.2 #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump liquibase-core from 3.8.0 to 4.17.2 #40

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2022

Bumps liquibase-core from 3.8.0 to 4.17.2.

Release notes

Sourced from liquibase-core's releases.

v4.17.2

Liquibase 4.17.2 Patch Release

This is a patch release that upgrades the HSQL driver to remove a security vulnerability. NOTE: The newest HSQL driver requires Java 11, so if you use HSQL and JAVA 8, you will need to upgrade your Java.

Security Updates

  • No security updates are necessary

JDBC Driver and Third-Party Library Updates

Full Changelog: liquibase/liquibase@v4.17.1...v4.17.2

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code Make doc updates Help by asking and answering questions Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

  • Liquibase CLI -- Includes open source + commercial functionality

  • liquibase-x.y.z.tar.gz -- Archive in tar.gz format

  • liquibase-x.y.z.zip -- Archive in zip format

  • liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows

  • liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS

  • Primary Libraries - For embedding in other software

    • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
    • liquibase-commerical-x.y.z.jar – Additional commercial functionality

  • liquibase-additional-x.y.z.zip – Contains additional, less commonly used files

    • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
    • Javadocs for all the libraries
    • Source archives for all the open source libraries
    • ASC/MD5/SHA1 verification hashes for all files

    NOTE: liquibase-core-.jar contains only the open-source license. If you use Liquibase Pro or other commercial add-ons, you must also install liquibase-commercial-.jar

v4.17.1

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version Liquibase v4.18.0

Notable Changes

  • [PRO] Hashicorp Vault extension and Liquibase Pro
  • Use together for increased security and convenience of centralized properties
  • [PRO]Security
  • Vaults offer much greater security than defaults files or
environment variables

  • [PRO] Centralization
  • Secure your database credentials, Pro license key, secure urls, and more in one central location.
  • Update your critical properties in one place, and all linked tools and jobs use the new values
.
  • [PRO] rollback-on-error command argument
  • When set to true will attempt to rollback a failed update operation.
  • Note: changesets marked failonerror=false, do not count as error, and so do not rollback-on-error

[OSS] Liquibase Environment variables

Enhancements

  • [PRO] Auto-rollback enabled for more Pro stored logic objects
  • [PRO] Added new modifyChangeSets tag to support specification of runWith attribute for all change sets in include or includeAll

API Breaking Changes

  • Use PathHandler for writing log files, which allows using S3 and other extensions (DAT-11515) by @​abrackx in #3438

Security, Driver and other updates

Fixes

... (truncated)

Commits
  • 347c33d Update changelog with 4.17.2 changes (#3433)
  • 1fb44ca Upgrade hsqldb from 2.5.2 to 2.7.1 (#3400)
  • 9949ca0 Revert Use PathHandler for writing log files (#3420)
  • 96c10dd [opencsv-upgrade] Updates opencsv to 5.7.1 (#3419)
  • d9451da Merge pull request #3411 from liquibase/kevin-atx-liquibase-product-name-update
  • c7b969c Update README.md
  • 4d1bb4d Use PathHandler for writing log files, which allows using S3 and other extens...
  • 28804f3 Update README.md
  • 745d022 Fix "No inverse to CreateProcedureChange" error when using rollbackOneChangeS...
  • 3a22791 Update README.md
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump liquibase-core from 3.8.0 to 4.17.2
27dd3e6 
Bumps [liquibase-core](https://github.com/liquibase/liquibase) from 3.8.0 to 4.17.2.
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@liquibase-parent-3.8.0...v4.17.2)

---
updated-dependencies:
- dependency-name: org.liquibase:liquibase-core
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 1, 2022
@dependabot dependabot bot mentioned this pull request Dec 1, 2022
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 1, 2023

Superseded by #42.

@dependabot dependabot bot closed this Jan 1, 2023
@dependabot dependabot bot deleted the dependabot/maven/develop/org.liquibase-liquibase-core-4.17.2 branch January 1, 2023 02:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant