Skip to content

Bump liquibase-core from 4.3.5 to 4.8.0 in /demo-spring-app #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump liquibase-core from 4.3.5 to 4.8.0 in /demo-spring-app #5

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Nov 6, 2022

Bumps liquibase-core from 4.3.5 to 4.8.0.

Release notes

Sourced from liquibase-core's releases.

v4.8.0

Liquibase 4.8.0 release

Please report any issues to https://github.com/liquibase/liquibase/issues.

Notable Changes

Liquibase 4.8.0 introduces the following functionality:

  • The init hub subcommand that connects your local Liquibase activity to Liquibase Hub and sets up the Liquibase environment to use Liquibase Hub. [DAT-8769]

Note: For more information, see init hub and Getting Started with Liquibase Hub.

  • [PRO] The sqlcmd utility support to process complex SQL for MSSQL Server. Liquibase provides the liquibase.sqlcmd.conf file to pass arguments to your executor when running Liquibase Pro. [DAT-7447]

Note: For more information, see Using the SQLCMD integration and runWith attribute with Liquibase Pro and MSSQL Server.

  • Changes to the behavior of the XML parser, which no longer allows referencing external DTD files for security reasons. If you use externally defined entities or any other potentially insecure XML feature in your changelogs, set liquibase.secureParsing=false. [PR#2384] [LB-2218]

Note: For more information about the ways to set the parameter, see Command Parameters.

  • The upgrade of the postgresql (from 42.2.12 to 42.3.2) and h2 (from 2.0.206 to 2.1.210) drivers that Liquibase includes in the installation package. If you use those drivers and upgrade an existing Liquibase installation, remove the earlier versions of drivers from the LIQUIBASE_HOME/lib directory.

Enhancements

  • Implemented the SimpleObjectConstructor interface for DB2 on z/OS [DAT-8580]
  • Included the CLI instructions on how to use the properties file with a nonstandard name when running the init project subcommand [DAT-9041]
  • Improved the output message for init start-h2 when the H2 database driver is specified, but there is no connection detected [DAT-8992]
  • Added validation errors for the enableCheckConstraint, disableCheckConstraint, dropPackage, dropPackageBody Change Types [DAT-9017]
  • [PR#2367] [Mike Olivas] Added example rollback scripts to the example-changelog.sql file [LB-2220]
  • [PR#1648] [Daniel Gray] Improved the exception error message for the customChange node with no class attribute [LB-1144]
  • [PR#2222] [msimko81] Added the offline mode support for the rollback-sql <tag> operation [LB-2198]
  • [PR#2273] [Tsvi Zandany] Added the autocomplete quality checks commands for macOS
  • [PR#2308] [Valentin Blistin] Added the close method for the ClassLoaderResourceAccessor class [LB-2205]

Fixes

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version 4.17.2 (2022.11.02)

This is a patch release that upgrades the HSQL driver to remove a security vulnerability. NOTE: The newest HSQL driver requires Java 11, so if you use HSQL and JAVA 8, you will need to upgrade your Java.

Fixes

No Fixes

Updates

Security Updates

JDBC Driver and Third-Party Library Updates

OWASP Dependency Check: Reported Vulnerabilities

Full Changelog: liquibase/liquibase@v4.17.1...v4.17.2

Changes in version 4.17.1 (2022.10.21)

Fixes

Dependency Updates

Changes in version 4.17.0 (2022.10.05)

Notable Changes

  • [PRO] The liquibase flow command and flow files are available with a Pro license. It allows you to create portable, platform-independent workflows that can run across different tools without modifying each workflow.

  • [PRO] Pro license users can now integrate Amazon S3 with Liquibase. You can extend Liquibase to use remote file locations to enable secure, centralized file management.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump liquibase-core from 4.3.5 to 4.8.0 in /demo-spring-app
367a47c 
Bumps [liquibase-core](https://github.com/liquibase/liquibase) from 4.3.5 to 4.8.0.
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@v4.3.5...v4.8.0)

---
updated-dependencies:
- dependency-name: org.liquibase:liquibase-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant