Liquibase 4.31.1 release notes
Liquibase 4.31.1 is a patch release. It patches the vulnerability in the Snowflake driver (CVE-2025-24789) and resolves the issue with logicalfilepath reported in 4.31.0.
Notable changes
Liquibase OSS
logicalfilepath bug: The standard Liquibase practice is to accept the attribute closest to the changeset. However, in 4.31.0, the parent logicalfilepath value will be used in DBCL/DBCLH as the changelogfilepath value. This patch fixes this behavior, and deployed changesets do not redeploy if they have the changelog level logicalFilePath.
This update fixes this issue for users who meet three specific conditions:
Use Liquibase 4.31.0.
Use the
logicalfilepathattribute with different values at the changelog and changeset levels.Use
include/includeAllto nest changelogs.
Liquibase Pro changelog
Bug fixes
DAT-19579: The changesets from the included changelogs that were deployed with the changelog level logicalFilePath in version 4.31.0 will be considered new and will be redeployed in the latest versions #6716 @filipelautert
Liquibase OSS changelog
Bug fixes
(#6664) Don't ignore logicalFilePath when including changelogs @filipelautert
(#6716) Fix the filename in dbcl incorrectly generated during 4.31.0 (#6712) @filipelautert
Liquibase OSS security, driver, and other updates
Snowflake vulnerability update CVE-2025-24789
Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. Liquibase now includes a version with the fixed issue 3.22.0.
Full Changelog: v4.31.0...v4.31.1