PIIlocation

Last updated: June 9, 2026

The PIIlocation policy check identifies highly-sensitive US geographic location information in your database changelogs, helping prevent PII data exposure. This check employs the Phileas library of Identifiers to scan INSERT and UPDATE SQL statements in your changesets for location-related identifiers such as city names, state names, street addresses, and ZIP codes. When the check detects potential location data, it flags the changelog and can block deployment, protecting your organization from accidentally committing sensitive location information to version control or deploying it to your databases. This check is especially valuable in environments subject to CCPA, GDPR, and similar privacy regulations.

Scope

Database

changelog

Any SQL database

Before you begin

  • Create a Check Settings file

  • Update any existing Check Settings file to 5.2+ by running liquibase checks show --auto-update=ON to ensure the PIIlocation check appears on the list of checks.

  • (Maven users only) Add the liquibase-checks dependency to your pom.xml file. See Add extensions with Maven for more information.

  • Ensure you have Java 17+ installed. If you used the Liquibase Installer, Java is included automatically. Otherwise, you must install Java manually.

Procedure

1

Enable the PIIlocation check

This check is disabled by default. To enable it, run the checks enable command: liquibase checks enable --check-name=PIIlocation

2

Customize the check.

After enabling PIIlocation, run checks customize to configure the check's behavior. This command lets you set which location identifiers to scan for, the message displayed when a violation is found, and additional identifier-specific options.

Command: liquibase checks customize --check-name=PIIlocation

Liquibase prompts you to set these parameters:

  1. Severity — The return code generated on a violation. Options: INFO|0, MINOR|1, MAJOR|2, CRITICAL|3, BLOCKER|4. Default: INFO.

  2. LOCATION_IDENTIFIERS — The US geographic location data types to scan for. Accepts ALL or a comma-separated list of: CITY, STATE, STATE_ABBREVIATION, COUNTY, STREET_ADDRESS, ZIP_CODE. Default: ALL.

  3. MESSAGE — The message displayed when a violation is found. The default message includes the detected data type, statement type, statement number, line number, and position.

If ZIP_CODE is included in LOCATION_IDENTIFIERS, Liquibase also prompts for:

  1. ZIP_CODE_VALIDATE — Validate ZIP codes against the US Census database to reduce false positives. Options: true, false. Default: false.

Example output:

Short Name

Category

Description

Customization

Status

Severity

Scope

Type

PIIlocation

Sensitive Data

Identifies highly-sensitive US Geographic Location information, helping avoid PII data exposure in highly-regulated environments.

LOCATION_IDENTIFIERS = ALL MESSAGE = Policy violation: raw {filter_type} detected in {stmt_type} at statement #{statement_number}, line {line_number}, positions {start}-{end}.{file_line_info} ZIP_CODE_VALIDATE = false

enabled

0

changelog

sql, xml, yaml, json

3

Run the checks run command

After enabling and customizing the PIIlocation check, run it against your changelog to detect the location identifiers you have configured. Your customized check is stored in your checks settings file.

To run checks with a custom settings file, use the --checks-settings-file parameter. If you don't specify this parameter, Liquibase uses the default liquibase.checks-settings.conf file. You can also use the --changelog-file flag to target a specific changelog.

Checks settings file example: liquibase checks run --checks-settings-file=path_to_my_file_name.yaml

Checks settings file and specific changelog file example: liquibase checks run --checks-settings-file=<path_to_my_file_name>.yaml --changelogfile --<your_changelog_here>.sql

Note: If you run liquibase update with a checks settings file configured, the checks run automatically as part of the update process.

liquibase checks run --checkname < yourCustomizedCheckName > --changelogfile --< yourChangelogHere >.sql

liquibase checks run --checks-settings-file=my_file_name.yaml
4

Analyze the results in the terminal output.

When the PIIlocation check finds sensitive data in the changelog, you will see output similar to this in the terminal:

CHANGELOG CHECKS ---------------- Checks completed validation of the changelog and found the following issues: Check Name: PII (Location) Information detection (PIIlocation) Changeset ID: location-1 Changeset Filepath: my-changelog.sql Check Severity: INFO (Return code: 0) Message: Policy violation: raw COUNTY detected in INSERT at statement #1, line 1, positions 50-56. Check Name: PII (Location) Information detection (PIIlocation) Changeset ID: location-2 Changeset Filepath: my-changelog.sql Check Severity: INFO (Return code: 0) Message: Policy violation: raw STREET-ADDRESS detected in INSERT at statement #1, line 1, positions 68-83. Changesets Validated: in my-changelog.sql ID: location-1; Author: test ID: location-2; Author: test Checks run against each changeset: PII (Location) Information detection (Short names: PIIlocation)

The output identifies the check name, changeset ID, file path, severity, and the exact location of the detected geographic data in the changelog.

Results

Now you can see how the check runs and what the results look like when it flags an issue within the changelog.

You can then remove, mask, or handle the sensitive location information appropriately before committing changes to your database.