Liquibase 4.11.0 Release Notes
Liquibase v4.11.0 is a major release.
See GitHub formatted release notes for more information. Full changelog: 4.10.0–4.11.0 (May 24, 2022)
Breaking Changes
Starting with 4.11.0, we moved the global libraries we ship with the CLI from the lib directory to a new internal directory structure. The lib directory is still included in the classpath as the place where users can add the additional global drivers/libraries they need.
The liquibase --version output has been enhanced to also include the third party libraries being used and their versions.
Impacts:
- If you are upgrading Liquibase by overwriting an existing directory, you will have duplicate libraries between
libandinternal/lib. You should manually delete any files inlibwhich you did not add yourself. Liquibase will continue to work even with the duplicate libraries, but you may not be running the latest version of ones we ship, since thelibfiles take priority over what is ininternal/lib. New installs are not impacted by this. - If you have any automation that did anything with our shipped files in
lib, update it to reflect the newinternal/liblocation.
For security reasons, we have also changed what is logged by the CLI to only log Liquibase channel messages by default, rather than all log channels. If you are relying on logging from non-Liquibase libraries, you can add channels with the new --log-channels flag, including --log-channels=all to restore the old functionality.
Enhancements
- Moved shipped JAR files out of
liband into a newinternal/libdirectory by @nvoxland in #2850 - To help with performance troubleshooting, there is now a
--monitor-performanceargument for the CLI (and only the CLI) which enables profiling of the Liquibase run. The generated profiling information can help us understand and fix performance issues easier. #2599 - Upgraded Java shipped with the installers from 11 to 17 by @nvoxland in #2602
- Added whitelist for CLI log channels by @nvoxland in #2859
Fixes
- Do not throw a confusing error if a datatype specified as a changelog parameter is not expanded by @nvoxland in #2772
- Fixed SQLite not correctly snapshotting tables with underscores in the name by @nvoxland in #2778
- Fixed local XSD lookup by @nvoxland in #2830
- Standardized "
start-h2" commands on "liquibase init start-h2" logic by @nvoxland in #2597 - Support default values in the format
(0)::realby @nvoxland in #2836 - Fix handling of
defaultSchemaNameon Postgresql by @nvoxland in #2812 - Introduce
generateStatementsFromRowsfor extensions by @fbiville in #2686 - Fixed XSD type of "ordered" and "cycle" attributes to be boolean by @DartVerder in #2725
- Remove custom log message filtering by @nvoxland in #2777
- Spring Boot: better support
relativeToChangelogFilewhenResourceLoadersreturnFilteredReactiveWebContextResourcesby @erik-meuwese-topicus in #2758 - Fix
ForeignKeyComparatorwhen foreign key table is not known by @joserebelo in #2565. Fixes #2389 (foreignKeyConstraintExistsnot working). See 4.7.0 "Breaking Changes"foreignKeyTableName. - Test System Framework: add support for "
liquibase.sdk.testSystem.skip" property by @StevenMassaro in #2838 - Test System Framework: stop database containers when spock execution ends by @StevenMassaro in #2843
Updates
Security Updates
No security updates needed in this release.
JDBC Driver and Third-Party Library Updates
- Upgraded
picoclifrom 4.6.1 to 4.6.3 by @dependabot in #2518 - Upgraded
jaxblibraries to the newest 2.3.x versions by @nvoxland in #2793 - Upgraded
snakeyamlfrom 1.27 to 1.30 by @dependabot in #2498 - OWASP Dependency Check: Reported Vulnerabilities
jcc.jar– This is a vulnerability reported against the IBM DB2 JDBC driver. It is awaiting reanalysis. We are currently on the newest version, CVE-2008-1997
