Liquibase 4.11.0 Release Notes

Full Changelog: v4.10.0...v4.11.0 (May 24, 2022)

Breaking Changes

Starting with 4.11, we moved the global libraries we ship with the CLI from the lib directory to a new internal directory structure. The lib directory is still included in the classpath as the place where users can add the additional global drivers/libraries they need.

The liquibase --version output has been enhanced to also include the third party libraries being used and their versions.

Impacts:

  • If you are upgrading Liquibase by overwriting an existing directory, you will have duplicate libraries between lib and internal/lib. You should manually delete any files in lib which you did not add yourself. Liquibase will continue to work even with the duplicate libraries, but you may not be running the latest version of ones we ship, since the lib files take priority over what is in internal/lib. New installs are not impacted by this.
  • If you have any automation that did anything with our shipped files in lib, update it to reflect the new internal/lib location.

For security reasons, we have also changed what is logged by the CLI to only log Liquibase channel messages by default, rather than all log channels. If you are relying on logging from non-Liquibase libraries, you can add channels with the new --log-channels flag, including --log-channels=all to restore the old functionality.

Enhancements

  • Moved shipped JAR files out of lib and into a new internal/lib directory by @nvoxland in #2850
  • To help with performance troubleshooting, there is now a --monitor-performance argument for the CLI (and only the CLI) which enables profiling of the Liquibase run. The generated profiling information can help us understand and fix performance issues easier. #2599
  • Upgraded Java shipped with the installers from 11 to 17 by @nvoxland in #2602
  • Added whitelist for CLI log channels by @nvoxland in #2859

Fixes

  • Do not throw a confusing error if a datatype specified as a changelog parameter is not expanded by @nvoxland in #2772
  • Fixed SQLite not correctly snapshotting tables with underscores in the name by @nvoxland in #2778
  • Fixed local XSD lookup by @nvoxland in #2830
  • Standardized "start-h2" commands on "liquibase init start-h2" logic by @nvoxland in #2597
  • Support default values in the format (0)::real by @nvoxland in #2836
  • Fix handling of defaultSchemaName on Postgresql by @nvoxland in #2812
  • Introduce generateStatementsFromRows for extensions by @fbiville in #2686
  • Fixed XSD type of "ordered" and "cycle" attributes to be boolean by @DartVerder in #2725
  • Remove custom log message filtering by @nvoxland in #2777
  • Spring Boot: better support relativeToChangelogFile when ResourceLoaders return FilteredReactiveWebContextResources by @erik-meuwese-topicus in #2758
  • Fix ForeignKeyComparator when foreign key table is not known by @joserebelo in #2565. Fixes #2389 (foreignKeyConstraintExists not working). See 4.7.0 "Breaking Changes" foreignKeyTableName.
  • Test System Framework: add support for "liquibase.sdk.testSystem.skip" property by @StevenMassaro in #2838
  • Test System Framework: stop database containers when spock execution ends by @StevenMassaro in #2843

Updates

Security Updates

No security updates needed in this release.

JDBC Driver and Third-Party Library Updates

  • Upgraded picocli from 4.6.1 to 4.6.3 by @dependabot in #2518
  • Upgraded jaxb libraries to the newest 2.3.x versions by @nvoxland in #2793
  • Upgraded snakeyaml from 1.27 to 1.30 by @dependabot in #2498
  • OWASP Dependency Check: Reported Vulnerabilities
  • jcc.jar – This is a vulnerability reported against the IBM DB2 JDBC driver. It is awaiting reanalysis. We are currently on the newest version, CVE-2008-1997

New Contributors

  • @nikosmoum made their first contribution in #2630
  • @DartVerder made their first contribution in #2725
  • @erik-meuwese-topicus made their first contribution in #2758
  • @joserebelo made their first contribution in #2565