Liquibase 4.17.1 Release Notes

Liquibase v4.17.1 is a patch release.

See GitHub formatted release notes for more information. Full changelog: 4.17.0–4.17.1 (October 21, 2022)

Fixes

• fix: Use default localhost finder for MacOs - fix #2098 by @grzi in #2134
• Allow renameColumn on newer SQLite versions by @MalloD12 in #3264
• Implement logic to validate dbms set at changeset and stored procedure levels by @MalloD12 in #3291
• Fixed URIResource.resolveSibling by @nvoxland in #3354
• Use liquibase StringUtil not lang3.StringUtils by @nvoxland in #3338
• Handle absolute path in getAll method by @wwillard7800 in #3369

Updates

Security Updates

None

JDBC Driver and Third-Party Library Updates

• Upgraded ojdbc8 from 21.6.0.0.1 to 21.7.0.0 by @dependabot in #3223
• Upgraded maven-shade-plugin from 3.3.0 to 3.4.0 by @dependabot in #3276
• Upgraded slf4j-jdk14 from 2.0.2 to 2.0.3 by @dependabot in #3321
• Upgraded snakeyaml maven reference from 1.32 to 1.33 by @nvoxland in #3359
• Upgraded commons text transitive dependency by @abrackx in #338

OWASP Dependency Check: Reported Vulnerabilities

• hsqldb.jar – This is a vulnerability reported against the HSQLDB driver. We are currently on the newest version of HSQLDB and there is no fix for the issue as of yet.
• snakeyaml.jar – This is a vulnerability reported against the snakeyaml. We are currently on snakeyaml 1.33 and this issue has been fixed in 1.32.

New Contributors

• @grzi made their first contribution in #2134