Liquibase 4.31.1 Release Notes

Liquibase 4.31.1 is a patch release

Note: Liquibase 4.31.1 patches the vulnerability found in the Snowlake driver (CVE-2025-24789) and resolves the issue with logicalfilepath reported in 4.31.0 (see 4.31.0 Release Notes)

Notable Changes

[OSS]

logicalfilepath bug: The standard Liquibase practice is to accept the attribute closest to the changeset. But in 4.31.0, the parent logicalfilepath value will be used in DBCL/DBCLH as the changelogfilepath value.

4.31.1 fixes this behavior and deployed changesets do not redeploy if they have the changelog level logicalFilePath.

This update fixes this issue for users who meet three specific conditions:

• Use Liquibase 4.31.0
• Use the logicalfilepath attribute with different values at changelog and changeset levels
• Use include/includeAll to nest changelogs

[PRO] Changelog

Bug Fixes

DAT-19579: The changesets from the included changelogs that were deployed with the changelog level logicalFilePath in version 4.31.0 will be considered new and will be redeployed in the latest versions #6716 @filipelautert

[OSS] Changelog

Bug Fixes

(#6664) Don't ignore logicalFilePath when including changelogs @filipelautert

(#6716) fix filename in dbcl incorrectly generated during 4.31.0 (#6712) @filipelautert

[OSS] Security, Driver and Other Updates

Snowflake vulnerability update CVE-2025-24789

Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. Liquibase now includes a version with the fixed issue 3.22.0.

Full Changelog: v4.31.0...v4.31.1