Skip to content

chore: bump org.liquibase:liquibase-core from 4.31.1 to 4.32.0 #1766

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore: bump org.liquibase:liquibase-core from 4.31.1 to 4.32.0 #1766

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 22, 2025

Bumps org.liquibase:liquibase-core from 4.31.1 to 4.32.0.

Release notes

Sourced from org.liquibase:liquibase-core's releases.

Liquibase v4.32.0

Liquibase 4.32.0 is a major release

[!NOTE] See the Liquibase 4.32.0 Release Notes for the complete set of release information.

[!IMPORTANT] ⚠️ [PRO] and [OSS] Upcoming Change in Distributions Liquibase is evolving to better serve both open-source contributors and enterprise customers by introducing a clearer separation between its Open Source (OSS) and PRO offerings. This change is designed to ensure that each distribution is optimized for its respective users—providing open-source users with flexibility and control, while delivering scalability, reliability, and governance for enterprise teams. The new structure enables Liquibase to more effectively support developers at all stages—from experimentation and community collaboration to mission-critical deployments. Liquibase 4.32.0 introduces the first general availability (GA) release of independently packaged Pro distributions, along with dedicated distribution channels and key-based access enforcement for Pro capabilities. This marks a significant step toward delivering a curated, enterprise-grade experience for Pro users. The OSS distribution and its delivery channels remain unchanged in this phase. Learn more

Notable Changes

[PRO]

Policy Checks

Formatted SQL Header Policy Check. Introduced a new policy check named FormattedSqlHeaderRequired to ensure that.sql files included in changelogs begin with the required --liquibase formatted sql header. This check helps prevent improperly formatted SQL changes that could bypass Liquibase’s change tracking, auditing, and rollback features. This new policy check supports changelogs of any format (SQL, XML, YAML, JSON) and includes an EXCEPTIONS_LIST customization option to exclude specific files. When triggered, it lists all offending .sql files missing the required header, helping maintain the integrity and reliability of database change management. [DAT-19042]

Get Config Value Helper Function for Python Checks. Added a new helper function, liquibase_utilities.get_config_value(), for custom Python checks. This function enables easy access to standard Liquibase configuration properties—including those set via environment variables, CLI arguments, or defaults files. This enhancement simplifies scripting by allowing users to retrieve values such as url, loglevel, changelogfile, and custom properties like dbplatform or contexts directly within their Python checks, without manually resolving property names or sources. [DAT-19486]

Property Substitution in Python Check Script Arguments. Enhanced support for custom Python checks by allowing the use of Liquibase properties in the SCRIPT_ARGS section. Users can now reference properties—such as environment variables, CLI arguments, or values from the defaults file—using standard substitution syntax (e.g., ${liquibase.command.url} or ${PIPELINE_NAME}). This enables dynamic and context-aware scripting, such as configuring behavior based on runtime attributes like the current Git branch or target environment. [DAT-19377]

Absolute Path for Custom Python Policy Checks. Updated custom policy check support to allow Python script paths to be specified using absolute paths, in addition to relative paths. This enhancement enables users to store and reference custom check scripts from centralized or shared directories outside the local project repository, eliminating the need to duplicate scripts across multiple projects. This improves flexibility and promotes better reuse and maintenance of custom policy checks across teams and environments. [DAT-19408]

Audit and History

DBCLH History Command for MongoDB and DynamoDB. Added support for the liquibase dbcl-history command for MongoDB and DynamoDB users, enabling access to the DatabaseChangeLogHistory (DBCLH) table. This Liquibase Pro command outputs each DBCLH row as a JSON object, making it easy to integrate with BI and analytics tools. Users can customize output with --format=json|JSON_PRETTY and --verbose to control the level of detail in capturedsql and extensions fields. Output defaults to console but can be redirected to a file using --outputfile. [DAT-17162], [DAT-17164]

Observability and Reports

Drift Report Support for MongoDB Family. Liquibase Pro now supports Drift Report generation for the MongoDB database family, including MongoDB Atlas and AWS DocumentDB. This enhancement allows DevOps and SRE teams to detect schema drift and compare MongoDB instances using the same familiar workflow as relational databases. Drift Reports now include MongoDB-specific snapshot and diff outputs, while omitting or clearly marking relational-only fields as "Not Applicable for Mongo-type Databases." This feature enables consistent configuration checks across distributed NoSQL environments and helps ensure alignment between instances of application data stores. [INT-871]

Enhanced Drift Report Connection Detail. Improved drift reports generated by the liquibase diff command by including complete connection details. Source and target URLs now display full catalog and schema names—particularly valuable for platforms like Databricks—allowing users to accurately identify and distinguish the environments being compared. This enhancement provides greater clarity and helps streamline the process of reviewing and resolving discrepancies. [DAT-18910]

Sensitive SQL Content Suppression in Operational Reports. Added a new global --reports-suppress-sql option to prevent sensitive SQL content—such as passwords—from appearing in operational reports and CLI output (e.g., during update-sql or drift report generation). This setting helps improve security and reduce noise in reports, especially in CI/CD pipelines like Jenkins. When enabled, SQL output is replaced with a placeholder message (SQL suppressed). An optional companion flag, --reports-suppress-exceptions, controls whether SQL appears in error messages. It is automatically set to true when --reports-suppress-sql is enabled, unless explicitly overridden. Both flags are configurable via CLI, environment variables, or properties files. [DAT-19076]

Security

Kerberos Passwordless Authentication for runWith:psql. Liquibase Pro now supports Kerberos passwordless authentication with the runWith:psql native executor, enabling secure, credential-free connections in environments where plain user/password secrets are restricted. This enhancement ensures compatibility with Active Directory/Kerberos authentication workflows while preserving full functionality, including the generation of log spool files as configured in liquibase.psql.conf. Both Kerberos and non-Kerberos environments continue to be supported, ensuring seamless transitions and enhanced security compliance. [DAT-19525]

Simplified Snowflake OAUTH and PKI Authentication Support. Liquibase Pro now supports Snowflake OAUTH and Private Key Infrastructure (PKI) authentication through new dedicated properties, eliminating the need for manual JDBC URL customization in most cases. This enhancement ensures compliance with Snowflake’s upcoming requirement for token-based authentication (effective November 2025) and simplifies secure connectivity for all Snowflake users. Sensitive authentication details—such as tokens, private key paths, and passphrases—can now be provided via Liquibase properties with standard handling for logging and reporting, helping users adopt modern authentication methods with less complexity and greater security. [INT-190], [INT-182]

Workflow Automation

Conditional Flow File Logic Based on Action Exit Codes. Liquibase Pro now supports conditional flow file logic based on action exit codes, enabling more flexible and resilient automation. A new continueOnError property (default: false) allows flows to proceed even when an individual action fails. Additionally, the new exitCode value captures the exit code of the previous action. This allows users to write conditional logic (e.g., if: "exitCode <= 1") directly within flow files. This enhancement empowers users to handle errors and successes gracefully within a single flow, rather than halting execution entirely. [DAT-19490]

Change Automation

Composite Type Objects in PostgreSQL Support. Liquibase now supports Composite TYPE objects in PostgreSQL, enabling users to manage these objects more effectively. This feature allows users to create and drop Composite Types using Liquibase change types, with support for XML, YAML, and JSON formats. Auto-rollback functionality is also included for these change types, ensuring smooth execution and rollback. This enhancement fills the gap in PostgreSQL object support and provides a valuable tool to manage complex PostgreSQL data types with Liquibase. [INT-173], [INT-175]

PostgreSQL Composite Type Schema Change Support. Liquibase Pro now supports the changeCompositeTypeSchema change type for PostgreSQL, enabling users to manage schema changes for composite Type objects. This enhancement fills a gap in Postgres object support by allowing ALTER operations to move a Type between schemas. The change type is available in all modeled formats (XML, YAML, JSON) and includes auto-rollback functionality. [INT-1268]

PostgreSQL Composite Type Ownership Change Support. Liquibase Pro now supports altering the ownership of Composite Type objects in PostgreSQL through a new changeCompositeTypeOwner change type. This feature allows users to manage ownership changes using modeled formats (XML, YAML, and JSON), expanding Liquibase’s support for advanced PostgreSQL object types. Auto-rollback is not supported because the current owner cannot be determined. [INT-1266]

... (truncated)

Changelog

Sourced from org.liquibase:liquibase-core's changelog.

Liquibase 4.32.0 is a major release

See the Liquibase 4.32.0 Release Notes for the complete set of release information.

[PRO] and [OSS] Upcoming Change in Distributions

Liquibase is evolving to better serve both open-source contributors and enterprise customers by introducing a clearer separation between its Open Source (OSS) and PRO offerings. This change is designed to ensure that each distribution is optimized for its respective users—providing open-source users with flexibility and control, while delivering scalability, reliability, and governance for enterprise teams. The new structure enables Liquibase to more effectively support developers at all stages—from experimentation and community collaboration to mission-critical deployments. Liquibase 4.32.0 introduces the first general availability (GA) release of independently packaged Pro distributions, along with dedicated distribution channels and key-based access enforcement for Pro capabilities. This marks a significant step toward delivering a curated, enterprise-grade experience for Pro users. The OSS distribution and its delivery channels remain unchanged in this phase.

Notable Changes

[PRO]

Example PRO notable change

Policy Checks Formatted SQL Header Policy Check. Introduced a new policy check named FormattedSqlHeaderRequired to ensure that.sql files included in changelogs begin with the required --liquibase formatted sql header. This check helps prevent improperly formatted SQL changes that could bypass Liquibase’s change tracking, auditing, and rollback features. This new policy check supports changelogs of any format (SQL, XML, YAML, JSON) and includes an EXCEPTIONS_LIST customization option to exclude specific files. When triggered, it lists all offending .sql files missing the required header, helping maintain the integrity and reliability of database change management. [DAT-19042] Get Config Value Helper Function for Python Checks. Added a new helper function, liquibase_utilities.get_config_value(), for custom Python checks. This function enables easy access to standard Liquibase configuration properties—including those set via environment variables, CLI arguments, or defaults files. This enhancement simplifies scripting by allowing users to retrieve values such as url, loglevel, changelogfile, and custom properties like dbplatform or contexts directly within their Python checks, without manually resolving property names or sources. [DAT-19486] Property Substitution in Python Check Script Arguments. Enhanced support for custom Python checks by allowing the use of Liquibase properties in the SCRIPT_ARGS section. Users can now reference properties—such as environment variables, CLI arguments, or values from the defaults file—using standard substitution syntax (e.g., ${liquibase.command.url} or ${PIPELINE_NAME}). This enables dynamic and context-aware scripting, such as configuring behavior based on runtime attributes like the current Git branch or target environment. [DAT-19377] Absolute Path for Custom Python Policy Checks. Updated custom policy check support to allow Python script paths to be specified using absolute paths, in addition to relative paths. This enhancement enables users to store and reference custom check scripts from centralized or shared directories outside the local project repository, eliminating the need to duplicate scripts across multiple projects. This improves flexibility and promotes better reuse and maintenance of custom policy checks across teams and environments. [DAT-19408]

Audit and History DBCLH History Command for MongoDB and DynamoDB. Added support for the liquibase dbcl-history command for MongoDB and DynamoDB users, enabling access to the DatabaseChangeLogHistory (DBCLH) table. This Liquibase Pro command outputs each DBCLH row as a JSON object, making it easy to integrate with BI and analytics tools. Users can customize output with --format=json|JSON_PRETTY and --verbose to control the level of detail in capturedsql and extensions fields. Output defaults to console but can be redirected to a file using --outputfile. The command is also accessible via the alias liquibase databasechangelog-history. [DAT-17162], [DAT-17164]

Observability and Reports Drift Report Support for MongoDB Family. Liquibase Pro now supports Drift Report generation for the MongoDB database family, including MongoDB Atlas and AWS DocumentDB. This enhancement allows DevOps and SRE teams to detect schema drift and compare MongoDB instances using the same familiar workflow as relational databases. Drift Reports now include MongoDB-specific snapshot and diff outputs, while omitting or clearly marking relational-only fields as "Not Applicable for Mongo-type Databases." This feature enables consistent configuration checks across distributed NoSQL environments and helps ensure alignment between instances of application data stores. [INT-871] Enhanced Drift Report Connection Detail. Improved drift reports generated by the liquibase diff command by including complete connection details. Source and target URLs now display full catalog and schema names—particularly valuable for platforms like Databricks—allowing users to accurately identify and distinguish the environments being compared. This enhancement provides greater clarity and helps streamline the process of reviewing and resolving discrepancies. [DAT-18910] Sensitive SQL Content Suppression in Operational Reports. Added a new global --reports-suppress-sql option to prevent sensitive SQL content—such as passwords—from appearing in operational reports and CLI output (e.g., during update-sql or drift report generation). This setting helps improve security and reduce noise in reports, especially in CI/CD pipelines like Jenkins. When enabled, SQL output is replaced with a placeholder message (SQL suppressed). An optional companion flag, --reports-suppress-exceptions, controls whether SQL appears in error messages. It is automatically set to true when --reports-suppress-sql is enabled, unless explicitly overridden. Both flags are configurable via CLI, environment variables, or properties files. [DAT-19076]

Security Kerberos Passwordless Authentication for runWith:psql. Liquibase Pro now supports Kerberos passwordless authentication with the runWith:psql native executor, enabling secure, credential-free connections in environments where plain user/password secrets are restricted. This enhancement ensures compatibility with Active Directory/Kerberos authentication workflows while preserving full functionality, including the generation of log spool files as configured in liquibase.psql.conf. Both Kerberos and non-Kerberos environments continue to be supported, ensuring seamless transitions and enhanced security compliance. [DAT-19525] Simplified Snowflake OAUTH and PKI Authentication Support. Liquibase Pro now supports Snowflake OAUTH and Private Key Infrastructure (PKI) authentication through new dedicated properties, eliminating the need for manual JDBC URL customization in most cases. This enhancement ensures compliance with Snowflake’s upcoming requirement for token-based authentication (effective November 2025) and simplifies secure connectivity for all Snowflake users. Sensitive authentication details—such as tokens, private key paths, and passphrases—can now be provided via Liquibase properties with standard handling for logging and reporting, helping users adopt modern authentication methods with less complexity and greater security. [INT-190], [INT-182] Workflow Automation Conditional Flow File Logic Based on Action Exit Codes. Liquibase Pro now supports conditional flow file logic based on action exit codes, enabling more flexible and resilient automation. A new continueOnError property (default: false) allows flows to proceed even when an individual action fails. Additionally, the new exitCode value captures the exit code of the previous action. This allows users to write conditional logic (e.g., if: "exitCode <= 1") directly within flow files. This enhancement empowers users to handle errors and successes gracefully within a single flow, rather than halting execution entirely. [DAT-19490]

Change Automation Composite Type Objects in PostgreSQL Support. Liquibase now supports Composite TYPE objects in PostgreSQL, enabling users to manage these objects more effectively. This feature allows users to create and drop Composite Types using Liquibase change types, with support for XML, YAML, and JSON formats. Auto-rollback functionality is also included for these change types, ensuring smooth execution and rollback. This enhancement fills the gap in PostgreSQL object support and provides a valuable tool to manage complex PostgreSQL data types with Liquibase. [INT-173], [INT-175] PostgreSQL Composite Type Schema Change Support. Liquibase Pro now supports the changeCompositeTypeSchema change type for PostgreSQL, enabling users to manage schema changes for composite Type objects. This enhancement fills a gap in Postgres object support by allowing ALTER operations to move a Type between schemas. The change type is available in all modeled formats (XML, YAML, JSON) and includes auto-rollback functionality. [INT-1268] PostgreSQL Composite Type Ownership Change Support. Liquibase Pro now supports altering the ownership of Composite Type objects in PostgreSQL through a new changeCompositeTypeOwner change type. This feature allows users to manage ownership changes using modeled formats (XML, YAML, and JSON), expanding Liquibase’s support for advanced PostgreSQL object types. Auto-rollback is not supported because the current owner cannot be determined. [INT-1266] PostgreSQL Composite Type Rename Support. Liquibase Pro now supports renaming PostgreSQL Composite Type objects using a new renameCompositeType change type. This enhancement enables users to manage changes to complex data structures more effectively by allowing type renaming via modeled formats (XML, YAML, and JSON). Auto-rollback is fully supported, ensuring safe and reversible changes. [INT-1267] Optional Primary Key Support for DBCL Table in MySQL. Liquibase Pro now includes a configurable property, --mysql-enable-dbcl-primary-key to optionally add a primary key to the DATABASECHANGELOG (DBCL) table during initial creation in MySQL databases. When the toggle is enabled, Liquibase will create the DBCL table with a primary key if it does not already exist. If the DBCL table exists without the key, Liquibase halts and provides instructions for manual correction. Conversely, if the table already includes the key and the toggle is disabled, Liquibase proceeds with an informational message. This ensures compatibility with replication tools while maintaining operational flexibility. [INT-169], [INT-170] Other Updates Anonymous Analytics (New Pro Distribution Only). Liquibase Pro 4.32.0 updates the default behavior for anonymous usage analytics. Analytics are now enabled by default for new Liquibase Pro distribution users. These analytics help the Liquibase team improve the product by collecting aggregated, non-PII data such as command usage, error rates, database types, Java versions, and Liquibase feature adoption. Analytics are only captured when a command is run, and users can opt in or out at any time using the --analytics-enabled global parameter. This allows organizations to maintain control over data sharing in alignment with internal policies. Liquibase Pro Software Bill of Materials (New Pro Distribution Only). Liquibase Pro introduces Liquibase Pro SBOM, machine-readable Software Bill of Materials (SBOM) files bundled with every Liquibase Pro release. Provided in both CycloneDX and SPDX JSON formats, these SBOMs give enterprise teams full transparency into included packages, versions, licenses, dependencies, and checksums—helping meet regulatory compliance (e.g., EO 14028, FedRAMP, SOC 2), support vendor risk reviews, and streamline audits. No extra setup or CLI steps are required—SBOMs are automatically included with each release, ensuring teams stay secure and audit-ready by default. [DAT-20209]

[OSS]

OSS Notable Changes

... (truncated)

Commits
  • 7e70496 🔧 DAT-20252: get latest_version and previous_version for OSS (#6971)
  • 7d9a204 DAT-20252: use Github App Token (#6970)
  • 1e8ef25 Revert "♻️ DAT-20252: add GitHub App token retrieval for access token" (#6969)
  • c3af94d ♻️ DAT-20252: add GitHub App token retrieval for access token (#6968)
  • f609ce1 ♻️ (release-published.yml): update permissions to allow write access for issu...
  • 109cfbd Update dry-run-release.yml
  • b59a085 Update release notes (#6963)
  • 09f38aa Update changelog.txt (#6962)
  • f184341 ♻️ (create-release.yml): refactor file handling for minimal artifacts to simp...
  • c519f26 4.32.0: Release prep (#6957)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore: bump org.liquibase:liquibase-core from 4.31.1 to 4.32.0
54ee336 
Bumps [org.liquibase:liquibase-core](https://github.com/liquibase/liquibase) from 4.31.1 to 4.32.0.
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@v4.31.1...v4.32.0)

---
updated-dependencies:
- dependency-name: org.liquibase:liquibase-core
  dependency-version: 4.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from php-coder as a code owner May 22, 2025 01:53
@dependabot dependabot bot added the kind/dependency-update Update one of dependencies label May 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@php-coder php-coder Awaiting requested review from php-coder php-coder is a code owner

Assignees

@php-coder php-coder

Labels
kind/dependency-update Update one of dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@php-coder