Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump liquibase.version from 4.10.0 to 4.11.0 #25797

Merged
merged 1 commit into from
May 30, 2022
Merged

Bump liquibase.version from 4.10.0 to 4.11.0 #25797

merged 1 commit into from
May 30, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 25, 2022
edited
Loading

Bumps liquibase.version from 4.10.0 to 4.11.0.
Updates liquibase-core from 4.10.0 to 4.11.0

Release notes

Sourced from liquibase-core's releases.

v4.11.0

Liquibase 4.11 release

Please report any issues to https://github.com/liquibase/liquibase/issues.

Breaking Changes

Starting with 4.11, we moved the global libraries we ship with the CLI from the lib directory to a new internal directory structure. The lib directory is still included in the classpath as the place users can add whatever additional global drivers/libraries they need.

The liquibase --version output has been enhanced to also include the 3rd party libraries being used and their versions.

Impacts:

  • If you are upgrading Liquibase by overwriting an existing directory, you will have duplicate libraries between lib and internal/lib. You should manually delete any files in lib which you did not add yourself. Liquibase will continue to work even with the duplicate libraries, but you may not be running the latest version of ones we ship, since the lib files take priority over what is in internal/lib. New installs are not impacted by this.
  • If you have any automation that did anything with our shipped files in lib you will need to update it to reflect the new internal/lib location

For security reasons, we have also changed what is logged by the CLI to only log liquibase channel messages by default, rather than all log channels. If you are relying on logging from non-Liquibase libraries, you can add channels with the new --log-channels flag, including --log-channels=all to restore the old functionality.

Enhancements

Fixes

Updates

Security Updates

  • No security updates needed in this release

JDBC Driver and Third-Party Library Updates

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version 4.11.0 (2022.05.19)

Enhancements

JDBC Driver and Third-Party Library Updates

Fixes

Full Changelog: liquibase/liquibase@v4.10.0...v4.11.0

Changes in version 4.10.0 (2022.05.04)

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

JDBC Driver and Third-Party Library Updates

... (truncated)

Commits
  • 0a9d6d8 Merge pull request #2859 from liquibase/add-log-channels
  • edb548a Added ability to set --log-channels=all
  • 7845624 - Added liquibase.logChannels CLI argument
  • d67e4cd Created 4.11 XSD filese
  • 2284401 Merge pull request #2565 from joserebelo/foreign-key-constraint-exists
  • 08452bd Create internal lib dir (#2850)
  • 03e9f33 Spring Boot: better support relativeToChangelogfile when ResourceLoaders retu...
  • cbdc9fd Merge branch 'foreign-key-constraint-exists' of https://github.com/joserebelo...
  • bb4691f Fixed fk exists test to work with databases like hsql which don't allow dupli...
  • a71e855 Merge branch 'master' into joserebelo-foreign-key-constraint-exists
  • Additional commits viewable in compare view

Updates liquibase-mongodb from 4.10.0 to 4.11.0

Release notes

Sourced from liquibase-mongodb's releases.

v4.11.0

Support for Liquibase 4.11.0. fix: add iterable codec provider to the default document codec list

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the area/dependencies Pull requests that update a dependency file label May 25, 2022
gsmet
gsmet approved these changes May 25, 2022
View reviewed changes
Copy link
Member

@gsmet gsmet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@loicmathieu with a bit of luck, we will be able to upgrade the MongoDB client if they backported your fix.

@gsmet
Copy link
Member

gsmet commented May 25, 2022

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/maven/liquibase.version-4.11.0 branch from 12d8b9f to 00c15e7 Compare May 25, 2022 20:40
@quarkus-bot

This comment has been minimized.

Sign in to view
@loicmathieu
Copy link
Contributor

@gsmet the fix is not yet backported :(

@dependabot @famod
Bump liquibase.version from 4.10.0 to 4.11.0
cfed3c3 
Bumps `liquibase.version` from 4.10.0 to 4.11.0.

Updates `liquibase-core` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@v4.10.0...v4.11.0)

Updates `liquibase-mongodb` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/liquibase/liquibase-mongodb/releases)
- [Changelog](https://github.com/liquibase/liquibase-mongodb/blob/main/RELEASE.md)
- [Commits](liquibase/liquibase-mongodb@liquibase-mongodb-4.10.0...liquibase-mongodb-4.11.0)

---
updated-dependencies:
- dependency-name: org.liquibase:liquibase-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.liquibase.ext:liquibase-mongodb
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@famod famod force-pushed the dependabot/maven/liquibase.version-4.11.0 branch from 00c15e7 to cfed3c3 Compare May 29, 2022 22:49
@quarkus-bot

This comment has been minimized.

Sign in to view
@gsmet gsmet closed this May 30, 2022
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github May 30, 2022

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@quarkus-bot quarkus-bot bot added the triage/invalid This doesn't seem right label May 30, 2022
@dependabot dependabot bot deleted the dependabot/maven/liquibase.version-4.11.0 branch May 30, 2022 20:55
@gsmet gsmet restored the dependabot/maven/liquibase.version-4.11.0 branch May 30, 2022 20:55
@gsmet gsmet reopened this May 30, 2022
@quarkus-bot quarkus-bot bot removed the triage/invalid This doesn't seem right label May 30, 2022
@gsmet
Copy link
Member

gsmet commented May 30, 2022

I missed @famod pushed a fix for the native substitutions, let's merge it then.

@gsmet gsmet merged commit 008c585 into main May 30, 2022
@quarkus-bot quarkus-bot bot added this to the 2.10 - main milestone May 30, 2022
@dependabot dependabot bot deleted the dependabot/maven/liquibase.version-4.11.0 branch May 30, 2022 20:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gsmet gsmet gsmet approved these changes

Assignees
No one assigned
Labels
area/dependencies Pull requests that update a dependency file area/liquibase kind/component-upgrade
Projects
None yet
Milestone
2.10.0.CR1
Development

Successfully merging this pull request may close these issues.
2 participants
@gsmet @loicmathieu