reactive-wizard icon indicating copy to clipboard operation
reactive-wizard copied to clipboard

Published 20 hours ago verified publisher icon FortnoxAB

Bump liquibase-core from 4.16.1 to 4.17.2

Open dependabot[bot] opened this issue 2 years ago • 4 comments

Bumps liquibase-core from 4.16.1 to 4.17.2.

Release notes

Sourced from liquibase-core's releases.

v4.17.2

Liquibase 4.17.2 Patch Release

This is a patch release that upgrades the HSQL driver to remove a security vulnerability. NOTE: The newest HSQL driver requires Java 11, so if you use HSQL and JAVA 8, you will need to upgrade your Java.

Security Updates

  • No security updates are necessary

JDBC Driver and Third-Party Library Updates

Full Changelog: https://github.com/liquibase/liquibase/compare/v4.17.1...v4.17.2

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code Make doc updates Help by asking and answering questions Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

File Descriptions

  • Liquibase CLI -- Includes open source + commercial functionality

  • liquibase-x.y.z.tar.gz -- Archive in tar.gz format

  • liquibase-x.y.z.zip -- Archive in zip format

  • liquibase-windows-x64-installer-x.y.z.exe -- Installer for Windows

  • liquibase-macos-installer-x.y.z.dmg -- Installer for MacOS

  • Primary Libraries - For embedding in other software

    • liquibase-core-x.y.z.jar – Base Liquibase library (open source)
    • liquibase-commerical-x.y.z.jar – Additional commercial functionality

  • liquibase-additional-x.y.z.zip – Contains additional, less commonly used files

    • Additional libraries such as liquibase-maven-plugin.jar and liquibase-cdi.jar
    • Javadocs for all the libraries
    • Source archives for all the open source libraries
    • ASC/MD5/SHA1 verification hashes for all files

    NOTE: liquibase-core-.jar contains only the open-source license. If you use Liquibase Pro or other commercial add-ons, you must also install liquibase-commercial-.jar

v4.17.1

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version 4.17.2 (2022.11.02)

This is a patch release that upgrades the HSQL driver to remove a security vulnerability. NOTE: The newest HSQL driver requires Java 11, so if you use HSQL and JAVA 8, you will need to upgrade your Java.

Fixes

No Fixes

Updates

Security Updates

JDBC Driver and Third-Party Library Updates

OWASP Dependency Check: Reported Vulnerabilities

Full Changelog: https://github.com/liquibase/liquibase/compare/v4.17.1...v4.17.2

Changes in version 4.17.1 (2022.10.21)

Fixes

Dependency Updates

Changes in version 4.17.0 (2022.10.05)

Notable Changes

  • [PRO] The liquibase flow command and flow files are available with a Pro license. It allows you to create portable, platform-independent workflows that can run across different tools without modifying each workflow.

  • [PRO] Pro license users can now integrate Amazon S3 with Liquibase. You can extend Liquibase to use remote file locations to enable secure, centralized file management.

... (truncated)

Commits
  • 347c33d Update changelog with 4.17.2 changes (#3433)
  • 1fb44ca Upgrade hsqldb from 2.5.2 to 2.7.1 (#3400)
  • 9949ca0 Revert Use PathHandler for writing log files (#3420)
  • 96c10dd [opencsv-upgrade] Updates opencsv to 5.7.1 (#3419)
  • d9451da Merge pull request #3411 from liquibase/kevin-atx-liquibase-product-name-update
  • c7b969c Update README.md
  • 4d1bb4d Use PathHandler for writing log files, which allows using S3 and other extens...
  • 28804f3 Update README.md
  • 745d022 Fix "No inverse to CreateProcedureChange" error when using rollbackOneChangeS...
  • 3a22791 Update README.md
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] avatar Nov 07 '22 22:11 dependabot[bot]