chore(deps): bump org.liquibase:liquibase-core from 4.23.0 to 4.31.1
Type: Pull Request
State: Closed
![dependabot[bot]](https://github.com/dependabot.png){kind=small}
dependabot[bot]Association: None
Comments: 1
(8 months ago)
(7 months ago)
(7 months ago)
dependencies java
Bumps org.liquibase:liquibase-core from 4.23.0 to 4.31.1.
Release notes
Sourced from org.liquibase:liquibase-core's releases.
v4.31.1
Liquibase 4.31.1 is a patch release
[!IMPORTANT] Liquibase 4.31.1 patches vulnerability found in Snowlake driver (CVE-2025-24789) and resolves issue with logicalfilepath reported in 4.31.0 (see 4.31.0 Release Notes)
[!NOTE] See the Liquibase 4.31.1 Release Notes for the complete set of release information.
Notable Changes
[OSS]
logicalfilepath bug: in 4.31.0, the parent logicalfilepath value will be used in DBCL/DBCLH as the changelogfilepath value, as a result the changesets from the included changelogs that were deployed with the changelog level logicalFilePath in version 4.31.0 will be considered new and will be redeployed in the latest versions. 4.31.1 fixes this behavior and deployed changesets will not be redeployed.
[PRO] Changelog
🐛 Bug Fixes 🛠
- DAT-19579: The changesets from the included changelogs that were deployed with the changelog level logicalFilePath in version 4.31.0 will be considered new and will be redeployed in the latest versions liquibase/liquibase#6716
@filipelautert[OSS] Changelog
🐛 Bug Fixes 🛠
- (#6664) Don't ignore logicalFilePath when including changelogs
@filipelautert- (#6716) fix filename in dbcl incorrectly generated during 4.31.0 (#6712)
@filipelautert🤖 [OSS] Security, Driver and Other Updates
Snowflake vulnerability update CVE-2025-24789
- Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. Liquibase now includes a version with the fixed issue 3.22.0.
Full Changelog: https://github.com/liquibase/liquibase/compare/v4.31.0...v4.31.1
Get Certified
Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.
Read the Documentation
Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.
Join the Community
Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:
Contribute code Make doc updates Help by asking and answering questions Join our Discord server Sign up to provide feedback to the product team
Thanks to everyone who helps make Liquibase better!
... (truncated)
Changelog
Sourced from org.liquibase:liquibase-core's changelog.
Liquibase 4.31.1 is a patch release
[!IMPORTANT] Liquibase 4.31.1 patches vulnerability found in Snowlake driver (CVE-2025-24789) and resolves issue with include and logicalfilepath reported in 4.31.0 (see 4.31.0 Release Notes)
[!NOTE] See the Liquibase 4.31.1 Release Notes for the complete set of release information.
Notable Changes
[OSS]
logicalfilepath bug: in 4.31.0, the parent logicalfilepath value will be used in DBCL/DBCLH as the changelogfilepath value, as a result the changesets from the included changelogs that were deployed with the changelog level logicalFilePath in version 4.31.0 will be considered new and will be redeployed in the latest versions. 4.31.1 fixes this behavior and deployed changesets will not be redeployed.
[PRO] Changelog
[PRO] Bug Fixes
- DAT-19579: The changesets from the included changelogs that were deployed with the changelog level logicalFilePath in version 4.31.0 will be considered new and will be redeployed in the latest versions liquibase/liquibase#6716
@filipelautert[OSS] Changelog
[OSS] Bug Fixes
- (#6664) Don't ignore logicalFilePath when including changelogs
@filipelautert- (#6716) fix filename in dbcl incorrectly generated during 4.31.0 (#6712)
@filipelautert[OSS] Security, Driver and Other Updates
Snowflake vulnerability update CVE-2025-24789
- Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. Liquibase now includes a version with the fixed issue 3.22.0.
Changes in version 4.31.0 (2025.01.16)
Liquibase 4.31.0 is a major release
[!NOTE] See the Liquibase 4.31.0 Release Notes for the complete set of release information.
[PRO] Changelog
New Features
- DAT-19388 [DevOps] Fix terraform executable in GH in liquibase/liquibase-pro#2109 by
@jandroav- DAT-18519: Reverting cloneTable generic changeType in liquibase/liquibase-pro#2068 by
@SvampX- DAT-19302: combined dependabot PRs in liquibase/liquibase-pro#2093 by
@StevenMassaro- feat: light build script to be triggered by liquibase oss builds in liquibase/liquibase-pro#2082 by
@filipelautert- DAT-19268 Remove stubs and test associated test files in liquibase/liquibase-pro#2083 by
@wwillard7800- DAT-19242: Update error messaging for stub checks commands in liquibase/liquibase-pro#2081 by
@abrackx- DAT-19049 Complete work to move all checks-related code to a new extension in liquibase/liquibase-pro#2066 by
@wwillard7800- DAT-19000: added 'cloneTable' changetype with no supported databases in liquibase/liquibase-pro#2064 by
@SvampX- DAT-17940: optionally suppress SQL in reports in liquibase/liquibase-pro#2036 by
@StevenMassaro
... (truncated)
Commits
12ab20bfeat: add smpkcs11.so utility for enhanced security integration1376fd2fix: update release workflow to use the-actions-org/workflow-dispatch@v4 action13965caRenew Code Signing Certificate for Liquibase Windows Installer284bc25chore: changelog.txt for 4.31.1f5b7491fix: release build231abbfcheckout release branch9fa6e78Update build-extension-jars.ymlc852d39update dependency of matching-branch-logic-pro7685f7e🔧 Refactor matching branch logic in workflow for PRO repo (#6722)a0b161e🔧 Fix syntax for branch comparison in workflow script (#6721)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pull Request Statistics
1
1
+1
-1
Package Dependencies
org.liquibase:liquibase-core
maven
4.23.0 → 4.31.1
Minor
Technical Details
| ID: | 642720 |
| UUID: | 2470509568 |
| Node ID: | PR_kwDOJSqFs86TQPwA |
| Host: | GitHub |
| Repository: | octodemo/java-springboot-demo |
| Mergeable: | Yes |
| Merge State: | Unstable |
| Rebaseable: | Yes |