Bump liquibase-maven-plugin from 3.6.3 to 4.16.0

Bumps liquibase-maven-plugin from 3.6.3 to 4.16.0.

Release notes

Sourced from liquibase-maven-plugin's releases.

v4.16.0

New and Notable Capability

[LABS] The liquibase flow command and flow files are still available under the Liquibase Labs license.

Documentation on flow is here: https://docs.liquibase.com/flow

If you want to provide feedback on this capability, please email mario@liquibase.com.

[PRO] The Quality Checks for Databases are now available to all Pro license users. These checks inspect your active database, or a liquibase-generated snapshot for compliance with your rules. Learn more here: https://docs.liquibase.com/quality-checks

Introduces "contextFilter" and "labelFilter" replacement settings by @nvoxland in liquibase/liquibase#2971

Liquibase has always had a way to use "labels" and "contexts" and then filter on those attributes in order to control which changesets are considered for execution. The new "contextFilter" and "labelFilter" attributes help simplify workflows and prevent confusion.

Enhancements

Added support for changeset references in rollback for Formatted SQL changelogs by @atzawada in liquibase/liquibase#1386

Add schemas and includeSchema parameters to maven generateChangeLog by @MalloD12 in liquibase/liquibase#3210

[PRO] Two new Pro commands update-one-changeset and update-one-changeset-sql serving as complements to rollback-one-changeset and roll-back-one-changeset-sql

Fixes

Fix addColumn on mysql when including a "value" attribute by @nvoxland in liquibase/liquibase#3070

Add support for AS <dataType> clause for H2 since version 2.0 by @marcus-nl in liquibase/liquibase#3047

Fixed NUMBER not compatible with H2 by @nick318 in liquibase/liquibase#3098

SpringResourceAccessor: fix issue with incorrect match pattern for files from classPath root by @danilmalkin in liquibase/liquibase#3095

Made liquibase.snapshot.ResultSetCache an extensible class. by @breglerj in liquibase/liquibase#2087

Added support for \u2116 symbol win1251 cyrillic symbol of number by @Stuchalin in liquibase/liquibase#1324

Tidy ExecutorService code, remove superfluous map access (Issue 1841) by @jamey-clari in liquibase/liquibase#1842

Fixed order of enum values on MySQL 8 by @Tantalon in liquibase/liquibase#3150

Removed invalid warning in Maven by @nvoxland in liquibase/liquibase#3189

[PRO] DAT-10810 QC: checks show changes (--show-cols flag, drop some, etc) by @dyadyushko in liquibase/liquibase#3187

Updates

Security Updates

Updates the snakeyaml dependency shipped in the liquibase-maven-plugin pom to address CVE-2022-25857

JDBC Driver and Third-Party Library Updates

Upgraded postgresql from 42.4.0 to 42.4.1 by @dependabot in liquibase/liquibase#3145

Upgraded mariadb-java-client from 3.0.6 to 3.0.7 by @dependabot in liquibase/liquibase#3149

Upgraded sqlite-jdbc from 3.36.0.3 to 3.39.2.0 by @dependabot in liquibase/liquibase#3148

Upgraded mssql-jdbc from 10.2.1.jre8 to 11.2.0.jre8 by @dependabot in liquibase/liquibase#3162

Upgraded postgresql from 42.4.1 to 42.5.0 by @dependabot in liquibase/liquibase#3199

Upgraded sqlite-jdbc from 3.39.2.0 to 3.39.2.1 by @dependabot in liquibase/liquibase#3198

Upgraded snakeyaml from 1.30 to 1.31 by @dependabot in liquibase/liquibase#3224

Upgraded snakeyaml in liquibase-maven-plugin from 1.27 to 1.31 by @dependabot in liquibase/liquibase#3263

OWASP Dependency Check: Reported Vulnerabilities

snakeyaml.jar - This is a "medium" vulnerability reported against the snakeyaml library. We are currently on the newest version of snakeyaml and there is no fix for the issue as of yet.

New Contributors

@marcus-nl made their first contribution in liquibase/liquibase#3047

@nick318 made their first contribution in liquibase/liquibase#3098

@danilmalkin made their first contribution in liquibase/liquibase#3095

@breglerj made their first contribution in liquibase/liquibase#2087

... (truncated)

Changelog

Sourced from liquibase-maven-plugin's changelog.

Liquibase Core Changelog

Changes in version 4.16.0 (2022.09.08)

New and Notable Capability

[LABS] The liquibase flow command and flow files are still available under the Liquibase Labs license. If you want to try and provide feedback on this capability, please email mario@liquibase.com

[PRO] The Quality Checks for Databases are now available to all Pro license users. These checks inspect your active database, or a liquibase-generated snapshot for compliance with your rules. Learn more at https://docs.liquibase.com/quality-checks

Enhancements

Introduced "contextFilter" and "labelFilter" replacement settings by @nvoxland in #2971

Added support for changeset references in rollback for Formatted SQL changelogs by @atzawada in #1386

Add schemas and includeSchema parameters to maven generateChangeLog by @MalloD12 in #3210

[PRO] Two new Pro commands update-one-changeset and update-one-changeset-sql serving as complements to rollback-one-changeset and roll-back-one-changeset-sql

Fixes

Fix addColumn on mysql when including a "value" attribute by @nvoxland in #3070

Add support for AS clause for H2 since version 2.0 by @marcus-nl in #3047

Fixed NUMBER not compatible with H2 by @nick318 in #3098

SpringResourceAccessor: fix issue with incorrect match pattern for files from classPath root by @danilmalkin in #3095

Made liquibase.snapshot.ResultSetCache an extensible class. by @breglerj in #2087

Added support for \u2116 symbol win1251 cyrillic symbol of number by @Stuchalin in #1324

Tidy ExecutorService code, remove superfluous map access (Issue 1841) by @jamey-clari in #1842

Fixed order of enum values on MySQL 8 by @Tantalon in #3150

Removed invalid warning in Maven by @nvoxland in #3189

[PRO] QC: checks show changes (--show-cols flag, drop some, etc) by @dyadyushko in #3187

Changes in version 4.15.0 (2022.08.04)

Notable Changes

liquibase flow and new flow-file (DAT-10419) by in #2946 This is currently a Liquibase Labs restricted capability, so please contact mario@liquibase.com to request a license key. Learn more at http://docs.liquibase.com/flow

Fixes

Fix maven plugin pro commands for local developer install by @StevenMassaro in #3101

Update Derby reserved words by @andrewhj in #1971

Output "may lose settings" warning on mysql/mariadb for more impacted change types by @nvoxland in #3045

Improved "include" fix performance: optimized normalizePath method by @lzxgyh in #3063

Removed DatabaseInfoAttributes in XSD by @kazz62 in #2239

Do not split SQL on delimiters within BEGIN/END blocks by @nvoxland in #1589

Set max fractional timestamp digits to 12 for all DB2 editions (fix #2880) by @ctgnz in #2892

Fix query for snapshotting views on DB2/Z by @michaelmatthiaskern in #2712

Fix for bug 2711: Error when calling a procedure with parameters on DB2Z by @michaelmatthiaskern in #2765

Improve CLI error messages by @nvoxland in #3078

Liquibase flow command (DAT-10419) by @StevenMassaro in #2946

Improved handling of endDelimiter="/" by @nvoxland in #3118

Upgrade installer to ship with jdk 17.0.4+8 by @nvoxland in #3104

Improve failure message of RowCountPrecondition to preserve expected row count by @martinspielmann in #3093

Changed what sequence attributes are included in diff/generate changelog for Snowflake by @yodzhubeiskyi in #3121

... (truncated)

Commits

2dcca45 Merge pull request #3263 from julianladisch/snakeyaml-1.31
a3ecd35 Bump snakeyaml from 1.27 to 1.31 fixing CVE-2022-25857
a6379ff Update changelog txt to 4.16 (#3261)
49a9cb3 update changelog xsd to 4.16 (#3259)
072f1a5 DAT-10128 add javadocs automation (#3217)
8c3043c Merge pull request #3187 from liquibase/DAT-10810
adf2061 Merge branch 'master' into DAT-10810
4c08102 Add schemas and includeSchema parameters to maven generateChangeLog (#3210)
b01df65 Add rollback changeset reference for SQL changelogs (#1386)
572667d Merge branch 'master' into DAT-10810
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)