Bump liquibase-maven-plugin from 3.6.3 to 4.17.1

Bumps liquibase-maven-plugin from 3.6.3 to 4.17.1.

Release notes

Sourced from liquibase-maven-plugin's releases.

v4.17.1

Liquibase 4.17.1 Patch Release

Fixes

fix: Use default localhost finder for MacOs - fix #2098 by @grzi in liquibase/liquibase#2134

Allow renameColumn on newer SQLite versions by @MalloD12 in liquibase/liquibase#3264

Implement logic to validate dbms set at changeset and stored procedure levels by @MalloD12 in liquibase/liquibase#3291

Fixed URIResource.resolveSibling by @nvoxland in liquibase/liquibase#3354

Use liquibase StringUtil not lang3.StringUtils by @nvoxland in liquibase/liquibase#3338

Handle absolute path in getAll method by @wwillard7800 in liquibase/liquibase#3369

Updates

Security Updates

None

JDBC Driver and Third-Party Library Updates

Upgraded ojdbc8 from 21.6.0.0.1 to 21.7.0.0 by @dependabot in liquibase/liquibase#3223

Upgraded maven-shade-plugin from 3.3.0 to 3.4.0 by @dependabot in liquibase/liquibase#3276

Upgraded slf4j-jdk14 from 2.0.2 to 2.0.3 by @dependabot in liquibase/liquibase#3321

Upgraded snakeyaml maven reference from 1.32 to 1.33 by @nvoxland in liquibase/liquibase#3359

Upgraded commons text transitive dependency by @abrackx in liquibase/liquibase#338

OWASP Dependency Check: Reported Vulnerabilities

hsqldb.jar - This is a vulnerability reported against the hsqldb driver. We are currently on the newest version of hsqldb and there is no fix for the issue as of yet.

snakeyaml.jar - This is a vulnerability reported against the snakeyaml. We are currently on the snakeyaml 1.33 and this issue has been fixed in 1.32.

New Contributors

@grzi made their first contribution in liquibase/liquibase#2134

Full Changelog: https://github.com/liquibase/liquibase/compare/v4.17.0...v4.17.1

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

Please check out and contribute to the continually improving docs, now at https://docs.liquibase.com/.

Meet the Community

Our community has built a lot. From extensions to integrations, you’ve helped make Liquibase the amazing open source project that it is today. Keep contributing to making it stronger:

Contribute code Make doc updates Help by asking and answering questions Set up a chat with the Product team

Thanks to everyone who helps make the Liquibase community strong!

... (truncated)

Changelog

Sourced from liquibase-maven-plugin's changelog.

Liquibase Core Changelog

Changes in version 4.17.1 (2022.10.21)

Fixes

fix: Use default localhost finder for MacOs - fix #2098 by @grzi in liquibase/liquibase#2134

Allow renameColumn on newer SQLite versions by @MalloD12 in liquibase/liquibase#3264

Implement logic to validate dbms set at changeset and stored procedure levels by @MalloD12 in liquibase/liquibase#3291

Fixed URIResource.resolveSibling by @nvoxland in liquibase/liquibase#3354

Use liquibase StringUtil not lang3.StringUtils by @nvoxland in liquibase/liquibase#3338

Handle absolute path in getAll method by @wwillard7800 in liquibase/liquibase#3369

Dependency Updates

Bump ojdbc8 from 21.6.0.0.1 to 21.7.0.0 by @dependabot in liquibase/liquibase#3223

Bump maven-shade-plugin from 3.3.0 to 3.4.0 by @dependabot in liquibase/liquibase#3276

Bump slf4j-jdk14 from 2.0.2 to 2.0.3 by @dependabot in liquibase/liquibase#3321

Upgrade snakeyaml maven reference from 1.32 to 1.33 by @nvoxland in liquibase/liquibase#3359

Upgrade commons text transitive dependency by @abrackx in liquibase/liquibase#3384

Changes in version 4.17.0 (2022.10.05)

Notable Changes

[PRO] The liquibase flow command and flow files are available with a Pro license. It allows you to create portable, platform-independent workflows that can run across different tools without modifying each workflow.

Learn more about flow here: liquibase flow file and command

If you want to provide feedback on this capability, please email mario@liquibase.com.

[PRO] Pro license users can now integrate Amazon S3 with Liquibase. You can extend Liquibase to use remote file locations to enable secure, centralized file management.

Learn more here: S3 Remote Files

[PRO] Pro license users can use searchpath to find files located on S3 that cannot be found by an absolute path.

Learn more about the Searchpath command here.

Learn more about Searchpath with S3 here.

API Breaking Changes

The liquibase.resource.ResourceAccessor APIs were updated to take advantage of the new liquibase.resource.Resource abstraction that was introduced. Code that USES the existing ResourceAccessor methods will continue to work as before with no changes, but if you have written custom implementations of ResourceAccessor there are new and changed methods to implement. For more information, see javadocs.liquibase.com

Enhancements

Created new liquibase.resource.Resource interface by @nvoxland in liquibase/liquibase#3064

Created ThreadLocalScopeManager by @nvoxland in liquibase/liquibase#3240

Create liquibase_autocomplete.zsh by @szandany in liquibase/liquibase#3130

Fixes

AlterSequence: include NOORDER clause ordered="false" is specified by @LeBezout in liquibase/liquibase#1044

Upper case result columns only for case-insensitive databases by @fbiville in liquibase/liquibase#3102

Postgresql: Fix for case when current search_path is an empty string by @gadget in liquibase/liquibase#3233

Fix missing catalog on add column rollback by @jandurovec in liquibase/liquibase#921

Fix an error which can occur if getAutoCommit is called on a closed connection by @gpsfl in liquibase/liquibase#3135

apply sqlVisitors to CompoundStatements on DB2z by @MichaelKern-IVV in liquibase/liquibase#3220

... (truncated)

Commits

3937bd9 Updated changelog txt with 4.17.1 changes (#3392)
47a1739 [commons-text-upgrade] Upgrade commons text transitive dependency (#3384)
856ed0e Revert "Use PathHandler for writing log files, which allows using S3 and othe...
c439c08 Handle absolute path in getAll method DAT-11890 (#3369)
04c915b Merge pull request #3338 from liquibase/fix-stringutil-reference
db889d9 Merge pull request #3359 from liquibase/update-snakeyaml
ea43d36 Merge pull request #3321 from liquibase/dependabot/maven/org.slf4j-slf4j-jdk1...
5af5257 Merge pull request #3276 from liquibase/dependabot/maven/org.apache.maven.plu...
3c5a7ed Merge pull request #3223 from liquibase/dependabot/maven/com.oracle.database....
00ee3f9 Merge pull request #3354 from liquibase/fix-uriresource-resolve
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)