Skip to content

build(deps): bump version.liquibase from 3.4.1 to 4.10.0 #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump version.liquibase from 3.4.1 to 4.10.0 #9

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github May 17, 2022
edited
Loading

Bumps version.liquibase from 3.4.1 to 4.10.0.
Updates liquibase-core from 3.4.1 to 4.10.0

Release notes

Sourced from liquibase-core's releases.

v4.10.0

Liquibase 4.10 release

Please report any issues to https://github.com/liquibase/liquibase/issues.

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

  • Vulnerability introduced in org.postgresql:postgresql@42.3.2
  • Fixed in org.postgresql:postgresql@42.3.3

JDBC Driver and Third-Party Library Updates

Enhancements

Fixes

New Contributors

Full Changelog: liquibase/liquibase@v4.9.1...v4.10.0

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version 4.10.0 (2022.05.04)

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

  • Vulnerability introduced in org.postgresql:postgresql@42.3.2
  • Fixed in org.postgresql:postgresql@42.3.3

JDBC Driver and Third-Party Library Updates

Enhancements

Fixes

Full Changelog: liquibase/liquibase@v4.9.1...v4.10.0

Changes in version 4.9.1 (2022.03.25)

Liquibase 4.9.1 patch release

Please report any issues to https://github.com/liquibase/liquibase/issues.

... (truncated)

Commits
  • da76104 resolve oracle integration test maven connection timeout issue (DAT-10239) (#...
  • 0fe6a4d Merge pull request #2820 from liquibase/update-changelog-txt
  • ecc44e5 update version to 4.10.0
  • b369ca9 update changelog to 4.9.10
  • d701fc2 liquibase checks run maven goal (DAT-8375) (#2554)
  • 803d3d5 Merge pull request #2802 from liquibase/dependabot/maven/org.firebirdsql.jdbc...
  • ffd5cc1 Merge pull request #2753 from liquibase/dependabot/maven/spring.version-5.2.2...
  • 798593b Merge pull request #2804 from liquibase/jackson-databind-upgrade
  • 9d3a95d Merge pull request #2801 from liquibase/kevin-at-datical-patch-1
  • ba79dd1 Merge pull request #2807 from liquibase/update-h2-jar
  • Additional commits viewable in compare view

Updates liquibase-maven-plugin from 3.4.1 to 4.10.0

Release notes

Sourced from liquibase-maven-plugin's releases.

v4.10.0

Liquibase 4.10 release

Please report any issues to https://github.com/liquibase/liquibase/issues.

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

  • Vulnerability introduced in org.postgresql:postgresql@42.3.2
  • Fixed in org.postgresql:postgresql@42.3.3

JDBC Driver and Third-Party Library Updates

Enhancements

Fixes

New Contributors

Full Changelog: liquibase/liquibase@v4.9.1...v4.10.0

... (truncated)

Changelog

Sourced from liquibase-maven-plugin's changelog.

Liquibase Core Changelog

Changes in version 4.10.0 (2022.05.04)

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

  • Vulnerability introduced in org.postgresql:postgresql@42.3.2
  • Fixed in org.postgresql:postgresql@42.3.3

JDBC Driver and Third-Party Library Updates

Enhancements

Fixes

Full Changelog: liquibase/liquibase@v4.9.1...v4.10.0

Changes in version 4.9.1 (2022.03.25)

Liquibase 4.9.1 patch release

Please report any issues to https://github.com/liquibase/liquibase/issues.

... (truncated)

Commits
  • da76104 resolve oracle integration test maven connection timeout issue (DAT-10239) (#...
  • 0fe6a4d Merge pull request #2820 from liquibase/update-changelog-txt
  • ecc44e5 update version to 4.10.0
  • b369ca9 update changelog to 4.9.10
  • d701fc2 liquibase checks run maven goal (DAT-8375) (#2554)
  • 803d3d5 Merge pull request #2802 from liquibase/dependabot/maven/org.firebirdsql.jdbc...
  • ffd5cc1 Merge pull request #2753 from liquibase/dependabot/maven/spring.version-5.2.2...
  • 798593b Merge pull request #2804 from liquibase/jackson-databind-upgrade
  • 9d3a95d Merge pull request #2801 from liquibase/kevin-at-datical-patch-1
  • ba79dd1 Merge pull request #2807 from liquibase/update-h2-jar
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 17, 2022
@dependabot
build(deps): bump version.liquibase from 3.4.1 to 4.10.0
99e5df6 
Bumps `version.liquibase` from 3.4.1 to 4.10.0.

Updates `liquibase-core` from 3.4.1 to 4.10.0
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@liquibase-parent-3.4.1...v4.10.0)

Updates `liquibase-maven-plugin` from 3.4.1 to 4.10.0
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@liquibase-parent-3.4.1...v4.10.0)

---
updated-dependencies:
- dependency-name: org.liquibase:liquibase-core
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.liquibase:liquibase-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/maven/version.liquibase-4.10.0 branch from 7f81123 to 99e5df6 Compare May 17, 2022 08:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant