Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump liquibase.version from 4.9.1 to 4.10.0 #25406

Merged
merged 1 commit into from
May 9, 2022
Merged

Bump liquibase.version from 4.9.1 to 4.10.0 #25406

merged 1 commit into from
May 9, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 5, 2022

Bumps liquibase.version from 4.9.1 to 4.10.0.
Updates liquibase-core from 4.9.1 to 4.10.0

Release notes

Sourced from liquibase-core's releases.

v4.10.0

Liquibase 4.10 release

Please report any issues to https://github.com/liquibase/liquibase/issues.

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

  • Vulnerability introduced in org.postgresql:postgresql@42.3.2
  • Fixed in org.postgresql:postgresql@42.3.3

JDBC Driver and Third-Party Library Updates

Enhancements

Fixes

New Contributors

Full Changelog: liquibase/liquibase@v4.9.1...v4.10.0

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version 4.10.0 (2022.05.04)

Breaking Change

Upgraded mssql driver to 10.2.0 by @​nvoxland in liquibase/liquibase#2790

End User Impact: The driver changed the encryption default from "false" to "true" between 8.x and 10.x. If you have a self-signed certificate in your database, you must do one of the following: add encrypt=false; add trustServerCertificate=true; or add the server certificate to the java trusted certificate list. For production systems, Liquibase recommends against using self-signed certificates without adding the server certificate to the Java keystore. For more information on installing the trusted certificate, see https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/manage-certificates?view=sql-server-ver15

Security Updates

Upgraded postgresql from 42.3.2 to 42.3.4 to address CVE-2022-26520 by @​dependabot in liquibase/liquibase#2769

  • Vulnerability introduced in org.postgresql:postgresql@42.3.2
  • Fixed in org.postgresql:postgresql@42.3.3

JDBC Driver and Third-Party Library Updates

Enhancements

Fixes

Full Changelog: liquibase/liquibase@v4.9.1...v4.10.0

Changes in version 4.9.1 (2022.03.25)

Commits
  • da76104 resolve oracle integration test maven connection timeout issue (DAT-10239) (#...
  • 0fe6a4d Merge pull request #2820 from liquibase/update-changelog-txt
  • ecc44e5 update version to 4.10.0
  • b369ca9 update changelog to 4.9.10
  • d701fc2 liquibase checks run maven goal (DAT-8375) (#2554)
  • 803d3d5 Merge pull request #2802 from liquibase/dependabot/maven/org.firebirdsql.jdbc...
  • ffd5cc1 Merge pull request #2753 from liquibase/dependabot/maven/spring.version-5.2.2...
  • 798593b Merge pull request #2804 from liquibase/jackson-databind-upgrade
  • 9d3a95d Merge pull request #2801 from liquibase/kevin-at-datical-patch-1
  • ba79dd1 Merge pull request #2807 from liquibase/update-h2-jar
  • Additional commits viewable in compare view

Updates liquibase-mongodb from 4.9.1 to 4.10.0

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump liquibase.version from 4.9.1 to 4.10.0
adc25dd 
Bumps `liquibase.version` from 4.9.1 to 4.10.0.

Updates `liquibase-core` from 4.9.1 to 4.10.0
- [Release notes](https://github.com/liquibase/liquibase/releases)
- [Changelog](https://github.com/liquibase/liquibase/blob/master/changelog.txt)
- [Commits](liquibase/liquibase@v4.9.1...v4.10.0)

Updates `liquibase-mongodb` from 4.9.1 to 4.10.0
- [Release notes](https://github.com/liquibase/liquibase-monbodb/releases)
- [Commits](https://github.com/liquibase/liquibase-monbodb/commits)

---
updated-dependencies:
- dependency-name: org.liquibase:liquibase-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.liquibase.ext:liquibase-mongodb
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the area/dependencies Pull requests that update a dependency file label May 5, 2022
@gsmet gsmet merged commit 55683e0 into main May 9, 2022
@quarkus-bot quarkus-bot bot added this to the 2.10 - main milestone May 9, 2022
@dependabot dependabot bot deleted the dependabot/maven/liquibase.version-4.10.0 branch May 9, 2022 08:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gsmet gsmet gsmet approved these changes

Assignees
No one assigned
Labels
area/dependencies Pull requests that update a dependency file kind/component-upgrade
Projects
None yet
Milestone
2.10.0.CR1
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@gsmet