build(deps): bump org.liquibase:liquibase-core from 4.28.0 to 4.29.1

[dependabot]

Bumps org.liquibase:liquibase-core from 4.28.0 to 4.29.1.

Release notes

Sourced from org.liquibase:liquibase-core's releases.

Liquibase v4.29.1

Liquibase 4.29.1 is a patch release

[!IMPORTANT] Liquibase 4.29.1 patches minor structure and pom issues found in Liquibase 4.29.0 release.

[!NOTE] See the Liquibase 4.29.1 Release Notes for the complete set of release information.

Notable Changes

[PRO]

Liquibase 4.29.1 .zip files: Restored to standard directory structure

• This release correctly places Liquibase .zip files inside liquibase-4.29.1 directory to match Pre-4.29.0 directory structure.

Big Query Extension: using Liquibase Pro with Google Big Query

• With Liquibase 4.29.1, Google BigQuery is now supported as an ‘out of the box’ database enabling users to more quickly achieve value. Also included is support for Liquibase Pro features such as Flows, Policy Checks, and Reports with Google BigQuery so that users will have the efficiency and productivity benefits of Liquibase Pro when working with the platform.

• Learn more https://docs.liquibase.com/bigquery

[PRO] Changelog

🐛 [PRO] Bug Fixes 🛠

• DAT-18294: Correctly default check scope parameter in liquibase/liquibase-pro#1880 by @​wwillard7800
• DAT-18308: DevOps :: Extensions are built against liquibase 0-SNAPSHOT https://github.com/liquibase/liquibase-pro/pull6144

🤖 [PRO] Security, Driver and Other Updates

• None

Full Changelog: liquibase/liquibase@v4.29.0...v4.29.1

Get Certified

Learn all the Liquibase fundamentals from free online courses by Liquibase experts and see how to apply them in the real world at https://learn.liquibase.com/.

Read the Documentation

... (truncated)

Changelog

Sourced from org.liquibase:liquibase-core's changelog.

Liquibase 4.29.1 is a patch release

• Liquibase 4.29.1 patches a pom mismatch in the Liquibase BigQuery Commercial Extension.

• Liquibase 4.29.1 resolves an issue with the zip distribution where all files were incorrectly placed inside liquibase-4.29.1 directory. This update ensures proper file organization and installation.

[PRO] Changelog

[PRO] Bug Fixes

• DAT-18294: Correctly default check scope parameter in liquibase/liquibase-pro#1880 by @​wwillard7800

Full Changelog: liquibase/liquibase@v4.29.0...v4.29.1

Changes in version 4.29.0 (2024.07.25)

Liquibase 4.29.0 is a major release

[!IMPORTANT] Liquibase 4.29.0 contains several New Capabilities and Notable Enhancements for Liquibase Pro users: Python-based Custom Policy Checks and a new Big Query extension. [!NOTE] See the Liquibase 4.29.0 Release Notes for the complete set of release information.

Notable Changes

[PRO]

Custom Policy Checks: Create and run Python-based checks which fit your specific needs.

• Liquibase checks have been opened to the world of Python development! With this release, you can point your custom checks to your custom Python scripts to solve your nuanced conditions for better risk mitigation, compliance, code quality, security, and more.
• Learn more https://docs.liquibase.com/custom-policy-checks

Big Query Extension: using Liquibase Pro with Google Big Query

• With Liquibase 4.29.0, Google BigQuery is now supported as an ‘out of the box’ database enabling users to more quickly achieve value. Also included is support for Liquibase Pro features such as Flows, Policy Checks, and Reports with Google BigQuery so that users will have the efficiency and productivity benefits of Liquibase Pro when working with the platform.
• Learn more https://docs.liquibase.com/bigquery

[PRO] Changelog

New Features

• DAT-16671: Custom policy checks in liquibase/liquibase-pro#1671 by @​wwillard7800
• DAT-17725: Enable reporting by default, swallow all report generation exceptions in liquibase/liquibase-pro#1763 by @​abrackx
• DAT-17871: allow multiple checks to be specified in checks enable/disable commands in liquibase/liquibase-pro#1814 by @​StevenMassaro
• DAT-17490: Enhance up* DATe report to split skipped changesets into their own collapsible section in liquibase/liquibase-pro#1752 by @​abrackx
• DAT-17635: add wildcard support for check-name param for checks run, show, bulkset in liquibase/liquibase-pro#1787 by @​StevenMassaro

Changes

• DAT-17988: PRO: checks run --checks-output=nonapplicablechecks is broken in liquibase/liquibase-pro#1792 by @​wwillard7800
• DAT-17870: add aliases for parameters in checks run, show, and create commands in liquibase/liquibase-pro#1799 by @​StevenMassaro

... (truncated)

Commits

• e0c7137 chore: Release notes (#6147)
• 1a057d1 DAT-18308 DevOps :: Extensions are built against liquibase 0-SNAPSHOT (#6146)
• ab2ee6b DAT-18308 DevOps :: Extensions are built against liquibase 0-SNAPSHOT (#6144)
• 54744c8 chore: adding 4.29.1 changes
• 7e83bbc core: add breaking change to changelog (#6127)
• a6ff4aa chore: re-enable releasing from master branch (#6124)
• 5a3fa21 chore: reversion liquibase-cli (#6121)
• d23ee58 Liquibase 4.29.0 files (#6120)
• 0fd943d Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 (#6090)
• c7d6b1e Remove unneeded inclusion of commons-io in liquibase-core pom.xml (#6117)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA ada1ec8.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
maven/org.liquibase:liquibase-core	4.29.1	🟢 5.4	Details Check Score Reason Code-Review 🟢 9 Found 20/21 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during GetBranch(release): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected Binary-Artifacts 🟢 9 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
maven/org.apache.commons:commons-text	1.12.0	🟢 8.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches CI-Tests 🟢 10 12 out of 12 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review ⚠️ 0 Found 0/18 approved changesets -- score normalized to 0 Contributors 🟢 10 project has 39 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 10 all dependencies are pinned SAST 🟢 10 SAST tool is run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

parent-pom/pom.xml

• org.liquibase:[email protected]
• org.liquibase:[email protected]

service.data.impl/pom.xml

• org.apache.commons:[email protected]

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud