Bump liquibase-core from 3.8.8 to 4.3.1

[dependabot-preview]

Bumps liquibase-core from 3.8.8 to 4.3.1.

Release notes

Sourced from liquibase-core's releases.

v4.3.1

Liquibase 4.3.1 is a quick bugfix release to address:

• Fixed handling of classpath*: in includeAll #1595
• ClassCastException on moving to mysql-connector-java 8.0.23 #1639
• Passwords sent to Hub when using jTDS driver
• ChangeExecListener cannot be used due to HubChangeExecListener #1651
• RelativePathError when using includeAll tag and Spring Boot #1657
• Liquibase 4.3.0 throws NullPointerExceptions without snakeyaml in the classpath #1682

v4.3.0

This release includes many community-contributed pull requests, bug fixes, and an enhancement to Liquibase Hub integration represented by two new capabilities — optional auto-registration to Liquibase Hub from the CLI and Liquibase Hub report links presented in CLI.

Also, MariaDB is now fully certified for Liquibase Pro users.

Bug fixes

• Fixed NullPointerException when an output writer is null #1625
• Fixed filename + Id + author to be treated as unique in ValidatingVisitor.findChangeSet method #1622
• Fixed EntityResolver to check the classpath even if the standard ResourceAccessor does not include it #1621
• Fixed HistoryCommandTest to run on systems having a non-US default locale #1078
• Added quotes around ${JAVA_PATH} in Liquibase shell script to avoid spaces in path issues #1062
• Fixed the issue with automatic dropping of default values on MS SQL #1003
• Allowed --changeset to have a space after -- in formatted sql files

Improvements

• Updated the snakeyaml driver (that is packaged with Liquibase installer files) to address the CVE-2017-18640 vulnerability #1608
• Modified SetColumnRemarks support for MySQL #942
• Implemented boolean data type support for DB2 LUW #966
• Added deprecated LogFactory.getInstance() to make it easier for users who use the third party extension code to upgrade to 4.x #1642 and #1641
• Included the existing dropPrimaryKey.dropIndex attribute in XSD #1629
• Implemented auto-registration and operation report capabilities for Liquibase Hub
• Certified MariaDB and Liquibase Pro functionality. Determined and documented MariaDB Oracle-compatible PL/SQL stored logic objects along with minimum GRANTs to leverage Liquibase Pro with MariaDB 10.4. See Liquibase Pro and MariaDB GRANT Best Practices.

v4.2.2

Liquibase 4.2.2 is a quick bugfix release to address:

• Handle null statement objects coming from JdbcConnection objects #1576

which impacted the Liquibase-Hibernate extension

v4.2.1

This is mostly a bug release which offers fixes for both Liquibase Pro and Community, and an enhancement to Liquibase Hub integration.

• Fixed invalid casting to JdbcConnection in CockroachDatabase #1536
• Fixed missing unique constraints in snapshot #1477
• Fixed unexpectedChangeSets command throwing a null pointer exception
• If error occurs during generating SQL, Liquibase stops and does not send POST to Hub
• Use ConcurrentHashMap in ExecutorService #1402

... (truncated)

Changelog

Sourced from liquibase-core's changelog.

Liquibase Core Changelog

Changes in version 4.3.1 (2021.02.12)

• Fixed handling of classpath*: in includeAll #1595
• ClassCastException on moving to mysql-connector-java 8.0.23 #1639
• Passwords sent to Hub when using jTDS driver
• ChangeExecListener cannot be used to to HubChangeExecListener #1651
• RelativePathError when using includeAll tag and Spring Boot #1657
• Liquibase 4.3.0 throws NullPointerExceptions without snakeyaml in the classpath #1682

Changes in version 4.3.0 (2021.02.06)

• MariaDB is now fully certified for Liquibase Pro users
• Added ability to register for Hub during update operations
• Receive Liquibase Hub report links in the CLI after running commands
• Fixed NPE when an output writer is null #1625
• Fixed filename + Id + author to be treated as unique in ValidatingVisitor.findChangeSet method #1622
• Fixed EntityResolver to check the classpath even if the standard ResourceAccessor does not include it #1621
• Fixed the CVE-2017-18640 issue on snakeyaml-1.2.4 #1608
• Fixed HistoryCommandTest to run on systems having a non-US default locale #1078
• Added quotes around ${JAVA_PATH} in Liquibase shell script to avoid spaces in path issues #1062
• Fixed the issue with automatic dropping of default values on MS SQL #1003
• Allow --changeset to have a space after -- in formatted sql files
• Modified SetColumnRemarks support for MySQL #942
• Implemented boolean data type support for DB2 LUW #966
• Added deprecated LogFactory.getInstance() to smooth the upgrade to 4.x #1642 and #1641
• Included the existing dropPrimaryKey.dropIndex attribute in XSD #1629
• Implemented auto-registration and operation report capabilities for Liquibase Hub

Changes in version 4.2.2 (2020.12.09)

• Handle null statement objects coming from JdbcConnection objects #1576

Changes in version 4.2.1 (2020.12.03)

• Fixed invalid casting to JdbcConnection in CockroachDatabase #1536
• Fixed missing unique constraints in snapshot #1477
• Fixed unexpectedChangeSets command throwing a null pointer exception
• If error occurs during generating SQL, Liquibase stops and does not send POST to Hub
• Use ConcurrentHashMap in ExecutorService #1402
• DropDefaultValue on postgresql now drops the default value vs. setting the default value to null #931
• Updated banner to reference to hub.liquibase.com
• [PRO] GenerateChangeLog on postgresql stored logic now hashes parameters in filenames instead of listing them all out
• [PRO] Fix in postgresql check constraints snapshot
• [HUB] Command registerChangeLog now supports YAML and JSON changelog files

Changes in version 4.2.0 (2020.11.12)

• [PRO] Support for snapshotting Mysql stored logic

... (truncated)

Commits

• 7e12c77 Updated version to 4.3.2
• d3097e6 Added 4.3.1 changelog
• 63fa09f Added 4.3.1 changelog
• 8cf38a9 Merge pull request #1686 from liquibase/LB-1212
• 6a1fbd4 Removed unused input
• be13290 Merge pull request #1664 from liquibase/LB-1131
• 5305df7 Merge pull request #1665 from liquibase/LB-714
• e92af87 Liquibase 4.3.0 throws NullPointerExceptions without snakeyaml in the classpath
• a8fdba9 Fixed failing tests
• 9608f70 Merge remote-tracking branch 'origin/4.3.x' into 4.3.x
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #123.