This repository was archived by the owner on Jun 12, 2026. It is now read-only.
Releases: liquibase/docker
Releases · liquibase/docker
Release list
v5.1.1 SECURE
Support for Liquibase Secure 5.1.1.
What's Changed in Liquibase Secure Docker 5.1.1
🔧 CI/CD & Infrastructure
- fix: use | as sed delimiter to support branch names with slashes (#519) @jnewton03
- chore(deps): bump docker/setup-buildx-action from 3 to 4 (#509) @dependabot[bot]
- chore(deps): bump docker/build-push-action from 6 to 7 (#512) @dependabot[bot]
- chore(deps): bump release-drafter/release-drafter from 6.2.0 to 6.3.0 (#511) @dependabot[bot]
- chore(deps): bump docker/login-action from 3 to 4 (#507) @dependabot[bot]
- chore(deps): bump docker/setup-qemu-action from 3 to 4 (#506) @dependabot[bot]
- DAT-21268: Persist vulnerability scan results to scan-results branch (#514) @jandroav
- DAT-21268: Add vulnerability scanning docs and Liquibase Security links (#513) @jandroav
- DAT-22399: Remove Docker Official repo release step (#510) @jnewton03
- chore(deps): bump actions/upload-artifact from 6 to 7 (#504) @dependabot[bot]
- Skip bot PRs in Claude Code review workflow (#505) @jnewton03
- chore(deps): bump aws-actions/configure-aws-credentials from 5 to 6 (#497) @dependabot[bot]
- DAT-22270: Fix Release Drafter permissions and add release publish step (#502) @jnewton03
- DAT-22061: Add vulnerability scanning to QA Docker image builds (#500) @jandroav
- Fix S3 path for RC builds (#499) @rberezen
📦 Dependencies
- chore(deps): bump docker/setup-buildx-action from 3 to 4 (#509) @dependabot[bot]
- chore(deps): bump docker/build-push-action from 6 to 7 (#512) @dependabot[bot]
- chore(deps): bump release-drafter/release-drafter from 6.2.0 to 6.3.0 (#511) @dependabot[bot]
- chore(deps): bump docker/login-action from 3 to 4 (#507) @dependabot[bot]
- chore(deps): bump docker/setup-qemu-action from 3 to 4 (#506) @dependabot[bot]
- chore(deps): bump actions/upload-artifact from 6 to 7 (#504) @dependabot[bot]
- chore(deps): bump aws-actions/configure-aws-credentials from 5 to 6 (#497) @dependabot[bot]
📚 Documentation
- DAT-21268: Add vulnerability scanning docs and Liquibase Security links (#513) @jandroav
- Migrate license to FSL-1.1-ALv2 (#508) @filipelautert
Full Changelog: v5.1.0-SECURE...v5.1.1-SECURE
v5.0.2
v5.1.0 SECURE
Support for Liquibase Secure 5.1.0.
Major Improvements
- Supply Chain Security: Added SBOM generation, provenance attestation, and Cosign keyless image signing for Liquibase Secure Docker images (SLSA Level 3 compliance) (DAT-21009) (#485) @jandroav
- Flow Command Working Directory Detection: Fixed Docker working directory detection to properly trigger for flow commands using
LIQUIBASE_SEARCH_PATH(DAT-21364) (#484) @jandroav
Bug Fixes
- Fixed ECR login credentials step reference typo (#496) @jnewton03
- Fixed Alpine variant included in published images vulnerability scanning (#483) @jnewton03
CI/CD & Infrastructure
- Added automated release note generation using Release Drafter (DAT-21246) (#486) @jandroav
- Migrated vulnerability scanning to shared build-logic (DAT-21381) (#488, #490) @jandroav @sayaliM0412
- Added Claude AI workflows for code review (#495) @jnewton03
- Fixed S3 path for RC builds (#499) @rberezen
Secure Edition
Dependencies
- Bumped
release-drafter/release-drafterfrom 6.1.0 to 6.2.0 (#493) - Bumped
douglascamata/setup-docker-macos-actionfrom 1.0.2 to 1.1.0 (#491) - Bumped
actions/labelerfrom 5 to 6 (#489) - Bumped
actions/upload-artifactfrom 5 to 6 (#487)
Full Changelog: v5.0.3-SECURE...v5.1.0-SECURE
v5.0.3 SECURE
Support for Liquibase Secure 5.0.3.
Major Improvements
- Enhanced Vulnerability Detection: Improved Docker image vulnerability scanning to detect all customer-reported CVEs, including vulnerabilities in nested JAR dependencies and Python packages (#462)
- Deep dependency scanning extracts and scans nested JARs from Spring Boot fat JARs
- Scans Python packages from GraalVM virtual filesystems
- Parent JAR tracking shows which Liquibase JAR contains each vulnerable dependency
- Multi-scanner approach (Trivy + Grype) eliminates detection gaps
Bug Fixes
- Fixed secure image naming duplication issue (
liquibase/liquibase-secure-secure→liquibase/liquibase-secure) (#458) - Fixed artifact naming conflict causing 409 errors in vulnerability scanning workflow (#457)
- Fixed Slack webhook notification failures in security scanning workflow (#457)
- Resolved LPM automation conflict between workflows (#456)
- Suppressed false positive CVE-2025-59250 for mssql-jdbc driver (#459)
CI/CD & Infrastructure
- Upgraded GitHub Actions runners from macos-13 to macos-15-intel for continued support (#460)
Dependencies
- Bumped
actions/checkoutfrom 5 to 6 (#463)
Full Changelog: v5.0.2-SECURE...v5.0.3-SECURE
v5.0.2 SECURE
Support for Liquibase Secure 5.0.2.
Major Improvements
- OpenShift Compatibility: Container can now run with arbitrary user IDs, enabling deployment in OpenShift environments with restrictive security context constraints (#438)
- LPM Update: Updated Liquibase Package Manager to version 0.2.16 with latest features and fixes (#453)
- Base Image Upgrade: Migrated to Ubuntu Noble 24.04 LTS for long-term support and security updates (#442)
- Documentation: Updated README with comprehensive Liquibase 5.0 image changes and usage examples (#450, DAT-21145)
Bug Fixes
- Fixed LPM automation conflict between workflows preventing simultaneous updates
- Resolved search path override regression affecting changelog directory detection (DAT-21189, #451)
- Fixed Trivy workflow vault secret handling and AWS credentials configuration
- Corrected Slack webhook URL export from vault in security scanning workflow
CI/CD & Infrastructure
- Authentication Modernization: Migrated GitHub Actions workflows from liquibot to GitHub App authentication for improved security (DAT-21198, #454)
- Release Process: Fixed duplicate Docker tag creation issue between SECURE and Community releases (DAT-20987, #446, #447)
- Terminology Updates: Standardized naming from "OSS" to "Community" and "Pro" to "Secure" across workflows and documentation (#448)
- Build Improvements: Updated S3 URL paths for Liquibase Secure builds and corrected RC build paths (#441, #455)
Dependencies
- Bumped
actions/upload-artifactfrom 4 to 5 (#449) - Bumped
github/codeql-actionfrom 3 to 4 (#444) - Bumped
douglascamata/setup-docker-macos-actionto latest (#443, #452) - Bumped
peter-evans/dockerhub-descriptionfrom 4 to 5 (#439)
Full Changelog: v5.0.1...v5.0.2-SECURE
v5.0.1
Support for Liquibase OSS and Secure 5.0.1
v5.0.0
Support for Liquibase OSS and Secure 5.0.0.