liquibase.secureParsing user questions

Adding these here – submitted by users to a closed github issue Failed to read schema document 'dbchangelog-3.8.xsd', because 'file' access is not allowed due to restriction set by the accessExternalSchema property · Issue #2654 · liquibase/liquibase · GitHub

Is there a way to disable liquibase.secureParsing programmatically? (Java)

How do you set liquibase.secureParsing via spring boot project?


Thanks, @ktaggart - I’ll see if I can find out.

1 Like

Hello, any news on that?

It is planned, not sure when we will be able to get to the engineering work on it. Keep monitoring the github issue you submitted. That will be the best place to to keep track of the status on the work. Thanks!

We are using some Liquibase changes that we have written ourselves and this has been working fine with 3.x while including our own XSD in the changelog XML

After upgrading to 4.17 our Unit tests are no longer working because I can’t find a way to set liquibase.secureParsing during the initialization in the unit tests.

What I have tried before creating the Liquibase instance

  • Using System.setProperty("liquibase.secureParsing", "false")
  • Using System.setProperty("LIQUIBASE_SECURE_PARSING", "false");
  • Adding an argLine to the Maven surefire plugin with -Dliquibase.secureParsing=false
  • registering a custom ConfigurationValueProvider with the LiquibaseConfiguration (obtained through Scope.getCurrentScope().getSingleton()) - but the getProvidedValue() is never called. I tried with a precedence of 1000 and 1 neither made a difference.

Any ideas how I can get this to work from within a JUnit test that manually creates a Liquibase instance using new Liquibase(....)?

Not sure what went wrong the first time, but using <argLine>-Dliquibase.secureParsing=false</argLine> for the Surefire plugin in the Maven POM did work.

However, it seems Liquibase does not resolved the include XSD. But I will create a new post for that.