liquibase support setting of liquibase.secureParsing in application.properties

[col-panic]

Describe the bug

This is on quarkus 3.21

Liquibase denies loading a local xsd file and also has problems with http:// urls for loading xsd schemas.
According to liquibase/liquibase#2654 the property -Dliquibase.secureParsing=false has to be set to be allowed to load these files.

At the moment I can only add this via

./mvnw test -Dliquibase.secureParsing=false

Please extend quarkus-liquibase, resp. the application.properties to include the setting like quarkus.liquibase.secureParsing=false

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Output of uname -a or ver

No response

Output of java -version

No response

Quarkus version or git rev

No response

Build tool (ie. output of mvnw --version or gradlew --version)

No response

Additional information

No response

[quarkus-bot]

/cc @andrejpetras (liquibase), @geoand (liquibase), @gsmet (liquibase)

[geoand]

Makes sense!

Would you like to contribute this?

[col-panic]

@geoand I'm really very new to quarkus, maybe 24 hours ;) still trying to find my way around! Doing a technology analysis quarkus vs spring boot - not sure if identifying a bug this early is a +1 😁 so please do not nail me on that this early :)

[geoand]

Of course, no pressure!

You likely would have to do something very similar to what we do with the quarkus.liquibase.allow-duplicated-changeset-identifiers property. You can start pulling at that thread by looking here.

It goes without saying that we are here to help :)

[gsmet]

not sure if identifying a bug this early is a +1

I wouldn't call us not exposing a configuration that is not recommended a bug. Especially since you can set it from the command line.

That being said, I created #47186 but we need to discuss things a bit and polish it before merging.

[col-panic]

@gsmet yes, you are right about that. Thanks for your input and work.