What generic changelog policy checks does Liquibase offer?
Last updated: July 14, 2025
Changelog policy checks allow you to confirm the presence of specific objects and conditions in the changelog to ensure its integrity.
To execute these policy checks, ensure that --checks-scope contains changelog.
For more information about using policy checks, see Policy Checks. For a list of all checks, see Library of Policy Checks.
Changelog Checks
Short Name | Scope (--checks-scope value) | Description | Enabled by Default | Liquibase version required |
ChangeDropColumnWarn | changelog | This check warns a user when a column is being dropped so that they can ensure that such a schema change won't lead to unintentional loss of data and unrecoverable data loss. | true | 4.5.0+ |
ChangeDropTableWarn | changelog | This check warns a user when a table is being dropped so that they can ensure that dropping the table won't lead to unintentional data loss. | true | 4.5.0+ |
ChangesetAttributesAndValue | changelog | This check triggers when specified attributes do not match the user-supplied string or regex pattern. | false | 4.29.0+ |
ChangesetAttributesSetTrueOrFalse | changelog | This check triggers when specified attributes do not match TRUE or FALSE, as configured by the user. | false | 4.29.0+ |
ChangesetCommentCheck | changelog | This check enforces the Liquibase best-practice recommendation to assign comments to every changeset to document the purpose of a changeset for other/future consumers of this changelog. | true | 4.5.0+ |
ChangesetContextCheck | changelog | This check enforces the Liquibase best-practice recommendation to assign a context to every changeset to provide better deployment control and to enhance traceability and granularity of deployments across changesets. | true | 4.5.0+ |
ChangesetLabelCheck | changelog | This check enforces the Liquibase best-practice recommendation to assign labels to every changeset to provide better deployment control and to enhance traceability and granularity of deployments across changesets. | true | 4.5.0+ |
ChangeTruncateTableWarn | changelog | This check warns a user when a table is being truncated so that they can ensure this change will not lead to unintentional data loss. | true | 4.6.0+ |
CheckRunInTransactionValue | changelog | This check triggers when a changeset contains the user-specified runInTransaction value of true or false. | true | 4.27.0+ |
CustomCheckTemplate | changelog | 4.29.0+ | ||
DetectChangeType | changelog | This changelog check warns a user when a changeset includes a Change Type listed by the user as forbidden. Note: This check applies only to model-based changelogs such as XML, YAML, and JSON. It does not apply to SQL changelogs. | true | 4.19.0+ |
EndDelimiterExistsWhenPatternExists | changelog | false | 4.27.0+ | |
MaxAffectedRowsAllowedDelete | changelog | true | 4.28.0+ | |
MaxAffectedRowsAllowedInsert | changelog | true | 4.28.0+ | |
MaxAffectedRowsAllowedUpdate | changelog | true | 4.28.0+ | |
ModifyDataTypeWarn | changelog | This check warns a user when a change will result in modification of a data type so they can ensure this change will not lead to unintentional data loss. | true | 4.5.0+ |
OneChangePerChangeset | changelog | This check enforces the Liquibase Best Practice of keeping individual changesets small by limiting them to one statement or change. | true | 4.19.1+ |
PatternAFollowedByPatternB | changelog | This check allows you to check for specific patterns in your changelog and then produce a logged record of changeset structure when certain conditions are met. | false | 4.26.0+ |
PatternANotFollowedByPatternB | changelog | This check allows you to check for specific patterns in your changelog and then produce a logged record of changeset structure when certain conditions are met. | false | 4.26.0+ |
PatternANotPrecededByPatternB | changelog | This check allows you to check for specific patterns in your changelog and then produce a logged record of changeset structure when certain conditions are met. | false | 4.26.0+ |
PatternAPrecededByPatternB | changelog | This check allows you to check for specific patterns in your changelog and then produce a logged record of changeset structure when certain conditions are met. | false | 4.26.0+ |
PrimaryKeyOnCreateTable | changelog | This check warns when a create table action does not also include a primary key. | true | 4.12.0+ |
RequireChangesetIDisUUID | changelog | This check alerts you when a changeset ID does not follow the 8-4-4-4-12 pattern of UUID or GUID. | false | 4.12.0+ |
RollbackRequired | changelog | This check enforces the Liquibase best-practice recommendation to include rollbacks to every changeset. | true | 4.7.0+ |
SQLGrantAdminWarn | changelog | This check warns a user when a SQL contains 'GRANT' statements that include the 'WITH ADMIN OPTION' clause so that they can ensure that the privilege being granted won't lead to security issues or violate compliance regulations. | true | 4.6.0+ |
SqlGrantOptionWarn | changelog | This check warns a user when SQL contains 'GRANT' statements that include the 'WITH GRANT OPTION' clause so that they can ensure that the privilege being granted won't lead to security issues or violate compliance regulations. | true | 4.6.0+ |
SqlGrantSpecificPrivsWarn | changelog | This check warns a user when a changeset includes or generates sql that grants specific privileges to a user or role. | false | 4.6.0+ |
SqlGrantWarn | changelog | This check warns a user when a SQL contains 'GRANT' statements so that they can ensure that the privilege being granted won't lead to security issues. | true | 4.5.0+ |
SqlRevokeWarn | changelog | This check warns a user when a SQL contains 'REVOKE' statements so that they can ensure that the privilege being revoked won't lead to data access and dependency issues. | true | 4.5.0+ |
SqlSelectStarWarn | changelog | This check warns a user when generated or raw SQL contains 'SELECT *' statements so that they can ensure selecting all fields from a table in a query is safe and necessary. | true | 4.19.0+ |
SqlUserDefinedPatternCheck | changelog | This check scans SQL for the presence of specific patterns and warns the user when they are found. | false | 4.5.0+ |
UserDefinedContextCheck | changelog | false | 4.25.0+ | |
UserDefinedLabelCheck | changelog | false | 4.25.0+ | |
WarnOnUseDatabase | changelog | This check warns a user when generated or raw SQL contains 'USE DATABASE' directive. | true | 4.19.0+ |
ChainedChecksTemplate | changelog or database | 4.27.0+ | ||
ObjectNameMustMatch | changelog or database | The ObjectNameMustMatch check allows you to confirm the listed object names conform to the supplied pattern. | false | 4.6.2+ |
ObjectNameMustNotMatch | changelog or database | The ObjectNameMustNotMatch check allows you to confirm the listed object names conform to the supplied pattern and locate the object names that do not match so they can be corrected. | false | 4.6.2+ |
OracleReservedKeywords | changelog or database | This check can be used to prevent Oracle's reserved keywords from being used in database object names. | false | 4.12.0+ |
PostgresNonReservedKeywords | changelog or database | This check disallows Postgres non-reserved keywords from being used in database object names. See the SQL Key Words Appendix for complete list of keywords. | false | 4.12.0+ |
PostgresReservedKeywords | changelog or database | This check disallows Postgres reserved keywords from being used in database object names. See the SQL Key Words Appendix for complete list of keywords. | false | 4.12.0+ |
SQLServerFutureReservedKeywords | changelog or database | This check disallows SQL Server's future reserved keywords from being used in database object names. See Reserved Keywords (Transact-SQL) for complete list of keywords. | false | 4.12.0+ |
SQLServerODBCReservedKeywords | changelog or database | This check disallows SQL Server's ODBC reserved keywords from being used in database object names. See Reserved Keywords (Transact-SQL) for complete list of keywords. | false | 4.12.0+ |
SQLServerReservedKeywords | changelog or database | This check disallows SQL Server reserved keywords from being used in database object names. See Reserved Keywords (Transact-SQL) for complete list of keywords. | false | 4.12.0+ |
TableColumnLimit | changelog or database | The TableColumnLimit check allows you to ensure that no table described in a changelog or existing in a database target has more than a threshold number of columns. | true | 4.5.0+ |
TableCommentCheck | changelog or database | The TableCommentCheck check allows you to flag any table that does not have a comment. Note that this is not a check for a Liquibase changelog comment. | false | 4.12.0+ |
TableCommentPatternCheck | changelog or database | The TableCommentPatternCheck check triggers when specific user-supplied patterns are present in table comments. | false | 4.12.0+ |