Liquibase has launched Liquibase Safe 5.2 with Agent Secure Governance for AI-generated database modifications, focusing on the rising use of AI instruments in manufacturing database workflows.
The replace is designed to validate, observe and govern database modifications created by builders or AI assistants earlier than and after they attain manufacturing techniques. It additionally provides assist for the Vulnerability Exploitability eXchange, or VEX, offering machine-readable vulnerability assessments for Liquibase merchandise.
The discharge comes as firms undertake coding assistants comparable to Cursor, Claude and GitHub Copilot for work that now extends past utility code into SQL, schema updates and rollback logic. Liquibase argues this shift is exposing a spot between the pace at which database modifications may be produced and the controls many organisations nonetheless depend on to overview and approve them.
In response to the corporate’s State of Database Change Governance report, 96% of organisations permit AI to work together with manufacturing databases. Liquibase says that makes database governance a extra pressing subject for software program groups, safety teams and compliance leaders, significantly in regulated sectors.
Database controls
The brand new governance characteristic makes use of the Liquibase MCP server to attach AI-assisted workflows to its database change administration system. In observe, builders and AI instruments can generate Liquibase-formatted changelogs, schema updates, rollback logic and AI-generated knowledge definition language, whereas the software program applies coverage checks, governance workflows, drift detection and audit information earlier than deployment.
The discharge is meant to stop AI-generated modifications from bypassing checks, approvals and restoration controls. It additionally emphasises schema lineage, permitting groups to hint how a database construction has modified over time and whether or not authorised processes had been adopted.
Change Intelligence is one other a part of the discharge, giving groups visibility into what modified, who or what created a change, the place it ran and whether or not controls had been adopted, alongside proof for audits or investigations.
Drift detection is included to establish circumstances the place environments now not match the authorised state. In response to Liquibase, that covers handbook updates, emergency fixes, shadow modifications and AI-assisted modifications that didn’t cross by means of the ruled workflow.
“AI brokers have gotten a part of how builders work, however they need to not have a free cross to alter manufacturing databases,” mentioned Pete Pickerill, co-founder of Liquibase.
“Agent Secure Governance means AI can assist create a database change, whereas Liquibase Safe validates it, tracks it, checks it in opposition to coverage, preserves schema lineage, detects drift and controls the way it strikes to manufacturing. That’s the steadiness enterprises want: quicker improvement with out turning database become an unmanaged threat floor,” Pickerill mentioned.
Broader protection
Alongside the AI governance options, Safe 5.2 expands assist for Teradata, MongoDB and DynamoDB. The additions are aimed toward organisations managing combined database estates throughout functions, knowledge merchandise and AI techniques.
The discharge additionally provides VEX assist for safety groups. VEX information are meant to assist organisations perceive whether or not recognized vulnerabilities are related in a given product context, and to feed that info into automated scanners and response workflows.
Liquibase says the VEX materials will probably be revealed by means of its repository, included with software program invoice of supplies information contained in the Safe distribution and made obtainable as standalone information. The goal is to offer safety groups extra structured info when assessing software program provide chain threat.
Governance strain
Liquibase framed the problem as particularly vital for sectors going through strict audit and compliance calls for. Monetary providers, healthcare, insurance coverage, retail, media and expertise teams should present that database modifications are reviewed, authorised, traceable, recoverable and compliant, and the corporate argues that AI use raises the stakes quite than eradicating these obligations.
That displays a broader trade shift as generative AI instruments transfer deeper into software program improvement and infrastructure work. Whereas a lot of the early governance debate targeted on utility code and mannequin use, database operations are rising as one other space the place automated output can create operational and regulatory threat if controls lag behind.
Liquibase additionally says Liquibase Safe obtained 5 TrustRadius Prime Rated Awards throughout Database DevOps, Construct Automation, Launch Administration, Database Administration and Model Management. The awards are primarily based on buyer critiques.
“Agent Secure Governance just isn’t about slowing builders down,” Pickerill mentioned.
“It’s about giving builders and AI assistants a protected path to maneuver quicker. Liquibase Safe lets groups use AI to speed up database change authoring whereas giving platform, safety and compliance leaders an entire system of management and proof round what truly ships,” he mentioned.