Liquibase has launched Liquibase Secure 5.2 with Agent Safe Governance for AI-generated database changes, targeting the growing use of AI tools in production database workflows.
The update is designed to validate, track and govern database changes created by developers or AI assistants before and after they reach production systems. It also adds support for the Vulnerability Exploitability eXchange, or VEX, providing machine-readable vulnerability assessments for Liquibase products.
The release comes as companies adopt coding assistants such as Cursor, Claude and GitHub Copilot for work that now extends beyond application code into SQL, schema updates and rollback logic. Liquibase argues this shift is exposing a gap between the speed at which database changes can be produced and the controls many organisations still rely on to review and approve them.
According to the company's State of Database Change Governance report, 96% of organisations allow AI to interact with production databases. Liquibase says that makes database governance a more urgent issue for software teams, security groups and compliance leaders, particularly in regulated sectors.
Database controls
The new governance feature uses the Liquibase MCP server to connect AI-assisted workflows to its database change management system. In practice, developers and AI tools can generate Liquibase-formatted changelogs, schema updates, rollback logic and AI-generated data definition language, while the software applies policy checks, governance workflows, drift detection and audit records before deployment.
The release is intended to prevent AI-generated changes from bypassing checks, approvals and recovery controls. It also emphasises schema lineage, allowing teams to trace how a database structure has changed over time and whether approved processes were followed.
Change Intelligence is another part of the release, giving teams visibility into what changed, who or what created a change, where it ran and whether controls were followed, alongside evidence for audits or investigations.
Drift detection is included to identify cases where environments no longer match the approved state. According to Liquibase, that covers manual updates, emergency fixes, shadow changes and AI-assisted modifications that did not pass through the governed workflow.
"AI agents are becoming part of how developers work, but they should not have a free pass to change production databases," said Pete Pickerill, co-founder of Liquibase.
"Agent Safe Governance means AI can help create a database change, while Liquibase Secure validates it, tracks it, checks it against policy, preserves schema lineage, detects drift and controls how it moves to production. That is the balance enterprises need: faster development without turning database change into an unmanaged risk surface," Pickerill said.
Broader coverage
Alongside the AI governance features, Secure 5.2 expands support for Teradata, MongoDB and DynamoDB. The additions are aimed at organisations managing mixed database estates across applications, data products and AI systems.
The release also adds VEX support for security teams. VEX files are intended to help organisations understand whether known vulnerabilities are relevant in a given product context, and to feed that information into automated scanners and response workflows.
Liquibase says the VEX material will be published through its repository, included with software bill of materials files inside the Secure distribution and made available as standalone files. The aim is to give security teams more structured information when assessing software supply chain risk.
Governance pressure
Liquibase framed the issue as especially important for sectors facing strict audit and compliance demands. Financial services, healthcare, insurance, retail, media and technology groups must show that database changes are reviewed, approved, traceable, recoverable and compliant, and the company argues that AI use raises the stakes rather than removing those obligations.
That reflects a broader industry shift as generative AI tools move deeper into software development and infrastructure work. While much of the early governance debate focused on application code and model use, database operations are emerging as another area where automated output can create operational and regulatory risk if controls lag behind.
Liquibase also says Liquibase Secure received five TrustRadius Top Rated Awards across Database DevOps, Build Automation, Release Management, Database Management and Version Control. The awards are based on customer reviews.
"Agent Safe Governance is not about slowing developers down," Pickerill said.
"It is about giving developers and AI assistants a safe path to move faster. Liquibase Secure lets teams use AI to accelerate database change authoring while giving platform, security and compliance leaders a complete system of control and evidence around what actually ships," he said.