Update dependency Microsoft.Data.SqlClient to v5

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Microsoft.Data.SqlClient (source)	3.1.5 -> 5.2.2

---

Release Notes

dotnet/sqlclient (Microsoft.Data.SqlClient)

v5.2.2

Fixed

• Fixed AcquireTokenAsync timeout handling for edge cases in ActiveDirectoryAuthenticationProvider. #​2650
• Fixed issue with Socket.Connect in managed SNI. #​2779
• Fixed path for AssemblyAttributes in obj folder causing NET 8.0 assembly to appear in NET 6.0 dll. #​2789
• Fixed SSPI retry negotiation with default port in .NET. #​2815
• Fixed ArgumentNullException on SqlDataRecord.GetValue when using user-defined data type on .NET. #​2816
• Fixed pending data with SqlDataReader against an encrypted column. #​2817

Changed

• Upgraded Azure.Identity version from 1.11.3 to 1.11.4 #​2648 to address CVE-2024-35255.
• Upgraded Microsoft.Identity.Client version from 4.60.0 to 4.61.3 #​2648 to address CVE-2024-35255.
• Added caching to TokenCredential objects to take advantage of token caching. #​2775

v5.2.1

This update brings the below changes over the previous release:

Changed

• Upgraded Azure.Identity version from 1.10.3 to 1.11.3 #​2492, #​2528
• Upgraded Microsoft.Identity.Client version from 4.56.0 to 4.60.3 #​2492
• Code Health improvements: #​2467

Fixed

• Fixed connection errors on Linux when Data Source property contains both named instance and port #​2436
• Fixed SqlConnection.FireInfoMessageEventOnUserErrors when set to true throws an exception #​2505
• Fixed exception when using DATETIMEOFFSET(n) in a TVP if n is 1, 2, 3, or 4 #​2506
• Reverted PR #​1983 which caused connection failure delays when using OpenAsync #​2507
• Fixed SqlConnection.Clone() to include AccessTokenCallback #​2527

v5.2.0

Added

• Added a new AccessTokenCallBack API to SqlConnection. #​1260
• Added SqlBatch support on .NET 6+ #​1825, #​2223,#​2371, #​2373
• Added support of SqlDiagnosticListener on .NET Standard. #​1931
• Added new property RowsCopied64 to SqlBulkCopy. #​2004
• Added support for the SuperSocketNetLib registry option for Encrypt on .NET on Windows. #​2047
• Added the ability to generate debugging symbols in a separate package file #​2137
• Added Workload Identity authentication support #​2159, #​2264
• Added support for Big Endian systems #​2170
• Added support for Georgian collation #​2194
• Added Localization support on .NET #​2210
• Added .NET 8 support #​2230
• Added explicit version for major .NET version dependencies on System.Runtime.Caching 8.0.0, System.Configuration.ConfigurationManager 8.0.0, and System.Diagnostics.
• DiagnosticSource 8.0.0 #​2303

Changed

• Improved parsing buffered characters in TdsParser. #​1544
• Added Microsoft.SqlServer.Types to verify support for SqlHierarchyId and Spatial for .NET Core. #​1848
• Moved to new System.Data.SqlTypes APIs on .NET 7 and up. #​1934 and #​1981
• Removed reference to Microsoft.Win32.Registry since it's shipped starting with .NET 6.0. #​1974
• Changed UseOneSecFloorInTimeoutCalculationDuringLogin App Context switch default to true and extended its effect to .NET and .NET Standard. #​2012
• Updated Microsoft.Identity.Client version from 4.47.2 to 4.53.0. #​2031, #​2055
• Switched to the new .NET NegotiateAuthentication API on .NET 7.0 and above for SSPI token negotiation using Managed SNI. #​2063
• Removed ignoreSniOpenTimeout in open connection process on Windows. #​2067
• Enforce explicit ordinal for internal StringComparison operations. #​2068
• Improved error messages when validating server certificates in managed SNI (Linux/macOS) #​2060
• Improved CPU usage when AppContext switches are in use #​2227
• Upgraded Azure.Identity dependency version to 1.10.3 to address CVE-2023-36414, #​2189
• Changed Microsoft.IdentityModel.JsonWebTokens and Microsoft.IdentityModel.Protocols.OpenIdConnect version 6.24.0 to 6.35.0 #​2290 to address CVE-2024-21319
• Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET/.NET Standard dependency) version to v5.2.0. #​2363, which includes removing dead code and addressing static analysis warnings
• Code health improvements: #​1198, #​1829, #​1943, #​1949, #​1959, #​1985, #​2071, #​2073, #​2088, #​2091, #​2098, #​2121, #​2122, #​2132, #​2136, #​2144, #​2147, #​2157, #​2164, #​2166, #​2168, #​2186, #​2254, #​2288, #​2305, #​2317

Fixed

• Fixed Always Encrypted secure enclave retry logic for async queries. #​1988
• Fixed activity correlator to continue use of same GUID for connection activity. #​1997
• Fixed behavior when error class is greater than 20 on connection retry. #​1953
• Fixed error message when symmetric key decryption failed using Always Encrypted. #​1948
• Fixed TransactionScope connection issue when Enlist is enable, Pooling is disabled and network connection type is Redirect. #​1960
• Fixed TDS RPC error on large queries in SqlCommand.ExecuteReaderAsync. #​1936
• Fixed throttling of token requests by calling AcquireTokenSilent. #​1925
• Fixed Linux code coverage result in Build proj. #​1950
• Fixed NullReferenceException in GetBytesAsync. #​1906
• Fixed Transient fault handling issue with OpenAsync. #​1983
• Fixed invariant mode checks. #​1917
• Fixed GC behavior in TdsParser by adding array rental capability in TryReadPlpUnicodeChars. #​1866
• Fixed socket synchronization issue during connect in managed SNI. #​1029
• Fixed issue with SqlConnectionStringBuilder property indexer not supporting non-string values. #​2018
• Fixed SqlDataAdapter.Fill and configurable retry logic issue on .NET Framework. #​2084
• Fixed SqlConnectionEncryptOption type conversion by introducing the SqlConnectionEncryptOptionConverter attribute when using appsettings.json files. #​2057
• Fixed th-TH culture info issue on Managed SNI. #​2066
• Fixed an issue when using the Authentication option, but not encrypting on .NET Framework where the server certificate was being incorrectly validated #​2224
• Fixed a deadlock problem for distributed transactions when on .NET #​2161
• Fixed an issue with connecting to named instances on named pipes in managed SNI (Linux/macOS) #​2142
• Fixed LocalDb connection issue with an invalid source when using managed SNI #​2129
• Fixed an AccessViolationException when using a SQL Express user instance #​2101
• Fixed a metadata query issue when connecting to Azure SQL Edge #​2099
• Fixed file version information for .NET and .NET Standard binaries #​2093
• Fixed the SPN sent for a named instance when using Kerberos authentication on Linux/macOS #​2240
• Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool #​2301
• Fixed InvalidCastException when reading an Always Encrypted date or time column #​2275
• Fixed token caching to prevent expired access tokens from being reused in a connection pool #​2273

v5.1.6

Fixed

• Fixed Transient fault handling issue with OpenAsync. #​1983 #​2508
• Fixed AcquireTokenAsync timeout handling for edge cases in ActiveDirectoryAuthenticationProvider. #​2706
• Fixed pending data with SqlDataReader against an encrypted column. #​2618 #​2818

Changed

• Upgraded Azure.Identity version from 1.11.3 to 1.11.4 [#​2649] (https://github.com/dotnet/SqlClient/pull/2649) [#​2529] (https://github.com/dotnet/SqlClient/pull/2529) to address CVE-2024-35255.
• Upgraded Microsoft.Identity.Client version from 4.60.0 to 4.61.3 [#​2649] (https://github.com/dotnet/SqlClient/pull/2649) [#​2529] (https://github.com/dotnet/SqlClient/pull/2529) to address CVE-2024-35255.
• Added caching to TokenCredential objects to take advantage of token caching. #​2776
• Code health improvements: [#​2490] (https://github.com/dotnet/SqlClient/pull/2490)

v5.1.5

This update brings the below changes over the previous release:

Fixed

• Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool #​2321
• Fixed InvalidCastException when reading an Always Encrypted date or time column #​2324

Changed

• Changed Microsoft.IdentityModel.JsonWebTokens and Microsoft.IdentityModel.Protocols.OpenIdConnect version 6.24.0 to 6.35.0 #​2320 to address CVE-2024-21319

v5.1.4

This update brings the below changes over the previous release:

Fixed

• Fixed a deadlock problem for distributed transactions when on .NET.

Changed

• Upgraded Azure.Identity dependency version to 1.10.3 to address CVE-2023-36414.

v5.1.3

This update brings the below changes over the previous release:

Fixed

• Fixed encryption downgrade issue. CVE-2024-0056
• Fixed certificate chain validation logic flow.

v5.1.2

This update brings the below changes over the previous release:

Fixed

• Fixed access violation when using SQL Express user instance. #​2101
• Fixed Always Encrypted secure enclave retry logic for async queries. #​1988
• Fixed LocalDb and managed SNI by improving the error messages and avoid falling back to the local service. #​2129
• Fixed .NET and .NET Standard file version. 2093
• Fixed non-string values and SqlConnectionStringBuilder property indexer issue. #​2018
• Fixed SqlConnectionEncryptOption type conversion by introducing the SqlConnectionEncryptOptionConverter attribute when using appsettings.json files. #​2057
• Fixed Transient fault handling issue with OpenAsync. #​1983
• Fixed activity correlator to continue use of same GUID for connection activity. #​1997

Changed

• Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET Core/Standard dependency) version to 5.1.1. #​2123

v5.1.1

This update brings the below changes over the previous release:

Fixed

• Fixed an incorrect exception when a symmetric key fails to decrypt a column using Always Encrypted. #​1968
• Fixed TransactionScope connection issue when Enlist is enabled, Pooling is disabled, and Network Connection Type is set to Redirect. #​1967
• Fixed throttling of token requests by calling AcquireTokenSilent. #​1966
• Fixed TDS RPC error on large queries in SqlCommand.ExecuteReaderAsync. #​1965
• Fixed NullReferenceException in GetBytesAsync. #​1964

v5.1.0

This update brings the below changes over the previous release:

Fixed

• Fixed thread safety of transient error list in configurable retry logic. #​1882
• Fixed deadlock when using SinglePhaseCommit with distributed transactions. #​1801
• Fixed Dedicated Admin Connections (DAC) to localhost in managed SNI. #​1865

Changed

• Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET Core/Standard dependency) version to 5.1.0. #​1889 which includes fix for AppDomain crash in issue #​1418, TLS 1.3 Support, removal of ARM32 binaries, and support for the ServerCertificate option.
• Code health improvements #​1867 #​1849

v5.0.2

Fixed

• Fixed memory leak regression from #​1785 using a DisposableTemporaryOnStack struct. #​1980
• Fixed TransactionScope connection issue when Enlist is enabled, Pooling is disabled, and Network Connection Type is set to Redirect. #​1978
• Fixed an incorrect exception when a symmetric key fails to decrypt a column using Always Encrypted. #​1977
• Fixed TDS RPC error on large queries in SqlCommand.ExecuteReaderAsync. #​1976
• Fixed deadlock when using SinglePhaseCommit with distributed transactions. #​1975

v5.0.1

Fixed

• Fixed missing HostNameInCertificate connection string property in .NET Framework. #​1782
• Fixed async deadlock issue when sending attention fails due to network failure. #​1783
• Fixed Null Reference Exception on assigning null to SqlConnectionStringBuilder.Encrypt. #​1784
• Fixed ReadAsync() behavior to register Cancellation token action before streaming results. #​1785
• Fixed hang on infinite timeout and managed SNI. #​1798
• Fixed Default UTF8 collation conflict. #​1799

Changed

• Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET Core/Standard dependency) version to 5.0.1 #​1795, which includes the fix for AppDomain crash introducing in issue #​1418.

v5.0.0

This update brings the below changes over the previous release:

Added

• Added support for TDS 8. To use TDS 8, users should specify Encrypt=Strict in the connection string. #​1608
• Added TDS 8 version for TDSLogin. #​1657

Fixed

• Fixed null SqlBinary as rowversion. #​1688
• Fixed KeyNotFoundException for the FailoverPartner key on SQL servers with availability group configured. #​1614
• Fixed small inconsistency between netcore and netfx for EncryptionOptions. #​1672
• Fixed Microsoft.SqlServer.Server netcore project package reference. #​1654

Changed

• Updated AuthProviderInfo struct to be matched the changes in native SNI for TDS 8 server certificate validation. #​1680
• Updated default system protocol for TDS 8 on managed code. #​1678
• Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET Core/Standard dependency) version to 5.0.0. #​1680
• Updated IdentityModel dependency from 6.8.0 to 6.21.0 and IdentityClient from 4.32.2 to 4.45.0. #​1646
• Changed from union overlay design to reflected interfaces for SqlTypes. 1647

v4.1.1

Fixed

• Fixed connection failure by not requiring Certificate Revocation List (CRL) check during authentication. #​1706
• Parallelize SSRP requests on Linux and macOS when MultiSubNetFailover is specified. #​1708, #​1746
• Added CommandText length validation when using stored procedure command types. #​1709
• Fixed NullReferenceException during Azure Active Directory authentication. #​1710
• Fixed null SqlBinary as rowversion. #​1712
• Fixed table's collation overriding with default UTF8 collation. #​1749

v4.1.0

Added

• Added new Attestation Protocol None for VBS enclave types. This protocol will allow users to forgo enclave attestation for VBS enclaves. #​1419 #​1425

v4.0.6

Fixed

• Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool #​2301 #​2435
• Fixed AcquireTokenAsync timeout handling for edge cases in ActiveDirectoryAuthenticationProvider #​2707

Changed

• Code health improvements: #​2147, #​2513, #​2519

v4.0.5

Fixed

• Fixed encryption downgrade issue. CVE-2024-0056
• Fixed certificate chain validation logic flow.

v4.0.4

Fixed

• Fixed Always Encrypted secure enclave retry logic for async queries. #​1988
• Fixed LocalDb and managed SNI by improving the error messages and avoid falling back to the local service. #​2129
• Fixed .NET and .NET Standard file version. 2093
• Fixed activity correlator to continue use of same GUID for connection activity. #​1997

v4.0.3

Fixed

• Fixed throttling of token requests by calling AcquireTokenSilent in AAD Integrated/Password flows when the account is already cached.#​1995
• Fixed TDS RPC error on large queries in SqlCommand.ExecuteReaderAsync.#​1987

v4.0.2

Fixed

• Fixed connection failure by not requiring Certificate Revocation List (CRL) check during authentication. #​1718
• Parallelize SSRP requests on Linux and macOS when MultiSubNetFailover is specified. #​1720, #​1747
• Added CommandText length validation when using stored procedure command types. #​1721
• Fixed NullReferenceException during Azure Active Directory authentication. #​1722
• Fixed null SqlBinary as rowversion. #​1724
• Fixed table's collation overriding with default UTF8 collation. #​1750

v4.0.1

Added

Added AppContext switch SuppressInsecureTLSWarning to allow suppression of TLS security warning when using Encrypt=false in the connection string. #​1457

Fixed

• Fixed Kerberos authentication failure when using .NET 6. #​1411
• Fixed connection failure when using SqlLocalDB instance pipe name. #​1433
• Fixed a failure when executing concurrent queries requiring enclaves. #​1451
• Updated obsolete API calls targeting .NET 6. #​1401

v4.0.0

Added

• Added missing SqlClientLogger class to .NET Core refs and missing SqlClientLogger.LogWarning method in .NET Framework refs #​1392

Changed

• Avoid throwing unnecessary exception when an invalid SqlNotificationInfo value is received from SQL Server #​1378
• Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET Core/Standard dependency) version to v4.0.0 #​1391

v3.1.7

Fixed

• Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool. #​2301 #​2434
• Fixed AcquireTokenAsync timeout handling for edge cases in ActiveDirectoryAuthenticationProvider. #​2709
• Fixed the signing issue with Microsoft.Data.SqlClient assembly. #​2789

Changed

• Updated Microsoft.Data.SqlClient.SNI version 3.0.1 to 3.0.2 #​2676 which includes the fix for AppDomain crashing in issue #​1418 and various code refactors.
• Code health improvements: #​2147, #​2515, #​2517 addresses CVE-2019-0545, #​2539

v3.1.6

Fixed

• Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool. #​2301 #​2434
• Fixed AcquireTokenAsync timeout handling for edge cases in ActiveDirectoryAuthenticationProvider. #​2709

Changed

• Updated Microsoft.Data.SqlClient.SNI version 3.0.1 to 3.0.2 #​2676 which includes the fix for AppDomain crashing in issue #​1418 and various code refactors.
• Code health improvements: #​2147, #​2515, #​2517 addresses CVE-2019-0545, #​2539

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[bahusoid]

And Renovate auto rebasing seems also sometime is forced even when disabled :( (seems like when other renovate PR is merged)

[bahusoid]

Heh. Log says that someone requested manual rebase... That's better...

DEBUG: Manual rebase requested via Dependency Dashboard

Seems like someone ticked Click on this checkbox to rebase all open PRs at once

[hazzik]

That someone was me