Update dependency Microsoft.Data.SqlClient to v7

[dependencyupdates]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Microsoft.Data.SqlClient (source)	5.2.3 → 7.0.0

---

Release Notes

dotnet/sqlclient (Microsoft.Data.SqlClient)

v7.0.0

This section summarizes all changes across the 7.0 preview cycle for users upgrading from the latest 6.1 stable release.
See the full release notes for detailed descriptions.

Also released as part of this milestone:

• Released Microsoft.Data.SqlClient.Extensions.Abstractions 1.0.0. See release notes.
• Released Microsoft.Data.SqlClient.Extensions.Azure 1.0.0. See release notes.
• Released Microsoft.Data.SqlClient.Internal.Logging 1.0.0. See release notes.
• Released Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider 7.0.0. See release notes.

Changed

• Breaking: Removed Azure dependencies from the core package. Entra ID authentication (ActiveDirectoryAuthenticationProvider and related types) has been extracted into a new Microsoft.Data.SqlClient.Extensions.Azure package. The core Microsoft.Data.SqlClient package no longer depends on Azure.Core, Azure.Identity, or their transitive dependencies. Applications using Entra ID authentication must now install Microsoft.Data.SqlClient.Extensions.Azure separately.
  (#​1108,
  #​3680,
  #​3902,
  #​3904,
  #​3908,
  #​3917,
  #​3982,
  #​3978,
  #​3986)

• Two additional packages were introduced to support this separation: Microsoft.Data.SqlClient.Extensions.Abstractions (shared types between the core driver and extensions) and Microsoft.Data.SqlClient.Internal.Logging (shared ETW tracing infrastructure).
  (#​3626,
  #​3628,
  #​3967,
  #​4038)

• Deprecated SqlAuthenticationMethod.ActiveDirectoryPassword (ROPC flow). The method is now marked [Obsolete] and will generate compiler warnings. Migrate to ActiveDirectoryInteractive, ActiveDirectoryServicePrincipal, ActiveDirectoryManagedIdentity, or ActiveDirectoryDefault.
  (#​3671)

• Reverted public visibility of internal interop enums (IoControlCodeAccess and IoControlTransferType) that were accidentally made public during the project merge.
  (#​3900)

• Removed Constrained Execution Region error handling blocks and associated SqlConnection cleanup.
  (#​3535)

• Performance improvements across SqlStatistics timing, Always Encrypted scenarios, and connection opening:
  (#​3609,
  #​3612,
  #​3732,
  #​3660,
  #​3791,
  #​3772,
  #​3554)

• Allow SqlBulkCopy to operate on hidden columns.
  (#​3590)

• Updated UserAgent feature to use a pipe-delimited format, replacing the previous JSON format.
  (#​3826)

• Minor improvements to Managed SNI tracing to capture continuation events and errors.
  (#​3859)

Added

• Added SspiContextProvider abstract class and SqlConnection.SspiContextProvider property, enabling custom SSPI authentication for scenarios like cross-domain Kerberos negotiation and NTLM username/password authentication.
  (#​2253,
  #​2494)

• Continued refinement of packet multiplexing with bug fixes and stability improvements, plus new app context switches for opt-in control.
  (#​3534,
  #​3537,
  #​3605)

• Added support for enhanced routing, a TDS feature that allows the server to redirect connections to a specific server and database during login, enabling Azure SQL Hyperscale read replica load balancing.
  (#​3641,
  #​3969,
  #​3970,
  #​3973)

• Updated pipelines and test suites to compile the driver using the .NET 10 SDK.
  (#​3686)

• Added SqlConfigurableRetryFactory.BaselineTransientErrors static property exposing the default transient error codes list as a ReadOnlyCollection<int>.
  (#​3903)

• Added app context switch Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault to set MultiSubnetFailover=true globally without modifying connection strings.
  (#​3841)

• Added app context switch Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner to let the client ignore server-provided failover partner info in Basic Availability Groups.
  (#​3625)

• Enabled SqlClientDiagnosticListener for SqlCommand on .NET Framework, closing a long-standing observability gap where diagnostic events were previously only available on .NET Core.
  (#​3658)

• Brought the 15 strongly-typed diagnostic event classes in the Microsoft.Data.SqlClient.Diagnostics namespace (e.g., SqlClientCommandBefore, SqlClientConnectionOpenAfter, SqlClientTransactionCommitError) to .NET Framework as part of the codebase merge. These types were originally introduced for .NET Core in 6.0.
  (#​3493)

• Enabled User Agent Feature Extension (opt-in via Switch.Microsoft.Data.SqlClient.EnableUserAgent).
  (#​3606)

• Added actionable error message when Entra ID authentication methods are used without the Microsoft.Data.SqlClient.Extensions.Azure package installed.
  (#​3962,
  #​4046)

Fixed

• Fixed a connection performance regression where SPN generation was triggered for non-integrated authentication modes (e.g., SQL authentication) on the native SNI path.
  (#​3929)

• Fixed ExecuteScalar to propagate errors when the server sends data followed by an error token.
  (#​3912)

• Fixed NullReferenceException in SqlDataAdapter when processing batch scenarios.
  (#​3857)

• Fixed reading of multiple app context switches from a single AppContextSwitchOverrides configuration field.
  (#​3960)

• Fixed an edge case in TdsParserStateObject.TryReadPlpBytes where zero-length reads returned null instead of an empty array.
  (#​3872)

• Fixed issue where extra connection deactivation was occurring.
  (#​3758)

• Fixed debug assertion in connection pool (no impact to production code).
  (#​3587)

• Prevented uninitialized performance counters escaping CreatePerformanceCounters.
  (#​3623)

• Fixed SetProvider to return immediately if user-defined authentication provider found.
  (#​3620)

• Fixed connection pool concurrency issue.
  (#​3632)

v6.1.4

This update brings the following changes since the 6.1.3 release:

Fixed

• Fixed NullReferenceException issue with SqlDataAdapter when processing batch scenarios where certain SQL RPC calls may not include system parameters.
  (#​3877)
• Fixed connection pooling issue where extra connection deactivation was causing active connection counts to go negative.
  (#​3776)

Added

AppContext Switch for enabling MultiSubnetFailover

What Changed:

• Added new AppContext switch Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault to set MultiSubnetFailover=true by default in connection string.
  (#​3851)

Who Benefits:

• Applications that need MultiSubnetFailover enabled globally without modifying connection strings.

Impact:

• Applications can now enable MultiSubnetFailover globally using one of the following methods:

// In application code
AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault", true);

// In runtimeconfig.json
{
  "configProperties": {
    "Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault": true
  }
}

<!-- In App.Config -->
<runtime>
  <AppContextSwitchOverrides value="Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault=true" />
</runtime>

Changed

• Optimized SqlStatistics execution timing by using Environment.TickCount instead of more expensive timing mechanisms.
  (#​3830)
• Updated dependencies (#​3843):
  • .NET Framework 4.6.2:
    • Azure.Core 1.47.1 -> 1.50.0
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Identity.Client 4.80.0 - Added
    • System.Buffers 4.5.1 -> 4.6.1
    • System.Diagnostics.DiagnosticSource 8.0.1 - Added
    • System.IdentityModel.Tokens.Jwt 7.7.1 - Added
    • System.Memory 4.6.3 - Added
    • System.Text.Json 8.0.5 -> 8.0.6
    • System.Text.RegularExpressions 4.3.1 - Added
    • Microsoft.Bcl.Cryptography - Removed
    • System.Text.Encodings.Web - Removed
  • .NET 8.0:
    • Azure.Core 1.47.1 -> 1.50.0
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Identity.Client 4.80.0 - Added
    • System.Diagnostics.DiagnosticSource 8.0.1 - Added
    • System.IdentityModel.Tokens.Jwt 7.7.1 - Added
    • Microsoft.Bcl.Cryptography - Removed
    • System.Text.Json - Removed
  • .NET 9.0:
    • Azure.Core 1.47.1 -> 1.50.0
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Extensions.Caching.Memory 9.0.4 -> 9.0.11
    • Microsoft.Identity.Client 4.80.0 - Added
    • System.Configuration.ConfigurationManager 9.0.4 -> 9.0.11
    • System.Diagnostics.DiagnosticSource 9.0.11 - Added
    • System.IdentityModel.Tokens.Jwt 7.7.1 - Added
    • System.Security.Cryptography.Pkcs 9.0.4 -> 9.0.11
    • Microsoft.Bcl.Cryptography - Removed
    • System.Text.Json - Removed
  • .NET Standard 2.0:
    • Azure.Core 1.47.1 -> 1.50.0
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Extensions.Caching.Memory 9.0.4 -> 8.0.1
    • Microsoft.Identity.Client 4.80.0 - Added
    • System.Configuration.ConfigurationManager 9.0.4 -> 8.0.1
    • System.Diagnostics.DiagnosticSource 8.0.1 - Added
    • System.IdentityModel.Tokens.Jwt 7.7.1 - Added
    • System.Security.Cryptography.Pkcs 9.0.4 -> 8.0.1
    • System.Text.Json 9.0.5 -> 8.0.6
    • Microsoft.Bcl.Cryptography - Removed

v6.1.3

This update includes the following changes since the 6.1.2 release:

Added

App Context Switch for Ignoring Server-Provided Failover Partner

What Changed:

• A new app context switch Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner was introduced to let the client ignore server-provided failover partner info in Basic Availability Groups (BAGs). When the switch is enabled, only the failover partner specified in the connection string is used; server-supplied partner values are skipped. This context switch was introduced in PR #​3702.

Who Benefits:

• Applications connecting to SQL Server BAGs using TCP and custom ports, especially where the server's provided partner name lacks the protocol, host, or port. This avoids connection failures when the server-provided partner is incompatible or incomplete.
• Teams who manage availability groups and rely on client-side control of failover behavior in heterogeneous networking environments.

Impact:

• If your environment might be affected (i.e., you operate a BAG with custom ports, or have experienced failures after failover), you can enable the new switch in your application:

AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner", true);

• Then, ensure your connection string includes your preferred failover partner (with correct tcp:host,port) so that the client uses that instead of the server's suggestion.
• Without enabling this, by default, the client continues to prefer the server-provided partner, maintaining backwards compatibility.

Fixed

• Fixed an issue to ensure reliable metrics initialization during startup,
  preventing missed telemetry when EventSource is enabled early.
  (#​3718)

v6.1.2

This update includes the following changes since the 6.1.1 release:

Fixed

• Fixed an issue where initializing PerformanceCounters would throw System.InvalidOperationException #​3629
• Fixed an issue where a Custom SqlClientAuthenticationProvider was being overwritten by default implementation. #​3651
• Fixed a concurrency issue in connection pooling where the number of active connections could be lower than the configured maximum pool size. #​3653

v6.1.1

This update includes the following changes since the 6.1.0 release:

Fixed

• Reverted changes related to improving partial packet detection, fixup, and replay functionality. This revert addresses regressions introduced in 6.1.0. (#​3556)
• Applied reference assembly corrections supporting vector, fixed JSON tests, and ensured related tests are enabled. #​3562
• Fixed SqlVector<T>.Null API signature in Reference assembly. #​3521

Changed

• Upgraded Azure.Identity and other dependencies to newer versions. (#​3538) (#​3552)

v6.1.0

This update brings the following changes since the
6.1.0-preview2 release:

Added

No new features were added.

Fixed

• Fixed missing socket error codes on non-Windows platforms.
  (#​3475)
• Fixed primary/secondary server SPN handling during SSPI negotiation.
  (#​3478)
• Fixed AzureKeyVaultProvider package key caching to serialize Azure key fetch
  operations.
  (#​3477)
• Fixed a rare error related to multi-packet async text reads.
  (#​3474)
• Fixed some spelling errors in the API docs.
  (#​3500)
• Fixed a rare multi-packet string corruption bug.
  (#​3513)

Changed

SqlDecimal type workarounds conversions

What Changed:

• Changed how SqlDecimal type workarounds perform conversions to meet
  compliance policies.
  (#​3467)

Who Benefits:

• Microsoft products must not use undocumented APIs on other Microsoft products.
  This change removes calls to undocumented APIs and replaces them with
  compliant API use.

Impact:

• These changes impose an observed 5% decrease in performance on .NET Framework.

SqlVector API improvements

What Changed:

• Several changes were made to the SqlVector API published in the
  6.1.0-preview2 release
  (#​3472):
  • The SqlVector class was changed to a readonly struct.
  • The null value constructor was changed to a static CreateNull() method.
  • The Size property was removed.

Who Benefits:

• SqlVector instances gain the efficiencies of struct handling.

Impact:

• Early-adopter applications may require updates if they rely on the old APIs
  and any class-specific behaviour.

v6.0.5

This update brings the below changes over the previous stable release:

Fixed

• Fixed NullReferenceException issue with SqlDataAdapter when processing batch scenarios where certain SQL RPC calls may not include system parameters.
  (#​3878)

Added

What Changed:

• Added new AppContext switch Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault to set MultiSubnetFailover=true by default in connection string.
  (#​3852)

Who Benefits:

• Applications that need MultiSubnetFailover enabled globally without modifying connection strings.

Impact:

• Applications can now enable MultiSubnetFailover globally using one of the following methods:

// In application code
AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault", true);

// In runtimeconfig.json
{
  "configProperties": {
    "Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault": true
  }
}

<!-- In App.Config -->
<runtime>
  <AppContextSwitchOverrides value="Switch.Microsoft.Data.SqlClient.EnableMultiSubnetFailoverByDefault=true" />
</runtime>

Changed

• Updated dependencies (#​3840):

  • .NET Framework 4.6.2:

    • Azure.Core 1.50.0 - Added
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Identity.Client 4.80.0 - Added
    • Microsoft.IdentityModel.JsonWebTokens 7.5.0 -> 7.7.1
    • Microsoft.IdentityModel.Protocols.OpenIdConnect 7.5.0 -> 7.7.1
    • System.Buffers 4.5.1 -> 4.6.1
    • System.Text.Json 8.0.5 -> 8.0.6
    • Microsoft.Bcl.Cryptography - Removed
    • System.Text.Encodings.Web - Removed

  • .NET 8.0:

    • Azure.Core 1.50.0 - Added
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Identity.Client 4.80.0 - Added
    • Microsoft.IdentityModel.JsonWebTokens 7.5.0 -> 7.7.1
    • Microsoft.IdentityModel.Protocols.OpenIdConnect 7.5.0 -> 7.7.1
    • Microsoft.Bcl.Cryptography - Removed
    • System.Text.Json - Removed

  • .NET 9.0:

    • Azure.Core 1.50.0 - Added
    • Azure.Identity 1.14.2 -> 1.17.1
    • Microsoft.Extensions.Caching.Memory 9.0.4 -> 9.0.11
    • Microsoft.Identity.Client 4.80.0 - Added
    • Microsoft.IdentityModel.JsonWebTokens 7.5.0 -> 7.7.1
    • Microsoft.IdentityModel.Protocols.OpenIdConnect 7.5.0 -> 7.7.1
    • Microsoft.Bcl.Cryptography - Removed
    • System.Text.Json - Removed

v6.0.4

This update brings the below changes over the previous stable release:

Added

App Context Switch for Ignoring Server-Provided Failover Partner

What Changed:

• A new app context switch Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner was introduced to let the client ignore server-provided failover partner info in Basic Availability Groups (BAGs). When the switch is enabled, only the failover partner specified in the connection string is used; server-supplied partner values are skipped. This context switch was introduced in PR #​3703.

Who Benefits:

• Applications connecting to SQL Server BAGs using TCP and custom ports, especially where the server's provided partner name lacks the protocol, host, or port. This avoids connection failures when the server-provided partner is incompatible or incomplete.
• Teams who manage availability groups and rely on client-side control of failover behavior in heterogeneous networking environments.

Impact:

• If your environment might be affected (i.e., you operate a BAG with custom ports, or have experienced failures after failover), you can enable the new switch in your application:

AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner", true);

• Then, ensure your connection string includes your preferred failover partner (with correct tcp:host,port) so that the client uses that instead of the server's suggestion.
• Without enabling this, by default, the client continues to prefer the server-provided partner, maintaining backwards compatibility.

v6.0.3

This update brings the below changes over the previous stable release:

Fixed

• Fixed an issue where a Custom SqlClientAuthenticationProvider was being overwritten by default implementation. #​3652
• Fixed a concurrency issue in connection pooling where the number of active connections could be lower than the configured maximum pool size. #​3654

Changed

• Updated MSAL usage as per code compliance requirements #​3360
• Updated SqlDecimal implementation to improve code compliance #​3466
• Updated Azure.Identity and related dependencies #​3553

v6.0.2

This update brings the following changes since the
6.1.0-preview1 release:

Added

Added dedicated SQL Server vector datatype support

What Changed:

• Optimized vector communications between MDS and SQL Server 2025, employing a
  custom binary format over the TDS protocol.
  (#​3433,
  #​3443)
• Reduced processing load compared to existing JSON-based vector support.
• Initial support for 32-bit single-precision floating point vectors.

Who Benefits:

• Applications moving large vector data sets will see beneficial improvements
  to processing times and memory requirements.
• Vector-specific APIs are ready to support future numeric representations with
  a consistent look-and-feel.

Impact:

• Reduced transmission and processing times for vector operations versus JSON
  using SQL Server 2025 preview:
  • Reads: 50x improvement
  • Writes: 3.3x improvement
  • Bulk Copy: 19x improvement
  • (Observed with vector column of max 1998 size, and 10,000 records for each
    operation.)
• Improved memory footprint due to the elimination of JSON
  serialization/deserialization and string representation bloat.
• For backwards compatibility with earlier SQL Server Vector implementations,
  applications may continue to use JSON strings to send/receive vector data,
  although they will not see any of the performance improvements noted above.

Revived .NET Standard 2.0 target support

What Changed:

• Support for targeting .NET Standard 2.0 has returned.
  (#​3381)
• Support had previously been removed in the 6.0 release, with the
  community voicing concerns.

Who Benefits:

• Libraries that depend on MDS may seamlessly target any of the following
  frameworks:
  • .NET Standard 2.0
  • .NET Framework 4.6.2 and above
  • .NET 8.0
  • .NET 9.0
• Applications should continue to target runtimes.
  • The MDS .NET Standard 2.0 target framework support does not include an
    actual implementation, and cannot be used with a runtime.
  • An application's build/publish process should always pick the appropriate
    MDS .NET/.NET Framework runtime implementation.
  • Custom build/publish actions that incorrectly try to deploy the MDS .NET
    Standard 2.0 reference DLL at runtime are not supported.

Impact:

• Libraries targeting .NET Standard 2.0 will no longer receive warnings like
  this:
  • warning NU1701: Package 'Microsoft.Data.SqlClient 6.0.2' was restored using '.NETFramework,Version=v4.6.1, .NETFramework,Version=v4.6.2, .NETFramework,Version=v4.7, .NETFramework,Version=v4.7.1, .NETFramework,Version=v4.7.2, .NETFramework,Version=v4.8, .NETFramework,Version=v4.8.1' instead of the project target framework '.NETStandard,Version=v2.0'. This package may not be fully compatible with your project.

Fixed

• Fixed missing <NeutralLanguage> property.
  (#​3325)
• Fixed injection of UTF-8 BOM during bulk copy.
  (#​3399)
• Fixed SqlCachedBuffer async read edge case.
  (#​3329)
• Fixed SqlSequentialTextReader edge case with single-byte reads.
  (#​3383)
• Fixed an incorrect error message when parsing connection string PoolBlockingPeriod.
  (#​3411)
• Added missing ToString() override to SqlJson.
  (#​3427)

Changed

• Reduced allocations when opening a connection.
  (#​3364)
• Various performance improvements related to TDS parsing.
  (#​3337,
  #​3377,
  #​3422)
• Improved native AOT support.
  (#​3364,
  #​3369,
  #​3401)
• Progress towards SSPI extensibility.
  (#​2454)
• Progress towards connection pooling improvements.
  (#​3352,
  #​3396)
• Expanded/clarified SqlConnection's
  AccessToken and
  AccessTokenCallback
  documentation.
  (#​3339)
• Fixed some poorly formatted tables in the API docs.
  (#​3391)
• Code merge towards a unified SqlClient project, aligning .NET Framework and
  .NET Core implementations.
  (#​3262,
  #​3291,
  #​3305,
  #​3306,
  #​3310,
  #​3323,
  #​3326,
  #​3335,
  #​3338,
  #​3340,
  #​3341,
  #​3343,
  #​3345,
  #​3353,
  #​3355,
  #​3368,
  #​3373,
  #​3376,
  #​3388,
  #​3389,
  #​3393,
  #​3405,
  #​3414,
  #​3416,
  #​3417,
  #​3420,
  #​3431,
  #​3438)
• Test improvements include a new unit test project, updates to test
  dependencies, removal of hardcoded credentials, and improved robustness.
  (#​3204,
  #​3379,
  #​3380,)
  #​3402
• Added dependency on System.Text.Json
  8.0.5 (.NET 8.0) and
  9.0.5 (.NET Standard 2.0, .NET 9.0)
  to avoid transitive vulnerabilities (CVE-2024-43485).
  (#​3403)

v6.0.1

This update brings the below changes over the previous release:

Fixed

• Fixed reference assembly definitions for SqlClientDiagnostic APIs #​3097
• Fixed issue with down-level SSL/TLS version warnings #​3126

Changed

• Dependency changes
  • Updated SNI dependency Microsoft.Data.SqlClient.SNI and Microsoft.Data.SqlClient.SNI.runtime to 6.0.2 #​3116 #​3117

v6.0.0

No changes since the last preview release

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

Commands to ignore dependencies

You can trigger dependency actions by commenting on this PR:

• @particularbot ignore this major version
• @particularbot ignore this minor version
• @particularbot ignore this dependency