Skip to content

[release/8.0]: Bump Microsoft.Data.SqlClient from 5.1.7 to 5.2.3#38525

Open
dependabot[bot] wants to merge 1 commit into
release/8.0from
dependabot/nuget/src/EFCore.SqlServer/release/8.0/Microsoft.Data.SqlClient-5.2.3
Open

[release/8.0]: Bump Microsoft.Data.SqlClient from 5.1.7 to 5.2.3#38525
dependabot[bot] wants to merge 1 commit into
release/8.0from
dependabot/nuget/src/EFCore.SqlServer/release/8.0/Microsoft.Data.SqlClient-5.2.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Updated Microsoft.Data.SqlClient from 5.1.7 to 5.2.3.

Release notes

Sourced from Microsoft.Data.SqlClient's releases.

5.2.3

This update brings the following changes since the 5.2.2 release:

Fixed

  • Fixed possible NullPointerException during socket receive (PR #​3284)
  • Fixed inconsistencies between source and reference projects (PR #​3124)
  • Adjusted retry logic to allow errors with negative numbers to be considered transient (PR #​3185)

Changed

5.2.2

[Stable release 5.2.2] - 2024-08-27

Fixed

  • Fixed AcquireTokenAsync timeout handling for edge cases in ActiveDirectoryAuthenticationProvider. #​2650
  • Fixed issue with Socket.Connect in managed SNI. #​2779
  • Fixed path for AssemblyAttributes in obj folder causing NET 8.0 assembly to appear in NET 6.0 dll. #​2789
  • Fixed SSPI retry negotiation with default port in .NET. #​2815
  • Fixed ArgumentNullException on SqlDataRecord.GetValue when using user-defined data type on .NET. #​2816
  • Fixed pending data with SqlDataReader against an encrypted column. #​2817

Changed

  • Upgraded Azure.Identity version from 1.11.3 to 1.11.4 #​2648 to address CVE-2024-35255.
  • Upgraded Microsoft.Identity.Client version from 4.60.0 to 4.61.3 #​2648 to address CVE-2024-35255.
  • Added caching to TokenCredential objects to take advantage of token caching. #​2775

5.2.1

[Stable release 5.2.1] - 2024-05-31

Fixed

  • Fixed connection errors on Linux when Data Source property contains both named instance and port #​2436
  • Fixed SqlConnection.FireInfoMessageEventOnUserErrors when set to true throws an exception #​2505
  • Fixed exception when using DATETIMEOFFSET(n) in a TVP if n is 1, 2, 3, or 4 #​2506
  • Reverted PR #​1983 which caused connection failure delays when using OpenAsync #​2507
  • Fixed SqlConnection.Clone() to include AccessTokenCallback #​2527

Changed

  • Upgraded Azure.Identity version from 1.10.3 to 1.11.3 #​2492, #​2528
  • Upgraded Microsoft.Identity.Client version from 4.56.0 to 4.60.3 #​2492
  • Code Health improvements: #​2467

5.2.0

[Stable release 5.2.0] - 2024-02-28

Added

  • Added a new AccessTokenCallBack API to SqlConnection. #​1260
  • Added SqlBatch support on .NET 6+ #​1825, #​2223,#​2371, #​2373
  • Added support of SqlDiagnosticListener on .NET Standard. #​1931
  • Added new property RowsCopied64 to SqlBulkCopy. #​2004
  • Added support for the SuperSocketNetLib registry option for Encrypt on .NET on Windows. #​2047
  • Added the ability to generate debugging symbols in a separate package file #​2137
  • Added Workload Identity authentication support #​2159, #​2264
  • Added support for Big Endian systems #​2170
  • Added support for Georgian collation #​2194
  • Added Localization support on .NET #​2210
  • Added .NET 8 support #​2230
  • Added explicit version for major .NET version dependencies on System.Runtime.Caching 8.0.0, System.Configuration.ConfigurationManager 8.0.0, and System.Diagnostics.
  • DiagnosticSource 8.0.0 #​2303

Changed

Fixed

  • Fixed Always Encrypted secure enclave retry logic for async queries. #​1988
  • Fixed activity correlator to continue use of same GUID for connection activity. #​1997
  • Fixed behavior when error class is greater than 20 on connection retry. #​1953
  • Fixed error message when symmetric key decryption failed using Always Encrypted. #​1948
  • Fixed TransactionScope connection issue when Enlist is enable, Pooling is disabled and network connection type is Redirect. #​1960
  • Fixed TDS RPC error on large queries in SqlCommand.ExecuteReaderAsync. #​1936
  • Fixed throttling of token requests by calling AcquireTokenSilent. #​1925
  • Fixed Linux code coverage result in Build proj. #​1950
  • Fixed NullReferenceException in GetBytesAsync. #​1906
  • Fixed Transient fault handling issue with OpenAsync. #​1983
  • Fixed invariant mode checks. #​1917
  • Fixed GC behavior in TdsParser by adding array rental capability in TryReadPlpUnicodeChars. #​1866
    ... (truncated)

5.2.0-preview5

[Preview Release 5.2.0-preview5.24024.3] - 2024-01-24

This update brings the below changes over the previous release:

Added

  • Added .NET 8 support #​2230
  • Added explicit version for major .NET version dependencies on System.Runtime.Caching 8.0.0, System.Configuration.ConfigurationManager 8.0.0, and System.Diagnostics.DiagnosticSource 8.0.0 #​2303
  • Added the ability to generate debugging symbols in a separate package file #​2137

Changed

  • Changed Microsoft.IdentityModel.JsonWebTokens and Microsoft.IdentityModel.Protocols.OpenIdConnect version 6.24.0 to 6.35.0 #​2290 to address CVE-2024-21319

Fixed

  • Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool #​2301
  • Fixed InvalidCastException when reading an Always Encrypted date or time column #​2275
  • Fixed token caching to prevent expired access tokens from being reused in a connection pool #​2273
  • Code health improvements: #​2288, #​2305, #​2254, #​2317

5.2.0-preview4.23342.2

[Preview Release 5.2.0-preview4.23342.2] - 2023-12-08

Added

Changed

  • Updated Microsoft.Data.SqlClient.SNI (.NET Framework dependency) and Microsoft.Data.SqlClient.SNI.runtime (.NET/.NET Standard dependency) version to v5.2.0-preview1.23340.1. #​2257, which includes removing dead code and addressing TSA warnings
  • Improved CPU usage when AppContext switches are in use #​2227
  • Upgraded Azure.Identity dependency version to 1.10.3 to address CVE-2023-36414, #​2188
  • Improved error messages when validating server certificates in managed SNI (Linux/macOS) #​2060

Fixed

  • Fixed an issue when using the Authentication option, but not encrypting on .NET Framework where the server certificate was being incorrectly validated #​2224
  • Fixed a deadlock problem for distributed transactions when on .NET #​2161
  • Fixed an issue with connecting to named instances on named pipes in managed SNI (Linux/macOS)#​2142
  • Fixed an issue when connecting to an invalid LocalDB name using managed SNI #​2129
  • Fixed an AccessViolationException when using a SQL Express user instance #​2101
  • Fixed a metadata query issue when connecting to Azure SQL Edge #​2099
  • Fixed file version information for .NET and .NET Standard binaries#​2093
  • Fixed the SPN sent for a named instance when using Kerberos authentication on Linux/macOS #​2240
  • Various code improvements #​2091, #​2098, #​2121, #​2122, #​2132, #​2136, #​2144, #​2147, #​2157, #​2164, #​2166, #​2168, #​2186

5.2.0-preview3.23201.1

[Preview Release 5.2.0-preview3.23201.1] - 2023-07-20

This update brings the below changes over the previous release:

Added

  • Added a new AccessTokenCallBack API to SqlConnection. #​1260
  • Added support for the SuperSocketNetLib registry option for Encrypt on .NET on Windows. #​2047

Fixed

  • Fixed SqlDataAdapter.Fill and configurable retry logic issue on .NET Framework. #​2084
  • Fixed SqlConnectionEncryptOption type conversion by introducing the SqlConnectionEncryptOptionConverter attribute when using appsettings.json files. #​2057
  • Fixed th-TH culture info issue on Managed SNI. #​2066

Changed

For detailed release notes, refer to 5.2.0-preview3.md

5.2.0-preview2.23159.1

[Preview Release 5.2.0-preview2.23159.1] - 2023-06-08

This update brings the below changes over the previous release:

Added

  • Added new property RowsCopied64 to SqlBulkCopy. #​2004

Fixed

  • Fixed mixed synchronization issue in managed SNI. #​1029
  • Fixed issue with SqlConnectionStringBuilder property indexer not supporting non-string values. #​2018

Changed

For detailed release notes, refer to 5.2.0-preview2.md

5.2.0-preview1.23109.1

[Preview Release 5.2.0-preview1.23109.1] - 2023-04-20

This update brings the below changes over the v5.1 release:

Added

  • Added support of SqlDiagnosticListener on .NET Standard. #​1931

Fixed

  • Fixed AE enclave retry logic for async queries. #​1988
  • Fixed activity correlator to continue use of same GUID for connection activity. #​1997
  • Fixed behavior when error class is greater than 20 on connection retry. #​1953
  • Fixed error message when symmetric key decryption failed using Always Encrypted. #​1948
  • Fixed TransactionScope connection issue when Enlist is enable, Pooling is disabled and network connection type is Redirect. #​1960
  • Fixed TDS RPC error on large queries in SqlCommand.ExecuteReaderAsync. #​1936
  • Fixed throttling of token requests by calling AcquireTokenSilent. #​1925
  • Fixed Linux code coverage result in Build proj. #​1950
  • Fixed NullReferenceException in GetBytesAsync. #​1906
  • Fixed Transient fault handling issue with OpenAsync. #​1983
  • Fixed invariant mode checks. #​1917
  • Fixed GC behavior in TdsParser by adding array rental capability in TryReadPlpUnicodeChars. #​1866

Changed

  • Updated Azure Identity version from 1.7.0 to 1.8.0. #​1921
  • Improved parsing buffered characters in TdsParser. #​1544
  • Removed reference to Microsoft.Win32.Registry since it's shipped starting with .NET 6.0. #​1974
  • Added Microsoft.SqlServer.Types to verify support for SqlHierarchyId and Spatial for .NET Core. #​1848
  • Code health improvements:#​1943#​1949#​1198#​1829

For detailed release notes, refer to 5.2.0-preview1.md

5.1.9

This update brings the following changes since the 5.1.8 release:

Changed

  • Use Environment.TickCount for SqlStatistics execution timing. (#​3831)
  • Updated dependencies (#​3838):
    • .NET Standard 2.0:
      • Microsoft.Win32.Registry - Removed
      • System.Buffers 4.5.1 -> 4.6.1
      • System.IdentityModel.Tokens.Jwt 6.35.0 - Added
      • System.Text.Encodings.Web - Removed
    • .NET Standard 2.1:
      • Microsoft.Win32.Registry - Removed
      • System.IdentityModel.Tokens.Jwt 6.35.0 - Added
      • System.Text.Encodings.Web - Removed
    • .NET Framework 4.6.2:
      • System.Buffers 4.5.1 -> 4.6.1
      • System.IdentityModel.Tokens.Jwt 6.35.0 - Added
      • System.Text.Encodings.Web - Removed
      • System.Text.Json - Removed
    • .NET 6.0:
      • System.Diagnostics.DiagnosticSource - Removed
      • System.IdentityModel.Tokens.Jwt 6.35.0 - Added
      • System.Text.Encodings.Web - Removed

Target Platform Support

  • .NET Framework 4.6.2+ (Windows x86, Windows x64)
  • .NET 6.0+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)
  • .NET Standard 2.0+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)

Dependencies

.NET Standard 2.0

  • Azure.Core 1.41.0
  • Azure.Identity 1.12.1
  • Microsoft.Data.SqlClient.SNI.runtime 5.1.2
  • Microsoft.Identity.Client 4.76.0
  • Microsoft.IdentityModel.JsonWebTokens 6.35.0
  • Microsoft.IdentityModel.Protocols.OpenIdConnect 6.35.0
  • Microsoft.SqlServer.Server 1.0.0
  • System.Buffers 4.6.1
  • System.Configuration.ConfigurationManager 6.0.1
  • System.IdentityModel.Tokens.Jwt 6.35.0
  • System.Runtime.Caching 6.0.0
  • System.Runtime.Loader 4.3.0
  • System.Security.Cryptography.Cng 5.0.0
  • System.Security.Permissions 6.0.0
  • System.Security.Principal.Windows 5.0.0
    ... (truncated)

5.1.8

This update brings the following changes since the 5.1.7 release:

Added

App Context Switch for Ignoring Server-Provided Failover Partner

What Changed:

  • A new app context switch Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner was introduced to let the client ignore server-provided failover partner info in Basic Availability Groups (BAGs). When the switch is enabled, only the failover partner specified in the connection string is used; server-supplied partner values are skipped. This context switch was introduced in PR #​3704.

Who Benefits:

  • Applications connecting to SQL Server BAGs using TCP and custom ports, especially where the server's provided partner name lacks the protocol, host, or port. This avoids connection failures when the server-provided partner is incompatible or incomplete.
  • Teams who manage availability groups and rely on client-side control of failover behavior in heterogeneous networking environments.

Impact:

  • If your environment might be affected (i.e., you operate a BAG with custom ports, or have experienced failures after failover), you can enable the new switch in your application:
AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner", true);
  • Then, ensure your connection string includes your preferred failover partner (with correct tcp:host,port) so that the client uses that instead of the server's suggestion.
  • Without enabling this, by default, the client continues to prefer the server-provided partner, maintaining backwards compatibility.

Fixed

  • Fixed a bulk copy bug that incorrectly prepended a UTF-8 Byte-Order-Marker when processing row data. (#​3617)

Changed

  • Modernized creation of Microsoft.Identity.Client.PublicClientApplication instances to use its builder pattern. (#​3367)
  • Replaced use of undocumented .NET Framework internals when reading SqlDecimal values. (#​3465)
  • Updated the following dependencies (#​3754):
    • Azure.Core 1.41.0 (Avoids transitive vulnerability)
    • Azure.Identity 1.12.1
    • Microsoft.Identity.Client 4.76.0

Target Platform Support

  • .NET Framework 4.6.2+ (Windows x86, Windows x64)
  • .NET 6.0+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)
  • .NET Standard 2.0+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)

DependenciesExpand commentComment on line R58ResolvedCode has comments. Press enter to view.

.NET Framework

  • Azure.Core 1.41.0
    ... (truncated)

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
[release/8.0]: Bump Microsoft.Data.SqlClient from 5.1.7 to 5.2.3
f1322c2 
---
updated-dependencies:
- dependency-name: Microsoft.Data.SqlClient
  dependency-version: 5.2.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@ErikEJ

ErikEJ commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

5.2 series is not LTS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area-infrastructure

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ErikEJ