Added

• Enable Vector data type tests on Azure SQL Database #2762
  What was added: Vector data type tests are now enabled to run against Azure SQL Database.
  Who benefits: Developers testing VECTOR functionality in Azure SQL DB environments.
  Impact: Ensures VECTOR data type support test coverage.

• Enable JSON data type tests on Azure SQL Database #2756
  What was added: JSON data type tests are now enabled to run against Azure SQL Database.
  Who benefits: Developers testing JSON functionality in Azure SQL DB environments.
  Impact: Ensures JSON data type support test coverage.

Changed

• Revert function/procedure filtering via sys.all_objects #2751
  What changed: Reverted #2705 change that used sys.all_objects for filtering. Restores previous behavior to maintain consistency across metadata APIs.
  Who benefits: Developers using getProcedures() and getFunctions() in JDBC.
  Impact: Preserves compatibility with numbered procedures and avoids discrepancies between APIs.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2801
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.
  Impact: This fix closes a security gap, protecting applications from man-in-the-middle attacks and ensuring compliance with security best practices.

• JDK 8 compatibility for vector datatype handling #2750
  What was fixed: Ensured fallback to JVM system property javax.net.ssl.trustStoreType if connection property is unset.
  Who benefits: Users configuring SSL via system properties.
  Impact: Enables proper SSL trust store resolution, improving compatibility with system configurations.

• PreparedStatement getGeneratedKeys() failure with triggers #2742
  What was fixed: Fixed error "The statement must be executed before any results can be obtained" when using insert triggers with generated keys.
  Who benefits: Developers retrieving generated keys from inserts with triggers.
  Impact: Restores correct behavior for both update count accuracy and generated keys retrieval in trigger scenarios.

• Byte Buddy dependency scope #2755
  What was fixed: Corrected Byte Buddy (1.15.11) dependency scope to test instead of compile.
  Who benefits: Developers and users of runtime artifacts.
  Impact: Reduces runtime artifact size (~8 MB) and ensures Byte Buddy is only included for unit tests.

• DatabaseMetaData.getIndexInfo() NON_UNIQUE value inconsistency #2773
  What was fixed: Fixed incorrect NON_UNIQUE values due to mismatched handling of sp_statistics and sys.indexes.
  Who benefits: Applications depending on accurate index metadata.
  Impact: Provides consistent value of NON_UNIQUE field across SQL Server and Azure Synapse Analytics.

• DatabaseMetaData.getIndexInfo() invalid cursor position exception 2763
  What was fixed: Fixed SQLException: Invalid cursor position caused when calling ResultSet.next() after exhaustion due to CachedRowSet strict cursor validation.
  Who benefits: Developers consuming metadata via DatabaseMetaData.getIndexInfo() on SQL Server or Azure Synapse DW.
  Impact: Replaces CachedRowSet merging with a UNION ALL query, ensuring standard JDBC cursor behavior while maintaining columnstore index support.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2803
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2804
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2805
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2806
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2798
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2800
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2802
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.

Changed

• Use sys.all_objects for accurate function and procedure filtering #2705
  What changed: Differentiated stored procedures and functions using sys.all_objects instead of sp_stored_procedures.
  Who benefits: Developers using getProcedures() and getFunctions() in JDBC.
  Impact: Ensures correct metadata retrieval, preventing confusion from mixed results.

Fixed issues

• Fix trustStoreType JVM property consultation in SSL Connections #2724
  What was fixed: Ensured fallback to JVM system property javax.net.ssl.trustStoreType if connection property is unset.
  Who benefits: Users configuring SSL via system properties.
  Impact: Enables proper SSL trust store resolution, improving compatibility with system configurations.

• Addressed a data integrity and performance issue for bulk copy batch inserts with non-Unicode Strings #2735
  What was fixed: Resolved performance degradation and incorrect string handling in bulk copy batch inserts when useBulkCopyForBatchInsert=true and sendStringParametersAsUnicode=false.
  Who benefits: Applications using SQL Server JDBC Bulk Copy for high-volume inserts, especially with non-Unicode or accented character data.
  Impact: Restores expected string storage, improves bulk insert performance for bulk copy API.

• Handle SQL comments at start of query in getGenerateKeys() method #2731
  What was fixed: Corrected detection of INSERT statements when preceded by SQL comments.
  Who benefits: Developers using getGeneratedKeys() after commented SQL inserts.
  Impact: Fixes previously failing key retrieval when comments are present before the query.

• Fix update count handling for multi-statement queries executed via PreparedStatement execute method. #2737
  What was fixed: Corrected update count handling for multi-statement queries run using PreparedStatement execute method, ensuring accurate counts for INSERT and other DML operations.
  Who benefits: Java applications using SQL Server JDBC with multi-statement PreparedStatement executions.
  Impact: Eliminates inconsistent update counts between Statement and PreparedStatement, improving reliability of result processing logic.

• CodeQL suppression fixes #2728
  What was fixed: Suppressed CodeQL rule [SM05141] with justification for broader usage scenarios.
  Who benefits: Developers maintaining code quality tools like CodeQL.
  Impact: Prevents unnecessary alerts for valid usage in multi-environment libraries.

Added

• JSON datatype support #2558
  What was added: Support for reading and writing JSON columns in SQL Server.
  Who benefits: Developers working with semi-structured data in SQL Server.
  Impact: Enhances application flexibility by natively handling JSON content, reducing need for manual parsing.

• Add order hints for Bulk Copy operations #2701
  What was added: Support for specifying order hints during Bulk Copy.
  Who benefits: Data engineers and DBAs managing large data migrations or ETL jobs.
  Impact: Improves bulk data load performance.

• Coding best practices and review process #2666
  What was added: Introduced contributor guidelines, coding best practices, and review processes.
  Who benefits: Open-source contributors and maintainers of the mssql-jdbc project.
  Impact: Improves code quality, consistency, and onboarding experience for new contributors.

• Add new trusted AKV URLs for FR and DE #2708
  What was added: Registered four new Azure Key Vault and Managed HSM endpoints for France and Germany.
  Who benefits: Customers in regulated regions (France, Germany) using AKV for encryption.
  Impact: Enables secure key operations via region-specific trusted endpoints.

Fixed issues

• Fix for null handling in temporal types with bulk copy #2702
  What was fixed: Properly handle null values for temporal types when sendTemporalDataTypesAsStringForBulkCopy=false.
  Who benefits: Developers using batch insert with native temporal types in bulk copy.
  Impact: Prevents failures during bulk inserts, improving reliability of time-sensitive data ingestion.

• Fix string insertion with bulk copy API when sendStringParametersAsUnicode=false #2704
  What was fixed: Resolved issue where strings were inserted as byte arrays in batch bulk copy mode when sendStringParametersAsUnicode is set to false.
  Who benefits: Developers using non-Unicode string inserts in performance-sensitive batch operations.
  Impact: Ensures string integrity during batch inserts, eliminating silent data corruption.