Bump Microsoft SQL Server JDBC driver to 13.2.1

[triantium]

Changelog (since 13.2.0):

---

[13.2.1] Hotfix & Stable Release Latest

Added

• Enable Vector data type tests on Azure SQL Database
  Backport : Enable vector test to run only in AzureDB microsoft/mssql-jdbc#2762
  What was added: Vector data type tests are now enabled to run against Azure SQL Database.
  Who benefits: Developers testing VECTOR functionality in Azure SQL DB environments.
  Impact: Ensures VECTOR data type support test coverage.

• Enable JSON data type tests on Azure SQL Database
  Enable JSON tests to run on Azure SQL Database microsoft/mssql-jdbc#2756
  What was added: JSON data type tests are now enabled to run against Azure SQL Database.
  Who benefits: Developers testing JSON functionality in Azure SQL DB environments.
  Impact: Ensures JSON data type support test coverage.

Changed

• Revert function/procedure filtering via sys.all_objects
  Revert "Use sys.all_objects for accurate function and procedure filtering" microsoft/mssql-jdbc#2751
  What changed: Reverted Use sys.all_objects for accurate function and procedure filtering microsoft/mssql-jdbc#2705 change that used sys.all_objects for filtering. Restores previous behavior to maintain consistency across metadata APIs.
  Who benefits: Developers using getProcedures() and getFunctions() in JDBC.
  Impact: Preserves compatibility with numbered procedures and avoids discrepancies between APIs.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names.
  Addressed CVE-2025-59250 and version updates for 13.2.1 microsoft/mssql-jdbc#2801
  What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks.
  Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation.
  Impact: This fix closes a security gap, protecting applications from man-in-the-middle attacks and ensuring compliance with security best practices.

• JDK 8 compatibility for vector datatype handling
  JDK 8 compatibility fix for vector datatype handling microsoft/mssql-jdbc#2750
  What was fixed: Ensured fallback to JVM system property javax.net.ssl.trustStoreType if connection property is unset.
  Who benefits: Users configuring SSL via system properties.
  Impact: Enables proper SSL trust store resolution, improving compatibility with system configurations.

• PreparedStatement getGeneratedKeys() failure with triggers
  Fix PreparedStatement getGeneratedKeys() failure with insert triggers (#2740) microsoft/mssql-jdbc#2742
  What was fixed: Fixed error "The statement must be executed before any results can be obtained" when using insert triggers with generated keys.
  Who benefits: Developers retrieving generated keys from inserts with triggers.
  Impact: Restores correct behavior for both update count accuracy and generated keys retrieval in trigger scenarios.

• Byte Buddy dependency scope
  Fix Byte Buddy dependency scope for unit testing microsoft/mssql-jdbc#2755
  What was fixed: Corrected Byte Buddy (1.15.11) dependency scope to test instead of compile.
  Who benefits: Developers and users of runtime artifacts.
  Impact: Reduces runtime artifact size (~8 MB) and ensures Byte Buddy is only included for unit tests.

• DatabaseMetaData.getIndexInfo() NON_UNIQUE value inconsistency
  Fix NON_UNIQUE value inconsistency in DatabaseMetaData.getIndexInfo() microsoft/mssql-jdbc#2773
  What was fixed: Fixed incorrect NON_UNIQUE values due to mismatched handling of sp_statistics and sys.indexes.
  Who benefits: Applications depending on accurate index metadata.
  Impact: Provides consistent value of NON_UNIQUE field across SQL Server and Azure Synapse Analytics.

• DatabaseMetaData.getIndexInfo() invalid cursor position exception
  Fix DatabaseMetaData.getIndexInfo() CachedRowSet invalid cursor position exception microsoft/mssql-jdbc#2763
  What was fixed: Fixed SQLException: Invalid cursor position caused when calling ResultSet.next() after exhaustion due to CachedRowSet strict cursor validation.
  Who benefits: Developers consuming metadata via DatabaseMetaData.getIndexInfo() on SQL Server or Azure Synapse DW.
  Impact: Replaces CachedRowSet merging with a UNION ALL query, ensuring standard JDBC cursor behavior while maintaining columnstore index support.

[quarkus-bot]

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 5895fa7.

Failing Jobs

Status	Name	Step	Failures	Logs	Raw logs	Build scan
✔️	JVM Integration Tests - JDK 17			Logs	Raw logs	🚧
❌	JVM Integration Tests - JDK 17 Windows	Build	Failures	Logs	Raw logs	🚧
✔️	JVM Integration Tests - JDK 21			Logs	Raw logs	🚧
✔️	JVM Integration Tests - JDK 25			Logs	Raw logs	🚧

Full information is available in the Build summary check run.
You can consult the Develocity build scans.

Failures

⚙️ JVM Integration Tests - JDK 17 Windows #

- Failing: integration-tests/smallrye-graphql 

📦 integration-tests/smallrye-graphql

❌ io.quarkus.it.smallrye.graphql.MicrometerMetricsTest. - History - More details - Source on GitHub

org.junit.jupiter.engine.execution.ConditionEvaluationException: Failed to evaluate condition [io.quarkus.test.junit.QuarkusTestExtension]: Internal error: Test class was loaded with an unexpected classloader or the thread context classloader was incorrect.
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
	at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:179)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
	at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:179)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
	at java.base/java.util.ArrayList$ArrayListSpliterator.tryAdvance(ArrayList.java:1602)
	at java.base/java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:129)

❌ io.quarkus.it.smallrye.graphql.MicrometerMetricsTest.shouldCreateMultipleMetrics line 219 - History - More details - Source on GitHub

java.lang.AssertionError: 
1 expectation failed.
Response body doesn't match expectation.
Expected: a string containing "mp_graphql_seconds_count{name=\"asyncSuperMetricFoo\",source=\"false\",type=\"QUERY\"} 200"
  Actual: # TYPE http_server_requests_seconds summary
# HELP http_server_requests_seconds HTTP server request processing time
http_server_requests_seconds_count{method="POST",outcome="SUCCESS",status="200",uri="/graphql"} 201.0
http_server_requests_seconds_sum{method="POST",outcome="SUCCESS",status="200",uri="/graphql"} 65.304709693

---

Flaky tests - Develocity

⚙️ MicroProfile TCKs Tests

📦 tcks/microprofile-lra

❌ org.eclipse.microprofile.lra.tck.TckRecoveryTests.testCancelWhenParticipantIsUnavailable - History

• Expecting the metric Compensated callback was called Expected: a value equal to or greater than <1> but: <0> was less than <1> - java.lang.AssertionError

java.lang.AssertionError: 
Expecting the metric Compensated callback was called
Expected: a value equal to or greater than <1>
     but: <0> was less than <1>
	at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:20)
	at org.eclipse.microprofile.lra.tck.TckRecoveryTests.assertMetricCallbackCalled(TckRecoveryTests.java:210)
	at org.eclipse.microprofile.lra.tck.TckRecoveryTests.testCancelWhenParticipantIsUnavailable(TckRecoveryTests.java:195)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

[gsmet]

@holly-cummins we still get these Test class was loaded with an unexpected classloader or the thread context classloader was incorrect. errors from time to time.

[gsmet]

Thanks!