Skip to content

Bump the testcontainers group across 1 directory with 4 updates #182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the testcontainers group across 1 directory with 4 updates #182

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Nov 18, 2025

Bumps the testcontainers group with 4 updates in the / directory: com.fasterxml.jackson.core:jackson-databind, com.ibm.db2:jcc, com.microsoft.sqlserver:mssql-jdbc and com.mysql:mysql-connector-j.

Updates com.fasterxml.jackson.core:jackson-databind from 2.20.0 to 2.20.1

Commits

Updates com.ibm.db2:jcc from 12.1.2.0 to 12.1.3.0

Updates com.microsoft.sqlserver:mssql-jdbc from 13.2.1.jre11 to 13.3.0.jre11-preview

Release notes

Sourced from com.microsoft.sqlserver:mssql-jdbc's releases.

[13.2.1] Hotfix & Stable Release

Added

  • Enable Vector data type tests on Azure SQL Database #2762 What was added: Vector data type tests are now enabled to run against Azure SQL Database. Who benefits: Developers testing VECTOR functionality in Azure SQL DB environments. Impact: Ensures VECTOR data type support test coverage.

  • Enable JSON data type tests on Azure SQL Database #2756 What was added: JSON data type tests are now enabled to run against Azure SQL Database. Who benefits: Developers testing JSON functionality in Azure SQL DB environments. Impact: Ensures JSON data type support test coverage.

Changed

  • Revert function/procedure filtering via sys.all_objects #2751 What changed: Reverted #2705 change that used sys.all_objects for filtering. Restores previous behavior to maintain consistency across metadata APIs. Who benefits: Developers using getProcedures() and getFunctions() in JDBC. Impact: Preserves compatibility with numbered procedures and avoids discrepancies between APIs.

Fixed issues

  • Address a hostname validation vulnerability by securely parsing certificate common names. #2801 What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks. Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation. Impact: This fix closes a security gap, protecting applications from man-in-the-middle attacks and ensuring compliance with security best practices.

  • JDK 8 compatibility for vector datatype handling #2750 What was fixed: Ensured fallback to JVM system property javax.net.ssl.trustStoreType if connection property is unset. Who benefits: Users configuring SSL via system properties. Impact: Enables proper SSL trust store resolution, improving compatibility with system configurations.

  • PreparedStatement getGeneratedKeys() failure with triggers #2742 What was fixed: Fixed error "The statement must be executed before any results can be obtained" when using insert triggers with generated keys. Who benefits: Developers retrieving generated keys from inserts with triggers. Impact: Restores correct behavior for both update count accuracy and generated keys retrieval in trigger scenarios.

  • Byte Buddy dependency scope #2755 What was fixed: Corrected Byte Buddy (1.15.11) dependency scope to test instead of compile. Who benefits: Developers and users of runtime artifacts. Impact: Reduces runtime artifact size (~8 MB) and ensures Byte Buddy is only included for unit tests.

  • DatabaseMetaData.getIndexInfo() NON_UNIQUE value inconsistency #2773 What was fixed: Fixed incorrect NON_UNIQUE values due to mismatched handling of sp_statistics and sys.indexes. Who benefits: Applications depending on accurate index metadata. Impact: Provides consistent value of NON_UNIQUE field across SQL Server and Azure Synapse Analytics.

  • DatabaseMetaData.getIndexInfo() invalid cursor position exception 2763 What was fixed: Fixed SQLException: Invalid cursor position caused when calling ResultSet.next() after exhaustion due to CachedRowSet strict cursor validation. Who benefits: Developers consuming metadata via DatabaseMetaData.getIndexInfo() on SQL Server or Azure Synapse DW.

... (truncated)

Commits

Updates com.mysql:mysql-connector-j from 9.4.0 to 9.5.0

Changelog

Sourced from com.mysql:mysql-connector-j's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

Version 9.5.0

  • Fix for Bug#72036 (Bug#18403804), XA isSameRM() shouldn't take database into account.

  • Fix for Bug#62693 (Bug#16722068), XAConnection savepoint capability.

  • Fix for Bug#81128 (Bug#23146631), Master host list overwritten by slave list when loadBalanceConnectionGroup used.

  • Fix for Bug#19887224, RUNNING THE TEST SUITE WITH SOCKSPROXY* PROPERTIES HANGS IN TEST TESTBUG56429.

  • Fix for Bug#98699 (Bug#30932850), Allow empty keyStore file for keyStoreTypes that do not require files. Thanks to Kolbe Kegel for his contribution.

  • Fix for Bug#118938 (Bug#38396227), DatabaseMetaDataInformationSchema#getSchemas has a bug.

  • Fix for Bug#99292 (Bug#31195955), Contribution: Support Windows time zone 'Coordinated Universal Time'. Thanks to Frédéric Barrière for his contribution.

  • Fix for Bug#107094 (Bug#34104230), NullPointerException when calling equals with null on MultiHostConnectionProxy.

  • Fix for Bug#107543 (Bug#34464351), Cannot execute a SELECT statement that writes to an OUTFILE.

  • Fix for Bug#17881458, BEHAVIOR OF SETBINARYSTREAM() METHOD IS DIFFERENT WHEN USESERVERPREPSTMTS=TRUE.

  • Fix for Bug#45554 (Bug#11754018), Connector/J does not encode binary data if useServerPrepStatements=false.

  • Fix for Bug#114974 (Bug#36614381), the SQL in batch will not clear after statement close. Thanks to Chengyi Dong for his contribution.

  • Fix for Bug#118688 (Bug#38222681), com.mysql.cj.protocol.a.StringValueEncoder#getString does not handle string escaping. Thanks to Feng Shen for his contribution.

  • Fix for Bug#118329 (Bug#38022329), Contribution: Optimize BigDecimal zero value handling to reduce memory footprint. Thanks to Chengjun Huang for his contribution.

  • Fix for Bug#42777 (Bug#11751788), loadBalanceStrategy and roundRobinLoadBalance should be consolidated.

  • Fix for Bug#112090 (Bug#35716608), SHOW ENGINE command runs forever when using cursor fetch.

Version 9.4.0

  • Fix for Bug#116120 (Bug#37079448), Inappropriate charset selected for connection when jdk.charsets not included.

  • Fix for Bug#98620 (Bug#31503893), Using DatabaseMetaData.getColumns() gives collation mix error.

  • Fix for Bug#118389 (Bug#38044940), OCI ephemeral keys not working after change in OCI CLI.

... (truncated)

Commits
  • a7b3c94 Update for GPL license book.
  • a17a256 Fix for StatementRegressionTest.testBug107543_IntoFile() failing when
  • 0d642f5 Fix for Bug#72036 (Bug#18403804), XA isSameRM() shouldn't take database into ...
  • cdb5880 Fix for Bug#62693 (Bug#16722068), XAConnection savepoint capability.
  • 2ce8cb2 Fix for Bug#81128 (Bug#23146631), Master host list overwritten by slave list ...
  • f889dec Fix for Bug#19887224, RUNNING THE TEST SUITE WITH SOCKSPROXY* PROPERTIES HANG...
  • b62afb2 Fix for Bug#98699 (Bug#30932850), Allow empty keyStore file for keyStoreTypes...
  • 1470742 Fix for typo.
  • af1348a Update build instructions to use protoc for consistency; perform minor cleanups.
  • 29a877b Fix for Bug#118938 (Bug#38396227), DatabaseMetaDataInformationSchema#getSchem...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the testcontainers group across 1 directory with 4 updates
ae3e976 
Bumps the testcontainers group with 4 updates in the / directory: [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson), com.ibm.db2:jcc, [com.microsoft.sqlserver:mssql-jdbc](https://github.com/Microsoft/mssql-jdbc) and [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j).


Updates `com.fasterxml.jackson.core:jackson-databind` from 2.20.0 to 2.20.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.ibm.db2:jcc` from 12.1.2.0 to 12.1.3.0

Updates `com.microsoft.sqlserver:mssql-jdbc` from 13.2.1.jre11 to 13.3.0.jre11-preview
- [Release notes](https://github.com/Microsoft/mssql-jdbc/releases)
- [Changelog](https://github.com/microsoft/mssql-jdbc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Microsoft/mssql-jdbc/commits)

Updates `com.mysql:mysql-connector-j` from 9.4.0 to 9.5.0
- [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/9.x/CHANGES)
- [Commits](mysql/mysql-connector-j@9.4.0...9.5.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.20.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: testcontainers
- dependency-name: com.ibm.db2:jcc
  dependency-version: 12.1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: testcontainers
- dependency-name: com.microsoft.sqlserver:mssql-jdbc
  dependency-version: 13.3.0.jre11-preview
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: testcontainers
- dependency-name: com.mysql:mysql-connector-j
  dependency-version: 9.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: testcontainers
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Nov 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant