deps: Bump Microsoft.Data.SqlClient from 7.0.0-preview3.25342.7 to 7.0.0

[dependabot]

Updated Microsoft.Data.SqlClient from 7.0.0-preview3.25342.7 to 7.0.0.

Release notes

Sourced from Microsoft.Data.SqlClient's releases.

7.0.0

This is the general availability release of Microsoft.Data.SqlClient 7.0, a major milestone for the .NET data provider for SQL Server. This release addresses the most upvoted issue in the repository's history — extracting Azure dependencies from the core package — introduces pluggable SSPI authentication, adds enhanced routing for Azure SQL Hyperscale, and delivers async read performance improvements.

Also released as part of this milestone:

• Released Microsoft.Data.SqlClient.Extensions.Abstractions 1.0.0. See release notes.
• Released Microsoft.Data.SqlClient.Extensions.Azure 1.0.0. See release notes.
• Released Microsoft.Data.SqlClient.Internal.Logging 1.0.0. See release notes.
• Released Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider 7.0.0. See release notes.

Changes Since 7.0.0-preview4

Added

• Added actionable error message when Entra ID authentication methods are used without the Microsoft.Data.SqlClient.Extensions.Azure package installed, guiding users to install the correct package. (#​3962, #​4046)
• Added Azure authentication sample application. (#​3988)

Changed

Other changes

• Renamed the Microsoft.Data.SqlClient.Extensions.Logging package to Microsoft.Data.SqlClient.Internal.Logging to indicate it is for internal use only and should not be referenced directly by application code. (#​4038)
• Fixed non-localized exception strings. (#​4022)
• Codebase merge and cleanup: (#​3997, #​4052)
• Various test improvements: (#​3891, #​3996, #​4002, #​4034, #​4041, #​4044)
• Documentation improvements (including Entra ID branding updates): (#​4021, #​4047, #​4049)
• Updated Dependencies (#​4045):
  • Updated Azure.Core to v1.51.1
  • Updated Azure.Identity to v1.18.0
  • Updated Azure.Security.KeyVault.Keys to v4.9.0
  • Updated Microsoft.Extensions.Caching.Memory to v9.0.13 (.NET 9.0)
  • Updated Microsoft.IdentityModel.JsonWebTokens to v8.16.0
  • Updated Microsoft.IdentityModel.Protocols.OpenIdConnect to v8.16.0
  • Updated Microsoft.Bcl.Cryptography to v9.0.13 (.NET 9.0)
  • Updated System.Configuration.ConfigurationManager to v9.0.13 (.NET 9.0)
  • Updated System.Diagnostics.DiagnosticSource to v10.0.3
  • Updated System.Security.Cryptography.Pkcs to v9.0.13 (.NET 9.0)
  • Updated System.Text.Json to v10.0.3
  • Updated System.Threading.Channels to v10.0.3
  • Updated System.ValueTuple to v4.6.2

Cumulative Changes Since 6.1

This section summarizes all changes across the 7.0 preview cycle for users upgrading from the latest 6.1 stable release.

Changed

Azure Dependencies Removed from Core Package

What Changed:

• The core Microsoft.Data.SqlClient package no longer depends on Azure.Core, Azure.Identity, or their transitive dependencies (e.g., Microsoft.Identity.Client, Microsoft.Web.WebView2). Azure Active Directory / Entra ID authentication functionality (ActiveDirectoryAuthenticationProvider and related types) has been extracted into a new Microsoft.Data.SqlClient.Extensions.Azure package. (#​1108, #​3680, #​3902, #​3904, #​3908, #​3917, #​3982, #​3978, #​3986)
  ... (truncated)

7.0.0-preview4

Changed

Azure Dependencies Removed from Core Package

What Changed:

• The core Microsoft.Data.SqlClient package no longer depends on Azure.Core, Azure.Identity, or their transitive dependencies (e.g., Microsoft.Identity.Client, Microsoft.Web.WebView2). Azure Active Directory / Entra authentication functionality (ActiveDirectoryAuthenticationProvider and related types) has been extracted into a new Microsoft.Data.SqlClient.Extensions.Azure package that can be installed separately when needed. (#​1108, #​3680, #​3902, #​3904, #​3908, #​3917, #​3982, #​3978, #​3986)
• To support this separation, two additional packages were introduced: Microsoft.Data.SqlClient.Extensions.Abstractions (shared types between the core driver and extensions) and Microsoft.Data.SqlClient.Extensions.Logging (shared ETW tracing infrastructure). (#​3626, #​3628, #​3967)

Who Benefits:

• All users benefit from a significantly lighter core package. Previously, the Azure dependency chain pulled in numerous assemblies (including Azure.Core, Azure.Identity, Microsoft.Identity.Client, and Microsoft.Web.WebView2) even for applications that only needed basic SQL Server connectivity. This was the most upvoted open issue in the repository (#​1108).
• Users who do not use Azure AD authentication no longer carry Azure-related assemblies in their build output, reducing deployment size and eliminating confusion about unexpected dependencies.
• Users who do use Azure AD authentication can now manage Azure dependency versions independently from the core driver.

Impact:

• Applications using Azure AD authentication (e.g., ActiveDirectoryPassword, ActiveDirectoryInteractive, ActiveDirectoryDefault, etc.) must now install the Microsoft.Data.SqlClient.Extensions.Azure NuGet package separately. No code changes are required beyond adding the package reference.

Added

Expose SSPI Context Provider as Public API

What Changed:

• Added the SspiContextProvider abstract class and a public SspiContextProvider property on SqlConnection, allowing applications to supply a custom SSPI context provider for integrated authentication. This enables custom Kerberos ticket negotiation and NTLM username/password authentication scenarios that the driver does not natively support. (#​2253, #​2494)

Who Benefits:

• Users authenticating across untrusted domains, non-domain-joined machines, or cross-platform environments where configuring integrated authentication on the client is difficult or impossible.
• Users running in containers who need manual Kerberos negotiation without deploying sidecars or external ticket-refresh mechanisms.
• Users who need NTLM username/password authentication to SQL Server, which the driver does not provide natively.

Impact:

• Applications can set a custom SspiContextProvider on SqlConnection before opening the connection. The provider handles the authentication token exchange during integrated authentication. This is an additive API — existing authentication behavior is unchanged when no custom provider is set. See SspiContextProvider_CustomProvider.cs for a sample implementation.
• Note: The SspiContextProvider is a part of the connection pool key. Care should be taken when using this property to ensure the implementation returns a stable identity per resource.

Expose Default Transient Error List

What Changed:

• Exposed the default transient error codes list via the new SqlConfigurableRetryFactory.BaselineTransientErrors static property (returns a ReadOnlyCollection<int>), making it easier to extend the set of transient errors without copy-pasting from the repository source. (#​3903)

Who Benefits:

• Developers implementing custom retry logic who want to extend the built-in transient error list rather than replacing it.

Impact:

... (truncated)

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: nuget. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

🎉 Welcome, Contributor!

Thank you for submitting your first pull request to this repository! We're thrilled to see your contribution.

⏳ What Happens Next?

• A maintainer will review your changes as soon as possible
• You may receive feedback or requests for modifications
• Once approved, your PR will be merged into the codebase

✅ PR Checklist

Before your PR can be merged, please ensure:

• Your code follows the project's coding style and conventions
• You've tested your changes locally
• You've updated relevant documentation (if applicable)
• All CI checks are passing
• Your commits have clear and meaningful messages

💡 Tips for Success

• Keep it focused: Smaller, focused PRs are easier to review
• Describe your changes: Help reviewers understand what you did and why
• Be responsive: Address feedback promptly to keep the review moving
• Ask questions: Don't hesitate to ask if something is unclear

🔄 Need to Make Changes?

If you need to update your PR based on feedback:

1. Make your changes locally
2. Commit and push to the same branch
3. The PR will automatically update

---

Your contribution makes this project better. Thank you for being part of our community! 💜