Bump picomatch from 2.3.1 to 2.3.2 in /mssql-js by dependabot[bot] · Pull Request #18 · microsoft/mssql-rs

dependabot · 2026-03-26T08:22:35Z

Bumps picomatch from 2.3.1 to 2.3.2.

Release notes

2.3.2

This is a security release fixing several security relevant issues.

What's Changed

fix: exception when glob pattern contains constructor by @Jason3S in micromatch/picomatch#144

Fix for CVE-2026-33671

Fix for CVE-2026-33672

Full Changelog: micromatch/picomatch@2.3.1...2.3.2

Changelog

Sourced from picomatch's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Changelogs are for humans, not machines.

There should be an entry for every single version.

The same types of changes should be grouped.

Versions and sections should be linkable.

The latest version comes first.

The release date of each versions is displayed.

Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

Added for new features.

Changed for changes in existing functionality.

Deprecated for soon-to-be removed features.

Removed for now removed features.

Fixed for any bug fixes.

Security in case of vulnerabilities.

4.0.0 (2024-02-07)

Fixes

Fix bad text values in parse #126, thanks to @connor4312

Changed

Remove process global to work outside of node #129, thanks to @styfle

Add sideEffects to package.json #128, thanks to @frandiox

Removed os, make compatible browser environment. See #124, thanks to @gwsbhqt

3.0.1

Fixes

... (truncated)

Commits

81cba8d Publish 2.3.2
fc1f6b6 Merge commit from fork
eec17ae Merge commit from fork
78f8ca4 Merge pull request #156 from micromatch/backport-144
3f4f10e Merge pull request #144 from Jason3S/jdent-object-properties
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Initial sync from ADO to GitHub

…ql-py-core Adds end-to-end private link smoke testing for mssql-py-core using ACI containers deployed into the trusted VNet. ## Changes - Add mssql-py-core/tests/smoke/test_smoke.py with 9 smoke tests covering connectivity, queries, null handling, temp tables, multi-batch execution, and reconnection - Extend mssql-py-core/tests/conftest.py with pluggable auth mode support (sql_auth, access_token, managed_identity via IMDS), controlled by the SMOKE_AUTH_MODE environment variable - Add smoke pytest marker to mssql-py-core/pytest.ini - Add --smoke flag to dev/test-python.sh to run only smoke tests; default test runs now exclude smoke tests - Add .pipeline/templates/private-link-smoke-template.yml reusable pipeline template that builds a Docker image with the wheel and smoke tests, pushes to ACR, deploys an ACI on the trusted VNet with managed identity, polls for completion, downloads JUnit results, publishes them, and tears down the ACI and ACR image - Add PrivateLink_Smoke stage to .pipeline/validation-pipeline.yml (non-PR runs only) - Fix mock server Login7 parser in mssql-mock-tds/src/protocol.rs to use offset-based FeatureExt parsing instead of naive byte scanning, which broke when the library name was changed to a longer string containing 0x02 bytes in UTF-16LE - Add PRIVATE_LINK_SETUP.md and PRIVATE_LINK_TESTING.md documentation - Add pytest-smoke-results.xml to .gitignore ---- #### AI description (iteration 9) #### PR Classification This pull request adds new private link smoke testing infrastructure and documentation for mssql-py-core. #### PR Summary The changes implement end-to-end testing for Azure SQL Private Link connectivity with a dedicated ACI pipeline stage, updated FedAuth parsing, and extended smoke tests. - `PRIVATE_LINK_TESTING.md` and `PRIVATE_LINK_SETUP.md` document the testing setup and experiments. - `.pipeline/templates/private-link-smoke-template.yml` and pipeline YAML changes add automated ACI-based smoke testing. - `mssql-mock-tds/src/protocol.rs` refines the FedAuth feature extension parsing logic. - `tests/smoke/test_smoke.py` and updates in `tests/conftest.py` introduce smoke tests supporting multiple authentication methods.  Related work items: #40875

Disables 6 mock server TDS 7.4 TLS tests on Windows that intermittently timeout (~15s) on CI. All 6 tests use TDS 7.4-style TLS wrapping (EncryptionSetting::Required) against the mock server. Same client TLS code path passes reliably against real SQL Server (984/990 tests pass). Root cause is in the mock server TdsTlsWrapper but could not be pinpointed. Tests remain enabled on Linux/macOS via cfg(not(target_os = "windows")). ---- #### AI description (iteration 1) #### PR Classification Bug fix: Disable flaky TDS 7.4 TLS tests on Windows to prevent intermittent 15s timeouts on CI. #### PR Summary This pull request conditionally disables 6 failing TDS 7.4 TLS tests on Windows to ensure CI stability while maintaining test coverage on non-Windows platforms. - In `mssql-tds/tests/test_mock_server.rs`, the `test_server_certificate_with_tls` test is disabled on Windows. - In `mssql-tds/tests/test_mock_server_tls.rs`, five tests are disabled on Windows: `test_connect_with_trust_server_certificate`, `test_execute_query_over_tls_with_trust_certificate`, `test_multiple_queries_over_tls`, `test_multiple_tls_connections`, and `test_custom_query_response_over_tls`.  Related work items: #42534

…EADME Prepare the repository for public open-source visibility on GitHub by adding standard community health files and removing internal-only content from the README. ## Changes - Add structured GitHub issue templates for bug reports and feature requests (YAML forms) - Add issue template config that disables blank issues and links to MSRC for security reports - Add pull request template with a checklist and notice that external PRs are not accepted - Add CODEOWNERS file routing reviews to @microsoft/sql-rust-client-maintainers - Add CONTRIBUTING.md explaining that external contributions are not accepted and directing users to file issues instead - Add SUPPORT.md pointing users to GitHub Issues for help - Add CHANGELOG.md following the Keep a Changelog format - Clean up README.md: remove internal Azure Artifacts feed setup, ADO PAT instructions, internal Docker ACR references, and nextest archive notes - Add standard footer sections to README.md: Contributing, Support, Security, Code of Conduct, License, and Trademarks ---- #### AI description (iteration 2) #### PR Classification This pull request is a documentation update that adds essential community files to facilitate public contributions. #### PR Summary The pull request cleans up the README and introduces several GitHub community configuration files to standardize contribution, issue reporting, and support processes. - **`README.md`**: Revised contributing, support, and security sections to align with public guidelines. - **`.github/ISSUE_TEMPLATE/bug_report.yml` & `.github/ISSUE_TEMPLATE/feature_request.yml`**: Added standardized templates for bug reports and feature requests. - **`CONTRIBUTING.md`, `SUPPORT.md`, & `CHANGELOG.md`**: Introduced new documentation files covering contribution guidelines, support instructions, and change tracking. - **`.github/PULL_REQUEST_TEMPLATE.md` & `.github/prompts/createPr.prompt.md`**: Provided clear PR creation guidance for internal and external contributors. - **`.github/CODEOWNERS` & `.github/ISSUE_TEMPLATE/config.yml`**: Configured default code owners and issue management settings to support community engagement.  Related work items: #42504

## Summary Fix the fuzzer CI build failure caused by a missing libgssapi_krb5 library during linking. Fixes #42602 ## Changes - Added libkrb5-dev to the apt dependencies in scripts/install-deps.sh for both x86_64 and aarch64 architectures. ## Problem The Run Fuzzer step in the CI pipeline fails with: rust-lld: error: unable to find library -lgssapi_krb5 When cargo fuzz builds with AddressSanitizer, OpenSSL pkg-config pulls in -lgssapi_krb5 as a transitive dependency. Without libkrb5-dev installed, the linker cannot resolve this library. ---- #### AI description (iteration 1) #### PR Classification Bug fix to resolve a CI fuzzer linker error by installing the missing dependency. #### PR Summary This pull request updates the dependency installation script to include the `libkrb5-dev` package for both x86_64 and aarch64 architectures, ensuring the linker can resolve `-lgssapi_krb5` during the CI run. - `scripts/install-deps.sh`: Added `libkrb5-dev` to the apt package list for x86_64. - `scripts/install-deps.sh`: Added `libkrb5-dev` to the apt package list for aarch64.  Related work items: #42602

… (TdsValueSerializer) Unify RPC parameter serialization with bulk copy path (TdsValueSerializer) - Refactored SqlType::serialize() to delegate value writing to TdsValueSerializer - Added to_column_value_and_context() and write_rpc_type_metadata() methods - Added SqlString::as_raw_wire_bytes() for zero-copy wire-ready string handling - TdsValueSerializer now skips decode/re-encode for pre-encoded strings (DelayedSet/LcidBased) - Removed 4 todo!() calls: Char, NChar, Text, NText now work via TdsValueSerializer - Deleted ~3000 lines of dead old serialize_* methods and their unit tests - Added tasks.md: feature comparison with .NET SqlClient (60+ features, per-type data type matrix) All 901 Rust tests + 139 JS tests passing. ---- #### AI description (iteration 11) #### PR Classification This PR refactors SQL type serialization by unifying the RPC parameter path with the bulk copy path using TdsValueSerializer. #### PR Summary The changes streamline the conversion of SqlType values into a unified ColumnValues/TdsTypeContext representation and delegate serialization to TdsValueSerializer, thereby reducing code duplication between RPC and bulk copy flows. - In `src/datatypes/sqltypes.rs`, a new helper (`to_column_value_and_context`) is added and the overall `serialize` method is refactored to write RPC metadata and call TdsValueSerializer. - In `src/datatypes/tds_value_serializer.rs`, the serialization logic is enhanced to directly use pre-encoded raw wire bytes when available. - In `src/datatypes/sql_string.rs`, helper methods (`as_raw_wire_bytes` and `encoding_type`) are introduced to support efficient raw data handling.  Related work items: #42603

# Summary Implements User Story AB#42507 (RowWriter Trait Definition) and Task AB#42508. Introduces a pluggable decode sink trait so consumers (Arrow writers, N-API binary encoders, etc.) can receive decoded TDS row data directly into their target format without going through the intermediate `ColumnValues` enum. ## Changes - Add `RowWriter` trait in new `mssql-tds/src/datatypes/row_writer.rs` with typed write methods for all TDS value types (null, bool, integers, floats, string, bytes, decimal, date/time types, money, UUID, XML, JSON, vector) and an `end_row()` signal - Add `DefaultRowWriter` struct that assembles `Vec<ColumnValues>`, preserving current decoder behavior so existing `next_row()` callers are unaffected - Add `write_column_value()` bridge function that dispatches a `ColumnValues` enum into the corresponding `RowWriter` method, used as a fallback path when the decoder has already produced a `ColumnValues` - Register the new `row_writer` module in `mssql-tds/src/datatypes.rs` - Add unit tests for `DefaultRowWriter` (row assembly, take/reset, all primitive types) and `write_column_value` (type bridging including Numeric-to-Decimal mapping, temporal types, money types) Related work items: #42507, #42508, #42509, #42510

…enericDecoder Adds decode_into() on GenericDecoder and decode_string_into() on StringDecoder for direct RowWriter dispatch, bypassing ColumnValues for all common types. 28 equivalence tests. ---- #### AI description (iteration 3) #### PR Classification New feature: Introduces efficient, in-place decoding for RowWriter by adding direct decode methods. #### PR Summary This pull request adds a new `decode_into` API to `GenericDecoder` (and a corresponding `decode_string_into` in `StringDecoder`) that bypasses the intermediate `ColumnValues` allocation during wire decoding, improving performance for common types. - **`mssql-tds/src/datatypes/decoder.rs`**: Adds the `decode_into` method handling various types (integer, float, bit, money, date/time, etc.) and provides comprehensive tests to ensure its behavior mirrors the existing `decode()` method. - **`mssql-tds/src/datatypes/string_decoder.rs`**: Implements `decode_string_into` for efficient processing of string types, adjusting the logic for PLP and non-PLP scenarios.  Related work items: #42512, #42515, #42518, #42519, #42520, #42521, #42522

Add next_row_into() to the ResultSet trait and TdsClient so consumers can stream rows directly into a RowWriter. Rewrite get_next_row() as thin wrapper using DefaultRowWriter. Also adds write_numeric() to RowWriter to preserve Decimal/Numeric variant distinction. AB#42525 AB#42526 AB#42527 AB#42528 AB#42529 Related work items: #42525, #42526, #42527, #42528, #42529

…path ## US4: Hot Path Optimization (AB#42535) Adds `receive_row_into` to `TdsTokenStreamReader` trait. For ROW/NBCROW tokens, `decode_into` writes column values directly into the `RowWriter`, bypassing the intermediate `RowToken { all_values: Vec<ColumnValues> }` allocation. ### Changes - **RowReadResult enum** — `RowWritten` or `Token(Tokens)` for non-row tokens - **receive_row_into / receive_row_into_internal** — reads token type byte, dispatches ROW/NBCROW to `decode_into` per column, others to normal parser dispatch - **dispatch_token** — extracted from `receive_token_internal` for reuse - **extract_column_metadata** — helper to unwrap `ParserContext::ColumnMetadata` - **get_next_row_into** — now calls `receive_row_into` instead of `receive_token` + `write_column_value` bridge - **decode_into / decode_string_into** — `W: RowWriter + ?Sized` to accept trait objects ### Stacked on - #6906 (US3: ResultSet Wiring) - #6902 (US2: Decoder Support) - #6901 (US1: RowWriter Trait) ---- #### AI description (iteration 1) #### PR Classification This pull request introduces an API change to optimize the direct row decoding path by eliminating unnecessary allocations. #### PR Summary The changes implement a new hot-path method (`receive_row_into`) that decodes rows directly into a writer, bypassing the creation of intermediate tokens to improve throughput for large result sets (addressing US4: Direct Decode Hot Path Optimization). - In `mssql-tds/src/connection/tds_client.rs`, the token reception logic is updated to call the new `receive_row_into` and handle the returned `RowReadResult`. - In `mssql-tds/src/io/token_stream.rs`, new methods (`receive_row_into_internal` and `receive_row_into`) and the `RowReadResult` enum are introduced to perform direct decoding for ROW/NBCROW tokens. - In `mssql-tds/src/connection/transport/network_transport.rs`, similar direct row decoding logic and timeout/cancellation handling are integrated.  Related work items: #42535

## US5: Binary-Encoded query_raw() and chunked fetch (AB#42537) Replaces the row-by-row `Either14` N-API read path with a compact binary transfer. The entire result set is encoded in Rust via `BinaryRowWriter`, sent as a single `Buffer` across the N-API boundary, and decoded in JS. A byte-budget chunked fetch (`fetchChunk`) further reduces per-call overhead for large result sets. ### Changes — mssql-js (Rust) - **BinaryRowWriter** (`src/binary_row_writer.rs`) — implements `RowWriter`, encodes all 20 TDS cell types as tagged binary values with string interning via HashMap - **query_raw() / fetch_chunk()** (`src/connection.rs`) — `query_raw()` streams rows through `next_row_into(BinaryRowWriter)` returning a single `Buffer`; `fetch_chunk(byte_budget)` returns successive binary chunks up to the byte budget, enabling back-pressure-aware reads - **Removed NapiRowWriter** — the intermediate `Either14` row writer (`napi_row_writer.rs`) and `nextRowInResultset()` / `getMetadata()` NAPI exports are removed; all reads now go through the binary path ### Changes — mssql-js (TypeScript) - **decode.ts** (`lib/decode.ts`) — JS-side decoder that parses the binary buffer into typed column arrays; `decodeRawResult()` decodes a chunk, `reshapeRawToIResult()` materializes rows into `IResult` - **createResultFast()** (`lib/request.ts`) — replaces the old `createResult()` loop; calls `fetchChunk(256KB)` in a loop → `decodeRawResult` → `reshapeRawToIResult`; used by both `query()` (parameterized) and `execute()` (stored procs) - **Removed old read path** — `createResult()`, `nextRowInResultset()` wrapper, `getMetadata()` wrapper all removed ### Changes — mssql-js (Tests) - **db.mjs** — `nextRow()` rewritten to use `fetchChunk` + `decodeRawResult`; added `countAllRows()` helper for multi-row tests - **index.spec.mjs** — two tests updated to use `countAllRows()` instead of row-iteration loops ### Changes — mssql-py-core - **PyRowWriter** (`src/row_writer.rs`) — `RowWriter` implementation for Python/PyO3, converts TDS values to Python objects; wired into `cursor.rs` for `next_row_into` ### Changes — mssql-tds - **ArrowRowWriter** (`src/datatypes/arrow_writer.rs`) — added as a second consumer of the `RowWriter` trait, validating the trait design supports non-trivial backends beyond `BinaryRowWriter`. Converts TDS column values into Apache Arrow `RecordBatch` columnar arrays with lazy type discovery. **Not public API** — gated behind `#[cfg(test)]` with Arrow deps as `[dev-dependencies]` only, zero impact on production builds. Exists purely to exercise the `RowWriter` contract under test. ### Stacked on - #6914 (US4: Hot Path Optimization) - #6906 (US3: ResultSet Wiring) - #6902 (US2: Decoder Support) - #6901 (US1: RowWriter Trait) ### PR Stack Rationale US1–US4 build the foundation in `mssql-tds`: the `RowWriter` trait (US1), `decode_into` on every decoder (US2), wiring into `ResultSet`/`TdsClient` (US3), and the `receive_row_into` hot path that bypasses `Vec<...

…m build stages # OneBranch NonOfficial Pipeline Adds a OneBranch NonOfficial pipeline for building and publishing multi-platform native artifacts, along with related pipeline infrastructure, dependency management, and code cleanup. ## Pipeline - Add OneBranch NonOfficial stages pipeline at `.pipeline/OneBranch/stages.yml` with build jobs for Windows x64, Linux x64, Linux ARM64, and macOS universal2 - Add `NonOfficialPythonWheelsPublish.yml` pipeline for Python wheel publishing - Add NuGet publish stage using OneBranch native `nugetPublishing` mechanism - Add Build.Reason-based versioning with nightly, dev, and release suffixes - Switch to custom 1ES pools and remove dependency on 1ES Rust tasks - Add `es-metadata.yml` for engineering system metadata - Update `install-dependencies.yml` with conditional logic for OneBranch containers vs custom pools - Update `build-python-wheels-template.yml` to scope builds to `mssql-py-core` and use gnu targets for Linux cdylib - Remove private-link smoke test template - Add `ob_outputDirectory` to validation pipeline jobs for 1ES compliance ## Core Library - Consolidate `decoder.rs` and `row_writer.rs` into `sqltypes.rs`, adding a `serialize` method directly on `SqlType` that writes to `PacketWriter` - Update `tds_client.rs` and `network_transport.rs` to use the new serialization path - Update `token_stream.rs` for revised datatype handling - Update `mock-tds` protocol to match revised datatype API ## Dependency / Config - Check in `Cargo.lock` for the workspace and `mssql-py-core/Cargo.lock` for reproducible builds - Update `rust-toolchain.toml` configuration ## Cleanup - Remove GitHub issue templates, PR template, CODEOWNERS (not used in ADO) - Remove CHANGELOG, CONTRIBUTING, SUPPORT, IMPROVEMENT_PLAN, PRIVATE_LINK_SETUP, PRIVATE_LINK_TESTING docs - Remove mssql-py-core smoke test Dockerfile and related test files - Simplify README - Remove unused re-exports from `mssql-tds/src/lib.rs` Related work items: #42222

@amachanic

Implements enhancement from GH Discussion [414](microsoft/mssql-python#414) (@amachanic's feedback): Allow simple list format for column_mappings parameter. Changes: - Extended parse_column_mappings() to detect and handle List[str] - List[str] format: ['col1', 'col2', 'col3'] maps by ordinal (0->col1, 1->col2, etc.) - List[Tuple[int, str]] format: [(0, 'col1'), (2, 'col3')] still supported (explicit mapping) - Mixed format detection with clear error message Tests: - Added 8 integration tests for List[str] format - Tests cover: basic usage, reordering, subset columns, many columns, identity preservation, error cases ---- #### AI description (iteration 1) #### PR Classification This pull request implements an API change to support the simple List[str] format for bulkcopy column mappings. #### PR Summary The PR enhances the column mapping functionality to allow specifying mappings as a simple list of strings, aligning with the updated API spec. - `tests/mssql-py-core/tests/mssql_python/test_bulkcopy_column_mappings_simple_format.py`: Added tests covering various mapping scenarios including basic mapping, column reordering, handling subset/many columns, identity column preservation, type error checks, case sensitivity, and auto-mapping with an empty list. - `src/cursor.rs`: Updated the `parse_column_mappings` method to distinguish between List[str] and tuple formats using dedicated helper functions, with corresponding documentation updates and minor import adjustments.  Related work items: #41949

@amachanic

Implements enhancement from GH Discussion [414](microsoft/mssql-python#414) (@amachanic's feedback): Allow simple list format for column_mappings parameter. Changes: - Extended parse_column_mappings() to detect and handle List[str] - List[str] format: ['col1', 'col2', 'col3'] maps by ordinal (0->col1, 1->col2, etc.) - List[Tuple[int, str]] format: [(0, 'col1'), (2, 'col3')] still supported (explicit mapping) - Mixed format detection with clear error message Tests: - Added 8 integration tests for List[str] format - Tests cover: basic usage, reordering, subset columns, many columns, identity preservation, error cases ---- #### AI description (iteration 1) #### PR Classification This pull request implements an API change to support the simple List[str] format for bulkcopy column mappings. #### PR Summary The PR enhances the column mapping functionality to allow specifying mappings as a simple list of strings, aligning with the updated API spec. - `tests/mssql-py-core/tests/mssql_python/test_bulkcopy_column_mappings_simple_format.py`: Added tests covering various mapping scenarios including basic mapping, column reordering, handling subset/many columns, identity column preservation, type error checks, case sensitivity, and auto-mapping with an empty list. - `src/cursor.rs`: Updated the `parse_column_mappings` method to distinguish between List[str] and tuple formats using dedicated helper functions, with corresponding documentation updates and minor import adjustments.  Related work items: #41949

…n stamping for Azure Artifacts publishing # Official Build and Release Pipelines for Python Wheels Adds Official build and release pipeline definitions, a crate version stamping script, and prepares all crate manifests for publishing to Azure Artifacts. ## Pipeline Changes - Add `OfficialPythonWheelsBuild.yml` -- Official OneBranch pipeline that builds Python wheels across all platforms with SDL enforcement (BinSkim, CredScan, PoliCheck). Manual trigger only; does not publish to any feed. - Add `OfficialPythonWheelsRelease.yml` -- Official release pipeline that downloads NuGet artifacts from the build pipeline, publishes to Azure Artifacts, creates an annotated git tag, and creates a release branch. Both `publishNuGet` and `tagRelease` default to false for safety. - Add `publishToFeed` parameter to `stages.yml` to gate the Publish stage behind an explicit opt-in. The Publish stage is now conditionally included only when `publishToFeed` is true. - Pass `publishToFeed: true` in `NonOfficialPythonWheelsPublish.yml` to preserve existing behavior. - Re-indent the Publish stage in `stages.yml` to fit inside the conditional block (no functional change beyond the gating). ## Version Stamping - Add `stamp-crate-versions.ps1` script that patches `Cargo.toml` version fields for publishable crates before `cargo publish`. Uses the same versioning scheme as the NuGet wheel packaging (nightly/dev/release based on Build.Reason and IsOfficial flag). Supports `-WhatIf` for local testing. ## Cargo.toml Manifest Changes - Add `publish = false` to crates that should not be published to the feed: `mssql-js`, `mssql-mock-tds-py`, `mssql-py-core`, `mssql-tds-cli` - Add `license = "MIT"` to `mssql-tds` and `mssql-mock-tds` (required for cargo publish) - Add `description` to `mssql-tds` (required for cargo publish) ---- #### AI description (iteration 1) #### PR Classification This pull request adds official build and release pipelines along with automated crate version stamping to support Azure Artifacts publishing. #### PR Summary The pull request introduces new pipeline definitions and scripts that automate the release process, including artifact download, NuGet package creation, git tagging, and version stamping for Rust crates. - `/.pipeline/OneBranch/OfficialPythonWheelsRelease.yml` defines a new release pipeline to download artifacts, create the NuGet package (with version extraction from Cargo.toml), and conditionally tag commits and create release branches. - `/.pipeline/OneBranch/OfficialPythonWheelsBuild.yml` and updated `/.pipeline/OneBranch/stages.yml` set up official build orchestration with conditions (using `publishToFeed`) for generating and publishing NuGet packages. - `/.pipeline/scripts/stamp-crate-versions.ps1` is added to patch Cargo.toml files with updated version numbers based on build parameters. - Multiple `Cargo.toml` files (e.g., in `mssql-tds`, `mssql-js`, `mssql-mock-tds-py`, `mssql-mock-tds`, `mssql-py-core`, `mssql-tds-cli`) are updated to include metadata like license/de...

… vulnerability ## Summary Remove the experimental Arrow integration code and its associated dev-dependencies from the mssql-tds crate. These dependencies transitively pulled in tiny-keccak, which has a known security vulnerability. The vulnerability is only applicable when compiling the Wasm32 target which we dont compile for. However since this is only test code, we are going to stay away from adding more CG alerts close to release activities. ## Changes - Remove arrow-array, arrow-schema, and arrow-buffer dev-dependencies from mssql-tds/Cargo.toml - Remove the arrow_writer module declaration (and its cfg(test) gate) from mssql-tds/src/datatypes.rs - Delete mssql-tds/src/datatypes/arrow_writer.rs, which contained the experimental ArrowRowWriter implementation and its unit tests ---- #### AI description (iteration 1) #### PR Classification This PR performs a code cleanup by removing obsolete Arrow integration and its dependencies to mitigate the tiny-keccak vulnerability. #### PR Summary The changes remove Arrow-related code and dependency references, reducing potential security risks. - `mssql-tds/src/datatypes/arrow_writer.rs`: file deleted. - `mssql-tds/src/datatypes.rs`: removed the experimental `arrow_writer` module. - `mssql-tds/Cargo.toml`: removed Arrow dependencies (`arrow-array`, `arrow-schema`, `arrow-buffer`).  l Related work items: #42671

Regular sync of dev and main ---- #### AI description (iteration 1) #### PR Classification This pull request introduces a major performance and API enhancement by implementing a new pluggable RowWriter abstraction and direct “decode_into” path in the core mssql-tds library, while also updating tests, build pipelines, and documentation. #### PR Summary The changes enable zero‐copy, direct row decoding via a new RowWriter trait (with DefaultRowWriter and PyRowWriter implementations) and extend the TDS client to support a next_row_into method that bypasses intermediate allocations, resulting in improved performance and easier integration with Arrow, N‑API, and Python. Additionally, the PR adds new pipeline templates, documentation (including release management, private link testing, and improvement plans), and updated test suites for bulk copy column mappings in mssql-js and mssql‑py‑core. - **`mssql-tds/src/datatypes/row_writer.rs`**: Introduces the RowWriter trait with a DefaultRowWriter implementation. - **`mssql-tds/src/datatypes/decoder.rs` & `tds_client.rs`**: Implements new decode_into methods and integrates next_row_into for direct decoding via RowWriter. - **New modules in mssql-js and mssql-py-core**: Add binary row writer, bulk copy test files with simple List[str] column mappings, and Python PyRowWriter. - **Pipeline and documentation updates**: New YAML templates for private link testing, official and non‑official releases, release management and improvement plan documents, and standard GitHub issue/pr templates.  Related work items: #6901, #6902, #6906, #6914, #40377, #40829, #40875, #40924, #41302, #41412, #41497, #41728, #41762, #41830, #41851, #41949, #42218, #42220, #42221, #42222, #42278, #42504, #42507, #42508, #42509, #42510, #42512, #42515, #42518, #42519, #42520, #42521, #42522, #42525, #42526, #42527, #42528, #42529, #42534, #42535, #42537, #42602, #42603

…d data modules This PR cleans up dead code and tightens visibility across the codebase. **Dead code removal:** - Remove unused `scale_time_value_for_serialization()`, `get_scale_based_length()`, and `write_default_scale_and_null()` from `sqltypes.rs` (the active implementation lives in `tds_value_serializer.rs`) - Remove duplicate `VARNULL` constant from `bulk_load.rs` (already defined and used in `tds_value_serializer.rs`) - Remove unused `EnvChangeSubToken` trait and its impl from `tokens.rs` (the `sub_type` field is accessed directly, never via trait dispatch) **GSSAPI dead_code suppression:** - Add `#[allow(dead_code)]` with reason comments to the `gssapi_status` module in `error.rs` and the `gssapi_ffi` module in `unix/mod.rs` (spec-defined constants where only a subset is actively used) **Visibility reduction (from dev/saurabh/reducevisibility):** - Change `pub` to `pub(crate)` for types and functions in GSSAPI FFI bindings on Unix (`gssapi_ffi.rs`) - Change `pub` to `pub(crate)` for types and functions in SSPI FFI bindings on Windows (`sspi_ffi.rs`) - Change `pub` to `pub(crate)` for bulk copy types (`bulk_copy.rs`, `bulk_copy_state.rs`) ---- #### AI description (iteration 4) #### PR Classification This pull request is a code cleanup that removes unused code and tightens module visibility. #### PR Summary This update streamlines the mssql-tds crate by deleting dead code and reducing overly broad visibility in key modules. - In `src/datatypes/sqltypes.rs`, several unused functions related to time scaling and serialization were removed. - In `src/token/tokens.rs`, the unused `EnvChangeSubToken` trait and its implementation were eliminated. - In `src/message/bulk_load.rs`, the unused constant `VARNULL` was removed. - In `src/security/error.rs` and `src/security/unix/mod.rs`, `#[allow(dead_code)]` attributes were added to GSSAPI modules to restrict visibility and clarify intent.  Related work items: #43063

## Summary Fix fuzz target compilation, add BCP bulk copy fuzz testing, fix a panic bug found by the fuzzer, and add fuzz build checks to the PR pipeline. ## Changes ### Fuzz infrastructure - Add missing `RowReadResult` and `RowWriter` re-exports to the `fuzz_support` module in `lib.rs` - Fix `packet_size` clamp upper bound from `32768` to `32767` in `fuzz_connection_provider_context.rs` to avoid `i16` literal overflow - Add fuzz build check (`cargo +nightly check` with `--cfg fuzzing`) to `containerized-build.sh`, gated on `IS_PR_BUILD` ### New BCP fuzz target - Add `fuzz_bulk_copy` fuzz target exercising `build_insert_bulk_command` and `get_sql_type_definition` with arbitrary column metadata covering all `SqlDbType` variants, collation, precision/scale, and bulk copy options - Register target in `fuzz/Cargo.toml` - Expose `build_insert_bulk_command` wrapper in `fuzz_support` module ### Bug fix: panic in `get_sql_type_definition` for Vector type - Fuzzer found a panic — the `SqlDbType::Vector` arm called `vector_dimensions().unwrap_or_else(|e| panic!(...))`, crashing on any invalid `VectorBaseType` scale byte - Changed `get_sql_type_definition()` from `-> String` to `-> TdsResult<String>`, replacing the panic with `?` error propagation - Cascaded `TdsResult` return through `build_insert_bulk_command()` and callers (`tds_client.rs`, `bulk_load_tests.rs`) ### Pipeline - Add `fuzz_bulk_copy` target (5 min) to the fuzz stage in `validation-pipeline.yml` Related work items: #43091

…d collecting multiple SQL Server errors ## Summary Refactors SQL Server error handling to collect multiple ERROR tokens from the TDS stream instead of returning on the first error. This aligns with the TDS protocol behavior where SQL Server can send multiple ERROR tokens in a single batch execution (e.g., consecutive `RAISERROR` calls). ## Changes - Introduce `SqlErrorInfo` struct in the error module to represent a single SQL Server error, with `Display` formatting - Change `Error::SqlServerError` variant to hold a `Vec<SqlErrorInfo>` instead of flat fields, supporting multiple errors per batch - Add `Error::from_sql_error` and `Error::from_sql_errors` constructors for creating `SqlServerError` from collected error info - Add `error_token_to_info` helper to convert `ErrorToken` to `SqlErrorInfo` - Update `consume_done_token` to collect ERROR tokens into a Vec and return them after the final DONE token, rather than returning on the first ERROR - Update `drain_stream` to collect and return ERROR tokens encountered during stream draining - Update `move_to_column_metadata` and `get_next_row` to collect errors from the stream and drain remaining tokens before returning - Update `consume_transaction_response` to collect ERROR tokens and surface them after stream completion - Add protocol-level validation: return `ProtocolError` when a DONE token has the error flag set but no preceding ERROR token was received - Add integration tests for multiple-error scenarios: multiple `RAISERROR` calls, multiple invalid object references, and mixed valid/error batches with post-error connection reuse validation ---- #### AI description (iteration 2) #### PR Classification This pull request is a bug fix enhancement that improves error handling for SQL Server responses by collecting multiple error tokens and properly draining the TDS stream. #### PR Summary The changes enhance the client's behavior when facing multiple SQL Server errors in a single batch by aggregating error tokens into a new `SqlErrorInfo` structure and ensuring the connection remains viable for subsequent queries. - `src/error/mod.rs`: Introduces the `SqlErrorInfo` struct and helper methods to convert and aggregate individual error tokens. - `src/connection/tds_client.rs`: Modifies error token handling to collect multiple errors, drain the stream properly, and validate DONE tokens with error flags. - `tests/test_client_read_apis.rs`: Adds tests covering multiple error scenarios and connection recovery after error conditions. - `src/handler/handler_factory.rs`: Updates login error creation to utilize the new error formatting logic.  Related work items: #43108

# Cleanup unused code and improve test coverage Three kinds of changes 1. Deletion of unused items. 2. Marking some of the unused items as `dead_code` since they exist for future usage. 3. Modifications of tests to react to some of these changes. 4. Prefixing some unused items with `_` to specify intentions. ## Changes - Remove unused test helpers and mock structs: `handshake_started()`, `handshake_completed()` from MockStream; `MockSslHandler` from network_transport tests; `packet_type` field from TestPacketBuilder; `reset()` from MockNetworkReaderWriter; `from_u16()` and `from_u64()` from MockReader - Remove `read_int64_big_endian` from `TdsPacketReader` trait and all implementations (PacketReader, NetworkTransport, Box delegation, and test mocks in decoder, prelogin, and common) - Remove `write_i64_be_async`, `write_partial_u64_async`, and `write_string_ascii_async` from `TdsPacketWriter` trait and PacketWriter implementation - Remove `get_message_state` method and unused `MessageSendState` imports from PacketWriter - Remove unused `ColMetadataTokenParser::new()` and `is_column_encryption_supported()`, replacing usage with struct literal initialization - Remove unused token types: `NbcRowToken`, `Tokens::NbcRow`, `TokenEvent`, `DoneInProcToken`, `DoneProcToken` - Remove unused `DoneToken::has_error()` method - Remove unused `Done` variant from `State` enum in sql_identifier parser - Rename `OrderToken::order_columns` to `_order_columns` to suppress dead-code warning - Add targeted `#[allow(dead_code)]` to items kept for protocol completeness: `InfoToken`, `LoginResponseStatus::NoResponse`, `PacketStatusFlags::ResetConnection`, `PacketStatusFlags::ResetConnectionSkipTran`, `ColumnEncryptionKeyDetails` - Add unit tests for packet_reader: `read_int24`, `read_varchar_byte_len` - Add unit tests for packet_writer: `get_cursor` return value, `cancel_current_message` behavior ---- #### AI description (iteration 7) #### PR Classification This pull request is a code cleanup that removes unused and duplicate code from the mssql-tds crate. #### PR Summary The changes streamline the codebase by replacing outdated methods, deleting redundant functions and tests, and tightening visibility. - **`src/io/token_stream.rs`**: Updated test assertions to use `get_parser` instead of `has_parser` and removed the redundant method from both implementations and traits. - **`src/message/bulk_load.rs`**: Deleted unused bulk load functions (`begin_row`, `end_row`) and removed the unnecessary `BulkCopyOptions` parameter from the constructor. - **`src/token/tokens.rs`**: Removed unused token types, duplicate test modules, and renamed fields (e.g., changing `value` to `_value`) to indicate unused values. - **`src/io/packet_writer.rs` & Packet Reader modules**: Eliminated several unused write and read helper functions along with obsolete test cases. - **Fuzz targets and supporting modules**: Cleaned up unused methods (such as various `read_*` functions) while ...

## Summary Update mssql-js dependencies to latest versions ## Changes ### mssql-js dependency updates - Bump `@js-joda/core` to 5.7.0 - Bump `@types/node` to 24.12.0, `@types/benchmark` to 2.1.5 - Bump `@typescript-eslint/eslint-plugin` and `@typescript-eslint/parser` to 8.57.0 - Bump `ava` to 6.4.1, `eslint` to 9.39.4, `eslint-config-prettier` to 10.1.8, `eslint-plugin-prettier` to 5.5.5 - Bump `prettier` to 3.8.1, `typescript` to 5.9.3 - Add `tar` resolution (7.5.11) to address vulnerability - Regenerate `yarn.lock` ---- #### AI description (iteration 2) #### PR Classification This pull request is a dependency update that upgrades several JavaScript packages to fix security vulnerabilities and improve compatibility. #### PR Summary The pull request bumps multiple dependency versions in both the lockfile and package manifest to address security issues—including upgrading the vulnerable `tar` package—and to ensure consistency across development tooling. - **`mssql-js/yarn.lock`**: Upgraded key packages such as `tar` (from 7.5.10 to 7.5.11), `typescript` (to 5.9.3), and various `@typescript-eslint/*` packages (to 8.57.0), alongside other supporting packages. - **`mssql-js/package.json`**: Updated dependency and devDependency versions (e.g. `@js-joda/core`, `ava`, ESLint-related packages) and added a resolution to enforce `tar` at 7.5.11.  Related work items: #43122

Sync Development to main ---- #### AI description (iteration 1) #### PR Classification This PR is a development sync that delivers broad improvements including enhanced error handling, added fuzz testing targets, and code cleanups. #### PR Summary The changes improve the TDS client’s robustness and maintainability by aggregating multiple SQL Server error tokens, revising bulk metadata queries, and adding new fuzz targets for bulk copy command testing. - **`src/error/mod.rs`** – Introduced aggregation of SQL Server error tokens into a single error and ensured proper stream draining for connection reuse. - **`src/message/metadata_retriever.rs`** – Updated the bulk copy metadata query to use dynamic SQL, eliminating graph_type references on older SQL Server versions. - **`fuzz/fuzz_targets/fuzz_bulk_copy.rs`** – Added a new fuzz target for bulk copy command generation and validations to catch panics without crashing. - **Security & Token Parsers (e.g., in `src/token/parsers/*` and `src/security/*`)** – Cleaned up unused functions and improved FFI visibility, enhancing code clarity and consistency. - **Dependency & Pipeline Files** – Refreshed lockfiles (e.g. in `mssql-js/yarn.lock`) and updated CI/pipeline scripts for improved build and fuzz testing verification.  Related work items: #40377, #40829, #40924, #41302, #41412, #41497, #41728, #41762, #41830, #41851, #42218, #42220, #42221, #42278, #42825, #42922, #42936, #43048, #43063, #43087, #43091, #43108

…ds crate Resolve all ~40 `dead_code` clippy warnings in the mssql-tds crate using a categorized approach: **Category A — Delete truly dead code** (net -131 lines) - Removed `TdsWriteBuffer` struct + methods + orphaned imports from `buffers.rs` - Removed unused getters from `tds_client.rs`: `get_transport()`, `get_negotiated_settings()`, `get_execution_context()` - Removed dead inherent `send()` from `network_transport.rs` (trait impl remains) - Removed `new_for_handshake()`, `mark_handshake_completed()` from `ssl_handler.rs` - Removed `update_settings()`, `SessionHandler::new()` from `handler_factory.rs` - Removed `TypeInfo::get_collation()` from `sqldatatypes.rs` - Removed `BulkCopyContext::timeout_state()` from `bulk_copy.rs` - Removed unused constants from `sqltypes.rs`: `NULL_LENGTH`, `MAX_SHORT_DATA_LENGTH`, `PLP_TERMINATOR_CHUNK_LEN` - Simplified `StringDecoder` to unit struct in `decoder.rs` **Category B — Gate test-only code with `#[cfg(test)]`** - `execution_context.rs`: `has_open_result_set` field + accessors - `bulk_copy_state.rs`: 8 query methods (`remaining_duration()`, `is_attention_*()`, etc.) - `sspi_handler.rs`: `is_complete()`, `state()`, `target_spn()` - `packet_reader.rs`: `PacketReader::new()` - `packet_writer.rs`: `cancel_current_message()` - `decoder.rs`: `SHORTLEN_MAXVALUE` constant **Category C+D — Suppress protocol/API fields with `#[allow(dead_code)]`** - Wire protocol structs: `XmlInfo`, `UdtInfoInColMetadata`, `UdtInfoInRpc` - Negotiated settings: `language`, `database`, `char_set` - Session settings: `user_name`, `mars_enabled`, `pre_login_has_fedauth_supported`, `negotiated_encryption_settings` - Fields kept for deserialization fidelity: `pre_attention_errors`, `target_spn` - Trait methods: `write_i32_at_index`, `packet_size`, `read_u16_varbyte`, `read_unicode`, `Feature::is_acknowledged` **Category E — Gate fuzzing-only code with `#[cfg(fuzzing)]`** - `TokenStreamReader` struct + impl blocks now only compile under `#[cfg(fuzzing)]` - Fuzzing-only imports in `token_stream.rs` gated with `#[cfg(fuzzing)]` **Verification:** - `cargo bfmt` ✅ - `cargo bclippy` ✅ (zero warnings) - `cargo nextest run` ✅ (889+ unit tests pass) - `cargo +nightly fuzz build` ✅ ---- #### AI description (iteration 2) #### PR Classification This pull request is a code cleanup aimed at eliminating Clippy `dead_code` warnings across the mssql-tds crate. #### PR Summary The PR removes unused functions, constants, and structs while adding conditional compilation attributes to streamline and maintain test-related code. This cleanup improves code quality and reduces warning noise. - In `src/connection/transport/buffers.rs`, the unused `TdsWriteBuffer` struct and its methods were removed. - In files like `src/io/token_stream.rs`, `src/handler/handler_factory.rs`, and various test/support modules, conditional attributes (`#[cfg(fuzzing)]` and `#[allow(dead_code)]`) were added or refactored. - In `src/datatypes/sqldatatypes.rs` and `src/datatypes/sqltype...

# Consolidate fuzzing code and unify token dispatch logic ## Summary This PR restructures the fuzzing infrastructure and eliminates duplicated token parsing logic between NetworkTransport (production) and TokenStreamReader (fuzzing). It also fixes clippy dead_code warnings. ## Changes ### Token dispatch unification - Extracted dispatch_token, receive_token_internal, receive_row_into_internal, and extract_column_metadata as shared free functions in token_stream.rs, generic over any TdsPacketReader implementation. - NetworkTransport now delegates to these shared functions instead of maintaining its own copy of the token dispatch/parsing logic. - TokenStreamReader (fuzzing) delegates to the same shared functions. - Fuzz targets now exercise the exact same token dispatch and parsing code that runs in production. ### Fuzzing consolidation - Created fuzz_support.rs module consolidating all fuzzing infrastructure (FuzzReader, EmptyReader, MockWriter, MockTransport, helper functions) that was previously duplicated inline across 5 fuzz targets and lib.rs. - Moved FuzzReader (cursor-based TdsPacketReader with overflow protections) and EmptyReader (always-EOF reader) into the shared module. - Moved MockTransport (wraps TokenStreamReader and implements TdsTransport + TdsTokenStreamReader) into the shared module. - Moved create_fuzz_tds_client and test settings helpers into the shared module. - All 5 fuzz targets (fuzz_token_stream, fuzz_tds_client, fuzz_connection_provider, fuzz_connection_provider_network, fuzz_connection_provider_context) updated to import from fuzz_support. - Removed roughly 1000 lines of duplicated fuzzing code from lib.rs and the fuzz target files. - Added dev/build-fuzz.sh script for building fuzz targets. ### Clippy dead_code fixes - Added #[cfg(test)] guards and #[allow(dead_code)] annotations to suppress warnings on test-only and internal APIs across multiple files. - Removed unused methods, fields, and imports in bulk_copy.rs, tds_client.rs, buffers.rs, ssl_handler.rs, sqltypes.rs, decoder.rs, and sqldatatypes.rs. - Added pub(crate) visibility promotions under #[cfg(fuzzing)] for types that need exposure to fuzz targets. ---- #### AI description (iteration 6) #### PR Classification This PR is a code cleanup that consolidates fuzzing support and unifies token dispatch logic. #### PR Summary The changes centralize fuzz-related types and functions into a new `fuzz_support` module and refactor token parsing to eliminate duplicate implementations. - `mssql-tds/src/fuzz_support.rs`: Introduces a centralized module exporting helpers like `FuzzReader`, `MockWriter`, and `MockTransport` for fuzz targets. - `mssql-tds/src/lib.rs`: Updates the re-export of fuzz support to avoid redundancy. - `fuzz/fuzz_targets/*`: Modifies multiple fuzz target files to use the unified fuzzing helpers and token dispatch functions. - `mssql-tds/src/io/token_stream.rs` and `connection/transport/network_transport.rs`: Refactors token dispatch ...

…it tests for metadata_retriever Changes in `mssql-tds/src/connection/metadata_retriever.rs`: - Remove unused `TryFrom<ColMetadataToken> for Vec<BulkCopyColumnMetadata>` implementation, which was never called anywhere in the codebase (mssql-tds, mssql-py-core, or mssql-js) - Add unit tests for `TryFrom<TableMetadataResult> for Vec<BulkCopyColumnMetadata>` covering: - Empty columns input returns a UsageError - Collation names are correctly propagated to BulkCopyColumnMetadata - Collation list shorter than column list results in remaining columns having no collation - Empty collation list results in all columns having no collation - Identity flag (0x10) is correctly mapped to the is_identity field - Add test helper functions for constructing ColumnMetadata, TableMetadataResult, and TypeInfoVariant test fixtures ---- #### AI description (iteration 1) #### PR Classification Code cleanup: removes unused conversion implementation and adds unit tests. #### PR Summary This pull request cleans up duplicate code by removing the dead TryFrom<ColMetadataToken> implementation and introduces comprehensive unit tests to validate metadata conversion logic. - In `mssql-tds/src/connection/metadata_retriever.rs`, removed the redundant TryFrom<ColMetadataToken> implementation. - In `mssql-tds/src/connection/metadata_retriever.rs`, added multiple unit tests covering scenarios like empty columns, collation handling, and preservation of identity flags.  Related work items: #43063

Tighten module visibility in mssql-tds to reduce the publicly exported API surface, keeping only modules that contain types used in public signatures. ## Changes - Change handler, io, ssrp modules from pub to pub(crate) in lib.rs - Change login, prelogin submodules from pub to pub(crate) in message.rs - Add #[allow(dead_code)] to the ssrp module (stub-only implementation not yet called internally) - Add #[allow(dead_code)] to PreloginRequestModel::thread_id field and PacketReader::skip_bytes method (not yet read/called internally) ## Modules kept public - connection, connection_provider, core, datatypes, error, message, query, security, sql_identifier, token -- all expose types used in public API signatures - message::login_options -- TdsVersion and ApplicationIntent are used in ClientContext and LoginAckToken - message::bulk_load, message::parameters, message::rpc, message::messages, message::transaction_management -- expose types consumed by downstream users ## Validation - cargo bclippy passes - cargo bfmt passes - cargo doc --no-deps -p mssql-tds builds with no new warnings ---- #### AI description (iteration 1) #### PR Classification This pull request is a code cleanup and API change that reduces the public API surface. #### PR Summary The PR tightens module visibility in the mssql-tds library by converting select modules from public to crate-level and adds dead code allowances to internal functions. - In `mssql-tds/src/lib.rs`, changed the `handler`, `io`, and `ssrp` modules from `pub` to `pub(crate)`. - In `mssql-tds/src/message.rs`, updated the `login` and `prelogin` modules to `pub(crate)`. - In `mssql-tds/src/io/packet_reader.rs` and `mssql-tds/src/message/prelogin.rs`, added `#[allow(dead_code)]` attributes. - In `mssql-tds/src/ssrp.rs`, added a file-level `#![allow(dead_code)]` directive.  Related work items: #43130

## Summary Adds crate-level documentation and metadata for `mssql-tds` to improve discoverability and provide a quick-start guide for new consumers. ## Changes - **`mssql-tds/src/lib.rs`** — Added `//!` crate-level doc comment with overview, feature flags table, quick-start code example, and module index - **`mssql-tds/Cargo.toml`** — Added `readme`, `keywords`, and `categories` metadata fields - **`mssql-tds/README.md`** — Created crate README (mirrors lib.rs docs in Markdown for crates.io landing page) ## Verification - `cargo doc --no-deps -p mssql-tds` — passes (no new warnings) - `cargo bclippy` — clean - `cargo bfmt` — clean Linked to AB#43131 ---- #### AI description (iteration 1) #### PR Classification This pull request is a documentation update that adds crate metadata and infrastructure docs to prepare the `mssql-tds` crate for publishing on crates.io. #### PR Summary The changes introduce comprehensive crate-level documentation and metadata updates while outlining a broader plan for documenting the public API in a series of related PRs. - Added `/.github/prompts/plan-documentMssqlTdsPublicApi.prompt.md` that details the multi-PR strategy for API documentation. - Updated `mssql-tds/src/lib.rs` with extensive crate-level docs including an overview, feature flags, and a quick start example. - Created `mssql-tds/README.md` to serve as a landing page mirroring the internal documentation. - Modified `mssql-tds/Cargo.toml` by adding metadata fields like `readme`, `keywords`, and `categories` for enhanced crates.io integration.  Related work items: #43131

Adds `///` doc comments to the public query-execution surface of `mssql-tds`: - **`TdsClient`** — `execute`, `execute_sp_executesql`, `execute_sp_prepare`, `execute_sp_unprepare`, `execute_sp_prepexec`, `execute_sp_execute` - **`message`** module — `//!` module-level doc - **`RpcProcs`** — enum doc explaining well-known procedure IDs - **`StatusFlags`** — bitflags struct doc - **`RpcParameter`** — expanded struct + constructor docs No API changes. Documentation only. Linked: AB#43133 ---- #### AI description (iteration 1) #### PR Classification This pull request is a documentation update that adds detailed API docs for query execution in mssql-tds. #### PR Summary The pull request enhances API documentation across the mssql-tds module, clarifying usage instructions and parameter details for query execution. - `mssql-tds/src/connection/tds_client.rs`: Updated documentation for query execution methods (`execute`, `execute_sp_executesql`, `execute_sp_prepare`, `execute_sp_prepexec`, `execute_sp_execute`, and `execute_sp_unprepare`) that detail parameters, error cases, and usage patterns. - `mssql-tds/src/message.rs`: Added module-level documentation describing TDS protocol message types and submodules. - `mssql-tds/src/message/parameters/rpc_parameters.rs`: Enhanced documentation for `RpcParameter` and status flags outlining parameter matching rules. - `mssql-tds/src/message/rpc.rs`: Introduced documentation for the `RpcProcs` enum to explain system stored-procedure IDs used in TDS RPC requests.  Related work items: #43133

Adds `///` and `//!` documentation to the public connection management API in `mssql-tds`: - **connection.rs** — module-level doc - **connection_provider.rs** — module-level doc - **client_context.rs** — `IPAddressPreference`, `TdsAuthenticationMethod`, `ClientContext` (struct + pub fields), `CloneableEntraIdTokenFactory` - **tds_connection_provider.rs** — `TdsConnectionProvider` struct doc - **tds_client.rs** — `TdsClient` struct doc, `get_collation()`, `close_connection()`, `get_dtc_address()` - **core.rs** — `TdsResult`, `CancelHandle` (struct + pub methods), `SQLServerVersion`, `Version`, `EncryptionOptions` (struct + fields), `EncryptionSetting` Documentation only — no API or behavioral changes. Linked work item: #43132 ---- #### AI description (iteration 1) #### PR Classification This pull request is an API documentation update for connection management functionality in mssql-tds. #### PR Summary This pull request enriches the inline API documentation for various connection management types and functions in mssql-tds, improving clarity and guiding usage of client configurations, authentication, and transport handling. - **`mssql-tds/src/connection/client_context.rs`**: Added documentation for new client context fields and expanded the TDS authentication method enum with detailed descriptions. - **`mssql-tds/src/core.rs`**: Introduced a `TdsResult` alias and enhanced documentation for cancellation (via `CancelHandle`) and encryption settings (`EncryptionOptions`, `EncryptionSetting`). - **`mssql-tds/src/connection/tds_client.rs`**: Added API docs for `TdsClient`, including new method descriptions for obtaining DTC address, retrieving collation, and closing connections. - **`mssql-tds/src/connection_provider.rs` and `tds_connection_provider.rs`**: Provided module-level and struct-level docs to clarify the role and usage of the TDS connection provider. - **`mssql-tds/src/connection.rs`**: Updated with top-level documentation that outlines the connection management API types for SQL Server communication.  Related work items: #43132

- Document `execute_stored_procedure()` — RPC protocol, positional/named params, timeout, cancel, batch exclusivity - Expand `get_return_values()` doc — accumulation semantics, when to call - Add field-level docs to `ReturnValue` struct — `param_ordinal`, `param_name`, `value`, `column_metadata`, `status` - Link `ReturnValue` docs to `TdsClient` accessor methods ---- #### AI description (iteration 1) #### PR Classification This pull request enhances API documentation for stored procedure support in the mssql-tds module. #### PR Summary The changes clarify how stored procedures are handled, detailing output parameters and UDF return values. These documentation updates address the work item "Add stored procedure API docs for mssql-tds" by providing clear usage instructions and method behaviors. - **`mssql-tds/src/query/result.rs`**: Updated the `ReturnValue` struct doc comments to better explain its role in representing output parameters and UDF return values, and how to access them. - **`mssql-tds/src/connection/tds_client.rs`**: Enhanced documentation for `execute_stored_procedure` with execution, batch, cancellation, and timeout details, and refined `get_return_values` to describe the accumulation and retrieval of return values.  Related work items: #43134

Add `///` doc comments to all `SqlDbType` enum variants in `bulk_copy_metadata.rs`. All other public items across the 5 bulk copy files were already comprehensively documented. **Files audited (5):** - `connection/bulk_copy.rs` — all pub items documented ✅ - `connection/bulk_copy_state.rs` — only `pub(crate)` items (skip) ✅ - `error/bulk_copy_errors.rs` — all pub items documented ✅ - `message/bulk_load.rs` — all pub items documented ✅ - `datatypes/bulk_copy_metadata.rs` — SqlDbType variants now documented ✅ **Verification:** cargo doc ✅ | cargo bfmt ✅ | cargo bclippy ✅ ---- #### AI description (iteration 1) #### PR Classification This pull request is a documentation update aimed at enhancing the clarity of the bulk copy APIs. #### PR Summary The changes add detailed `///` documentation for every public variant of the `SqlDbType` enum in the bulk copy metadata module, aligning with the work item that calls for documenting bulk copy APIs in mssql-tds. - `mssql-tds/src/datatypes/bulk_copy_metadata.rs`: Added comprehensive doc comments for all `SqlDbType` variants to clarify their corresponding SQL Server data types.  Related work items: #43136

The `ColumnMetadata::get_scale()` method was using `unreachable!()` for types that don't have a scale property, which would cause the library to panic at runtime. This violates the principle that library code should avoid panicking and instead handle errors gracefully. ## Changes Changed the return type of `get_scale()` from `u8` to `Option<u8>` to handle types without scale gracefully: - Returns `Some(scale)` for types that have a scale property (VarLenScale and VarLenPrecisionScale) - Returns `None` for all other type variants instead of panicking - Follows the same pattern as the existing `get_collation()` method This makes the public API safe for library users who may call `get_scale()` on any column metadata without risking a panic. ## Internal Caller Updates Updated all internal callers in `decoder.rs` to handle the `Option` return type using `.expect()` with descriptive messages. These calls are safe because they only invoke `get_scale()` on specific data types (TimeN, DateTime2N, DateTimeOffsetN, Vector) that are guaranteed to have scale information in their metadata. ## Test Updates - Added `test_get_scale_none()` to verify that calling `get_scale()` on a type without scale returns `None` - Updated existing test assertions to expect `Some(scale)` instead of direct scale values - All changes maintain existing test coverage while validating the new behavior Fixes: #43144 <p><small class=\"secondary-text\">AI-generated content may be incorrect</small></p> Co-authored-by: Saurabh Singh (SQL Drivers) <singhsaura@microsoft.com>   Related work items: #43144

Add doc comments for all public transaction management items in the mssql-tds crate: - Module doc for `transaction_management` - `CreateTxnParams` struct and its fields - `TransactionManagementType` enum and all 7 variants (with field docs) - `TransactionIsolationLevel` enum and all 6 variants - `begin_transaction`, `save_transaction`, `commit_transaction`, `rollback_transaction`, `get_dtc_address` methods on `TdsClient` ---- #### AI description (iteration 1) #### PR Classification Documentation update for transaction management APIs. #### PR Summary This pull request enhances the mssql-tds crate by adding detailed documentation for transaction management message types and lifecycle methods. - `mssql-tds/src/message/transaction_management.rs`: Added doc comments for transaction management enums (e.g., TransactionManagementType, TransactionIsolationLevel) and the CreateTxnParams struct. - `mssql-tds/src/connection/tds_client.rs`: Added documentation for key transaction API methods including begin_transaction, save_transaction, commit_transaction, rollback_transaction, and get_dtc_address.  Related work items: #42206, #43137

- Add module-level doc comment to query.rs explaining result set reading and row iteration - Document ColumnMetadata struct and all pub fields (user_type, flags, type_info, data_type, column_name, multi_part_name) - Document ColumnMetadata flag-inspection methods (is_nullable, is_case_sensitive, is_identity, is_computed, is_sparse_column_set, is_encrypted, is_plp) - Document get_scale and get_collation methods on ColumnMetadata - Document MultiPartName struct - Document TdsClient::get_collation, get_return_values, and close_query methods - All existing ResultSet and ResultSetClient trait docs preserved as-is ---- #### AI description (iteration 1) #### PR Classification This pull request improves documentation across the result set reading APIs in the mssql-tds crate. #### PR Summary The PR adds comprehensive doc comments to enhance clarity and usability of the result set reading APIs. - `mssql-tds/src/query/metadata.rs`: Added detailed documentation for `ColumnMetadata`, its methods (e.g., `is_nullable`, `is_case_sensitive`, `is_identity`, `get_scale`, `get_collation`), and introduced docs for the `MultiPartName` struct. - `mssql-tds/src/query.rs`: Introduced module-level documentation outlining key components and traits for result set reading and row iteration. - `mssql-tds/src/connection/tds_client.rs`: Enhanced documentation for methods including `close_query`, clarified `get_return_values`, and added docs for `get_collation` to better describe their functionality.  Related work items: #43135

Add `///` doc comments to all undocumented public items in the `datatypes` module of `mssql-tds`. Files changed: - datatypes.rs — module-level `//!` doc - sqltypes.rs — `SqlType` enum - column_values.rs — `SqlXml`, `ColumnValues`, time/money/datetime types, `DEFAULT_VARTIME_SCALE` - sqldatatypes.rs — `TdsDataType`, `VECTOR_*` consts, `XmlInfo`, `UdtInfo*`, `is_unicode_type()` - tds_value_serializer.rs — PLP constants - sql_json.rs — `SqlJson` struct and methods - sql_string.rs — `EncodingType`, `SqlString` struct and methods Part of #42206. ---- #### AI description (iteration 1) #### PR Classification This pull request is a documentation update. #### PR Summary The PR adds comprehensive `///` doc comments to previously undocumented public items in the datatypes module of mssql-tds, clarifying SQL Server data types and related constants as part of the API documentation initiative. - `src/datatypes/column_values.rs`: Added documentation for SQL data types such as `SqlDateTime2`, `SqlDateTimeOffset`, and `SqlSmallMoney`. - `src/datatypes/tds_value_serializer.rs`: Documented PLP constants (`PLP_NULL`, `PLP_UNKNOWN_LEN`, and `PLP_TERMINATOR`) to clarify their use. - `src/datatypes.rs` & `src/datatypes/sql_json.rs`: Introduced module-level and method-level documentation for TDS data type serialization and JSON handling. - `src/datatypes/sqldatatypes.rs`: Provided detailed comments for vector constants, TDS type identifiers, and UDT metadata structures. - `src/datatypes/sqltypes.rs` & `src/datatypes/sql_string.rs`: Enhanced documentation for RPC parameter types, string encoding enums, and conversion methods.  Related work items: #43140

Add doc comments to all pub items in error, handler, io, token, and login_options modules. Tighten visibility of internal types in login_options and login_ack. ### Documentation (9 files) - error/mod.rs — SqlErrorInfo fields, TimeoutErrorType, Error enum - handler.rs — module doc - token.rs — module doc - token/tokenitems.rs — ReturnValueStatus - token/tokens.rs — TokenType, Token trait, Tokens, SqlCollation + methods - token/fed_auth_info.rs — FedAuthInfoId, FedAuthInfoToken, SspiToken - token/login_ack.rs — SqlInterfaceType, LoginAckToken - io/packet_reader.rs — TdsPacketReader, PacketReader - message/login_options.rs — TdsVersion, OptionFlags1/2/3, TypeFlags, many option enums ### Visibility refactoring (3 files) Tightened visibility of internal types that were unnecessarily `pub`: **login_options.rs:** - `TdsVersion` — `pub` → `pub(crate)` (only used within mssql-tds) - `TypeFlags`, `OptionFlags1`, `OptionFlags2`, `OptionFlags3` — `pub` → `pub(crate)` - `OptionSqlType`, `OptionOleDb`, `OptionInitLang`, `OptionOdbc`, `OptionUser`, `OptionIntegratedSecurity`, `OptionChangePassword` — `pub` → `pub(crate)` - `OptionEndian`, `OptionCharset`, `OptionFloat`, `OptionBcpDumpload`, `OptionUseDb`, `OptionInitDb`, `OptionLangWarn` — `pub` → private (module-only) - `LoginOptions` struct — removed (dead code, never used anywhere) - `ApplicationIntent` — kept `pub` (used by mssql-py-core) **login_ack.rs:** - `LoginAckToken` — `pub` → `pub(crate)` (all fields too) - `SqlInterfaceType` — `pub` → `pub(crate)` **client_context.rs:** - `ClientContext::tds_version()` — `pub` → `pub(crate)` ---- #### AI description (iteration 2) #### PR Classification This pull request focuses on a documentation update to improve code clarity and maintainability across several modules. #### PR Summary The changes add detailed inline doc comments and adjust visibility modifiers and annotations, enhancing developer guidance and internal consistency. - **`src/message/login_options.rs`**: Modified enum visibility (switching some `pub` items to `pub(crate)`), added `#[allow(dead_code)]` attributes, and inserted doc comments that clarify login option flags and related constructs. - **`src/token/tokens.rs` and `src/token/tokenitems.rs`**: Introduced comprehensive documentation for TDS token handling, including flag methods and collation metadata, to better explain token behavior. - **`src/error/mod.rs`**: Enriched error-related structures with detailed doc comments for fields in `SqlErrorInfo`, `TimeoutErrorType`, and overall error handling. - **`src/token/login_ack.rs` and `src/token/fed_auth_info.rs`**: Enhanced token structures and authentication modules through added documentation and adjusted visibility for clearer internal API usage. - **`src/handler.rs` and `src/io/packet_reader.rs`**: Added module-level comments to document internal handler infrastructure and low-level packet reading operations, improving overall code readability. <!-- GitOpsUserAgent=GitOps.A...

Sync development with main ---- #### AI description (iteration 1) #### PR Classification This pull request is a large-scale code refactoring and documentation enhancement that introduces robust fuzz testing support. #### PR Summary The changes improve the internal APIs, module visibility, and documentation while adding extensive fuzz support and updating tests and utility scripts. - Added a new fuzz support module (`src/fuzz_support.rs`) that re-exports internal types and provides helper functions for fuzz targets. - Updated module visibility in core files (e.g. `lib.rs`, `connection`, `message`) and enhanced API documentation (including a new README and a documentation plan file). - Adjusted type conversion and metadata extraction functions (in files like `bulk_copy_metadata.rs` and `query/metadata.rs`) to return more explicit types (e.g. `Option<u8>` for scale). - Revised tests and added utility scripts (e.g. `/dev/build-fuzz.sh`) to support the new fuzz and documentation build flows.  Related work items: #40377, #40829, #40924, #41302, #41412, #41497, #41728, #41762, #41830, #41851, #42206, #42218, #42220, #42221, #42278, #43063, #43130, #43131, #43132, #43133, #43134, #43135, #43136, #43137, #43144

Sync main with origin/main (up to PR 7117)

Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](micromatch/picomatch@2.3.1...2.3.2) --- updated-dependencies: - dependency-name: picomatch dependency-version: 2.3.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

saurabh500 and others added 30 commits February 13, 2026 16:12

Merge pull request #5 from microsoft/sync/ado-main

184eff4

Initial sync from ADO to GitHub

saurabh500 and others added 24 commits March 11, 2026 05:16

Merge branch 'dev/saurabh/syncmain' into dev/saurabh/syncmain-v2

7c29566

Merge pull request #16 from microsoft/dev/saurabh/syncmain-v2

a4f82ea

Sync main with origin/main (up to PR 7117)

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 26, 2026

dependabot Bot requested a review from a team as a code owner March 26, 2026 08:22

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 26, 2026

David-Engel force-pushed the main branch from a4f82ea to 8869e80 Compare April 3, 2026 20:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump picomatch from 2.3.1 to 2.3.2 in /mssql-js#18

Bump picomatch from 2.3.1 to 2.3.2 in /mssql-js#18
dependabot[bot] wants to merge 110 commits intomainfrom
dependabot/npm_and_yarn/mssql-js/picomatch-2.3.2

dependabot Bot commented on behalf of github Mar 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

dependabot Bot commented on behalf of github Mar 26, 2026

2.3.2

What's Changed

Release history

4.0.0 (2024-02-07)

Fixes

Changed

3.0.1

Fixes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants