SQL Server Blog articles

mssql-python 1.6: Unblocking Your Threads

DavidLevy — Fri, 24 Apr 2026 17:00:00 GMT

The last two mssql-python releases shipped big features: Bulk Copy in 1.4 for high-throughput data loading, and Apache Arrow in 1.5 for zero-copy analytics. Version 1.6 is about what happens next: you take those features into production, scale up your thread pool, and find out where the driver was quietly holding you back.

This release unblocks your threads during connection setup, fixes crashes and incorrect results in common cursor patterns, and hardens security for passwords with special characters and log file paths.

pip install --upgrade mssql-python

Your threads can run while connections are opening

If you're running mssql-python behind Flask, FastAPI, Django, or any WSGI/ASGI server with thread-based workers, this one matters.

Opening a database connection is slow. There's DNS resolution, a TCP handshake, TLS negotiation, and SQL Server authentication. In previous versions, every other Python thread in your process was frozen while that happened, because the driver held the Global Interpreter Lock (GIL) during the entire operation. One thread opening a connection meant no other thread could serve requests, process data, or do anything at all.

Version 1.6 releases the GIL during connect and disconnect. Your other threads keep running while the network round-trip completes. If you have a multi-threaded web server handling concurrent requests, this removes a serialization bottleneck you may not have realized you had.

The connection pool was also reworked to stay safe under this change. Previously, the pool held an internal lock while calling connect, which would have created a deadlock now that connect releases the GIL. The pool now reserves a slot first, connects outside the lock, and rolls back the reservation if the connection fails.

Decimal parameters work with setinputsizes

If you use cursor.setinputsizes() to declare parameter types for performance-sensitive batch inserts, you may have hit a crash when specifying SQL_DECIMAL or SQL_NUMERIC. This is fixed. Decimal values now bind correctly whether you're using execute() or executemany():

cursor.setinputsizes([ (mssql_python.SQL_WVARCHAR, 100, 0), (mssql_python.SQL_INTEGER, 0, 0), (mssql_python.SQL_DECIMAL, 18, 2), ]) cursor.executemany( "INSERT INTO Products (Name, CategoryID, Price) VALUES (?, ?, ?)", [ ("Widget", 1, Decimal("19.99")), ("Gadget", 2, Decimal("29.99")), ], )

Iterating catalog results with fetchone()

If you've used cursor.tables(), cursor.columns(), or other catalog methods and tried to walk the results with fetchone(), you may have gotten incorrect data. Row tracking was broken for catalog result sets. This now works the way you'd expect:

cursor.tables(tableType="TABLE") while True: row = cursor.fetchone() if row is None: break print(row.table_name)

This also applies to primaryKeys(), foreignKeys(), statistics(), procedures(), and getTypeInfo().

Reusing prepared statements without reset

If you call cursor.execute() with reset_cursor=False to reuse a prepared statement across calls, this no longer raises an "Invalid cursor state" error.

Passwords with special characters stay masked in logs

If your SQL Server password contains semicolons, braces, or other ODBC-special characters (e.g., PWD={Top;Secret}), previous versions could accidentally leak part of it in sanitized log output. The password masking logic has been rewritten to correctly handle all ODBC connection string formats. If the connection string can't be parsed at all, the entire string is now redacted rather than partially exposed.

The logging system also now rejects log file paths that attempt directory traversal, preventing setup_logging(log_file_path="../../somewhere/else.log") from writing outside the intended directory.

Better type checker support for executemany

If your type checker flagged executemany() when you passed dictionaries as parameter rows, that warning is gone. The type annotations now correctly accept Mapping types, matching the DB API 2.0 spec for named parameters.

Get started

pip install --upgrade mssql-python

For questions or issues, file them on GitHub or email mssql-python@microsoft.com.

mssql-django 1.7.1: Microsoft Fabric Support and Migration Fixes

DavidLevy — Fri, 24 Apr 2026 17:00:00 GMT

We just shipped mssql-django 1.7.1 with two fixes that matter if you're running Django on Microsoft Fabric or using descending indexes in your migrations.

JSONField Now Works on Microsoft Fabric

SQL Database in Microsoft Fabric reports itself as EngineEdition 12, which our backend didn't previously recognize. The result: JSONField queries, hash functions, collation introspection, and test teardown all broke on Fabric because the backend couldn't correctly identify the server capabilities.

In 1.7.1, we added full detection for Fabric's engine edition. The backend now correctly treats Fabric as an Azure SQL-class database, which means JSONField, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, and collation-dependent lookups all work as expected. We also combined the ProductVersion and EngineEdition queries into a single round trip, so connection setup is faster too.

If you've been waiting to use Django with SQL Database in Microsoft Fabric, this is the release that makes it work.

Descending Index Migrations No Longer Crash

If you had a model with a descending index and ran an AlterField migration on one of the indexed columns, Django would crash with FieldDoesNotExist. The issue was in how our schema editor looked up fields during index reconstruction: it was reading index.fields (which only contains field names for simple indexes) instead of index.fields_orders (which correctly handles the (field_name, order) tuples that descending indexes use).

This was a one-line fix, but it blocked anyone whose migrations touched fields covered by descending indexes. If you've been working around this, upgrade and your migrations will run cleanly.

SQL Server 2025 in CI

We upgraded our Windows CI pipeline to run against SQL Server 2025, so every commit is now tested against the latest version. Combined with our existing coverage across SQL Server 2016-2022, Azure SQL Database, Azure SQL Managed Instance, and now Microsoft Fabric, you can be confident the backend works across the full Microsoft data platform.

Upgrade

pip install --upgrade mssql-django

Full compatibility:

Component	Supported
Django	3.2, 4.0, 4.1, 4.2, 5.0, 5.1, 5.2, 6.0
Python	3.8 - 3.14 (Django 6.0 requires 3.12+)
SQL Server	2016, 2017, 2019, 2022, 2025
Azure SQL	Database, Managed Instance, SQL Database in Fabric
ODBC Driver	Microsoft ODBC Driver 17 or 18

Questions, bugs, or contributions? Find us on GitHub.

mssql-django is open source under the BSD license. Built and maintained by Microsoft.

Cumulative Update #4 for SQL Server 2025 RTM

HarveyMoraSQL — Thu, 16 Apr 2026 20:29:22 GMT

The 4th cumulative update release for SQL Server 2025 RTM is now available for download at the Microsoft Downloads site. Please note that registration is no longer required to download Cumulative updates.
To learn more about the release or servicing model, please visit:

CU4 KB Article: https://learn.microsoft.com/troubleshoot/sql/releases/sqlserver-2025/cumulativeupdate4

Starting with SQL Server 2017, we adopted a new modern servicing model. Please refer to our blog for more details on Modern Servicing Model for SQL Server

Microsoft® SQL Server® 2025 RTM Latest Cumulative Update: https://www.microsoft.com/download/details.aspx?id=108540
Update Center for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2025 RTM CU3

SrinivasSQL — Wed, 15 Apr 2026 00:56:30 GMT

The Security Update for SQL Server 2025 RTM CU3 is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2025 RTM CUs, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:

CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability

Security Update of SQL Server 2025 RTM CU3 KB Article: KB5083245
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=7c9659b3-52aa-4693-9221-6e720ecafc01
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5083245
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2025 RTM

SrinivasSQL — Wed, 15 Apr 2026 00:55:41 GMT

The Security Update for SQL Server 2025 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2025 RTM, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:

CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability

Security Update of SQL Server 2025 RTM GDR KB Article: KB5084814
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=023f8cbe-945a-463e-aaf9-a9154037fa62
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084814
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2022 RTM CU24

SrinivasSQL — Wed, 15 Apr 2026 00:54:09 GMT

The Security Update for SQL Server 2022 RTM CU24 is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM CUs, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:

CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability

Security Update of SQL Server 2022 RTM CU24 KB Article: KB5083252
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=45a0147b-2806-40f7-955e-834cda4aea11
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5083252
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2022 RTM

SrinivasSQL — Wed, 15 Apr 2026 00:52:53 GMT

The Security Update for SQL Server 2022 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:

CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability

Security Update of SQL Server 2022 RTM GDR KB Article: KB5084815
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=e9226e0f-13ef-419a-8795-f1c529b10837
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084815
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2019 RTM CU32

SrinivasSQL — Wed, 15 Apr 2026 00:51:09 GMT

The Security Update for SQL Server 2019 RTM CU32 is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2019 RTM CUs, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:

CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability

Security Update of SQL Server 2019 RTM CU32 KB Article: KB5084816
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=7c86a953-f019-4e80-8513-3d61f871d8d9
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084816
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2019 RTM

SrinivasSQL — Wed, 15 Apr 2026 00:47:46 GMT

The Security Update for SQL Server 2019 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2019 RTM, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:

CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability

Security Update of SQL Server 2019 RTM GDR KB Article: KB5084817
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=3af5d5a4-4ac0-4448-9ea3-2014db4e77d3
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084817
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2017 RTM

HarveyMoraSQL — Wed, 15 Apr 2026 00:31:51 GMT

The Security Update for SQL Server 2017 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2017 RTM, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:
- CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability
Security Update of SQL Server 2017 RTM GDR KB Article: KB5084819
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=7232c144-b61b-4aa1-8a74-53f78934e089
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084819
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2017 RTM CU31

HarveyMoraSQL — Wed, 15 Apr 2026 00:31:49 GMT

The Security Update for SQL Server 2017 RTM CU31 is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2017 RTM CUs, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:
- CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability
Security Update of SQL Server 2017 RTM CU31 KB Article: KB5084818
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=a12600f6-9e6d-4937-8598-71e4ee4e5af6
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084818
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2016 SP3

HarveyMoraSQL — Wed, 15 Apr 2026 00:31:46 GMT

The Security Update for SQL Server 2016 SP3 GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2016 SP3, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:
- CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability
Security Update of SQL Server 2016 SP3 GDR KB Article: KB5084821
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=3ab8ec18-2137-4a10-82d7-895ca0b29e8f
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084821
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Security Update for SQL Server 2016 SP3 Azure Connect Feature Pack

HarveyMoraSQL — Wed, 15 Apr 2026 00:31:39 GMT

The Security Update for SQL Server 2016 SP3 Azure Connect Feature Pack is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2016 SP3 Azure Connect Feature Pack, plus it includes the new security fixes detailed in the KB Article.

Security Bulletins:
- CVE-2026-32176 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability
Security Update of SQL Server 2016 SP3 Azure Connect Feature Pack KB Article: KB5084820
Microsoft Download Center: https://www.microsoft.com/download/details.aspx?familyid=2bd11c46-18c3-4af8-a208-71a6a90fb2a1
Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5084820
Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updates

Announcing SQL Server Management Studio 22.5

erinstellato — Tue, 14 Apr 2026 20:52:21 GMT

Welcome to April! In the northeast United States that means spring, holidays and observances, spring break trips, and unpredictable weather. Not to worry, the engineering teams for SQL Server Management Studio (SSMS) and GitHub Copilot in SSMS have continued to make steady progress, culminating in the release of SSMS 22.5 today.

We know that for some folks the cadence of releases is a significant change from SSMS 20 and earlier. We get it; it’s been an adjustment for us as well! But just as we have figured out this new rhythm and put new systems in place to make the process smoother, we’re confident you will as well. I truly believe that so much in life is about finding balance. We used to get a lot of feedback that we didn’t release SSMS updates often enough. Now we get comments that releases are too frequent. It’s hard to please everyone 😊 Please know that we truly value your feedback – I cannot tell you how often in meetings Makena or I will reference an item filed on the feedback site, or a set of comments. We appreciate all of you making the move to use the site – we’re over a year in and it’s been invaluable in helping shape our roadmap and identify what is a priority for all of you.

Ok, on to what’s new in SSMS 22.5...thanks for indulging me!

Migrations

With the retirement of Azure Data Studio, the migrations team has been enhancing the migration experience in SSMS. The 22.5 release introduces a new Migration Page which serves as a starting point for all things related to migrations. When you right-click on an instance and select Migrate SQL Server, the page opens and you can initiate an assessment, provision a target server, migrate your data, or monitor an in-progress migration. We want to make migrations easier; this consolidated page is a first step in that process.

New Migration page in SSMS 22.5

SQL Projects

Last month, in SSMS 22.4.1, SQL projects were made available in preview. If you missed Drew’s blog post, please take a few minutes to read it. I remember talking to Drew about bringing SQL projects to SSMS way back in 2022, when I started on the team. I cannot tell you how happy I am that it’s becoming a reality, and I cannot shine a bright enough light on Drew for his persistence and incredible work in this area. SQL projects represents the sum of a lot of moving parts, and Drew somehow keeps them all aligned and moving in the right direction.

Expect to see new capabilities related to SQL projects in subsequent releases. In addition to watching closely for feedback, the team is also keeping an open roadmap that you can follow. We know that the functionality has started simple, but engineering is working quickly to bring the full capabilities you expect into SSMS. In this release you can:

import objects from an existing database into a SQL project
use the new Advanced Publish settings dialog
find new templates
enjoy the updated SQL projects icon

Click-through new templates for SQL projects in SSMS 22.5

Connection dialog

The new connection dialog includes a Name field, for you to provide a customized name for a connection. This created some confusion for folks when they modified an existing connection to connect to a different server, but the Name stayed the same. In a previous release we added the Reset button in the bottom left, which clears out all fields. Not everyone is aware of the Reset capability, and in 22.5 we’ve changed the behavior to clear out the Name field if you modify the server name, the authentication type, the user name, or the database name fields.

Changes to Server Name, Authentication, User Name or Database Name clear out the Name field

This change should remove confusion about the server to which you’re connected.

GitHub Copilot in SSMS

On the GitHub Copilot in SSMS side, we’ve added support for interactions with the results pane, including the grid, messages, and execution plan. From the chat you can ask questions about the current results – and phrasing is important here. In the screenshot below I asked for the total UnitPrice for rows 42 through 53, and GitHub Copilot did the math for me. If I asked for "the total UnitPrice for all rows with an OrderDate of 2018-01-03", it would not have referenced the results; it would have run a query to sum UnitPrice for all rows in the database with an OrderDate of 2018-01-03.

GitHub Copilot in SSMS now supports interactions with the results pane, including the grid, messages, and execution plan.

I believe this capability is extremely useful when it comes to the execution plan - you don’t have to save it as a file or open it up in a new window to reference it – it’s a definite time saver. It can help with analyzing the output in the messages time – I’ve used it to compare STATISTICS IO and STATISTICS TIME output. However, asking AI to summarize your results is an interesting space. For large result sets, be aware that all of the results can be sent to the model.

I also need to call out a change on upgrade that may surprise a few folks. If you have a previous release of SSMS 22 and update to SSMS 22.5, you'll notice that Active Document is not selected by default, and it used to be. We will fix this in an upcoming release, but to have the active editor added as an active document by default, select the plus in the bottom of the chat and then Auto-attach active document. We do have this listed as a known issue.

Lastly, we want to make sure that GitHub Copilot users are aware of this blog post explaining upcoming changes regarding how your data is handled.

The quick summary: interaction data - specifically inputs, outputs, code snippets, and associated context - from Copilot Free, Pro, and Pro+ users will be used to train and improve AI models unless you opt out.

If you'd like to opt out, go to settings under “Privacy.” If you previously opted out of the setting allowing GitHub to collect this data for product improvements, your choice persists, and your data will not be used for training unless you opt in. This change does not affect Business and Enterprise users.

Summary

You can find the complete release notes here, and as always, thanks for reading and staying up to date with SSMS. I know we continually remind folks about the feedback site, but this month I’ll remind you about our documentation. If you find one of our docs to be confusing, incomplete, or simply missing, please let us know! I like writing documentation, even if a lot of folks don’t read it 😊

mssql-python 1.5: Apache Arrow, sql_variant, and Native UUIDs

DavidLevy — Fri, 10 Apr 2026 19:00:00 GMT

We're excited to announce the release of mssql-python 1.5.0, the latest version of Microsoft's official Python driver for SQL Server, Azure SQL Database, and SQL databases in Fabric. This release delivers Apache Arrow fetch support for high-performance data workflows, first-class sql_variant and native UUID support, and a collection of important bug fixes.

pip install --upgrade mssql-python

Apache Arrow fetch support

If you're working with pandas, Polars, DuckDB, or any Arrow-native data framework, this release changes how you get data out of SQL Server. The new Arrow fetch API returns query results as native Apache Arrow structures, using the Arrow C Data Interface for zero-copy handoff directly from the C++ layer to Python.

This is a significant performance improvement over the traditional fetchall() path, which converts every value through Python objects. With Arrow, columnar data stays in columnar format end-to-end, and your data framework can consume it without any intermediate copies.

Three methods for different workflows

cursor.arrow() fetches the entire result set as a PyArrow Table:

import mssql_python conn = mssql_python.connect( "SERVER=myserver.database.windows.net;" "DATABASE=AdventureWorks;" "UID=myuser;PWD=mypassword;" "Encrypt=yes;" ) cursor = conn.cursor() cursor.execute("SELECT * FROM Sales.SalesOrderDetail") # Get the full result as a PyArrow Table table = cursor.arrow() # Convert directly to pandas - zero-copy where possible df = table.to_pandas() # Or to Polars - also zero-copy import polars as pl df = pl.from_arrow(table)

cursor.arrow_batch() fetches a single RecordBatch of a specified size, useful when you want fine-grained control over memory:

cursor.execute("SELECT * FROM Production.TransactionHistory") # Process in controlled chunks while True: batch = cursor.arrow_batch(batch_size=10000) if batch.num_rows == 0: break # Process each batch individually process(batch.to_pandas())

cursor.arrow_reader() returns a streaming RecordBatchReader, which integrates directly with frameworks that accept readers:

cursor.execute("SELECT * FROM Production.TransactionHistory") reader = cursor.arrow_reader(batch_size=8192) # Write directly to Parquet with streaming - no need to load everything into memory import pyarrow.parquet as pq pq.write_table(reader.read_all(), "output.parquet") # Or iterate batches manually for batch in reader: process(batch)

How it works under the hood

The Arrow integration is built directly into the C++ pybind11 layer. When you call any Arrow fetch method, the driver:

Allocates columnar Arrow buffers based on the result set schema
Fetches rows from SQL Server in batches using bound column buffers
Converts and packs values directly into the Arrow columnar format
Exports the result via the Arrow C Data Interface as PyCapsule objects
PyArrow imports the capsules with zero copy

Every SQL Server type maps to the appropriate Arrow type: INT to int32, BIGINT to int64, DECIMAL(p,s) to decimal128(p,s), DATE to date32, TIME to time64[ns], DATETIME2 to timestamp[us], UNIQUEIDENTIFIER to large_string, VARBINARY to large_binary, and so on.

LOB columns (large VARCHAR(MAX), NVARCHAR(MAX), VARBINARY(MAX), XML, UDTs) are handled transparently by falling back to row-by-row GetData fetching while still assembling the result into Arrow format.

Community contribution

The Arrow fetch support was contributed by @ffelixg. This is a substantial contribution spanning the C++ pybind layer, the Python cursor API, and comprehensive tests. Thank you, Felix Graßl, for an outstanding contribution that brings high-performance data workflows to mssql-python.

sql_variant type support

SQL Server's sql_variant type stores values of various data types in a single column. It's commonly used in metadata tables, configuration stores, and EAV (Entity-Attribute-Value) patterns. Version 1.5 adds full support for reading sql_variant values with automatic type resolution.

The driver reads the inner type tag from the sql_variant wire format and returns the appropriate Python type:

cursor.execute(""" CREATE TABLE #config ( key NVARCHAR(50) PRIMARY KEY, value SQL_VARIANT ) """) cursor.execute("INSERT INTO #config VALUES ('max_retries', CAST(5 AS INT))") cursor.execute("INSERT INTO #config VALUES ('timeout', CAST(30.5 AS FLOAT))") cursor.execute("INSERT INTO #config VALUES ('app_name', CAST('MyApp' AS NVARCHAR(50)))") cursor.execute("INSERT INTO #config VALUES ('start_date', CAST('2026-01-15' AS DATE))") cursor.execute("SELECT value FROM #config ORDER BY key") rows = cursor.fetchall() # Each value comes back as the correct Python type assert rows[0][0] == "MyApp" # str assert rows[1][0] == 5 # int assert rows[2][0] == date(2026, 1, 15) # datetime.date assert rows[3][0] == 30.5 # float

All 23+ base types are supported, including int, float, Decimal, bool, str, date, time, datetime, bytes, uuid.UUID, and None.

Native UUID support

Previously, UNIQUEIDENTIFIER columns were returned as strings, requiring manual conversion to uuid.UUID. Version 1.5 changes the default: UUID columns now return native uuid.UUID objects.

import uuid cursor.execute("SELECT NEWID() AS id") row = cursor.fetchone() # Native uuid.UUID object - no manual conversion needed assert isinstance(row[0], uuid.UUID) print(row[0]) # e.g., UUID('550e8400-e29b-41d4-a716-446655440000')

UUID values also bind natively as input parameters:

my_id = uuid.uuid4() cursor.execute("INSERT INTO Users (id, name) VALUES (?, ?)", my_id, "Alice")

Migration compatibility

If you're migrating from pyodbc and your code expects string UUIDs, you can opt out at three levels:

# Module level - affects all connections mssql_python.native_uuid = False # Connection level - affects all cursors on this connection conn = mssql_python.connect(conn_str, native_uuid=False)

When native_uuid=False, UUID columns return strings as before.

Row class export

The Row class is now publicly exported from the top-level mssql_python module. This makes it easy to use in type annotations and isinstance checks:

from mssql_python import Row cursor.execute("SELECT 1 AS id, 'Alice' AS name") row = cursor.fetchone() assert isinstance(row, Row) print(row[0]) # 1 (index access) print(row.name) # "Alice" (attribute access)

Bug fixes

Qmark false positive fix

The parameter style detection logic previously misidentified? characters inside SQL comments, string literals, bracketed identifiers, and double-quoted identifiers as qmark parameter placeholders. A new context-aware scanner correctly skips over these SQL quoting contexts:

# These no longer trigger false qmark detection: cursor.execute("SELECT [is this ok?] FROM t") cursor.execute("SELECT 'what?' AS col") cursor.execute("SELECT /* why? */ 1")

NULL VARBINARY parameter fix

Fixed NULL parameter type mapping for VARBINARY columns, which previously could fail when passing None as a binary parameter.

Bulkcopy auth fix

Fixed stale authentication fields being retained in the bulk copy context after token acquisition. This could cause Entra ID-authenticated bulk copy operations to fail on subsequent calls.

Explicit module exports

Added explicit __all__ exports from the main library module to prevent import resolution issues in tools like mypy and IDE autocompletion.

Credential cache fix

Fixed the credential instance cache to correctly reuse and invalidate cached credential objects, preventing unnecessary re-authentication.

datetime.time microseconds fix

Fixed datetime.time values incorrectly having their microseconds component set to zero when fetched from TIME columns.

The road to 1.5

Release	Date	Highlights
1.0.0	November 2025	GA release - DDBC architecture, Entra ID auth, connection pooling, DB API 2.0 compliance
1.1.0	December 2025	Parameter dictionaries, Connection.closed property, Copilot prompts
1.2.0	January 2026	Param-as-dict, non-ASCII path handling, fetchmany fixes
1.3.0	January 2026	Initial BCP implementation (internal), SQLFreeHandle segfault fix
1.4.0	February 2026	BCP public API, spatial types, Rust core upgrade, encoding & stability fixes
1.5.0	April 2026	Apache Arrow fetch, sql_variant, native UUIDs, qmark & auth fixes

Get started today

pip install --upgrade mssql-python

Documentation: github.com/microsoft/mssql-python/wiki
Release notes: github.com/microsoft/mssql-python/releases
Roadmap: github.com/microsoft/mssql-python/blob/main/ROADMAP.md
Report issues: github.com/microsoft/mssql-python/issues
Contact: mssql-python@microsoft.com

We'd love your feedback. Try the new Arrow fetch API with your data workflows, let us know how it performs, and file issues for anything you run into. This driver is built for the Python data community, and your input directly shapes what comes next.

Microsoft ODBC Driver 18.6.2 for SQL

DavidLevy — Wed, 08 Apr 2026 17:00:00 GMT

What Is the Microsoft ODBC Driver for SQL?

The Microsoft ODBC Driver for SQL provides native connectivity from Windows, Linux, and macOS applications to SQL Server, Azure SQL Database, Azure SQL Managed Instance, and Microsoft Fabric. It is the recommended driver for new application development using the ODBC API, and it supports , Always Encrypted, distributed transactions, and modern authentication methods including Microsoft Entra ID (formerly Azure Active Directory).

Whether you're building high-throughput data pipelines, managing enterprise databases, or developing cloud-native applications on Microsoft Fabric, the ODBC driver is a foundational component of the SQL Server connectivity stack.

What's New in 18.6.2

Improved Vector Parameter Handling for Prepared Statements

Version 18.6.2 improves the handling of output and input/output vector parameters when using prepared statements. This enhancement benefits applications that rely on parameterized queries with array bindings — a common pattern in batch processing and high-performance data access layers.

Microsoft Fabric Redirection Support (Up to 10 Redirections)

The driver now allows up to 10 server redirections per connection attempt, up from previous limits. This change directly supports Microsoft Fabric redirection scenarios, where connections may be transparently routed through multiple endpoints before reaching the target workspace. If your applications connect to Fabric SQL endpoints, this update ensures more reliable connectivity in complex routing topologies.

Alpine Linux Packaging Improvements

Architecture detection and packaging have been improved for Alpine Linux environments, making it easier to deploy the driver in lightweight, container-based workloads that use Alpine as a base image.

Bug Fixes

This release addresses several important issues reported by the community and identified through internal testing:

Parameter Array Processing

SQL_ATTR_PARAMS_PROCESSED_PTR accuracy — Fixed an issue where the number of processed parameter sets was not reported correctly when executing parameter arrays. Applications that inspect SQL_ATTR_PARAMS_PROCESSED_PTR after batch execution will now see the correct count.
SQL_PARAM_IGNORE handling — Fixed SQL_ATTR_PARAMS_PROCESSED_PTR and row counting when SQL_PARAM_IGNORE is used within parameter arrays, ensuring that ignored parameters are accounted for properly.

Crash Fixes

SQLNumResultCols segmentation fault — Resolved a segfault that occurred when calling SQLNumResultCols in describe-only scenarios where no parameter bindings are present.
Table-valued parameter (TVP) NULL handling — Fixed a segmentation fault triggered by NULL values in TVP arguments. Applications passing TVPs with nullable columns should no longer experience unexpected crashes.

bcp_bind Consecutive Field Terminators (Known Issue from 18.6.1)

bcp_bind fix — Corrected bcp_bind to properly handle consecutive field terminators without misinterpreting them as empty fields. This resolves a known issue introduced in version 18.6.1, where consecutive terminators were incorrectly interpreted as NULL values instead of empty strings. If you deferred upgrading to 18.6.1 because of this issue, 18.6.2 is the recommended target version.

Linux Packaging

Debian EULA acceptance — Fixed Debian package installation to correctly honor EULA acceptance and complete successfully, eliminating a friction point for automated deployments.
RPM side-by-side installation — Fixed RPM packaging rules to allow installing multiple driver versions side by side, which is important for environments that need to maintain backward compatibility or perform staged rollouts.

Distributed Transactions

XA recovery — Fixed XA recovery to compute transaction IDs correctly, avoiding scenarios where recoverable transactions could be missed during the recovery process. This is a critical fix for applications using distributed transactions with XA transaction managers.

Upgrading from Older Versions

If you are upgrading from a version prior to 18.6.1, you will also benefit from the features introduced in that release:

Vector data type support — Native support for the vector data type (float32), enabling AI and machine learning scenarios directly through ODBC.
ConcatNullYieldsNull property — Connection-level control over null concatenation behavior.
New platform support — Azure Linux 3.0 ARM, Debian 13, Red Hat 10, and Ubuntu 25.10.

Version 18.6.2 builds on these additions with the stability and correctness fixes described above.

Download & Installation

Windows

Platform	Download Link
x64	Download
x86	Download
ARM64	Download

Linux & macOS

Installation packages for supported Linux distributions and macOS are available on Microsoft Learn:

Download ODBC Driver for SQL Server (Linux/macOS)

Documentation & Release Notes

For the full list of changes, platform support details, and known issues, see the official release notes:

Get Started

We encourage all users to upgrade to version 18.6.2.1 to take advantage of the fixes and improvements in this release — particularly if you are using parameter arrays, table-valued parameters, bcp operations, or connecting to Microsoft Fabric endpoints.

As always, we welcome your feedback. If you encounter issues, please report them through the SQL Server feedback channel or open an issue on the Microsoft ODBC Driver GitHub repository.

Happy coding!

Introducing Pacemaker HA Agent v2 for SQL Server on Linux (In Preview)

Attinder_Pal_Singh — Wed, 22 Apr 2026 17:57:51 GMT

We are excited to introduce the next generation of high availability (HA) Agent for SQL Server on Linux: Pacemaker HA Agent v2. This release is a major step forward, designed to reduce planned and unplanned failover times, compared to the previous agent, based on internal engineering improvements.

Why Pacemaker Is Required for SQL Server HA on Linux

For users new to Linux, it’s important to understand how high availability works on this platform.

On Windows Server, Always On availability groups use an underlying Windows Server Failover Cluster (WSFC) to:

Monitor node health
Detect failures
Orchestrate automatic failovers

Always On availability groups on Linux rely on an external cluster orchestrator for health monitoring and failover coordination, with Pacemaker HA Agent being one of the cluster orchestrators, responsible for:

Monitoring node and application health
Coordinating failover decisions
Helping mitigate split‑brain scenarios through improved write‑lease evaluation
Managing resources such as availability groups and listeners

The Pacemaker HA Agent is the integration layer that allows Pacemaker to understand SQL Server health and manage availability groups safely.

Evolution of the SQL Server Pacemaker HA Agent

With SQL Server 2025 CU3 and later, Pacemaker HA Agent v2 is available in preview for Red Hat Enterprise Linux and Ubuntu through the mssql-server-ha package.

Pacemaker HA agent v2 uses a service‑based architecture. The agent runs as a dedicated system service named mssql-pcsag, which is responsible for handling SQL Server–specific high availability operations and communication with Pacemaker.

You can manage mssql-pcsag service by using standard system service controls to start, restart, status and stop this service by using the operating system's service manager (for example, systemctl).

# Start the mssql-pcsag service sudo systemctl start mssql-pcsag # Restart the mssql-pcsag service sudo systemctl restart mssql-pcsag # Check the status of the mssql-pcsag service sudo systemctl status mssql-pcsag # Stop the mssql-pcsag service sudo systemctl stop mssql-pcsag

Limitations of Pacemaker HA Agent v1

While the original agent enabled SQL Server HA on Linux, customers running production workloads encountered several challenges:

Failover delays of 30 seconds to 2 minutes during planned or unplanned events
Limited health detection, missing conditions such as I/O stalls and memory pressure
Rigid failover behavior, unlike the flexible policies available on Windows (WSFC)
Incomplete write‑lease handling, requiring custom logic
No support for TLS1.3 for Pacemaker and SQL Server communications

How Pacemaker HA Agent v2 Addresses These Gaps

Pacemaker HA Agent v2 is a ground‑up improvement, designed to improve the reliability characteristics of SQL Server HA on Linux.

1. Faster & Smarter Failover Decisions

The new agent introduces a service‑based health monitoring architecture, moving beyond basic polling. This allows SQL Server to report detailed diagnostic signals - improving detection speed and helping reduce failover delays in supported configurations.

2. Flexible Automatic Failover Policies inspired by the WSFC health model

Pacemaker HA Agent v2 supports failure‑condition levels (1–5) and health‑check timeout model aligned with those available in Always On availability groups on Windows.

This provides:

Fine‑grained control over failover sensitivity, allowing administrators to tune when failover should occur.
Improved detection of internal SQL Server conditions, such as memory pressure, internal deadlocks, orphaned spinlocks, and other engine‑level failures.

Failover decisions are now driven by detailed diagnostics from sp_server_diagnostics, enabling faster and more accurate response to unhealthy states and providing enhanced resiliency capabilities for SQL Server AG on Linux.

You can configure the failure condition level and health check timeout using the following commands:

-- Setting failure condition level ALTER AVAILABILITY GROUP pacemakerag SET (FAILURE_CONDITION_LEVEL = 2);

-- Setting health check timeout ALTER AVAILABILITY GROUP pacemakerag SET (HEALTH_CHECK_TIMEOUT = 60000);

After applying the configuration, validate the setting using the sys.availability_groups DMV:

3. Robust Write Lease Validity Handling

To prevent split‑brain scenarios, SQL Server on Linux uses an external write‑lease mechanism.

In v1, lease information was not fully integrated into failover decisions.
In v2, the agent actively evaluates the write-lease validity, before initiating transitions. This supports controlled role changes and improved data consistency behavior during failover events, depending on cluster configuration.

4. TLS 1.3 Support

Pacemaker HA agent v2 includes design updates to support TLS 1.3–based communication for health checks and failover operations, when TLS 1.3 is enabled.

Supported Versions & Distributions

Pacemaker HA Agent v2 supports:

SQL Server 2025 CU3 or later
RHEL 9 or later
Ubuntu 22.04 or higher.

Preview upgrade & migration guidance for non-production environments

New or existing non-prod deployments running SQL Server 2025 (17.x) can migrate from Pacemaker HA Agent v1 to v2 using following approach:

Drop the existing AG resource

sudo pcs resource delete <NameForAGResource>

This temporarily pauses AG synchronization but does not delete the availability group (AG). After the resource is recreated, Pacemaker resumes management and AG synchronization automatically.

Create a new AG resource using the v2 agent (ocf:mssql:agv2)

sudo pcs resource create <NameForAGResource> ocf:mssql:agv2 ag_name=<AGName> meta failure-timeout=30s promotable notify=true

Validate cluster health

sudo pcs status

Resume normal operations

References

Create and Configure an Availability Group for SQL Server on Linux - SQL Server | Microsoft Learn

Thank You,

Engineering: David Liao

Attinder Pal Singh

Announcing Preview of bulkadmin role support for SQL Server on Linux

MadhumitaTripathyMSFT — Fri, 20 Mar 2026 09:31:28 GMT

Bulk data import using operations like BULK INSERT and OPENROWSET(BULK…) BULK INSERT (Transact-SQL) - SQL Server | Microsoft Learn is fundamental to ETL and data ingestion workflows. On SQL Server running on Linux, these operations have traditionally required sysadmin privileges, making it difficult to follow least‑privilege security practices.

With the preview of BULKADMIN role support for SQL Server on Linux, this gap is addressed. Starting with SQL Server 2025 (17.x) CU3 and SQL Server 2022 CU24, administrators can grant the bulkadmin role or the ADMINISTER BULK OPERATIONS permission to enable bulk imports without full administrative access. This capability has long been available on SQL Server on Windows and is now extended to Linux, bringing consistent and more secure bulk data operations across platforms.

Bulk import operation

Bulk import operations enable fast, large‑volume data loading into SQL Server tables by reading data directly from external files instead of row‑by‑row inserts. Learn more Use BULK INSERT or OPENROWSET (BULK...) to Import Data to SQL Server - SQL Server | Microsoft Learn

Who this is for

DBAs, Data engineers, ETL developers and application engineers who want to perform bulk data imports without over‑privileging users.

Why this matters

Improved security posture:
Eliminates the need for sysadmin access for bulk operations, enforcing least‑privilege security principle and reducing security risk.

Better operational flexibility:
Allows DBAs to safely delegate bulk data ingestion to application, ETL, and operational teams without expanding the attack surface.

Parity with SQL Server on Windows:
Closes a long‑standing gap between SQL Server on Windows and Linux, simplifying cross‑platform administration.

Designed with layered security controls on Linux

Bulk operations on Linux continue to enforce additional security checks beyond SQL permissions. Administrators must explicitly configure:

Linux file system permissions for the SQL Server service account

Approved bulk load directories using mssql-conf (by configuring the path through bulkadmin.allowedpathslist setting in mssql-conf)

This ensures, SQL Server can only read data from explicitly allowed locations, reducing the risk of unauthorized file access.

Learn more:

For a quick overview, the typical flow to enable bulk import operations on SQL Server on Linux looks like this:

Install SQL Server 2025 (17.x) CU3

Grant BULKADMIN role or ADMINISTER BULK OPERATIONS permission

Configure allowed directories and required filesystem permissions

Run bulk import operations using BULK INSERT or OPENROWSET (BULK...)

For detailed guidance and example, refer to the official documentation:

👉 Configure bulk import operations for SQL Server on Linux

Summary

With BULKADMIN role support on SQL Server for Linux, customers can now enable bulk data imports without compromising security. This enhancement delivers better role separation, security best practices, and a smoother operational experience for SQL Server on Linux.

We encourage customers to explore this capability and adopt least privileged bulk data workflows in their Linux environments.

Microsoft Drivers 5.13.0 for PHP for SQL Server — We're Back!

DavidLevy — Wed, 18 Mar 2026 12:00:00 GMT

Today we're announcing the release of Microsoft Drivers 5.13.0 for PHP for SQL Server, the first GA release of the sqlsrv and pdo_sqlsrv extensions in over two years.

We're not going to bury the lede: the last GA release (5.12.0) shipped on January 31, 2024. That means 25 months passed between stable releases. During that stretch the repo went effectively silent, a series of build-script updates in September 2024, and then nothing of substance until January 2026 when we began modernizing the CI pipeline and preparing this release. For a project whose history stretches back to 2008 and that PHP developers depend on in production every day, that's too long. We heard the issue reports and the frustration, and we understand. Now that we are caught up, we plan to stay here.

What's New in 5.13.0

This release is a significant catch-up. Here's what it brings:

Platform Support — Modernized

Added: - PHP 8.4 and PHP 8.5 support - Windows Server 2025 - Ubuntu 24.04 - Debian 12 and 13 - Red Hat 9 and 10 - Alpine 3.20, 3.21, 3.22, and 3.23 - macOS 15 and 26

Removed (end-of-life platforms): - PHP 8.1 and 8.2 - Windows 10, Server 2012, Server 2012 R2 - Ubuntu 20.04, Debian 10, Red Hat 7, SUSE Linux 12 - Alpine 3.16–3.19 - macOS 11, 12, and 13

Bug Fixes

Fixed a segfault when connecting to Microsoft Fabric — a critical connectivity issue resolved in the PDO driver's error reporting path (PR #1549)
Fixed critical memory safety bugs in encoding conversion — resolved a NULL pointer dereference and an uninitialized pointer return in the localization layer (PR #1555)
Enhanced error reporting in the PDO driver when ODBC diagnostic retrieval fails (PR #1549)

Build & Security Improvements

Refactored build scripts to prevent command injection and race conditions (PR #1551, PR #1552)
Resolved SDL compiler warnings (C4146, C4389, L3/L4 warnings) for stricter compliance (PR #1575, PR #1576, PR #1577)
Modernized CI pipeline to PHP 8.4, ODBC 18, and SQL Server 2022 (PR #1549)
Added PHP 8.5 compilation support and test compatibility (PR #1543, PR #1569)
Removed lingering error reference from CI failure block (PR #1568)
Updated Docker base image to Ubuntu 24.04 LTS (PR #1542)

Our Commitment Going Forward

We're making a deliberate commitment to keep this project healthy and current:

Regular release cadence. We will not let two years pass between GA releases again. Expect releases that track PHP's own annual release cycle, so you're never stuck waiting for support of the PHP version you need.
Active issue triage. We're working through the backlog of open issues and will be more responsive to community reports going forward.
CI that stays green. The modernized pipeline now tests against PHP 8.4 and 8.5, ODBC Driver 18, and SQL Server 2022 on both Linux and Windows. We intend to keep it that way.
Community contributions welcome. This release already includes contributions from community members alongside the core team. We want to make contributing easier and more rewarding. PRs, bug reports, and feedback are all valued.

How to Get It

The 5.13.0 drivers are available now:

PECL: pecl install sqlsrv / pecl install pdo_sqlsrv
Windows binaries: Download from the Releases page
Source: Build from the v5.13.0 tag. See buildscripts/README.md

Requirements

PHP 8.3, 8.4, or 8.5
Microsoft ODBC Driver 17 or 18 for SQL Server
SQL Server 2016+, Azure SQL Database, Azure SQL Managed Instance, or SQL database in Microsoft Fabric.

Thank You

To the PHP developers who kept filing issues, asking questions, and patiently waiting — thank you. You kept this project accountable. The 25-month gap was a failure on our part, and the best apology is changed behavior. We're here, we're shipping, and we're planning to keep it that way.

Please report any issues on GitHub and let us know how 5.13.0 works for you.

The Microsoft Drivers for PHP for SQL Server team

Microsoft.Data.SqlClient 7.0 Is Here: A Leaner, More Modular Driver for SQL Server

DavidLevy — Wed, 18 Mar 2026 12:00:00 GMT

Today we're shipping the general availability release of Microsoft.Data.SqlClient 7.0, a major milestone for the .NET data provider for SQL Server. This release tackles the single most requested change in the repository's history, introduces powerful new extensibility points for authentication, and adds protocol-level features for Azure SQL Hyperscale, all while laying the groundwork for a more modular driver architecture.

If you take away one thing from this post: the core SqlClient package is dramatically lighter now. Azure dependencies have been extracted into a separate package, and you only pull them in if you need them.

dotnet add package Microsoft.Data.SqlClient --version 7.0.0

The #1 Request: A Lighter Package

For years, the most upvoted issue in the SqlClient repository asked the same question: "Why does my console app that just talks to SQL Server pull in Azure.Identity, MSAL, and WebView2?"

With 7.0, it doesn't anymore.

We've extracted all Azure / Microsoft Entra authentication functionality into a new Microsoft.Data.SqlClient.Extensions.Azure package. The core driver no longer carries Azure.Core, Azure.Identity, Microsoft.Identity.Client, or any of their transitive dependencies. If you connect with SQL authentication or Windows integrated auth, your bin folder just got dramatically smaller.

For teams that do use Entra authentication, the migration is straightforward. Add one package reference and you're done:

dotnet add package Microsoft.Data.SqlClient.Extensions.Azure

No code changes. No configuration changes. You can also now update Azure dependency versions on your own schedule, independent of driver releases. This is something library authors and enterprise teams have been asking for.

Pluggable Authentication with SspiContextProvider

Integrated authentication in containers and cross-domain environments has always been a pain point. Kerberos ticket management, sidecar processes, domain trust configuration: the workarounds were never simple.

Version 7.0 introduces a new public SspiContextProvider API on SqlConnection that lets you take control of the authentication handshake. You provide the token exchange logic; the driver handles everything else.

var connection = new SqlConnection(connectionString); connection.SspiContextProvider = new MyKerberosProvider(); connection.Open();

This opens the door to scenarios the driver never natively supported: authenticating across untrusted domains, using NTLM with explicit credentials, or implementing custom Kerberos negotiation in Kubernetes pods. A sample implementation is available in the repository.

Async Read Performance: Packet Multiplexing (Preview)

One of the most community-driven features in 7.0 is packet multiplexing, a change to how the driver processes TDS packets during asynchronous reads. Originally contributed by community member Wraith2, this work delivers a significant leap in async read performance for large result sets.

Packet multiplexing was first introduced in 6.1 and has been refined across the 7.0 preview cycle with additional bug fixes and stability improvements. In 7.0, it ships behind two opt-in feature switches so we can gather broader real-world feedback before making it the default:

AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.UseCompatibilityAsyncBehaviour", false); AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.UseCompatibilityProcessSni", false);

Setting both switches to false enables the new async processing path. By default, the driver uses the existing (compatible) behavior.

We need your help. If your application performs large async reads (ExecuteReaderAsync with big result sets, streaming scenarios, or bulk data retrieval), please try enabling these switches and let us know how it performs in your environment. File your results on GitHub Issues to help us move this toward on-by-default in a future release.

Enhanced Routing for Azure SQL

Azure SQL environments with named read replicas and gateway-based load balancing can now take advantage of enhanced routing, a TDS protocol feature that lets the server redirect connections to a specific server and database during login.

This is entirely transparent to your application. No connection string changes, no code changes. The driver negotiates the capability automatically when the server supports it.

.NET 10 Ready

SqlClient 7.0 compiles and tests against the .NET 10 SDK, so you're ready for the next major .NET release on day one. Combined with continued support for .NET 8, .NET 9, .NET Framework 4.6.2+, and .NET Standard 2.0 (restored in 6.1), the driver covers the full spectrum of active .NET runtimes.

ActiveDirectoryPassword Is Deprecated: Plan Your Migration

As Microsoft moves toward mandatory multifactor authentication across its services, we've deprecated SqlAuthenticationMethod.ActiveDirectoryPassword (the ROPC flow). The method still works in 7.0, but it's marked [Obsolete] and will generate compiler warnings.

Now is the time to move to a stronger alternative:

Scenario	Recommended Authentication
Interactive / desktop apps	Active Directory Interactive
Service-to-service	Active Directory Service Principal
Azure-hosted workloads	Active Directory Managed Identity
Developer / CI environments	Active Directory Default

Quality of Life Improvements

Beyond the headline features, 7.0 includes a collection of improvements that make the driver more reliable and easier to work with in production.

Better retry logic. The new SqlConfigurableRetryFactory.BaselineTransientErrors property exposes the built-in transient error codes, so you can extend the default list with your own application-specific codes instead of copy-pasting error numbers from source.

More app context switches. You can now set MultiSubnetFailover=true globally, ignore server-provided failover partners in Basic Availability Groups, and control async multi-packet behavior, all without modifying connection strings.

Better diagnostics on .NET Framework. SqlClientDiagnosticListener is now enabled for SqlCommand on .NET Framework, closing a long-standing observability gap.

Connection performance fix. A regression where SPN generation was unnecessarily triggered for SQL authentication connections on the native SNI path has been resolved.

Performance improvements. Allocation reductions across Always Encrypted scenarios, SqlStatistics timing, and key store providers.

Upgrading from 6.x

For most applications, upgrading is a package version bump:

dotnet add package Microsoft.Data.SqlClient --version 7.0.0

If you use Microsoft Entra authentication, also add:

dotnet add package Microsoft.Data.SqlClient.Extensions.Azure

If you use ActiveDirectoryPassword, you'll see a compiler warning. Start planning your migration to a supported auth method.

Review the full release notes in release-notes/7.0 for the complete list of changes across all preview releases.

Thank You to Our Contributors

Open-source contributions are central to SqlClient's development. We'd like to recognize the community members who contributed to the 7.0 release:

edwardneal · ErikEJ · MatthiasHuygelen · ShreyaLaxminarayan · tetolv · twsouthwick · Wraith2

What's Next

We're continuing to invest in performance, modularity, and modern .NET alignment. Stay tuned for updates on the roadmap, and keep the feedback coming. Your issues and discussions directly shape what we build.

NuGet: Microsoft.Data.SqlClient 7.0.0
GitHub: dotnet/SqlClient
Issues & Feedback: github.com/dotnet/SqlClient/issues
Docs: Microsoft.Data.SqlClient on Microsoft Learn