[4.1] Bump the testcontainers group with 2 updates

[dependabot]

Bumps the testcontainers group with 2 updates: com.ibm.db2:jcc and com.microsoft.sqlserver:mssql-jdbc.

Updates com.ibm.db2:jcc from 12.1.2.0 to 12.1.3.0

Updates com.microsoft.sqlserver:mssql-jdbc from 13.2.1.jre11 to 13.3.0.jre11-preview

Release notes

Sourced from com.microsoft.sqlserver:mssql-jdbc's releases.

[13.2.1] Hotfix & Stable Release

Added

• Enable Vector data type tests on Azure SQL Database #2762 What was added: Vector data type tests are now enabled to run against Azure SQL Database. Who benefits: Developers testing VECTOR functionality in Azure SQL DB environments. Impact: Ensures VECTOR data type support test coverage.

• Enable JSON data type tests on Azure SQL Database #2756 What was added: JSON data type tests are now enabled to run against Azure SQL Database. Who benefits: Developers testing JSON functionality in Azure SQL DB environments. Impact: Ensures JSON data type support test coverage.

Changed

• Revert function/procedure filtering via sys.all_objects #2751 What changed: Reverted #2705 change that used sys.all_objects for filtering. Restores previous behavior to maintain consistency across metadata APIs. Who benefits: Developers using getProcedures() and getFunctions() in JDBC. Impact: Preserves compatibility with numbered procedures and avoids discrepancies between APIs.

Fixed issues

• Address a hostname validation vulnerability by securely parsing certificate common names. #2801 What was fixed: Secure hostname validation is enforced by replacing the vulnerable CN parsing logic in SQLServerCertificateUtils.java, preventing spoofing attacks. Who benefits: All users of the SQL Server JDBC driver, especially those relying on TLS for secure connections, benefit from improved certificate validation. Impact: This fix closes a security gap, protecting applications from man-in-the-middle attacks and ensuring compliance with security best practices.

• JDK 8 compatibility for vector datatype handling #2750 What was fixed: Ensured fallback to JVM system property javax.net.ssl.trustStoreType if connection property is unset. Who benefits: Users configuring SSL via system properties. Impact: Enables proper SSL trust store resolution, improving compatibility with system configurations.

• PreparedStatement getGeneratedKeys() failure with triggers #2742 What was fixed: Fixed error "The statement must be executed before any results can be obtained" when using insert triggers with generated keys. Who benefits: Developers retrieving generated keys from inserts with triggers. Impact: Restores correct behavior for both update count accuracy and generated keys retrieval in trigger scenarios.

• Byte Buddy dependency scope #2755 What was fixed: Corrected Byte Buddy (1.15.11) dependency scope to test instead of compile. Who benefits: Developers and users of runtime artifacts. Impact: Reduces runtime artifact size (~8 MB) and ensures Byte Buddy is only included for unit tests.

• DatabaseMetaData.getIndexInfo() NON_UNIQUE value inconsistency #2773 What was fixed: Fixed incorrect NON_UNIQUE values due to mismatched handling of sp_statistics and sys.indexes. Who benefits: Applications depending on accurate index metadata. Impact: Provides consistent value of NON_UNIQUE field across SQL Server and Azure Synapse Analytics.

• DatabaseMetaData.getIndexInfo() invalid cursor position exception 2763 What was fixed: Fixed SQLException: Invalid cursor position caused when calling ResultSet.next() after exhaustion due to CachedRowSet strict cursor validation. Who benefits: Developers consuming metadata via DatabaseMetaData.getIndexInfo() on SQL Server or Azure Synapse DW.

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions