OF-3267 chore(deps): bump com.mysql:mysql-connector-j from 8.4.0 to 9.7.0

[dependabot]

Bumps com.mysql:mysql-connector-j from 8.4.0 to 9.7.0.

Changelog

Sourced from com.mysql:mysql-connector-j's changelog.

Changelog

https://dev.mysql.com/doc/relnotes/connector-j/en/

Version 9.7.0

• Fix for Bug#119863 (Bug#38951042), Inaccurate decoding of negative TIME durations in Binary Protocol (Cursor Mode).

• WL#17215, Implement JDBC 4.3/4.5 Statement/Connection.enquote* methods.

• Fix for Bug#119245 (Bug#38599240), Select into fix breaks queries with 'into' in them. (reopened)

• Fix for Bug#119659 (Bug#38916595), BinaryResultsetReader fails to consume EOF packet after column definitions when EOF is not deprecated.

Version 9.6.0

• Fix for Bug#118002 (Bug#37843004), The setFetchSize() method in the Statement class may have a potential bug.

• Fix for Bug#113130 (Bug#36043125), getGeneratedKeys() returns a zero resultset with non-key-generating statements.

• Fix for Bug#113336 (Bug#36080226), Inconsistent getUpdateCount() Behavior with allowMultiQueries.

• Fix for Bug#118234 (Bug#37975837), A potential bugs in Mysql Connector/J.

• Fix for Bug#113413 (Bug#36107426), Connection.changeUser cannot be done after DriverManager.loginTimeout elapses. Thanks to Kazuhisa Kawashima for his contribution.

• Fix for Bug#119271 (Bug#38599496), Connector/J fails to accept legacy value zeroDateTimeBehavior=convertToNull on multi-host URLs (failover).

• Fix for Bug#119245 (Bug#38599240), Select into fix breaks queries with 'into' in them.

Version 9.5.0

• Fix for Bug#72036 (Bug#18403804), XA isSameRM() shouldn't take database into account.

• Fix for Bug#62693 (Bug#16722068), XAConnection savepoint capability.

• Fix for Bug#81128 (Bug#23146631), Master host list overwritten by slave list when loadBalanceConnectionGroup used.

• Fix for Bug#19887224, RUNNING THE TEST SUITE WITH SOCKSPROXY* PROPERTIES HANGS IN TEST TESTBUG56429.

• Fix for Bug#98699 (Bug#30932850), Allow empty keyStore file for keyStoreTypes that do not require files. Thanks to Kolbe Kegel for his contribution.

• Fix for Bug#118938 (Bug#38396227), DatabaseMetaDataInformationSchema#getSchemas has a bug.

• Fix for Bug#99292 (Bug#31195955), Contribution: Support Windows time zone 'Coordinated Universal Time'. Thanks to Frédéric Barrière for his contribution.

• Fix for Bug#107094 (Bug#34104230), NullPointerException when calling equals with null on MultiHostConnectionProxy.

... (truncated)

Commits

• 0aade1f Fix for Bug#119863 (Bug#38951042), Inaccurate decoding of negative TIME durat...
• b6d5baa Update for GPL license book.
• a7cc5a9 Fix for DateTimeTest failures after some of the work done for WL#16669 in MyS...
• 6a0c818 WL#17215, Implement JDBC 4.3/4.5 Statement/Connection.enquote* methods.
• 5f96e85 Fix for Bug#119245 (Bug#38599240), Select into fix breaks queries with 'into'...
• 8d779fc Fix for Bug#119659 (Bug#38916595), BinaryResultsetReader fails to consume EOF...
• 1391179 Copyright header year bump.
• 5c764b4 Post-release version bump.
• fdef61f Update copyright year.
• 43aced7 Update for GPL license book.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated the MySQL database driver to the latest release to improve compatibility, stability, and connectivity across server components.

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR updates the MySQL Connector/J JDBC driver dependency from version 8.4.0 to 9.7.0 across two Maven POM files. This is a straightforward dependency version bump with no code logic changes.

Changes

MySQL Connector/J Dependency Update

Layer / File(s)	Summary
Dependency Version Bump build/ci/updater/pom.xml, xmppserver/pom.xml	MySQL Connector/J updated from 8.4.0 to 9.7.0 in both POM files.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested reviewers

• akrherz

Poem

🐰 A MySQL hop, from eight to nine,
The connector jumps, version divine!
Two POM files dance in perfect sync,
Database drivers linked without a kink!
Fresh dependencies, ready to spring! 🌱

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: updating the mysql-connector-j dependency version from 8.4.0 to 9.7.0 across the codebase.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/maven/com.mysql-mysql-connector-j-9.7.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[akrherz]

Unsure why, but this PR missed bumping in both places like #3307 did

[akrherz]

https://igniterealtime.atlassian.net/browse/OF-3246 denotes that we may need to pump the brakes on this due to not supporting older MySQL releases. It would be something for 5.1.0 Openfire to consider though...

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@xmppserver/pom.xml`:
- Line 462: The pom.xml change bumps the mysql-connector-java <version> to 9.7.0
which drops support for MySQL 5.7; either revert the dependency to the latest
8.0.x release (restore the previous mysql-connector-java version in the
<version> element for the dependency with artifactId mysql-connector-java) or
move the 9.7.0 upgrade into a breaking-change/major-release branch and document
that Openfire no longer supports MySQL 5.7; update the pom and release notes
accordingly so the project retains 5.7 compatibility unless you intentionally
cut a major release that removes it.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: bb2e4035-e598-43fd-b086-849a0da321e0

📥 Commits

Reviewing files that changed from the base of the PR and between 6cbbcdd and 649f30f.

📒 Files selected for processing (2)

• build/ci/updater/pom.xml
• xmppserver/pom.xml

✅ Files skipped from review due to trivial changes (1)

• build/ci/updater/pom.xml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Read-only verification: find documented/supported MySQL versions in this repo
rg -n -C2 --iglob '*.{md,xml,adoc,txt,properties,yml,yaml}' 'MySQL|mysql|MariaDB|OF-3246|connector-j|5\.7|8\.0|8\.4|9\.7'

Repository: igniterealtime/Openfire

Length of output: 50379

---

🌐 Web query:

For MySQL Connector/J 9.7.0, what MySQL Server versions are officially supported? Please use official MySQL documentation/release notes and confirm whether MySQL 5.7 and early 8.0 versions are still supported.

💡 Result:

MySQL Connector/J 9.7.0 officially supports MySQL Server versions 8.0 and higher. It does not support MySQL 5.7 or early 8.0 versions (such as 8.0.0 to 8.0.x prior to full 8.0 stability, but specifically the compatibility is stated as 8.0 and up, excluding 5.7).[1][2]

Citations:

• 1: https://dev.mysql.com/doc/connector-j/en/connector-j-versions.html
• 2: https://dev.mysql.com/doc/relnotes/connector-j/en/news-9-7-0.html

---

MySQL Connector/J 9.7.0 drops support for MySQL 5.7 and earlier 8.0 versions

Line 462 upgrades the JDBC driver to 9.7.0, which officially supports only MySQL Server 8.0 and higher. This breaks compatibility with any MySQL 5.7 installations. Confirm that Openfire no longer needs to support MySQL 5.7 before merging, or defer this upgrade until a major version release boundary.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@xmppserver/pom.xml` at line 462, The pom.xml change bumps the
mysql-connector-java <version> to 9.7.0 which drops support for MySQL 5.7;
either revert the dependency to the latest 8.0.x release (restore the previous
mysql-connector-java version in the <version> element for the dependency with
artifactId mysql-connector-java) or move the 9.7.0 upgrade into a
breaking-change/major-release branch and document that Openfire no longer
supports MySQL 5.7; update the pom and release notes accordingly so the project
retains 5.7 compatibility unless you intentionally cut a major release that
removes it.

[akrherz]

MySQL 8.0 is EOL as of last month, might I suggest we take this after Openfire 5.1 branches and target 5.2 ?

[guusdk]

MySQL 8.0 is EOL as of last month, might I suggest we take this after Openfire 5.1 branches and target 5.2 ?

I think that's a good idea.