diff --git a/.github/cargo-blacklist.txt b/.github/cargo-blacklist.txt
new file mode 100644
index 000000000000..32e7878a86db
--- /dev/null
+++ b/.github/cargo-blacklist.txt
@@ -0,0 +1,2 @@
+native-tls
+openssl
diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml
new file mode 100644
index 000000000000..3fd7db2be639
--- /dev/null
+++ b/.github/workflows/dependency-check.yml
@@ -0,0 +1,36 @@
+name: Check Dependencies
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  check-dependencies:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Rust
+      uses: actions-rust-lang/setup-rust-toolchain@v1
+
+    - name: Run cargo tree
+      run: cargo tree --prefix none > dependencies.txt
+
+    - name: Extract dependency names
+      run: awk '{print $1}' dependencies.txt > dependency_names.txt
+
+    - name: Check for blacklisted crates
+      run: |
+        while read -r dep; do
+          if grep -qFx "$dep" dependency_names.txt; then
+            echo "Blacklisted crate '$dep' found in dependencies."
+            exit 1
+          fi
+        done < .github/cargo-blacklist.txt
+        echo "No blacklisted crates found."
diff --git a/Cargo.lock b/Cargo.lock
index 65612d90514e..68eeaf20ff34 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -993,25 +993,6 @@ dependencies = [
  "serde",
 ]
 
-[[package]]
-name = "bindgen"
-version = "0.59.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2bd2a9a458e8f4304c52c43ebb0cfbd520289f8379a52e329a38afda99bf8eb8"
-dependencies = [
- "bitflags 1.3.2",
- "cexpr",
- "clang-sys",
- "lazy_static",
- "lazycell",
- "peeking_take_while",
- "proc-macro2",
- "quote",
- "regex",
- "rustc-hash 1.1.0",
- "shlex",
-]
-
 [[package]]
 name = "bindgen"
 version = "0.69.4"
@@ -4110,21 +4091,6 @@ version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
 
-[[package]]
-name = "foreign-types"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
-dependencies = [
- "foreign-types-shared",
-]
-
-[[package]]
-name = "foreign-types-shared"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
-
 [[package]]
 name = "form_urlencoded"
 version = "1.2.1"
@@ -5691,7 +5657,7 @@ checksum = "b9ae10193d25051e74945f1ea2d0b42e03cc3b890f7e4cc5faa44997d808193f"
 dependencies = [
  "base64 0.21.7",
  "js-sys",
- "pem 3.0.4",
+ "pem",
  "ring 0.17.8",
  "serde",
  "serde_json",
@@ -5785,7 +5751,7 @@ dependencies = [
  "jsonpath-rust 0.5.1",
  "k8s-openapi",
  "kube-core",
- "pem 3.0.4",
+ "pem",
  "rustls 0.23.13",
  "rustls-pemfile 2.2.0",
  "secrecy",
@@ -5943,15 +5909,6 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0c2cdeb66e45e9f36bfad5bbdb4d2384e70936afbee843c6f6543f0c551ebb25"
 
-[[package]]
-name = "lexical"
-version = "6.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c7aefb36fd43fef7003334742cbf77b243fcd36418a1d1bdd480d613a67968f6"
-dependencies = [
- "lexical-core",
-]
-
 [[package]]
 name = "lexical-core"
 version = "0.8.5"
@@ -6237,15 +6194,6 @@ dependencies = [
  "vob",
 ]
 
-[[package]]
-name = "lru"
-version = "0.8.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b6e8aaa3f231bb4bd57b84b2d5dc3ae7f350265df8aa96492e0bc394a1571909"
-dependencies = [
- "hashbrown 0.12.3",
-]
-
 [[package]]
 name = "lru"
 version = "0.12.4"
@@ -6841,9 +6789,9 @@ checksum = "2195bf6aa996a481483b29d62a7663eed3fe39600c460e323f8ff41e90bdd89b"
 
 [[package]]
 name = "mysql"
-version = "23.0.1"
+version = "25.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "05f11339ca5c251941805d51362a07823605a80586ced92914ab7de84fba813f"
+checksum = "c6ad644efb545e459029b1ffa7c969d830975bd76906820913247620df10050b"
 dependencies = [
  "bufstream",
  "bytes",
@@ -6851,18 +6799,20 @@ dependencies = [
  "flate2",
  "io-enum",
  "libc",
- "lru 0.8.1",
- "mysql_common 0.29.2",
+ "lru",
+ "mysql_common 0.32.4",
  "named_pipe",
- "native-tls",
- "once_cell",
- "pem 1.1.1",
+ "pem",
  "percent-encoding",
+ "rustls 0.23.13",
+ "rustls-pemfile 2.2.0",
  "serde",
  "serde_json",
- "socket2 0.4.10",
+ "socket2 0.5.7",
  "twox-hash",
  "url",
+ "webpki",
+ "webpki-roots 0.26.6",
 ]
 
 [[package]]
@@ -6915,11 +6865,11 @@ dependencies = [
  "futures-util",
  "keyed_priority_queue",
  "lazy_static",
- "lru 0.12.4",
+ "lru",
  "mio 0.8.11",
  "mysql_common 0.31.0",
  "once_cell",
- "pem 3.0.4",
+ "pem",
  "percent-encoding",
  "pin-project",
  "rand",
@@ -6938,43 +6888,6 @@ dependencies = [
  "webpki-roots 0.25.4",
 ]
 
-[[package]]
-name = "mysql_common"
-version = "0.29.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9006c95034ccf7b903d955f210469119f6c3477fc9c9e7a7845ce38a3e665c2a"
-dependencies = [
- "base64 0.13.1",
- "bigdecimal 0.3.1",
- "bindgen 0.59.2",
- "bitflags 1.3.2",
- "bitvec",
- "byteorder",
- "bytes",
- "cc",
- "cmake",
- "crc32fast",
- "flate2",
- "frunk",
- "lazy_static",
- "lexical",
- "num-bigint",
- "num-traits",
- "rand",
- "regex",
- "rust_decimal",
- "saturating",
- "serde",
- "serde_json",
- "sha1",
- "sha2",
- "smallvec",
- "subprocess",
- "thiserror",
- "time",
- "uuid",
-]
-
 [[package]]
 name = "mysql_common"
 version = "0.31.0"
@@ -7119,23 +7032,6 @@ dependencies = [
  "winapi",
 ]
 
-[[package]]
-name = "native-tls"
-version = "0.2.12"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a8614eb2c83d59d1c8cc974dd3f920198647674a0a035e1af1fa58707e317466"
-dependencies = [
- "libc",
- "log",
- "openssl",
- "openssl-probe",
- "openssl-sys",
- "schannel",
- "security-framework",
- "security-framework-sys",
- "tempfile",
-]
-
 [[package]]
 name = "ndk-context"
 version = "0.1.1"
@@ -7555,50 +7451,12 @@ dependencies = [
  "tokio-rustls 0.26.0",
 ]
 
-[[package]]
-name = "openssl"
-version = "0.10.66"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1"
-dependencies = [
- "bitflags 2.6.0",
- "cfg-if",
- "foreign-types",
- "libc",
- "once_cell",
- "openssl-macros",
- "openssl-sys",
-]
-
-[[package]]
-name = "openssl-macros"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.79",
-]
-
 [[package]]
 name = "openssl-probe"
 version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
 
-[[package]]
-name = "openssl-sys"
-version = "0.9.103"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f9e8deee91df40a943c71b917e5874b951d32a802526c85721ce3b776c929d6"
-dependencies = [
- "cc",
- "libc",
- "pkg-config",
- "vcpkg",
-]
-
 [[package]]
 name = "opentelemetry"
 version = "0.21.0"
@@ -8112,21 +7970,6 @@ dependencies = [
  "hmac",
 ]
 
-[[package]]
-name = "peeking_take_while"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099"
-
-[[package]]
-name = "pem"
-version = "1.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a8835c273a76a90455d7344889b0964598e3316e2a79ede8e36f16bdcf2228b8"
-dependencies = [
- "base64 0.13.1",
-]
-
 [[package]]
 name = "pem"
 version = "3.0.4"
@@ -12125,7 +11968,7 @@ dependencies = [
  "itertools 0.12.1",
  "levenshtein_automata",
  "log",
- "lru 0.12.4",
+ "lru",
  "lz4_flex 0.11.3",
  "measure_time",
  "memmap2 0.9.5",
@@ -14392,7 +14235,7 @@ dependencies = [
  "chrono",
  "der 0.7.9",
  "hex",
- "pem 3.0.4",
+ "pem",
  "ring 0.17.8",
  "signature",
  "spki 0.7.3",
diff --git a/tests/runner/Cargo.toml b/tests/runner/Cargo.toml
index 641f07c2c6c3..71312c39dea3 100644
--- a/tests/runner/Cargo.toml
+++ b/tests/runner/Cargo.toml
@@ -16,7 +16,7 @@ common-query.workspace = true
 common-recordbatch.workspace = true
 common-time.workspace = true
 datatypes = { workspace = true }
-mysql = { version = "23.0.1" }
+mysql = { version = "25.0.1", default-features = false, features = ["minimal", "rustls-tls"] }
 serde.workspace = true
 serde_json.workspace = true
 tokio-postgres = { workspace = true }