Author: Michael Redlich

This week’s Java roundup for April 10th, 2023 features news from OpenJDK, JDK 21, Spring Framework and Spring Data updates, GraalVM Build Tools 0.9.21, MicroStream becomes an Eclipse Project, Micronaut 3.8.9, Helidon 4.0.0.Alpha6, Hibernate ORM 6.2.1, Micrometer Metrics 1.11.0-RC1, 1.10.6 and 1.9.10, Micrometer Tracing 1.1.0-RC1 and 1.0.4, Piranha 23.4.0, Project Reactor 2022.0.6 and Gradle 8.1.

OpenJDK

After its review had concluded, JEP 444, Virtual Threads, has been promoted from Proposed to Target to Targeted status for JDK 21. This JEP proposes to finalize this feature based on feedback from the previous two rounds of preview: JEP 436, Virtual Threads (Second Preview), delivered in JDK 20; and JEP 425, Virtual Threads (Preview), delivered in JDK 19. This feature provides virtual threads, lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications, to the Java platform. The most significant change from JEP 436 is that virtual threads now fully support thread-local variables by eliminating the option to opt-out of using these variables. More details on JEP 425 may be found in this InfoQ news story and this JEP Café screen cast by José Paumard, Java developer advocate, Java Platform Group at Oracle.

Similarly, JEP 430, String Templates (Preview), has been promoted from Proposed to Target to Targeted status for JDK 21. This preview JEP, under the auspices of Project Amber, proposes to enhance the Java programming language with string templates, string literals containing embedded expressions, that are interpreted at runtime where the embedded expressions are evaluated and verified.

JEP 442, Foreign Function & Memory API (Third Preview), has been promoted from Candidate to Proposed to Target for JDK 21. This JEP incorporate refinements based on feedback and to provide a third preview from: JEP 434, Foreign Function & Memory API (Second Preview), delivered in JDK 20; JEP 424, Foreign Function & Memory API (Preview), delivered in JDK 19, and the related incubating JEP 419, Foreign Function & Memory API (Second Incubator), delivered in JDK 18; and JEP 412, Foreign Function & Memory API (Incubator), delivered in JDK 17. This feature provides an API for Java applications to interoperate with code and data outside of the Java runtime by efficiently invoking foreign functions and by safely accessing foreign memory that is not managed by the JVM. Updates from JEP 434 include: centralizing the management of the lifetimes of native segments in the Arena interface; enhanced layout paths with a new element to dereference address layouts; and removal of the VaList class. The review is expected to conclude on April 21, 2023.

JEP 445, Flexible Main Methods and Anonymous Main Classes (Preview), has been promoted from its JEP Draft 8302326 to Candidate status. This feature JEP, formerly entitled Implicit Classes and Enhanced Main Methods (Preview), proposes to “evolve the Java language so that students can write their first programs without needing to understand language features designed for large programs.” This JEP moves forward the September 2022 blog post, Paving the on-ramp, by Brian Goetz, Java language architect at Oracle.

Paul Sandoz, Java architect at Oracle has submitted JEP Draft 8305868, Vector API (Sixth Incubator). This JEP, under the auspices of Project Panama, incorporates enhancements in response to feedback from the previous five rounds of incubation: JEP 438, Vector API (Fifth Incubator), delivered in JDK 20; JEP 426, Vector API (Fourth Incubator), delivered in JDK 19; JEP 417, Vector API (Third Incubator), delivered in JDK 18; JEP 414, Vector API (Second Incubator), delivered in JDK 17; and JEP 338, Vector API (Incubator), delivered as an incubator module in JDK 16. This feature proposes to enhance the Vector API to load and store vectors to and from a MemorySegment as defined by JEP 424, Foreign Function & Memory API (Preview).

JDK 21

Build 18 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 17 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

Versions 6.0.8, 5.3.27 and 5.2.24.RELEASE of Spring Framework have been released to primarily address CVE-2023-20863, Spring Expression DoS Vulnerability, a vulnerability in which an attacker to provide a specially crafted Spring Expression Language expression that may cause a denial-of-service (DoS) condition. Other new features include: a new overloaded truncate() method defined in the StringUtils class to serve as centralized, consistent way for truncating strings; a new nullSafeConciseToString() method defined in the ObjectUtils class to generate a more “concise” null-safe toString() representation of various objects that does not include an entire object graph; and replace the use of the unmodifiableList() method defined in the Collections class with the copyOf() method defined in the List interface which results in Spring application code that more readable, prevents unexpected bugs and easier to maintain. More details on these releases may be found in the release notes for version 6.0.8, version 5.3.27 and version 5.2.24.RELEASE.

Spring Data 2023.0-RC1, 2022.0.5 and 2021.2.11 have been released this past week. Version 2023.0-RC1 features: the reinstatement of MariaDB support for Spring Data R2DBC; a new @Hint annotation in Spring Data MongoDB with support for reactive bulk operations; and many enhancements to the Spring Data JPA Hibernate and JPQL parsers to better support aliases and other aspects of query parsing for @Query annotated queries. Versions 2022.0.5 and 2021.2.11 are service releases that ship with improvements and bug fixes for regressions. These versions may be consumed with the upcoming releases of Spring Boot 3.0.6 and 2.7.11, respectively.

GraalVM Native Build Tools

On the road to version 1.0, Oracle Labs has released version 0.9.21 of Native Build Tools, a GraalVM project consisting of plugins for interoperability with GraalVM Native Image. This latest release provides notable changes such as: a fix to ensure compatibility with Gradle’s configuration cache; deprecate the requiredVersion property in favor of using a version string; and a new write-args-file Maven goal that writes an arguments file such that other plugins downstream in the life cycle may use it. More details on this release may be found in the changelog.

MicroStream

MicroStream has announced that their Java-native persistence layer will become an Eclipse Project. The MicroStream Serializer product will be renamed to Eclipse Serializer and the MicroStream Persistence product will be renamed to EclipseStore. MicroStream also plans to launch an EclipseStore Working Group as a standard for the Jakarta Persistence specification in which EclipseStore will become a compatible implementation.

Micronaut

The Micronaut Foundation has released Micronaut Framework 3.8.9 featuring bug fixes, support for JDK 20 in annotation processors and updates to modules: Micronaut AWS and Micronaut Kafka. There was also a dependency upgrade to Netty 4.1.91. More details on this release may be found in the release notes.

The fourth milestone release of Micronaut 4.0.0 was also made available this past week featuring support for: annotation-based CORS configuration; compilation time expressions in annotations; the ability to disable streaming HTTP request processing; and conditional routing.

Helidon

The sixth alpha release of Helidon 4.0.0 features notable changes such as: support for JDK 20; completion of the shortcut methods for all HTTP methods in the WebServer and WebClient components; and a rename of the receive() method to onMessage() for consistency with other methods in the WebSocket component. More details on this release may be found in the release notes.

Hibernate

The release of Hibernate ORM 6.2.1.Final ships with notable fixes such as: improved sub-queries using aliases and left joins; generic associations being ignored when dirty checking and bytecode enhancement were enabled; part of a composite @IdClass primary key not being returned when querying; and Internal nullness marking and checking.

Micrometer

Versions 1.11.0-RC1, 1.10.6 and 1.9.10 of Micrometer Metrics have been released. New features in version 1.11.0-RC1 include: a new Supplier variant of the getOrDefault() method defined in the Context inner class of the Observation interface; metrics support for Netty allocators and event executors; and more efficient cumulative count computations in the takeCountSnapshot() method defined in the AbstractTimeWindowHistogram class. Version 1.10.6 and 1.9.10 primarily provide bug fixes and dependency upgrades.

Similarly, versions 1.1.0-RC1 and 1.0.4 of Micrometer Tracing deliver bug fixes, dependency upgrades to Micrometer 1.11.0-RC1 and 1.10.6, respectively, and new features: allow propagation of spans via ThreadLocalAccessor interface; alignment with annotations changes in Micrometer; and support for creating spans with links.

Piranha

Piranha 23.4.0 has been released. Dubbed the “Update Components” edition for April 2023, this new release includes: updates to various compatible implementations of Jakarta EE components to their latest versions; update running automated tests in the release workflow to use JDK 19; and basic code cleanup. More details on this release may be found in their documentation and issue tracker.

Reactor

Project Reactor 2022.0.6, the sixth maintenance release, provides dependency upgrades to reactor-core 3.5.5, reactor-addons 3.5.1, reactor-netty 1.1.6, reactor-kafka 1.3.17 and reactor-kotlin-extensions 1.2.2. More details on this release may be found in the changelog.

Gradle

The release of Gradle 8.1 features: a stable version of the configuration cache; support for dependency verification; improved error reporting for Groovy closures; support for Java lambdas; improved memory management; and support for building projects with JDK 20. More details on this release may be found in the release notes.

This week’s Java roundup for April 3rd, 2023 features news from OpenJDK, JDK 21, Quarkus 3.0.0.CR2 and 2.16.6.Final, Open Liberty 23.0.0.3, Apache Camel 3.18.6, PrimeFaces 12.0.4, JHipster Lite 0.31.0, JobRunr 6.1.3, Gradle 8.1-RC3 and Devnexus 2023.

OpenJDK

JEP 430, String Templates (Preview), has been promoted from Candidate to Proposed to Target status for JDK 21. This preview JEP, under the auspices of Project Amber, proposes to enhance the Java programming language with string templates, string literals containing embedded expressions, that are interpreted at runtime where the embedded expressions are evaluated and verified. The review is expected to conclude on April 13, 2023.

Gavin Bierman, consulting member of technical staff at Oracle, has published the first draft of the joint specification change document for JEP 440, Record Patterns, and JEP 441, Pattern Matching for switch, for review by the Java community.

JDK 21

Build 17 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 16 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Quarkus

The second release candidate of Quarkus 3.0.0 delivers new features: a quarkusUpdate Gradle task for updating Quarkus to a new version; Dev UI 2 is now default via the /q/dev or /q/dev-ui endpoints (Dev UI 1 is accessible via the /q/dev-v1 endpoint); and a new HTTP security policy mapping between roles and permissions. More details on this release may be found in the changelog.

Quarkus 2.16.6.Final, the sixth maintenance release, provides notable changes such as: a removal of the session cookie if ID token verification has failed; allow the use of null in the REST Client request body; support for repeatable @Incoming annotations in reactive messaging; and dependency upgrades to GraphQL Java 19.4, Wildfly Elytron 1.20.3.Final and Keycloak 21.0.1. Further details on this release may be found in the changelog.

Open Liberty

IBM has released Open Liberty 23.0.0.3 featuring bug fixes and support for: JDK 20; the Jakarta EE 10 Platform, Web and Core profiles; and the core MicroProfile 6.0 specifications.

Apache Camel

The release of Apache Camel 3.18.6 delivers big fixes, dependency upgrades and improvements such as: allow HTTP response headers with empty values to be returned to support applications that require this; improved handling of allowing or disallowing an HTTP request body; and a fix for the potential to block the Vert.x event loop if the route processing coming after the vertx-websocket consumer executes blocking operations. More details on this release may be found in the release notes.

PrimeFaces

The release of PrimeFaces 12.0.4 ships with bug fixes and new features: a restoration of the getExcelPattern() and validate() methods defined in the CurrencyValidator class;

Further details on this release may be found in the list of issues.

JHipster

The JHipster team has released version 0.31.0 of JHipster Lite with many dependency upgrades and notable changes such as: a fix for generating the same customConversions beans for use in MongoDB and Redis; a fix for the Apache Kafka producer and consumer; and a removal of the Jest testing framework dependency as it was only used for the optional-typescript module. More details on this release may be found in the release notes.

JobRunr

JobRunr 6.1.3 has been released to deliver a fix for the high number of calls to jobrunr_job_stats view that allows developers to disable Java Management Extensions (JMX) for the JobStats class.

Gradle

The third release candidate of Gradle 8.1 features: continued improvements to the configuration cache; support for dependency verification; improved error reporting for Groovy closures; support for Java lambdas; and support for building projects with JDK 20. Further details on this release may be found in the release notes.

Devnexus

Devnexus 2023 was held at the Georgia World Congress Center in Atlanta, Georgia this past week featuring speakers from the Java community who delivered workshops and talks on topics such as: Jakarta EE, Java Platform, Core Java, Architecture, Cloud Infrastructure and Security.

Devnexus, hosted by the Atlanta Java Users Group (AJUG), has a history that dates back to 2004 when the conference was originally called DevCon. The Devnexus name was introduced in 2010.

Developers can learn more about Devnexus and AJUG from this Foojay.io podcast hosted by Frank Delporte, senior technical writer at Azul, who interviewed Pratik Patel, Vice President of Developer Advocacy at Azul and AJUG president, and Vince Mayers, developer relations at Gradle and AJUG treasurer.

This week’s Java roundup for March 27th, 2023 features news from OpenJDK, JDK 21, GlassFish 7.0.3, Spring point and milestone releases, Payara Platform, Quarkus 3.0.CR1, Micronaut 3.8.8, WildFly 28 Beta1, Hibernate ORM 6.2, Groovy 4.0.11, Camel 3.20.3, James 3.7.4, Eclipse Vert.x 4.4.1, JHipster Quarkus Blueprint 2.0, JHipster Lite 0.30, JBang 0.106, Gradle 8.1-CR2 and new Foojay.io calendar.

OpenJDK

The results of the 2023 Governing Board Election show that Andrew Haley, technical lead, Open Source Java at Red Hat, and Phil Race, consulting member of technical staff at Oracle, have been elected to the board to fill the two At-Large member seats. They will serve a term of one calendar year effective April 1, 2023. InfoQ will follow up with a more detailed news story.

JEP 444, Virtual Threads, was promoted from its JEP Draft 8303683 to Candidate status, then quickly promoted from Candidate to Proposed to Target status for JDK 21. This JEP proposes to finalize this feature based on feedback from the previous two rounds of preview: JEP 436, Virtual Threads (Second Preview), delivered in JDK 20; and JEP 425, Virtual Threads (Preview), delivered in JDK 19. This feature provides virtual threads, lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications, to the Java platform. The most significant change from JEP 436 is that virtual threads now fully support thread-local variables by eliminating the option to opt-out of using these variables. More details on JEP 425 may be found in this InfoQ news story and this JEP Café screen cast by José Paumard, Java developer advocate, Java Platform Group at Oracle. The review is expected to conclude on April 7, 2023.

Version 7.2 of the Regression Test Harness for the JDK, jtreg, has been released and ready for integration in the JDK. The most significant new feature is the ability to run tests using virtual threads. Further details on this release may be found in the release notes.

JDK 21

Build 16 of the JDK 21 early-access builds was made available this past week featuring updates from Build 15 that include fixes to various issues. More details on this build may be found in the release notes.

Mark Reinhold, chief architect, Java Platform Group at Oracle, formally proposed the release schedule for JDK 21 as follows:

• Rampdown Phase One (fork from main line): June 8, 2023
• Rampdown Phase Two: July 20, 2023
• Initial Release Candidate: August 10, 2023
• Final Release Candidate: August 24, 2023
• General Availability: September 19, 2023

For JDK 21, developers are encouraged to report bugs via the Java Bug Database.

GlassFish

The release of GlassFish 7.0.3 ships with bug fixes, improvements in documentation and dependency upgrades such as: Mojarra 4.0.2, EclipseLink 4.0.1, Helidon Config 3.2.0 and ASM 9.5. Further details on this release may be found in the release notes.

Spring Framework

The Spring Integration team has announced that the Spring Integration Extension for Amazon Web Services (AWS), version 3.0.0-M2, and Spring Cloud Stream Binder for AWS Kinesis, version 4.0.0-M1, projects have been moved to the AWS Java SDK. Notable changes in each of these milestone releases include: AWS Java SDK 2.20.32, the latest version; a dependency upgrade to Spring Cloud AWS 3.0.0 with the new SQS listener API; a DynamoDbLockRegistry class, an implementation of the ExpirableLockRegistry and RenewableLockRegistry interfaces, to provide proper TTL support; and removal of XML configuration.

Spring Cloud 2022.0.2, codenamed Kilburn, has been released featuring updates to sub-projects such as: Spring Cloud Vault 4.0.1, Spring Cloud Kubernetes 3.0.2, Spring Cloud OpenFeign 4.0.2 and Spring Cloud Config 4.0.2. There are, however, breaking changes with the removal of sub-projects: Spring Cloud CLI, Spring Cloud for Cloud Foundry and Spring Cloud Sleuth. More details on this release may be found in the release notes.

The first release candidate of Spring Web Flow 3.0.0 delivers new features: a migration of Spring Faces to Spring Framework 6, Jakarta EE, and JSF 4; and an update of the JSF samples to Jakarta EE. Further details on this release may be found in the release notes.

Payara

Payara has released their March 2023 edition of the Payara Platform that includes Community Edition 6.2023.3, Enterprise Edition 5.49.0 and the formal release of Payara Enterprise 6.0. All of these editions now support Jakarta EE 10 and MicroProfile 6.0. It is important to note that a known issue is currently being investigated: when deploying an application that contains a Java Record, a warning is logged in the server logs about Records not being supported. The Payara team assures that an application will still deploy and operate as expected.

Community Edition 6.2023.3 delivers bug fixes, component upgrades and improvements such as: an update to the REST SSL alias extension for Payara 6; upgrade the cacerts.jks and keystore.jks certificates to PKCS#12; and configure all SameSite cookie attributes for an HTTP network listener. More details on this release may be found in the release notes.

Enterprise Edition 5.49.0 also ships with bug fixes, component upgrades and the same SameSite cookie improvement as noted in the Community Edition. Further details on this release may be found in the release notes.

The Payara team has also published CVE-2023-28462, a vulnerability affecting server environments running on JDK 8 on updates lower than version 1.8u191. This vulnerability allows a remote attacker to load malicious code into a public-facing Payara Server installation using remote JNDI access via unsecured object request broker (ORB) listeners. Developers are encouraged to install a version of JDK 8 higher than 1.8u191.

Quarkus

After six alpha releases and one beta release, the first release candidate of Quarkus 3.0.0 was made available to the Java community this past week. New features include: introduce an initial version of the non-application root path, /q/info, endpoint; use SmallRye BeanBag to initialize the Maven RepositorySystem interface for compatibility with Maven 3.9; and a new plugin mechanism for the Quarkus CLI. More details on this release may be found in the release notes.

Micronaut

The Micronaut Foundation has released Micronaut Framework 3.8.8 featuring bug fixes and updates to modules: Micronaut Data, Micronaut Views, Micronaut OpenAPI, Micronaut Security and Micronaut Maven Plugin. There was also a dependency upgrade to Netty 4.1.90. Further details on this release may be found in the release notes.

WildFly

The first beta release of WildFly 28 delivers new features such as: support for Micrometer that includes integration of Micrometer with their implementation of MicroProfile Fault Tolerance specification; and support for the MicroProfile Telemetry and MicroProfile Long Running Actions (LRA) specifications. There was also a removal of support for the MicroProfile Metrics and MicroProfile OpenTracing specifications. More details on this release may be found in the release notes.

Hibernate

After four release candidates, the formal release of Hibernate ORM 6.2 delivers support for: structured SQL types; Java records; unified generated persisted values; database partitions; proprietary SQL types; and the ability to use the SQL MERGE command to handle updates against optional tables.

Apache Software Foundation

Paul King, principal software engineer at Object Computing, Inc., director at ASERT and vice president at Apache Groovy, has announced three point releases of Apache Groovy as described below. Developers should expect fewer point releases in the 3.0 and 2.0 release trains as the team will be focusing on Groovy 5.0.

Version 4.0.11 delivers bug fixes and new features such as: new methods, asReversed() and reverseEach(), that will map directly to the descendingSet() and descendingIterator() methods, respectively, defined in the NavigableSet interface; a dependency upgrade to ASM 9.5; and a new constant for JDK 21. Further details on this release may be found in the changelog.

Version 3.0.17 features bug fixes, improvements in documentation and a dependency upgrade to ASM 9.5. More details on this release may be found in the changelog.

Similarly, version 2.5.22 features bug fixes, improvements in documentation and a dependency upgrade to ASM 9.5. Further details on this release may be found in the changelog.

The release of Apache Camel 3.20.3 provides bug fixes, dependency upgrades and new features/improvements such as: add health checks for components that have an extension for connectivity verification (camel-health); a user configuration file in the camel-jbang component; and favor instances of the CompositeMeterRegistry class in the Camel Registry API. More details on this release may be found in the release notes.

The release of Apache James 3.7.4 addresses CVE-2023-26269, Privilege Escalation through Unauthenticated JMX, a vulnerability in which versions of Apache James Server 3.7.3 and earlier provides a JMX management service without authentication by default that would allow an attacker to have access to privilege escalation. Further details on this release may be found in the release notes.

Eclipse Vert.x

Eclipse Vert.x 4.4.1 has been released with bug fixes and dependency upgrades to GraphQL-Java 20.1, Netty 4.1.90, SnakeYAML 2.0, Micrometer 1.10.5 and Apache Qpid Proton-J 0.34.1. More details on this release may be found in the release notes and deprecations and breaking changes.

JHipster

The JHipster team has released version 2.0.0 of the JHipster Quarkus Blueprint with notable changes such as: fix OIDC settings for the production profile; update the blueprint dependencies and Quarkus to 2.16.2; fix Keycloak authorization and Cypress tests; and a fix for the SQL Docker images. Further details on this release may be found in the release notes.

The JHipster team has also released JHipster Lite 0.30.0 features bug fixes, dependency upgrades and enhancements such as: remove a duplicated JSON Web Token dependency; a new getUsername() method to the ApplicationAuthorizations class; and a fix for the Angular OAuth2 with Keycloak. More details on this release may be found in the release notes.

JBang

Version 0.106.0 and 0.106.1 of JBang introduces support for the use of GPT in the jbang init command by calling the ChatGPT API to initialize and create a jbang script that attempts to execute the string that is expressed on the command line. Further details on this new feature may be found in this YouTube video and InfoQ will follow up with a more detailed news story.

Gradle

The second release candidate of Gradle 8.1 provides: continued improvements to the configuration cache; support for dependency verification; improved error reporting for Groovy closures; support for Java lambdas; and support for building projects with JDK 20. More details on this release may be found in the release notes.

Foojay.io

Foojay.io, the Friends of OpenJDK resource for Java developers, have provided their Java community calendar for developers to view and add events. The calendar is open for adding content without the need for a special account and the content is moderated.

This week’s Java roundup for March 20th, 2023 features news from OpenJDK, JDK 20, JDK 21, Amazon Corretto 20, BellSoft Liberica JDK 20, multiple Spring milestone and point releases, Quarkus 3.0.0.Beta1 and 2.16.5, Helidon 3.2.0, Open Liberty 23.0.0.3-beta, Micronaut 4.0.0-M1, Camel Quarkus 3.0.0-M1, JBang 0.105.1, Failsafe 3.3.1, Maven 3.9.1 and Gradle 8.1-RC1.

OpenJDK

JEP 431, Sequenced Collections, has been promoted from Proposed to Target to Targeted status for JDK 21. This JEP proposes to introduce “a new family of interfaces that represent the concept of a collection whose elements are arranged in a well-defined sequence or ordering, as a structural property of the collection.” Motivation was due to a lack of a well-defined ordering and uniform set of operations within the Collections Framework. More details on JEP 431 may be found in this InfoQ news story.

JEP 443, Unnamed Patterns and Variables (Preview), was promoted from JEP Draft 8294349 to Candidate status this past week. This preview JEP proposes to “enhance the language with unnamed patterns, which match a record component without stating the component’s name or type, and unnamed variables, which can be initialized but not used.” Both of these are denoted by the underscore character as in r instanceof _(int x, int y) and r instanceof _.

JDK 20

Oracle has released version 20 of the Java programming language and virtual machine, which ships with a final feature set of seven JEPs. More details may be found in this InfoQ news story.

JDK 21

Build 15 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 14 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Amazon Corretto

Amazon has released Amazon Corretto 20, their downstream distribution of OpenJDK 20, which is available on Linux, Windows, and macOS. Developers may download this latest version from this site.

Liberica JDK

Similarly, BellSoft has released Liberica JDK 20, their downstream distribution of OpenJDK 20. Developers may download this latest version from this site.

Spring Framework

It was a very busy week over at Spring as the project teams delivered milestone and point releases of Spring Boot, Spring Framework, Spring Data, Spring Integration, Spring Vault, Spring for GraphQL, Spring Authorization Server, Spring HATEOAS and Spring Modulith. Some of these release address these Common Vulnerabilities and Exposures (CVEs):

The release of Spring Boot 3.0.5 delivers improvements in documentation, dependency upgrades and notable bug fixes such as: the EmbeddedWebServerFactoryCustomizerAutoConfiguration class should not be invoked when the embedded web server is not configured; the @ConfigurationProperties annotation no longer works on mutable Kotlin data classes; and the use of the @EntityScan annotation causes an AOT instance supplier code generation error. More details on this release may be found in the release notes.

Similarly, the release of Spring Boot 2.7.10 ships with improvements in documentation, dependency upgrades and notable bug fixes such as: loading an application.yml file fails with a NoSuchMethodError exception when using SnakeYAML 2.0; an instance of the StandardConfigDataResource class can import the same file twice if the classpath includes the ‘.‘ character; and a Maven plugin uses a timezone-local timestamps when the project.build.outputTimestamp property is used. Further details on this release may be found in the release notes.

The second release candidate of Spring Boot 3.1.0 provides new features such as: a new method, withSanitizedValue(), in the SanitizableData class that returns a new instance with a sanitized value; support for auto-configuration of GraphQL pagination and sorting; and support for Spring Authorization Server. More details on this release may be found in the release notes.

Versions 6.0.7 and 5.3.26 of Spring Framework have been released to primarily address the aforementioned CVE-2023-20860 and CVE-2023-20861 vulnerabilities. Both versions also deliver new features such as: improved diagnostics in SpEL for the matches operator and repeated text; updates to the HandlerMappingIntrospector class; and allow SnakeYaml 2.0 runtime compatibility. Further details on these releases may be found in the release notes for version 6.0.7 and version 5.3.26.

The release of Spring Framework 5.2.23 also addresses the CVE-2023-20861 vulnerability and provides the same new SpEL features as Spring Framework 5.3.26. More details on this release may be found in the release notes.

Versions 2023.0-M1, codenamed Ullman, 2022.0.4 and 2021.2.10 of Spring Data have been released this past week. The service releases include bug fixes and improvements in documentation, and may be consumed in Spring Boot 3.0.5 and 2.7.10, respectively. New features in the milestone release include: a new scroll API to support offset and key-based pagination; improvements in JPA query parsing for HQL and JPQL; support for explicit field level encryption in MongoDB; and aggregate reference request parameters in Spring Data REST. Further details on the milestone release may be found in the release notes.

Versions 6.1.0-M2, 6.0.4 and 5.5.17 of Spring Integration have been released featuring notable changes such as: improvements in the LockRegistryLeaderInitiator class such calling a target lock provider is delayed if the current thread has been interrupted; improvements to the AbstractRemoteFileStreamingMessageSource class for remote calls; and fix the relationship between the code coverage tools, Sonar and JaCoCo. More details on these releases may be found in the release notes for version 6.1.0-M2, version 6.0.4 and version 5.5.17.

Versions 3.0.2 and 2.3.3 of Spring Vault have been released to address the aforementioned CVE-2023-20859 vulnerability and new features such as: refine logging after token revocation failure; allow reuse of library-specific configuration code in the ClientHttpRequestFactoryFactory and ClientHttpConnectorFactory classes; and add AWS IAM Authentication to the EnvironmentVaultConfiguration class. Further details on these releases may be found in the release notes for version 3.0.2 and version 2.3.3.

The first milestone release of Spring for GraphQL 1.2.0 that delivers new features such as: support for pagination return values and pagination requests in methods defined in the @SchemaMapping annotation; support for custom instances of the HandlerMethodArgumentResolver interface; and a dependency upgrade to GraphQL Java 20.0. More details on this release may be found in the release notes.

Versions 1.1.3 and 1.0.4 of Spring for GraphQL have been released with new features: access request attributes and cookies in the WebGraphQlInterceptor interface; a fix in which an instance of the ContextDataFetcherDecorator class ignores subscriptions when their name has changed. These releases will also be consumed in Spring Boot 3.0.5 and 2.7.10, respectively. Further details on these releases may be found in the release notes for version 1.1.3 and version 1.0.4.

The second milestone release of Spring Authorization Server 1.1.0 ships with bug fixes, dependency upgrades and new features: an implementation of RFC 8628, OAuth 2.0 Device Authorization Grant; and enable the upgradeEncoding() method defined in the PasswordEncoder interface for OAuth2 client secrets. More details on this release may be found in the release notes.

Versions 2.1-M1, 2.0.3 and 1.5.4 of Spring HATEOAS have been released this past week. The service releases include improvements in documentation and dependency upgrades. The milestone release features: support for property metadata on forms using the @Size annotation as defined in JSR-303, Bean Validation; and a new SlicedModel class, a simplified version of PagedModel class, to navigate slices, but not calculate a total. Further details on these releases may be found in the release notes for version 2.1-M1, version 2.0.3 and version 1.5.4.

The release of Spring Modulith 0.5.1 provides a significant bug fix in which the spring-modulith-runtime module accidentally contained a Logback configuration file that was only intended for test usage. There was also a dependency upgrade to Spring Boot 3.0.5. More details on this release may be found in the release notes.

The Spring Data JPA team has introduced HQL and JPQL query parsers for developers to more easily customize queries in Spring Data JPA applications in conjunction with the @Query annotation.

Quarkus

The first beta release of Quarkus 3.0.0 features support for a management interface that exposes selected routes, i.e., management routes, to a different HTTP server that avoids exposing these routes on the main HTTP server, which could lead to leaks and undesired access to these endpoints. Further details on this release may be found in the changelog.

Quarkus 2.16.5.Final, the fifth maintenance release with notable changes such as: filter out a RESTEasy-related warning from executing the test class, ProviderConfigInjectionWarningsTest; a fix for the NullPointerException upon loading workspace modules; and prevent server-side events from the MessageBodyWriter potentially writing an accumulation of headers. More details on this release may be found in the changelog.

Helidon

Oracle has released Helidon 3.2.0 that shis with changes such as: a fix on the overloaded create() methods defined in the WriteableMultiPart class; a fix for erroneous behavior closing a database connection within the JtaConnection class; an a dependency upgrade to SnakeYAML 2.0. It is important to note that there are breaking changes in SnakeYAML 2.0. A Helidon application may be impacted if SnakeYAML is used directly. It is still possible, however, that an application may still be upgraded to Helidon 3.2.0 with a downgraded SnakeYAML 1.3.2. Further details on this release may be found in the release notes.

Open Liberty

IBM has released Open Liberty 23.0.0.3-beta featuring support for JDK 20, Jakarta EE 10 Platform and MicroProfile 6.0.

Micronaut

The Micronaut foundation has provided the first milestone release Micronaut Framework 4.0.0 featuring: experimental support for Kotlin Symbol Processing; support for virtual threads; improved error messages for missing beans; and support for filter methods.

Apache Software Foundation

As disclosed by the Apache Tomcat team, CVE-2023-28708, a vulnerability in which using the RemoteIpFilter class, with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to HTTPS, session cookies created by Tomcat did not include the secure attribute. This vulnerability could result in an attacker transmitting a session cookie over an insecure channel. Tomcat versions affected by this vulnerability include: 11.0.0-M1 to 11.0.0-M2; 10.1.0-M1 to 10.1.5; 9.0.0-M1 to 9.0.71; and 8.5.0 to 8.5.85.

The first milestone release of Camel Quarkus 3.0.0, containing Quarkus 3.0.0.Alpha5 and Camel 4.0.0-M2, is the first Camel Quarkus release featuring a baseline of JDK 17 and Jakarta EE 10. Other notable changes include: deprecation of the ReflectiveClassBuildItem class; a fix for the exception thrown using the PerfRegressionIT class while testing with Camel 4 and Quarkus 3; and a split of Infinispan testing into separate modules for the Quarkus- and Camel-managed clients. More details on this release may be found in the release notes.

JBang

Versions 0.105.1 and 0.105.2 of JBang deliver notable changes such as: an improved jbang edit command in which it assumes one of the supported JBang IDE plugins is installed; continued improvements using modulepath over classpath; The jbang export jlink command is now an option that allows developers to export a JBang application or script with an embedded Java runtime; and a fix for the Apple Silicon VSCodium download.

Failsafe

Failsafe, a lightweight, zero-dependency library for handling failures in Java 8+, has released version 3.3.1 featuring API changes such as: the addition of full Java module descriptors to the Failsafe JARs; and the release of execution references inside instances of the CompletableFuture class provided by Failsafe. Further details on this release may be found in the changelog.

Maven

Maven 3.9.1 has been released with improvements such as: an improved “missing dependency” error message; performance enhancement by replacing any non regular expression patterns in the replaceAll() method with the replace() method or use precompiled patterns; and deprecate the Mojo plugin parameter expression, ${localRepository}, because an instance of the ArtifactFactory interface injected by ${localRepository} is not compatible with the Maven Resolver interface, LocalRepositoryManager, due lack of context.

Gradle

The first release candidate of Gradle 8.1 delivers: continued improvements in the configuration cache, now considered stable; continued improvements in the Kotlin DSL, an alternative to the Groovy DSL, that includes an experimental simple property assignment in Kotlin DSL scripts; and support for JDK 20. More details on this release may be found in the release notes.

Oracle has released version 20 of the Java programming language and virtual machine. The seven (7) JEPs in this final feature set include:

The feature cadence for Java 20 is similar to that of the seven (7) new features in JDK 19 and nine (9) new features in JDK 18. However, this is lower than some of the more recent pre-JDK 18 releases: 14 features in JDK 17; 17 features in JDK16; 14 features in JDK 15; and 16 features in JDK 14.

This release features JEPs that provide continued contribution toward Project Amber, Project Loom and Project Panama along with new rounds of preview and incubation. We examine a few of these new features here. It is worth noting that there were no JEPs representing Project Valhalla in JDK 20.

Project Panama

JEP 434 and JEP 438 fall under the auspices of Project Panama, a project designed to improve and enrich interoperability between the JVM and well-defined “foreign,” i.e., non-Java, APIs that will most-likely include interfaces commonly used within C libraries.

JEP 434, Foreign Function & Memory API (Second Preview), incorporate refinements based on feedback and to provide a second preview from JEP 424, Foreign Function & Memory API (Preview), delivered in JDK 19, and the related incubating JEP 419, Foreign Function & Memory API (Second Incubator), delivered in JDK 18; and JEP 412, Foreign Function & Memory API (Incubator), delivered in JDK 17. This feature provides an API for Java applications to interoperate with code and data outside of the Java runtime by efficiently invoking foreign functions and by safely accessing foreign memory that is not managed by the JVM. Updates from JEP 424 include: the MemorySegment and MemoryAddress interfaces are now unified, i.e., memory addresses are modeled by zero-length memory segments; and the sealed MemoryLayout interface has been enhanced to facilitate usage with JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19.

JEP 438, Vector API (Fifth Incubator), incorporates enhancements in response to feedback from the previous four rounds of incubation: JEP 426, Vector API (Fourth Incubator), delivered in JDK 19; JEP 417, Vector API (Third Incubator), delivered in JDK 18; JEP 414, Vector API (Second Incubator), delivered in JDK 17; and JEP 338, Vector API (Incubator), delivered as an incubator module in JDK 16. This feature proposes to enhance the Vector API to load and store vectors to and from a MemorySegment as defined by JEP 424, Foreign Function & Memory API (Preview).

A working application on how to implement the Foreign Function & Memory API may be found in this GitHub repository by Carl Dea, senior developer advocate at Azul.

Project Loom

JEP 429, JEP 436 and JEP 437 fall under the auspices of Project Loom, a project designed to explore, incubate and deliver Java VM features and APIs built for the purpose of supporting easy-to-use, high-throughput lightweight concurrency and new programming models. This would be accomplished via virtual threads, delimited continuations and tail calls.

JEP 429, Scoped Values (Incubator), an incubating JEP formerly known as Extent-Local Variables (Incubator), proposes to enable sharing of immutable data within and across threads. This is preferred to thread-local variables, especially when using large numbers of virtual threads.

JEP 436, Virtual Threads (Second Preview), proposes a second preview from JEP 425, Virtual Threads (Preview), delivered in JDK 19, to allow time for additional feedback and experience for this feature to progress. This feature provides virtual threads, lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications, to the Java platform. It is important to note that no changes are within this preview except for a small number of APIs from JEP 425 that were made permanent in JDK 19 and, therefore, not proposed in this second preview. More details on JEP 425 may be found in this InfoQ news story and this JEP Café screen cast by José Paumard, Java developer advocate, Java Platform Group at Oracle.

JEP 437, Structured Concurrency (Second Incubator), proposes to reincubate this feature from JEP 428, Structured Concurrency (Incubator), delivered in JDK 19, to allow time for additional feedback and experience. The intent of this feature is to simplify multithreaded programming by introducing a library to treat multiple tasks running in different threads as a single unit of work. This can streamline error handling and cancellation, improve reliability, and enhance observability. The only change is an updated StructuredTaskScope class to support the inheritance of scoped values by threads created in a task scope. This streamlines the sharing of immutable data across threads. Further details on JEP 428 may be found in this InfoQ news story.

Working applications on how to implement the Virtual Threads and Structured Concurrency APIs may be found in: this GitHub repository by Nicolai Parlog, Java developer advocate at Oracle; and this GitHub repository by Bazlur Rahman, Senior Software Engineer at Contrast Security.

Project Amber

JEP 432 and JEP 433 fall under the auspices of Project Amber, a project designed to explore and incubate smaller Java language features to improve productivity.

JEP 432, Record Patterns (Second Preview), incorporates enhancements in response to feedback from the previous round of preview, JEP 405, Record Patterns (Preview). This proposes to enhance the language with record patterns to deconstruct record values. Record patterns may be used in conjunction with type patterns to “enable a powerful, declarative, and composable form of data navigation and processing.” Type patterns were recently extended for use in switch case labels via: JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19; JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18; and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. Changes from JEP 405 include: added support for inference of type arguments of generic record patterns; added support for record patterns to appear in the header of an enhanced for statement; and remove support for named record patterns.

Similarly, JEP 433, Pattern Matching for switch (Fourth Preview), incorporates enhancements in response to feedback from the previous three rounds of preview: JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19; JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18; and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. Changes from JEP 427 include: a simplified grammar for switch labels; and inference of type arguments for generic type patterns and record patterns is now supported in switch expressions and statements along with the other constructs that support patterns.

A working application on how to implement the Record Patterns and Pattern Matching for switch APIs may be found in this GitHub repository, java-19 folder, by Wesley Egberto, Java technical lead at Global Points.

JDK 21

Only one (1) JEP has been Targeted for inclusion in JDK 21 at this time. JEP 431, Sequenced Collections, has been promoted from Proposed to Target to Targeted status for JDK 21. This JEP proposes to introduce “a new family of interfaces that represent the concept of a collection whose elements are arranged in a well-defined sequence or ordering, as a structural property of the collection.” Motivation was due to a lack of a well-defined ordering and uniform set of operations within the Collections Framework. Further details on JEP 431 may be found in this InfoQ news story.

However, based on recently submitted JEP drafts and JEP candidates that propose finalized features, we have surmised which JEPs have the potential to be included in JDK 21.

JEP 440, Record Patterns, has been promoted from its JEP Draft 8300541 to Candidate status this past week. This JEP finalizes this feature and incorporates enhancements in response to feedback from the previous two rounds of preview: JEP 432, Record Patterns (Second Preview), delivered in JDK 20; and JEP 405, Record Patterns (Preview), delivered in JDK 19. This feature enhances the language with record patterns to deconstruct record values. Record patterns may be used in conjunction with type patterns to “enable a powerful, declarative, and composable form of data navigation and processing.” Type patterns were recently extended for use in switch case labels via: JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18, and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. The most significant change from JEP 432 removed support for record patterns appearing in the header of an enhanced for statement.

Similarly, JEP 441: Pattern Matching for switch, has been promoted from its JEP Draft 8300542 to Candidate status. This JEP also finalizes this feature and incorporates enhancements in response to feedback from the previous four rounds of preview: JEP 433, Pattern Matching for switch (Fourth Preview), delivered in JDK 20; JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19; JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18; and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. This feature enhances the language with pattern matching for switch expressions and statements.

JEP 442, Foreign Function & Memory API (Third Preview), has been promoted from its JEP Draft 8301625 to Candidate status. This JEP incorporate refinements based on feedback and to provide a third preview from: JEP 434, Foreign Function & Memory API (Second Preview), delivered in JDK 20; JEP 424, Foreign Function & Memory API (Preview), delivered in JDK 19, and the related incubating JEP 419, Foreign Function & Memory API (Second Incubator), delivered in JDK 18; and JEP 412, Foreign Function & Memory API (Incubator), delivered in JDK 17. This feature provides an API for Java applications to interoperate with code and data outside of the Java runtime by efficiently invoking foreign functions and by safely accessing foreign memory that is not managed by the JVM. Updates from JEP 434 include: centralizing the management of the lifetimes of native segments in the Arena interface; enhanced layout paths with a new element to dereference address layouts; and removal of the VaList class.

JEP Draft 8303683, Virtual Threads, was submitted by Ron Pressler, architect and technical lead for Project Loom at Oracle, and Alan Bateman, architect, Java Platform Group, at Oracle this past week. This JEP proposed to finalize this feature based on feedback from the previous two rounds of preview: JEP 436, Virtual Threads (Second Preview), delivered in JDK 20; and JEP 425, Virtual Threads (Preview), delivered in JDK 19. This feature provides virtual threads, lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications, to the Java platform. The most significant change from JEP 436 is that virtual threads now fully support thread-local variables by eliminating the option to opt-out of using these variables. Further details on JEP 425 may be found in this InfoQ news story and this JEP Café screen cast by José Paumard, Java developer advocate, Java Platform Group at Oracle.

The formal release date for JDK 21 has not yet been announced, but it is expected to be delivered in mid-September 2023 as per the six-month release cadence. Developers can anticipate a feature freeze in mid-June 2023. More details on additional JEP drafts and candidates may be found in this more detailed InfoQ news story.

JDK 20 may now be downloaded from Oracle with binaries from other vendors expected to become available in the coming days.

This week’s Java roundup for March 13th, 2023 features news from OpenJDK, JDK 20, JDK 21, GraalVM 23.0 early-access, Spring Tools 4.18, Quarkus 3.0-Alpha6, Hibernate ORM 6.2 CR4, Micrometer Metrics 1.11, Micrometer Tracing 1.1, Infinispan 14.0.7, Piranha 23.3, Project Reactor 2022.0.5, Eclipse Mojarra 4.0.2, Apache Groovy 4.0.10 and 3.0.16, JHipster Lite 0.29.0, JReleaser 1.5.1 and JobRunr 6.1.2.

OpenJDK

JEP 440, Record Patterns, has been promoted from its JEP Draft 8300541 to Candidate status this past week. This JEP finalizes this feature and incorporates enhancements in response to feedback from the previous two rounds of preview: JEP 432, Record Patterns (Second Preview), delivered in JDK 20; and JEP 405, Record Patterns (Preview), delivered in JDK 19. This feature enhances the language with record patterns to deconstruct record values. Record patterns may be used in conjunction with type patterns to “enable a powerful, declarative, and composable form of data navigation and processing.” Type patterns were recently extended for use in switch case labels via: JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18, and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. The most significant change from JEP 432 removed support for record patterns appearing in the header of an enhanced for statement.

Similarly, JEP 441: Pattern Matching for switch, has been promoted from its JEP Draft 8300542 to Candidate status. This JEP also finalizes this feature and incorporates enhancements in response to feedback from the previous four rounds of preview: JEP 433, Pattern Matching for switch (Fourth Preview), delivered in JDK 20; JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19; JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18; and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. This feature enhances the language with pattern matching for switch expressions and statements.

JEP 442, Foreign Function & Memory API (Third Preview), has been promoted from its JEP Draft 8301625 to Candidate status. This JEP incorporate refinements based on feedback and to provide a third preview from: JEP 434, Foreign Function & Memory API (Second Preview), delivered in JDK 20; JEP 424, Foreign Function & Memory API (Preview), delivered in JDK 19, and the related incubating JEP 419, Foreign Function & Memory API (Second Incubator), delivered in JDK 18; and JEP 412, Foreign Function & Memory API (Incubator), delivered in JDK 17. This feature provides an API for Java applications to interoperate with code and data outside of the Java runtime by efficiently invoking foreign functions and by safely accessing foreign memory that is not managed by the JVM. Updates from JEP 434 include: centralizing the management of the lifetimes of native segments in the Arena interface; enhanced layout paths with a new element to dereference address layouts; and removal of the VaList class.

JEP Draft 8303683, Virtual Threads, was submitted by Ron Pressler, architect and technical lead for Project Loom at Oracle, and Alan Bateman, architect, Java Platform Group, at Oracle this past week. This JEP proposed to finalize this feature based on feedback from the previous two rounds of preview: JEP 436, Virtual Threads (Second Preview), delivered in JDK 20; and JEP 425, Virtual Threads (Preview), delivered in JDK 19. This feature provides virtual threads, lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications, to the Java platform. The most significant change from JEP 436 is that virtual threads now fully support thread-local variables by eliminating the option to opt-out of using these variables. More details on JEP 425 may be found in this InfoQ news story and this JEP Café screen cast by José Paumard, Java developer advocate, Java Platform Group at Oracle.

JEP Draft 8304400, Launch Multi-File Source-Code Programs, also submitted by Pressler, proposes to enhance the Java Launcher to execute an application supplied as one or more files of Java source code. This allows a more gradual transition from small applications to larger ones by postponing a full-blown project setup.

JDK 20

JDK 20 remains in its release candidate phase with the anticipated GA release on March 21, 2023. Build 36 remains the current build in the JDK 20 early-access builds. More details on this build may be found in the release notes.

JDK 21

Build 14 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 13 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

GraalVM

Oracle Labs has published the latest early-access developer builds for GraalVM 23.0.0. New features include: initial support for Native Image Bundles; improved support for AWT on Linux; and native image recommendations. More details on this release may be found in the release notes.

Spring Framework

The release of Spring Tools 4.18.0 ships with: an upgraded Eclipse 2023-03 IDE; new and improved content-assist for Spring Data repository query methods; a fix for an issue that caused regular Java content-assist in VSCode to stop working; and a fix in m2e that caused resource files, such as application.properties, to not be copied into the target folder. More details on this release may be found in the release notes.

Quarkus

The sixth alpha release of Quarkus 3.0.0 provides these two new features: enabling OpenTelemetry for JDBC by setting the quarkus.datasource.jdbc.telemetry property to true; and the CredentialsProviders interface now supports MongoDB connections. There were also dependency upgrades to SnakeYaml 2.0, Maven Compiler Plugin 3.11.0, Maven OpenRewrite Maven Plugin 4.41.0, SmallRye Common 2.1.0 and JBoss Threads 3.5.0.Final. More details on this release may be found in the changelog.

Hibernate

The fourth release candidate of Hibernate ORM 6.2 provides 33 bug fixes and 28 refinements based on Java community feedback. It is expected that this is the last release candidate before the final release.

Micrometer

The second milestone release of Micrometer Metrics 1.11.0 delivers new features such as: a new metric, jvm.threads.started, that reports the total number of active application threads in the JVM; a new Elasticsearch endpoint, _index_template, to create index templates; add the GC name to the jvm.gc.pause metric; and support for micrometer libraries on OSGi-based Java runtimes.

Similarly, the second milestone release of Micrometer Tracing 1.1.0 features: parity with Spring Cloud Sleuth annotations; and dependency upgrades to Micrometer 1.11.0-M2 and OpenTelemetry 1.24.0.

Infinispan

Infinispan 14.0.7.Final has been released featuring support for Spring Framework 6 and Spring Boot 3. Some notable bug fixes include: a NullPointerException in the MetricsCollector class; JSON parser doesn’t correctly report error locations; the Redis Serialization Protocol (RESP) endpoint cannot parse requests larger than the packet size; and concurrent access to Spring Session integrations result in lost session attributes.

Piranha

The release of Piranha 23.3.0 provides notable changes such as: an updated CodeQL workflow; add JUnit tests for the DefaultAnnotationManager class; and a fix for the RuntimeException when the endpoint application is still in the process of being deployed. More details on this release may be found in their documentation and issue tracker.

Project Reactor

Project Reactor 2022.0.5, the fifth maintenance release, provides dependency upgrades to reactor-core 3.5.4, reactor-addons 3.5.1, reactor-netty 1.1.5, reactor-kafka 1.3.17 and reactor-kotlin-extensions 1.2.2.

Eclipse Mojarra

Eclipse Mojarra 4.0.2 has been released with notable changes such as: cleanup of the MockServletContext class to remove unused methods and add the @Override annotation; cleanup of the ParseXMLTestCase class to remove unused methods, variables and commented code; ensure the version() method in the @FacesConfig annotation cannot return null; and a fix for a NumberFormatException upon updating buttons inside a facet header of a data table. More details on this release may be found in the release notes.

Apache Software Foundation

The release of Apache Groovy 4.0.10 delivers notable bug fixes and improvements such as: a confusing error message from the GroovyScriptEngine class; a memory leak where local variable values are not discarded; the @Builder annotation not working on JDK 16; and the MissingPropertyException truncates the name of a nested class name. More details on this release may be found in the release notes.

Similarly, the release of Apache Groovy 3.0.16 ships with notable bug fixes such as: unable to call methods from the BiPredicate interface on closures or lambdas on JRE 16+; the use of the @CompileStatic annotation confuses statically importing instances and methods; and an IllegalAccessException using the default interface methods with JDK 17 and Groovy 3.0.9. This release also supports JDK 16. More details on this release may be found in the release notes.

JHipster

The JHipster team has released JHipster Lite 0.29.0 with new features and enhancements such as: removing dependencies from the JHipsterModulePackageJson class based on user feedback; removing the warning messages when more than four active ApplicationContext sessions within Cassandra database applications are being tested; and a new dependency and configuration for Redis. More details on this release may be found in the release notes.

JReleaser

Version 1.5.1 of JReleaser, a Java utility that streamlines creating project releases, has been released delivering notable fixes such as: add the missing graalVMNativeImage property to the Native Image assembler utility; The Java Archive utility generates the wrong format for the JAVA_OPTS environmental variable; and improved error handling when executing external commands. More details on this release may be found in the release notes.

JobRunr

JobRunr 6.1.2 has been released featuring two bug fixes: a failure to update metadata, with eventual shut down, when using MySQL and the useServerPrepStmts property set to true; and an issue with the JobRunr Quarkus Extension in which the JobRunrDocumentDBStorageProviderProducer class is not using proper configuration.

This week’s Java roundup for March 6th, 2023 features news from OpenJDK, JDK 20, JDK 21, Spring Cloud Data Flow 2.10.2, Spring Modulith 0.5, Quarkus 2.16.14 and 3.0.0.Alpha5, Open Liberty 23.0.0.2, Micronaut 3.8.7, Helidon 2.6.0, Apache Tomcat 11.0.0-M4, Apache Camel-4.0.0-M2, JobRunr 6.1.1, Jarviz 0.3.0 and Hilla 2.0.

OpenJDK

After its review had concluded, JEP 438, Vector API (Fifth Incubator), was promoted from Proposed to Target to Targeted status for JDK 20 this past week. This JEP, under the auspices of Project Panama, incorporates enhancements in response to feedback from the previous four rounds of incubation: JEP 426, Vector API (Fourth Incubator), delivered in JDK 19; JEP 417, Vector API (Third Incubator), delivered in JDK 18; JEP 414, Vector API (Second Incubator), delivered in JDK 17; and JEP 338, Vector API (Incubator), delivered as an incubator module in JDK 16. JEP 438 proposes to enhance the Vector API to load and store vectors to and from a MemorySegment as defined by JEP 424, Foreign Function & Memory API (Preview).

JEP 431, Sequenced Collections, has been promoted from Candidate to Proposed to Target status for JDK 21. This JEP proposes to introduce “a new family of interfaces that represent the concept of a collection whose elements are arranged in a well-defined sequence or ordering, as a structural property of the collection.” Motivation was due to a lack of a well-defined ordering and uniform set of operations within the Collections Framework. The review is expected to conclude on March 16, 2023. Further details on JEP 431 may be found in this InfoQ news story.

JEP 439, Generational ZGC, was promoted from its Draft 8272979 to Candidate status this past week. This JEP proposes to “improve application performance by extending the Z Garbage Collector (ZGC) to maintain separate generations for young and old objects. This will allow ZGC to collect young objects, which tend to die young, more frequently.”

Dalibor Topic, principal product manager at Oracle, had proposed to dissolve and archive the JDK 6 project due to: no defined project lead or mailing list traffic for the past two years; and not a single push into its forest for the past four years. InfoQ will follow up with a more detailed news story.

JDK 20

JDK 20 remains in its release candidate phase with the anticipated GA release on March 21, 2023. Build 36 remains the current build in the JDK 20 early-access builds. More details on this build may be found in the release notes.

JDK 21

Build 13 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 12 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

The release of Spring Cloud Data Flow 2.10.2 ships with bug fixes, library upgrades to Spring Boot 2.7.9 and Spring Cloud 2021.0.6, and dependency upgrades to sub-projects such as: Spring Cloud Dataflow Build 2.10.2; Spring Cloud Dataflow Common 2.10.2; Spring Cloud Dataflow UI 3.3.2; and Spring Cloud Deployer K8S 2.8.2. More details on this release may be found in the release notes.

The release of Spring Modulith 0.5 delivers library upgrades to Spring Boot 3.0.4 and jMolecules 2022.2.4, and improvements such as: renaming the property to trigger JDBC database initialization, spring.modulith.events.schema-initialization.enabled, to spring.modulith.events.jdbc-schema-initialization.enabled. Further details on this release may be found in the changelog.

Quarkus

The fifth (and final) alpha release of Quarkus 3.0.0 features support for: Hibernate ORM 6.0 and the StatelessSession interface; a new Dev UI; Gradle 8.0; custom redirect handler in REST Client Reactive via the @ClientRedirectHandler annotation; and time zones for cron-based schedules via @Scheduled annotation. More details on this release may be found in the changelog.

Quarkus 2.16.14.Final, the fourth maintenance release, delivers notable changes such as: propagate Quarkus-related failsafe system properties; return a null InputStream from REST Client when the server response is 204, No Content; and improved logging in the DevServicesKubernetesProcessor class. Further details on this release may be found in the changelog.

Open Liberty

IBM has released Open Liberty 23.0.0.2 ships with new features such as: testing database connections with the Admin Center; a new a --timeout command line option for the server stop command; and a fix for CVE-2022-45787, a vulnerability in which improper lazy permissions on the temporary files used by the TempFileStorageProvider class in Apache James Mime4J that may lead to information disclosure to other local users.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.7 featuring bug fixes, improvements in documentation and updates to modules: Micronaut Serialization, Micronaut CRaC, Micronaut Kafka, Micronaut AOT and Micronaut GCP. There was also an update to SnakeYAML 2.0, that addresses CVE-2022-1471, a vulnerability in which the deserialization of types using the SnakeYAML Constructor() class will allow an attacker to initiate a malicious remote code execution. More details on this release may be found in the release notes.

Helidon

Oracle has released Helidon 2.6.0 with notable changes such as: register the OciMetricsSupport service only when the enable flag is set to true; a dependency upgrade to SnakeYAML 2.0; cleanup the Helidon BOM by removing artifacts that are not deployed; and remove the claim that metrics are propagated from server to client in the documentation.

Apache Software Foundation

The fourth milestone release of Apache Tomcat 11.0.0 that delivers: restore the original system property-based approach to load the custom URL protocol handlers; provide an implementation of the subset of JavaBeans support that does not depend on the java.beans package; and restore inline state after async operation in NIO2 to address unexpected exceptions being thrown by the implementation. Further details on this release may be found in the changelog.

The second milestone release of Apache Camel 4.0.0 features bug fixes, dependency upgrades and new features such as: pre-signed URLs in the camel-minio component for connections to cloud services; add health checks for components that has an extension for connectivity verification in the camel-health component; and catalog output is now in JSON format with the camel-jbang component. More details on this release may be found in the release notes.

JobRunr

JobRunr 6.1.1 has been released featuring two bug fixes: an error executing a recurring job with the JobLambda interface; and a NullPointerException due to missing property at job JSON when using Yasson.

Jarviz

Version 0.3.0 of Jarviz, a new JAR file analyzer utility, has been released by Andres Almiray to the Java community. This new version ships with bug fixes and new features such as: a new command, extract, to extract JAR entries by name or pattern; a new command, validate, to validate package names; and a new --output-format command-line option to specify a desired output.

Hilla

From the makers of Vaadin, version 2.0 of Hilla, an open source framework that integrates a Spring Boot Java backend with a reactive TypeScript frontend, has been released. This new version features support for: JDK 17; Jakarta EE 10; Spring Boot 3.0; reactive nedpoints; native image compilation with GraalVM; and an SSO Kit for quickly adding single sign-on capabilities to Hilla apps. Further details on this release may be found in the release notes and in this InfoQ news story.

JDK 20, the third non-LTS release since JDK 17, has reached its initial release candidate phase as declared by Mark Reinhold, chief architect, Java Platform Group at Oracle. The main-line source repository, forked to the JDK stabilization repository in mid-December 2022 (Rampdown Phase One), defines the feature set for JDK 20. Critical bugs, such as regressions or serious functionality issues, may be addressed, but must be approved via the Fix-Request process. As per the release schedule, JDK 20 will be formally released on March 21, 2023. It is worth noting that JEP 438 was added to the feature set in early March 2023.

The final set of seven (7) new features, in the form of JEPs, can be separated into two (2) categories: Core Java Library and Java Specification.

Five (5) of these new features are categorized under the Core Java Library:

Two (2) of these new features are categorized under the Java Specification:

We examine these new features and include where they fall under the auspices of the four major Java projects – Amber, Loom, Panama and Valhalla – designed to incubate a series of components for eventual inclusion in the JDK through a curated merge.

Project Amber

JEP 432, Record Patterns (Second Preview), incorporates enhancements in response to feedback from the previous round of preview, JEP 405, Record Patterns (Preview). This proposes to enhance the language with record patterns to deconstruct record values. Record patterns may be used in conjunction with type patterns to “enable a powerful, declarative, and composable form of data navigation and processing.” Type patterns were recently extended for use in switch case labels via: JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17; and JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18. Changes from JEP 405 include: added support for inference of type arguments of generic record patterns; added support for record patterns to appear in the header of an enhanced for statement; and remove support for named record patterns.

Similarly, JEP 433, Pattern Matching for switch (Fourth Preview), incorporates enhancements in response to feedback from the previous three rounds of preview: JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19; JEP 420, Pattern Matching for switch (Second Preview), delivered in JDK 18; and JEP 406, Pattern Matching for switch (Preview), delivered in JDK 17. Changes from JEP 427 include: a simplified grammar for switch labels; and inference of type arguments for generic type patterns and record patterns is now supported in switch expressions and statements along with the other constructs that support patterns.

Project Loom

JEP 429, Scoped Values (Incubator), an incubating JEP formerly known as Extent-Local Variables (Incubator), proposes to enable sharing of immutable data within and across threads. This is preferred to thread-local variables, especially when using large numbers of virtual threads.

JEP 436, Virtual Threads (Second Preview), proposes a second preview from JEP 425, Virtual Threads (Preview), delivered in JDK 19, to allow time for additional feedback and experience for this feature to progress. This feature provides virtual threads, lightweight threads that dramatically reduce the effort of writing, maintaining, and observing high-throughput concurrent applications, to the Java platform. It is important to note that no changes are within this preview except for a small number of APIs from JEP 425 that were made permanent in JDK 19 and, therefore, not proposed in this second preview. More details on JEP 425 may be found in this InfoQ news story and this JEP Café screen cast by José Paumard, Java developer advocate, Java Platform Group at Oracle.

JEP 437, Structured Concurrency (Second Incubator), proposes to reincubate this feature from JEP 428, Structured Concurrency (Incubator), delivered in JDK 19, to allow time for additional feedback and experience. The intent of this feature is to simplify multithreaded programming by introducing a library to treat multiple tasks running in different threads as a single unit of work. This can streamline error handling and cancellation, improve reliability, and enhance observability. The only change is an updated StructuredTaskScope class to support the inheritance of scoped values by threads created in a task scope. This streamlines the sharing of immutable data across threads. More details on JEP 428 may be found in this InfoQ news story.

Project Panama

JEP 434, Foreign Function & Memory API (Second Preview), incorporate refinements based on feedback and to provide a second preview from JEP 424, Foreign Function & Memory API (Preview), delivered in JDK 19, and the related incubating JEP 419, Foreign Function & Memory API (Second Incubator), delivered in JDK 18; and JEP 412, Foreign Function & Memory API (Incubator), delivered in JDK 17. This feature provides an API for Java applications to interoperate with code and data outside of the Java runtime by efficiently invoking foreign functions and by safely accessing foreign memory that is not managed by the JVM. Updates from JEP 424 include: the MemorySegment and MemoryAddress interfaces are now unified, i.e., memory addresses are modeled by zero-length memory segments; and the sealed MemoryLayout interface has been enhanced to facilitate usage with JEP 427, Pattern Matching for switch (Third Preview), delivered in JDK 19.

JEP 438, Vector API (Fifth Incubator), incorporates enhancements in response to feedback from the previous four rounds of incubation: JEP 426, Vector API (Fourth Incubator), delivered in JDK 19; JEP 417, Vector API (Third Incubator), delivered in JDK 18; JEP 414, Vector API (Second Incubator), delivered in JDK 17; and JEP 338, Vector API (Incubator), delivered as an incubator module in JDK 16. This feature proposes to enhance the Vector API to load and store vectors to and from a MemorySegment as defined by JEP 424, Foreign Function & Memory API (Preview).

JDK 21

Scheduled for a GA and next LTS release in September 2023, two (2) JEPs are currently Proposed to Target for JDK 21.

JEP 430, String Templates (Preview), a feature JEP type, proposes to enhance the Java programming language with string templates, which are similar to string literals but which contain embedded expressions that are incorporated into the string template at run time. This feature has been classified as Proposed to Target for JDK 21, but has not yet been formally announced with a review date.

JEP 431, Sequenced Collections, proposes to introduce “a new family of interfaces that represent the concept of a collection whose elements are arranged in a well-defined sequence or ordering, as a structural property of the collection.” This is motivated by the lack of a well-defined ordering and uniform set of operations within the Collections Framework. This feature has been classified as Proposed to Target for JDK 21, but has not yet been formally announced with a review date.

We can surmise which additional JEPs have the potential to be included in JDK 21 based on a number of JEP drafts and candidates.

JEP Draft 8303358, Scoped Values (Preview), submitted by Andrew Haley and Andrew Dinn, both distinguished engineers at Red Hat, evolves JEP 429, Scoped Values (Incubator), delivered in the upcoming release of JDK 20. Formerly known as Extent-Local Variables (Incubator) and under the auspices of Project Loom, this feature proposes to enable sharing of immutable data within and across threads. This is preferred to thread-local variables, especially when using large numbers of virtual threads. And while this draft has not yet reached Candidate status, the description explicitly states that this JEP will be added in JDK 21.

JEP Draft 8277163, Value Objects (Preview), a feature JEP under the auspices of Project Valhalla, proposes the creation of value objects – identity-free value classes that specify the behavior of their instances. This draft is related to JEP 401, Primitive Classes (Preview), which is still in Candidate status.

JEP 435, Asynchronous Stack Trace VM API, a feature JEP type, proposes to define an efficient API for obtaining asynchronous call traces for profiling from a signal handler with information on Java and native frames.

JEP 401, Primitive Classes (Preview), under the auspices of Project Valhalla, introduces developer-declared primitive classes – special kinds of value classes – as defined in the aforementioned Value Objects (Preview) JEP Draft – that define new primitive types.

JEP Draft 8301034, Key Encapsulation Mechanism API, a feature JEP type, proposes to: satisfy implementations of standard Key Encapsulation Mechanism (KEM) algorithms; satisfy use cases of KEM by higher level security protocols; and allow service providers to plug-in Java or native implementations of KEM algorithms. This draft was recently updated to include a major change that eliminates the DerivedKeyParameterSpec class in favor of placing fields in the argument list of the encapsulate(int from, int to, String algorithm) method.

JEP Draft 8283227, JDK Source Structure, an informational JEP type, describes the overall layout and structure of the JDK source code and related files in the JDK repository. This JEP proposes to help developers adapt to the source code structure as described in JEP 201, Modular Source Code, delivered in JDK 9.

JEP Draft 8280389, ClassFile API, proposes to provide an API for parsing, generating, and transforming Java class files. This JEP will initially serve as an internal replacement for ASM, the Java bytecode manipulation and analysis framework, in the JDK with plans to have it opened as a public API. Brian Goetz, Java language architect at Oracle, characterized ASM as “an old codebase with plenty of legacy baggage” and provided background information on how this draft will evolve and ultimately replace ASM.

JEP Draft 8278252, JDK Packaging and Installation Guidelines, an informational JEP, proposed to provide guidelines for creating JDK installers on macOS, Linux and Windows to reduce the risks of collisions among JDK installations by different JDK providers. The intent is to promote a better experience when installing update releases of the JDK by formalizing installation directory names, package names, and other elements of installers that may lead to conflicts.

We anticipate that Oracle will start targeting additional JEPs for JDK 21 very soon.

This week’s Java roundup for February 27th, 2023 features news from OpenJDK, JDK 20, JDK 21, Spring Framework 6.0.6, Spring Boot 3.0.4, Spring Data 2022.0.3 and 2021.2.9, Spring Shell 3.1.0-M1, 3.0.1 and 2.1.7, Quarkus 2.16.4, Micronaut 3.8.6, Eclipse Vert.x 4.4.0, Project Reactor 2022.0.4, Apache Tomcat 9.0.73, Hibernate 6.2 CR3, JReleaser 1.5.0, Ktor 2.2.4 and Gradle 8.0.2.

OpenJDK

JEP 438, Vector API (Fifth Incubator), was quickly promoted from Draft to Candidate to Proposed to Target status for JDK 20 this past week. This JEP, under the auspices of Project Panama, incorporates enhancements in response to feedback from the previous four rounds of incubation: JEP 426, Vector API (Fourth Incubator), delivered in JDK 19; JEP 417, Vector API (Third Incubator), delivered in JDK 18; JEP 414, Vector API (Second Incubator), delivered in JDK 17; and JEP 338, Vector API (Incubator), delivered as an incubator module in JDK 16. JEP 438 proposes to enhance the Vector API to load and store vectors to and from a MemorySegment as defined by JEP 424, Foreign Function & Memory API (Preview). The review is expected to conclude on March 8, 2023.

JEP Draft 8303358, Scoped Values (Preview), was submitted by Andrew Haley and Andrew Dinn, both distinguished engineers at Red Hat. This JEP, formerly known as Extent-Local Variables (Incubator) and under the auspices of Project Loom, proposes to enable sharing of immutable data within and across threads. This is preferred to thread-local variables, especially when using large numbers of virtual threads. This draft evolves JEP 429, Scoped Values (Incubator), that will be delivered in the upcoming release of JDK 20.

Wei-Jun Wang, principal member of the technical staff at Oracle, has updated JEP Draft 8301034, Key Encapsulation Mechanism API, to include a major change that eliminates the DerivedKeyParameterSpec class in favor of placing fields in the argument list of the encapsulate(int from, int to, String algorithm) method. This draft proposes to: satisfy implementations of standard Key Encapsulation Mechanism (KEM) algorithms; satisfy use cases of KEM by higher level security protocols; and allow service providers to plug-in Java or native implementations of KEM algorithms.

JDK 20

JDK 20 remains in its release candidate phase with the anticipated GA release on March 21, 2023. Build 36 remains the current build in the JDK 20 early-access builds. More details on this build may be found in the release notes.

JDK 21

Build 12 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 11 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

The release of Spring Framework 6.0.6 delivers new features such as: refine the invokeSuspendingFunction() method in the CoroutinesUtils class; deprecate the get(Context) method in favor of getExchange(ContextView) method in the ServerWebExchangeContextFilter class to better align with the deferContextual() and transformDeferredContextual() methods in the Mono class; and add missing @Nullable annotations to the overloaded format() methods in the LogMessage class. More details on this release may be found in the release notes.

The release of Spring Boot 3.0.4 ships with bug fixes, improvements in documentation and dependency upgrades such as: Spring Framework 6.0.6, Spring for Apache Kafka 3.0.4, Spring Data 2022.0.3, Project Reactor 2022.0.4 and Dropwizard Metrics 4.2.17. Further details on this release may be found in the release notes.

Versions 2022.0.3 and 2021.2.9 of Spring Data, both service releases, include bug fixes and upgrades to respective sub-project versions such as: Spring Data Commons 3.0.3 and 2.7.9; Spring Data Elasticsearch 5.0.3 and 4.4.9; Spring Data for Apache Cassandra 4.0.3 and 3.4.9; and Spring Data MongoDB 4.0.3 and 3.4.9. These two versions may be consumed with Spring Boot 3.0.4 and 2.7.x, respectively.

Versions 3.1.0-M1, 3.0.1 and 2.1.7 and of Spring Shell were released this past week that address common issues such as: an error in which a negative number is one of the elements within an array that is passed into the @ShellOption annotation; a situation in which an implementing class of the Converter interface isn’t being called possibly due to a regression in fixes made for options handling; and a situation in which the getOptions() method declared in the CommandRegistration interface always rebuilds options making it difficult to discern the correct instance. Each version is built on Spring Boot 3.1.0-M1, 3.0.3 and 2.7.9, respectively. More details on these releases may be found in the release notes for version 3.1.0-M1, version 3.0.1 and version 2.1.7.

Quarkus

Red Hat has released Quarkus 2.16.4.Final featuring: add logging to the CompiledJavaVersionBuildStep class; propagate Quarkus-related failsafe system properties; provide more visibility for the OIDC connection error log messages; and return a null InputStream from REST Client when the HTTP server response returns status code 204. Further details on this release may be found in the changelog.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.6 featuring bug fixes, improvements in documentation and updates to modules: Micronaut Security 3.9.3, and Micronaut AWS 3.10.9. More details on this release may be found in the release notes.

Eclipse Vert.x

Eclipse Vert.x 4.4.0 has been released with new features such as: a new implementation of OpenAPI using the latest JsonSchema API as a preview feature; support for using the io_uring interface of the Linux kernel; and enable TLS 1.3 by default and disable TLS 1.0/1.1. Further details on this release may be found in the release notes, deprecations and breaking changes, and complete list of new features.

Project Reactor

Project Reactor 2022.0.4, the fourth maintenance release, provides a dependency upgrade to reactor-netty 1.1.4.

Apache Software Foundation

The release of Apache Tomcat 9.0.73 features: a correction to a regression introduced in the fix for bug 66196 in which the HTTP headers and/or request line could get corrupted (one part overwriting another part) within a single request; provide a more appropriate HTTP server response (status codes 501, Not Implemented, rather than 400, Bad Request) when rejecting an HTTP request using the CONNECT method; and add support for txt: and rnd: rewrite map types from the mod_rewrite module. More details on this release may be found in the release notes.

Hibernate

The third release candidate of Hibernate 6.2 ships with bug fixes and resolutions to various issues. Developers can expect new features such as support for: Java records; STRUCT data types; table partitioning via the new @PartitionKey annotation; and improved generated values. Further details on this release may be found in the release notes.

JReleaser

Version 1.5.0 of JReleaser, a Java utility that streamlines creating project releases, has been released delivering updates such as: streamlined support for LinkedIn; add Azure as a deployer; display deprecation messages for the command line interface flags; and aet command hooks to be filtered by platform. More details on this release may be found in the release notes.

Ktor

JetBrains has released version 2.2.4 of Ktor, the asynchronous framework for creating microservices and web applications, that include improvements and fixes such as: URLs containing an underscore will fail to parse correctly in an HTTP client request; the value defined in the connectTimeoutMillis property is not respected upon using the HttpTimeout plugin in parallel with the HttpRequestRetry plugin; and a situation in which the wrong content type is declared when defining two routes that results in an HTTP status code 405, Method Not Allowed, instead of the more accurate HTTP status code 415, Unsupported Media Type. Further details on this release may be found in the release notes.

Gradle

Gradle 8.0.2, a patch release, ships with fixes such as: Java and Scala builds with no explicit toolchain will fail using Gradle 8.0.1 and Scala 2.13; dependencies from the already-resolved super configuration are not included in the sub-configuration; and The InstrumentingTransformer generates different class files in Gradle 8 versus 7.6. More details about Gradle 8.0 may be found in this InfoQ news story.

This week’s Java roundup for February 13th, 2023 features news from OpenJDK, JDK 20, JDK 21, Native Build Tools 0.9.20, Spring 6.0.5, Spring Cloud Data Flow 2.10.1, Quarkus 2.16.3, Payara Platform, Micronaut 3.8.5, Helidon 3.1.2, Vert.x 3.9.15, Hibernate Search 6.2.Alpha2, MyFaces 4.0-RC5, Grails 5.3.2, Reactor 2022.0.3, Metrics 1.11-M1 and Tracing 1.1-M1, Maven 3.9, Gradle 8.0 and Piranha 22.3.

OpenJDK

Ron Pressler, consulting member of the technical staff at Oracle and project lead of Project Loom, has submitted JEP Draft 8302326, Implicit Classes and Enhanced Main Methods (Preview). This feature JEP proposes to “evolve the Java language so that students can write their first programs without needing to understand language features designed for large programs.” This JEP moves forward the September 2022 blog post, Paving the on-ramp, by Brian Goetz, Java language architect at Oracle.

JDK 20

Build 36 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 35 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 10 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 9 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

GraalVM Native Build Tools

On the road to version 1.0, Oracle Labs has released version 0.9.20 of Native Build Tools, a GraalVM project consisting of plugins for interoperability with GraalVM Native Image. This latest release provides: a new showPublications Gradle task that will list all Group | Artifact | Version (GAV) coordinates published on Maven; ensure only a single task can concurrently access the reachability metadata service to avoid deadlock when collecting metadata; and add quickstart guides for beginners using a clean Java project. More details on this release may be found in the changelog.

Spring Framework

The release of Spring Framework 6.0.5 features: early support for JDK 21; deprecate the ConcurrentExecutorAdapter class for removal in version 6.1; support for Optional in the PayloadMethodArgumentResolver class; and support for the @JsonNaming annotation when converting to native image with GraalVM. Further details on this release may be found in the release notes.

The release of Spring Cloud Data Flow 2.10.1 features: library updates to Spring Boot 2.7.8, Spring Framework 5.3.25 and Spring Shell 2.1.5; and updates to dependency projects such as: Spring Cloud Dataflow Build 2.10.1, Spring Cloud Deployer Kubernetes 2.8.1 and Spring Cloud Common Security Config 1.8.1. More details on this release may be found in the release notes.

Quarkus

Red Hat has released Quarkus 2.16.3.Final featuring support for custom Flyway credentials and URL. Other bug fixes and improvements include: register a CDI bean when an @ConfigMapping annotation is marked with the @Unremovable annotation; simplify the workflow in Quarkiverse Hub, the place to host and build Quarkus extensions; and a fix for quarkus:dev when the project.build.directory property is overridden by a profile. Further details on this release may be found in the release notes.

Payara

Payara has released their February 2023 edition of the Payara Platform that includes Community Edition 6.2023.2 and Enterprise Edition 5.48.0. Both versions share two improvements: rename MicroProfile OpenAPI property from mp.openapi.scan.lib to mp.openapi.extensions.scan.lib, a breaking change; and make it easier to locate and log an expired certificate. The Community Edition also includes a migration to the Jakarta Persistence 3.0 namespace for EJB Timer services. Notable bug fixes for both versions include: improve application deployment onJDK 11 and JDK 17; time out of Asadmin CLI utility commands, start/stop/restart-deployment-group; and revert the removal of the JobManager interface due to issues. More details on these releases may be found in the Community Edition release notes and the Enterprise Edition release notes.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.5 featuring bug fixes, improvements in documentation, a dependency upgrade to Netty 4.1.87.Final and updates to modules, Micronaut OpenAPI and Micronaut Oracle Cloud. Further details on this release may be found in the release notes.

Helidon

Helidon 3.1.2, a bug fix release, ships with: a deprecation of the name() and filename() methods in the BodyPart interface to be replaced with the isNamed() method; a fix in the functionality of OIDC logout; improvements in the Helidon Config component; and create a backport of the OpenTelemetry specification in the Helidon 2.x release train.

Eclipse Vert.x

Despite the end-of-line for the 3.9 release train of Eclipse Vert.x in 2022, security updates will be made available through 2023. Version 3.9.15 delivers upgrades to Jackson 2.14.0, Netty 4.1.89 and Hazelcast 3.12.13 to address vulnerabilities CVE-2022-41881, CVE-2022-41915 and CVE-2022-36437. More details on this release may be found in the release notes.

Hibernate

The second alpha release of Hibernate Search 6.2.0 provides: compatibility with Elasticsearch 8.6 and OpenSearch 2.5; an upgrade of -orm6 artifacts to Hibernate ORM 6.2.0.CR2; simpler and/or/not predicates; mass indexing for multiple tenants; and a switch to UUIDs for identifiers in the outbox-polling coordination strategy.

Apache Software Foundation

The fifth release candidate of MyFaces Core 4.0.0, a compatible implementation of the Jakarta Faces specification, featuring: integration of the jsf.js next generation scripts; a migration of all unit tests to JUnit 5; display a warning if the selectOne attribute renders no selected item; and update logging in the WebConfigParamsLogger class. Further details on this release may be found in the release notes.

Grails

Versions 5.3.2 and 5.3.1 of Grails were released this past week as version 5.3.2 patched version 5.3.1 due to an issue with upgrading the Maven coordinate, org.apache.maven:maven-resolver-provider, from version 3.8.3 to 3.9.0. Otherwise, version 5.3.1 was comprised of dependency upgrades such as: Micronaut 3.8.4, Grails Gradle Plugin 5.3.0, com.netflix.nebula:gradle-extra-configurations-plugin 9.0, Vue 5.0.3 and io.methvin:directory-watcher 0.18.0.

Project Reactor

Project Reactor 2022.0.3, the third maintenance release, provides dependency upgrades to reactor-core 3.5.3 and reactor-netty 1.1.3 and reactor-kafka 1.3.16.

Micrometer

The first milestone release of Micrometer Metrics 1.11.0 delivers new features such as: support for the Azul Prime C4 Garbage Collector and Apache HttpClient 5.x; and a new method, observe(Function function), in the Observation interface to complement the existing observe(Runnable runnable) and observe(Supplier supplier) methods.

The first milestone release of Micrometer Tracing 1.1.0 features: support for: no-operation implementations of the PropagatingSenderTracingObservationHandler and PropagatingReceiverTracingObservationHandler classes; and custom Mapped Diagnostic Context (MDC) keys for the Slf4JEventListener class.

Maven

Maven 3.9.0 has been released with new features such as: a new MAVEN_ARGS environmental variable; allow for building an application in multiple local repositories; the ability to store snapshots in a separate local repository; provide a warning related to a deprecated Mojo plugin; and simplify the integration of Redis Java Client (Redisson) and Hazelcast for the Maven artifact resolver.

Gradle

After five release candidates, the release of Gradle 8.0 delivers: a new Kotlin DSL that provides an alternative syntax to the Groovy DSL; improvements in the the buildSrc builds; a configuration cache, an incubating new feature; and improvements in Java toolchains. More details on this release may be found in the release notes and InfoQ will follow up with a more detailed news story.

Shortly after the GA release, a patch release, Gradle 8.0.1 provides fixes for these issues: document the integration of the Scala plugin with toolchains and problems with the target flag; removal of the --no-rebuild command-line option without prior warning and deprecation notice; and a Scala build failure that reports the value, isBlank, as not a member of the String class.

Piranha Cloud

The release of Piranha 23.2.0 provides notable changes such as: deprecate the LoggingExtension and MimeTypeExtension classes; relocate the debug module in the pom.xml file to the test directory; and introduce a new static utility class, WarFileExtractor, for extracting WAR files. Further details on this release may be found in their documentation and issue tracker.