Author: Michael Redlich

This week’s Java roundup for February 6th, 2023 features news from OpenJDK, JDK 20, JDK 21, Open Liberty 23.0.0.1 and 23.0.0.2-beta, Helidon 3.1.1, Quarkus 2.16.2 and 3.0.0.Alpha4, Micronaut 3.8.4, Hibernate ORM 6.2, 6.1.7 and 5.6.15, Grails 5.3.0, Apache Groovy 4.0.9 and 3.0.15, Apache Camel 3.20.2, Eclipse Vert.x 4.3.8, Gradle 8.0.0-RC5, Jarviz 0.2.0, Kotlin K2 compiler and Jfokus conference.

OpenJDK

Gavin Bierman, consulting member of technical staff at Oracle, has provided the third draft specification for JEP 430, String Templates (Preview). Still in Candidate status, this latest update for JEP 430 is a substantial rewrite that more fully covers how templates are tokenized and how to deal with ambiguities and text block templates.

JDK 20

As per the JDK 20 release schedule, Mark Reinhold, chief architect, Java Platform Group at Oracle, formally declared that JDK 20 has entered its first release as there are no unresolved P1 bugs in build 35.

The final set of six (6) features in JDK 20 will include:

Build 35 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 34 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 9 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 8 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Open Liberty

IBM has released Open Liberty 23.0.0.1 featuring numerous bug fixes and a migration to the Eclipse Public License v2.0 (EPLv2) from EPLv1 to maintain compatibility with MicroProfile and Jakarta EE that require the EPLv2 license.

Open Liberty 23.0.0.2-beta has also been released featuring enhancements to InstantOn, first introduced in version 22.0.0.11-beta, that make it easier to create and deploy applications with Liberty InstantOn.

Helidon

The release of Helidon 3.1.1 delivers notable changes such as: add Helidon Metrics integration with Oracle Cloud Infrastructure; a new JtaConnection class that extends the ConditionallyCloseableConnection class that proxies another ordinary Connection and makes it behave as properly as possible in the presence of a global JTA transaction; and an enhancement to allow different WebSocket applications to be registered on different ports.

Quarkus

Red Hat has released Quarkus 2.16.2.Final featuring a number of bug fixes, improvements in documentation and dependency upgrades of SmallRye Config 2.13.2 and PostgreSQL 42.5.3. More details on this release may be found in the changelog.

The fourth alpha release of Quarkus 3.0.0 has also been made available to deliver significant changes such as: support for Jakarta EE 10; an Elasticsearch Java client; support for custom FlywayDB configuration, credentials and URL; allow global default cache configuration; and a new Azure Functions extension.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.4 featuring bug fixes and updates to modules: Micronaut OpenAPI, Micronaut Data, Micronaut RabbitMQ, Micronaut Azure, Micronaut Micrometer and Micronaut Test. Further details on this release may be found in the release notes.

Hibernate

Three point releases of Hibernate ORM have been released this past week:

Version 6.2 provides support for table partitioning via partition key mapping using the new @PartitionKey annotation.

Version 6.1.7.Final ships with notable bug fixes such as: an EntityNotFoundException thrown when the refresh() method defined in the EntityManager interface is called for a parent entity having a child annotated with the @Where annotation; the execution of unnecessary SQL UPDATE statements when setting a property to its current value; and an IllegalArgumentException thrown when deleting an entity having an embeddable with a collection attribute annotated with the property, orphanRemoval=true.

Version 5.6.15.Final delivers notable bug fixes such as: a missing an identifier quote on a sequence query with MariaDB; an error when Hibernate tries to retrieve information about existing sequences; and execution of unnecessary SQL update statements when setting a property to its current value.

Grails

The release of Grails 5.3.0 delivers changes such as: an update Grails Profile BOM and dependabot.yml file; and groovy @generated annotation is now emitted on all generated methods and fields so that JaCoCo coverage should only consider manually generated code when calculating coverage. This release also includes numerous dependency upgrades to include: Micronaut 3.8.3, Micronaut Spring 4.3.1, Apache Tomcat 9.0.70, Apache Ant 1.10.13, Spring Framework 5.3.24 and Spring Boot 2.7.8.

Apache Software Foundation

Apache Groovy 4.0.9 has been released featuring bug fixes, dependency upgrades and an improvement in which the parameters of the overloaded findResult() and findResults() methods defined in the DefaultGroovyMethods that don’t contain an instance of the Closure class should accept an instance of Closure.IDENTITY. More details on this release may be found in the release notes.

Apache Groovy 3.0.15 has also been released featuring bug fixes and a dependency upgrade to ASM 9.4. Further details on this release may be found in the release notes.

The release of Apache Camel 3.20.2 ships with bug fixes and numerous improvements, primarily focused on the camel-jbang component, such as: the ability to run in the background; add a --watch option to the CLI to prevent restarts per call; the ability to dump logs from Camel apps; and an export to Quarkus should add resources for native compilation. More details on this release may be found in the release notes.

Eclipse Vert.x

In response to a number of reported bugs found in version 4.3.7, Eclipse Vert.x 4.3.8 has been released that addresses CVE-2023-24815, a vulnerability impacting Vert.x Web application serving static content on Windows with a wildcard route that discloses classpath resources. Further details on this release may be found in the release notes.

Gradle

The third and fourth and fifth release candidates of Gradle 8.0.0 have been made available to the Java community this past week. More details on these releases may be found in the release notes of version 8.0.0-RC5, version 8.0.0-RC4 and version 8.0.0-RC3.

Jarviz

Version 0.2.0 of Jarviz, a new JAR file analyzer utility, has been released by Andres Almiray to the Java community. This new version: adds color support to standard output; adds the windows_x86_32 and linux_x86_32 binaries; displays a module descriptor; and adds reporting capabilities. InfoQ will follow up with a more detailed introduction to Jarviz.

Kotlin

The compiler team over at Kotlin has announced that the frontend to the Kotlin compiler, codenamed K2, will be declared stable with the release of Kotlin 2.0. K2 has been available as a preview feature since Kotlin 1.7, but has been in active development for well over two years. Developers can expect a Kotlin 1.9 before the release of Kotlin 2.0. Further details on K2 may be found in this InfoQ news story.

Jfokus Conference

The Jfokus conference was held this past week at the Stockholm Waterfront Congress Centre in Stockholm, Sweden featuring many speakers from the Java community who presented talks on topics such as: cloud-native build tools; event-related software concepts and methodologies; Project Loom; GraphQL; in-memory computing; and test-driven design.

This week’s Java roundup for January 30th, 2023 features news from JDK 20, JDK 21, Spring Tools 4.17.2, GlassFish 7.0.1, Quarkus 2.16.1, Helidon 4.0.0.-ALPHA4, Hibernate Search 6.1.8 and 5.11.12, PrimeFaces 11.0.10 And 12.0.3, Apache Commons CSV 1.10.0, JHipster Lite 0.27.0, Ktor 2.2.3 and (re)introducing RIFE2 1.0.

JDK 20

Build 34 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 33 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 8 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 7 that include fixes to various issues. More details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

The release of Spring Tools 4.17.2 delivers bug fixes and improvements such as: a NullPointerException from the OpenRewrite Java Parser; update the generated parser for Java properties with latest version of ANTLR runtime; provide more information about the definition of “Java sources reconciling;” and execution of the upgrade recipe for Spring Boot 3.0 throws an exception. More details on this release may be found in the release notes.

GlassFish

The Eclipse Foundation has released GlassFish 7.0.1 featuring: dependency upgrades; an overhaul of some class loader mechanics to speed up operations; and a more reliable monitoring of server shutdown. GlassFish 7 is compatible with Jakarta EE 10 with JDK 11 as a minimal version. However, it compiles and runs on JDK 11 to JDK 19 with success of initial tests on Build 30 of the JDK 20 early-access builds.

Quarkus

Less than a week after the release of Quarkus 2.16.0, Quarkus 2.16.1.Final, a maintenance release that was made available to the Java community. This release ships with bug fixes, improvements in documentation and dependency upgrades. The format for Micrometer metrics has migrated to Prometheus. More details on this release may be found in the changelog.

Helidon

Oracle has released Helidon 4.0.0-ALPHA4 that delivers support for Helidon MP on Helidon Níma, a microservices framework based on virtual threads, and provides full support of MicroProfile 5.0-based applications working on virtual threads. Other notable changes include: a more efficient web server shutdown strategy; a deprecation of the MicroProfile Tracing specification; and enhancements to the Helidon builders. More details on this release may be found in the release notes.

Hibernate

Versions 6.1.8.Final and 5.11.12.Final of Hibernate Search were made available this past week.

Version 6.1.8 features: automatic reindexing will no longer be skipped when changing a property annotated with @OneToOne(mappedBy = ...) @IndexedEmbedded; regular testing of Hibernate Search 6.1 for compatibility with Hibernate ORM 6.2; and dependency upgrades to Hibernate ORM 5.6.12.Final and Jackson 2.13.4.

Version 5.11.12 features an updating/deleting of entities in one tenant will no longer remove entities with the same ID from the index for other tenants.

PrimeFaces

PrimeFaces 12.0.3 and 11.0.10 have been released delivering fixes such as: an implementation of between and notBetween values for the filterMatchMode property within the JpaLazyDataModel class; the cookie name that violates the Open Web Application Security Project (OWASP) Rule 941130; and the convertToType() method defined in the JpaLazyDataModel class throws a FacesException for java.util.Date; More details on these releases may be found in the list of issues for version 12.0.3 and version 11.0.10.

Apache Software Foundation

Apache Commons CSV 1.10.0 has been released with notable changes such as: the get(Enum) method defined in the CSVRecord class should use the name() method instead of the toString() method from the Enum class; the toList() method defined in the CSVRecord class does not provide write access to a newly-created List; and identify duplicates in null, empty and blank header names in the CSVParser class. More details on this release may be found in the release notes.

JHipster

JHipster Lite 0.27.0 has been released featuring: a refactor of the bootstrapping; support for Apache Cassandra; a new inject() function and self-closing component tags defined in the Angular frontend; and a number of dependency upgrades, the most notable of which is Angular 15.1.3.

The JHipster team has completed a migration to the authorizeHttpRequests() method defined within the HttpSecurity class of Spring Security 6.0 that migrates from an allow-by-default to a deny-by-default behavior for increased security.

JetBrains

JetBrains has released version 2.2.3 of Ktor, the asynchronous framework for creating microservices and web applications, that include improvements such as: the FileStorage function throws a FileNotFoundException when the request path is long; the HttpRequestRetry retries on the FileNotFoundException thrown by FileStorage; and a multipart File doesn’t upload the whole file and throws an “Unexpected EOF: expected 4096 more bytes” for larger files. More details on this release may be found in the what’s new page.

RIFE2

Geert Bevin, software engineering and product manager at Moog Music, has revamped and reintroduced his original RIFE framework, active from 2000-2010, with version 1.0.0 of RIFE2, a full-stack framework to create web applications with modern Java. Version 1.0.0 is the initial stable release that includes: a redesign and rework of the continuations workflow engine; internal concurrency fixes and improvements; a safety check to prohibit routing changes after deployment; and a new MemoryResources class that offers capabilities from implementations of the ResourceFinder and ResourceWriter interfaces for resources that are stored in a memory. InfoQ will follow up with a more detailed news story.

This week’s Java roundup for January 23rd, 2023, features news from OpenJDK, JDK 20, JDK 21, GraalVM 22.3.1, TornadoVM 0.15, Spring Cloud Azure 5.0, Spring Shell 3.0.0 and 2.1.6, Spring Cloud 2022.0.1, Quarkus 2.16 and 3.0.Alpha3, Micronaut 3.8.3, JobRunr 6.0, MicroStream 8.0-EA2, Hibernate 6.2.CR2, Tomcat 10.1.5, Groovy 4.0.8 and 2.5.21, Camel Quarkus 2.16, JDKMon 17.0.45 and Foojay.io at FOSDEM.

OpenJDK

Angelos Bimpoudis, principal member of technical staff for the Java Language and Tools team at Oracle, has updated JEP Draft 8288476, Primitive types in patterns, instanceof, and switch. This draft, under the auspices of Project Amber, proposes to enhance pattern matching by allowing primitive types to appear anywhere in patterns.

Alex Buckley, specification lead for the Java language and the Java Virtual Machine at Oracle, has introduced JEP Draft 8300684, Preview Features: A Look Back, and A Look Ahead. This draft proposes to review the preview process that was introduced as JEP 12, Preview Features, for potential continuous improvement of the process.

Wei-Jun Wang, principal member of the technical staff at Oracle, has introduced JEP Draft 8301034, Key Encapsulation Mechanism API, a feature JEP that proposes to: satisfy implementations of standard Key Encapsulation Mechanism (KEM) algorithms; satisfy use cases of KEM by higher level security protocols; and allow service providers to plug-in Java or native implementations of KEM algorithms.

Archie Cobbs, founder and CEO at PatientEXP, has introduced JEP Draft 8300786, No longer require super() and this() to appear first in a constructor. This draft, also under the auspices of Project Amber, proposes to: allow statements that do not reference an instance being created to appear before the this() or super() calls in a constructor; and preserve existing safety and initialization guarantees for constructors.

JDK 20

As per the JDK 20 release schedule, Mark Reinhold, chief architect, Java Platform Group at Oracle, formally declared that JDK 20 has entered Rampdown Phase Two to signal continued stabilization for the GA release in March 2023. Critical bugs, such as regressions or serious functionality issues, may be addressed, but must be approved via the Fix-Request process.

The final set of six (6) features in JDK 20 will include:

Build 33 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 32 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 7 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 6 that include fixes to various issues. More details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

GraalVM

Oracle has released the Community Edition of GraalVM 22.3.1 that aligns with the January 2023 edition of the Oracle Critical Patch Update Advisory. This release includes the updated versions of OpenJDK 19.0.2, 17.0.6 and 11.0.18, and Node.js 16.18.1. More details on this release may be found in the release notes.

TornadoVM

TornadoVM, an open-source software technology company, has released TornadoVM version 0.15 that ships with a new TornadoVM API with improvements such as: rename the TaskSchedule class to TaskGraph; and new classes, ImmutableTaskGraph and TornadoExecutionPlan, to optimize an execution plan for running a set of immutable task graphs. This release also includes an improved TornadoVM installer for Linux, an improved TornadoVM launch script with optional parameters and a new website for documentation.

Juan Fumero, research associate, Advanced Processor Technologies Research Group at The University of Manchester, introduced TornadoVM at QCon London in March 2020 and has since contributed this more recent InfoQ technical article.

Spring Framework

The release of Spring Cloud Azure 5.0 delivers: support for Spring Boot 3.0 and Spring Cloud 2022.0.0; improved security with passwordless connections; and redesigned Spring Cloud Azure documentation with improved scenarios. This version also includes upgrades to some of the deprecated APIs.

Versions 3.0.0 and 2.1.6 of Spring Shell have been released featuring compatibility with Spring Boot 3.0.2 and 2.7.8, respectively, along with backported bug fixes and improved handling of position arguments and collection types. More details on these releases may be found in the release notes for version 3.0.0 and version 2.1.6.

Spring Cloud 2022.0.1, codenamed Kilburn, has been released that ships with corresponding point releases of Spring Cloud sub-projects such as Spring Cloud Function, Spring Cloud Commons and Spring Cloud Gateway. This release is compatible with Spring Boot 3.0.2. More details on this release may be found in the release notes.

Quarkus

The release of Quarkus 2.16.0.Final delivers new features such as: support for time series operations and data preloading in the Redis extension; support for custom exception handling and xDS in the gRPC extension; improved configuration flexibility for the Cache extension; and several security-related improvements focused on improving the developer experience. More details on this release may be found in the changelog.

The third alpha release of Quarkus 3.0.0 features a third iteration of their Jakarta EE 10 stream that includes: the collective improvements of versions 2.15.0.Final, 2.15.1.Final, 2.15.2.Final, 2.15.3.Final and 2.16.0.Final; a migration to SmallRye Mutiny 2.0 and the Java Flow API; and a simplified handling of Kotlin by the Quarkus classloader designed to ease development on Kotlin-based Quarkus extensions. More details on this release may be found in the release notes.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.3 featuring bug fixes and updates to modules: Micronaut OpenAPI and Micronaut Oracle Cloud. More details on this release may be found in the release notes.

JobRunr

After three milestone releases, version 6.0 of JobRunr, a utility to perform background processing in Java, has been released to the Java community. New functionality and improvements include: support for Spring Boot 3.0; Job Builders that provide a single API to configure all the aspects of a Job class via a builder pattern instead of using the @Job annotation; Job Labels such that jobs can be assigned labels that will be visible in the dashboard; allow for multiple instances of the JobScheduler class with different table prefixes inside one application; an update of all transitive dependencies; and improvements in performance and stability. More details on this release may be found in the release notes.

MicroStream

MicroStream has provided a version 8.0 preview of their Java-native object graph persistence layer. This second early-access release features: a move to JDK 11 with continued support for JDK 8; a read-only mode such that multiple processes can access the same storage; experimental implementations of ArrayList, HashMap and HashSet that are using a sharing mechanism; and improved integrations with Spring Boot and Quarkus.

Hibernate

The second release candidate of Hibernate ORM 6.2 implements a number of bug fixes based on Java community feedback from the first candidate release of Hibernate ORM 6.2. As a result, the SQL Abstract Syntax Tree, the ANTLR-based parser for their Hibernate Query Language, has been stabilized and the SQL MERGE command can now handle updates against optional tables.

Apache Software Foundation

Apache Tomcat 10.1.5 has been released with notable changes such as: correct a regression in the refactoring that replaced the use of the URL constructors; use the HTTP/2 error code, NO_ERROR, so that the client does not discard the response upon resetting an HTTP/2 stream; and change the default of the system property, GET_CLASSLOADER_USE_PRIVILEGED, to true unless the Expression Language library is running on Tomcat. More details on this release may be found in the changelog.

The release of Apache Groovy 4.0.8 delivers bug fixes and enhancements such as: improve the JaCoCo line code coverage of a Groovy assert statement; and introduce variants of the findAll() and findResults() methods to accept an optional collector argument. More details on this release may be found in the changelog.

Similarly, the release of Apache Groovy 2.5.21 ships with bug fixes and a dependency upgrade to ASM 9.4. More details on this release may be found in the changelog.

Maintaining alignment with Quarkus, version 2.16.0 of Camel Quarkus was released that aligns with Camel 3.20.1 and Quarkus 2.16.0.Final. It delivers support for four DSLs: JavaShell, Kotlin, Groovy and jOOR. More details on this release may be found in the release notes.

JDKMon

Version 17.0.45 of JDKMon, a tool that monitors and updates installed JDKs, has been made available this past week. Created by Gerrit Grunwald, principal engineer at Azul, this new version fixes an issue with download dialogs.

Foojay.io at FOSDEM 2023

The Friends of OpenJDK, Foojay.io, a community platform for the Java ecosystem​, has announced that they will be hosting their own developer rooms at the upcoming FOSDEM 2023 conference scheduled for Saturday-Sunday, February 4-5, 2023.

FOSDEM, a two-day event organized by volunteers to promote the widespread use of free and open source software, will be providing a number of tracks and other developer rooms, AKA devrooms, hosted by other organizations and communities.

This week’s Java roundup for January 16th, 2023, features news from JDK 20, JDK 21, Spring Cloud Gateway 4.0, Spring Boot 3.0.2 and 2.7.8, Spring Modulith 0.3, Liberica JDK versions 19.0.2, 17.0.6, 11.0.18 and 8u362, Payara Platform, Micronaut 3.8.2, WildFly 26.1.3, TomEE 8.0.14, first three milestone releases of Job Runr 6.0 and Gradle 8.0-RC2.

JDK 20

Build 32 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 31 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 6 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 5 that include fixes to various issues. More details on this build may be found in the release notes.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

Spring Cloud Gateway 4.0 has been released featuring new filters that enhance caching, request headers and JSON processing.

The release of Spring Boot 3.0.2 delivers bug fixes, improvements in documentation and dependency upgrades such as: Spring Framework 6.0.4, Spring Data 2022.0.1, Apache Tomcat 10.1.5 and Micrometer 1.10.3. More details on this release may be found in the release notes.

Similarly, the release of Spring Boot 2.7.8 delivers bug fixes, improvements in documentation and dependency upgrades such as: Spring Framework 5.3.25, Spring Data 2021.2.7, Apache Tomcat 9.0.71 and ​​Micrometer 1.9.7. It is also important to note that the coordinates of the MySQL JDBC driver has changed from mysql:mysql-connector-java to com.mysql:mysql-connector-j. More details on this release may be found in the release notes.

Spring Modulith 0.3 has been released with new features such as: instances of the PublishedEvents interface may now see events published from asynchronous event listeners; a new dedicated interface, ApplicationModuleInitializer, to be executed on application startup to demarcate components in modules-specific order; and allow information exposed by the JSON actuator to be statically rendered. More details on this release may be found in the release notes.

BellSoft

BellSoft has released a Critical Patch Update (CPU) for versions 17.0.5.0.1, 11.0.17.0.1 and 8u361 of Liberica JDK, their downstream distribution of OpenJDK. CPU releases include patches for Common Vulnerabilities and Exposures (CVE). In addition, a Patch Set Update (PSU) for versions 19.0.2, 17.0.6, 11.0.18 and 8u362 of Liberica JDK, containing non-critical fixes and general improvements, was also made available. Overall, this release features 778 bug fixes and backports of which 24 issues were addressed by BellSoft.

Payara

Payara has released their January 2023 edition of the Payara Platform that includes Community Edition 6.2023.1 and Enterprise Edition 5.47.0.

The Community Edition delivers bug fixes, component upgrades, and the ability to use an environment variable when using the create-connector-connection-pool command with the asadmin utility. More details on this release may be found in the release notes.

Similarly, the Enterprise Edition delivers bug fixes, component upgrades and improvements such as: the ability to use an environment variable when using the create-connector-connection-pool command with the asadmin utility; Java Native Access (JNA) is now compatible on Apple Silicon chips; and the Start-Up, Post-Boot, Deployment and Post-Start-Up phases have been streamlined for consistent behavior. More details on this release may be found in the release notes.

For both editions, an upgrade to OpenSSL 1.1.1q provides a security fix in Payara Docker images.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.2 featuring bug fixes and updates to modules: Micronaut Security 3.9.2, Micronaut Views 3.8.1, Micronaut Micrometer 4.7.1, and Micronaut Servlet 3.3.5. More details on this release may be found in the release notes.

WildFly

WildFly 26.1.3 is a maintenance release that addresses CVE-2022-46364, a vulnerability in which a Server-Side Request Forgery (SSRF) attack is possible from parsing the href attribute of XOP:Include in Message Transmission Optimization Mechanism (MTOM) requests. Dependency upgrades include: Jackson Databind 2.12.7.1, Apache CXF 3.4.10 and Eclipse Implementation of Jakarta XML Binding 2.3.3. More details on this release may be found in the release notes.

TomEE

TomEE 8.014 has been released featuring bug fixes and dependency upgrades such as: Hibernate 5.6.14, Tomcat 9.0.71, Apache CXF 3.4.10 and HSQLDB 2.7.1. More details on this release may be found in the release notes.

JobRunr

Three milestone releases of JobRunr 6.0 were made available this past week.

The first milestone release features new functionality and improvements such as: Job Builders that provide a single API to configure all the aspects of a Job class via a builder instead of using the @Job annotation; Job Labels such that jobs can be assigned labels that will be visible in the dashboard; support for Spring Boot 3.0; and improvements in stability.

The second milestone release allows for multiple instances of the JobScheduler class with different table prefixes inside one application and an update of all transitive dependencies.

The third milestone release provides a bug fix related to Amazon DocumentDB.

Gradle

The second release candidate of Gradle 8.0.0 features improvements to the Kotlin DSL and buildSrc, the latter of which will now behave more like included builds, such as running buildSrc tasks directly, skipping tests, having init tasks and including other builds with buildSrc. There were also performance improvements with enhancements to the configuration cache such as loading tasks from the cache entry and running tasks as isolated and in parallel. More details on this release may be found in the release notes.

This week’s Java roundup for January 9th, 2023, features news from JDK 20, JDK 21, Spring Framework 6.0.4 and 5.3.25, Spring Data 2022.0.1 and 2021.2.7, Spring Shell 2.1.5 and 3.0.0-RC1, MicroProfile 6.0, Quarkus 2.15.3, Micronaut 3.8.1, Micrometer Metrics 1.10.3, Micrometer Tracing 1.0.1, Project Reactor 2022.0.2, Piranha 23.1.0, Apache Tomcat 9.0.71, JHipster Lite 0.26.0 and Kotlin 1.8.0.

JDK 20

Build 31 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 30 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 5 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 3 that include fixes to various issues.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

The release of Spring Framework 6.0.4 delivers new features such as: Kotlin DSL support for the MockMvc class and the andExpectAll() method defined in the ResultActions interface; a new ExecutingResponseCreator class to delegate request and response; compatibility with Hibernate ORM 6.2; and native support for the @Convert annotation on JPA entities. This version will be included in the upcoming release of Spring Boot 3.0.2. More details on this release may be found in the release notes.

The release of Spring Framework 5.3.25 ships with new features such as: optimize object creation in the handleNoMatch() method defined in the RequestMappingHandlerMapping class; and add a title to factory methods of the SockJSFrame class for accessibility compliance. This version will be included in the upcoming release of Spring Boot 2.7.8. More details on this release may be found in the release notes.

Spring Data 2022.0.1 and 2021.2.7 have been released featuring mostly bug fixes and dependency upgrades to sub-projects such as: Spring Data MongoDB versions 4.0.1 and 3.4.7; Spring Data Neo4j versions 7.0.1 and 6.3.7; and Spring Data Elasticsearch 5.0.1 and 4.4.7. These releases will be consumed by upcoming releases of Spring Boot.

Versions 2.1.5 and 3.0.0-RC1 of Spring Shell have been released. Version 2.1.5 features an upgrade to Spring Boot 2.7.7 and a backport of some recent bug fixes. Version 3.0.0-RC1 features: an upgrade to Spring Boot 3.0.1; a better model of defining error handling with annotations; the CommandParser interface now reports errors for unrecognized options; and the CommandRegistration.Builder interface now has a shared configurable instance. More details on these releases may be found in release notes for version 2.1.5 and version 3.0.0-RC1.

MicroProfile

The MicroProfile Working Group has released MicroProfile 6.0 featuring alignment with Jakarta EE 10 and a new specification, Telemetry 1.0, that replaces the original Open Tracing specification. Updated specifications provided in this version are: Metrics 5.0, JWT Authentication 2.1, Open API 3.1, Reactive Messaging 3.0 and Reactive Streams Operators 3.0. The Open Tracing 3.0 specification, having been placed in the set of standalone specifications, is still available to developers. The Jakarta EE Core Profile, new for Jakarta EE 10 and now included in MicroProfile, contains the historical JSR- and Jakarta EE-based specifications, namely CDI, JAX-RS, JSON-P and JSON-B. More details on this release may be found in the release notes and InfoQ will follow up with a more detailed news story.

Quarkus

Red Hat has released Quarkus 2.15.3.Final that delivers bug fixes and enhancements such as: ensure proper operation with the Kotlin implementation of the QuarkusApplication interface; introduce a JSON Stream parser for the Reactive REST Client; the ability to automatically enable/disable GraphQL Federation; and throw an IllegalStateException with basic information about the provider that failed to provide a resource. More details on this release may be found in the changelog.

Micronaut

The Micronaut Foundation has released Micronaut 3.8.1 featuring bug fixes, updates in testing and dependency upgrades to modules: Micronaut Servlet 3.3.3, Micronaut Data 3.9.4 and Micronaut AWS 3.10.5. More details on this release may be found in the release notes.

Micrometer

The release of Micrometer Metrics 1.10.3 delivers bug fixes and a number of dependency upgrades such as: Dropwizard Metrics 4.1.35, Gradle Enterprise Gradle Plugin 3.12, Reactor 2020.0.26, Reactor Netty 1.0.26 and AWS Cloudwatch SDK 2.18.41.

Similarly, the release of Micrometer Tracing 1.0.1 ships with bug fixes and a number of dependency upgrades such as: Gradle Wrapper 7.6, Testcontainers 1.17.6, Mockito 4.11.0 and Micrometer BOM 1.10.3.

Project Reactor

Project Reactor 2022.0.2, a second maintenance release, provides dependency upgrades to reactor-core 3.5.2 and reactor-netty 1.1.2.

Piranha

Piranha 23.1.0 has been released. Along with the many bug fixes, this latest release delivers new features such as: integrate Eclipse Exousia 1.0.0, the compatible implementation of Jakarta Authorization, and MicroProfile Config; split the Jakarta Security module; add support for login configuration to SecurityManager API; and mark FileAuthenticationFilter as asynchronous. More details on this release may be found in their documentation and issue tracker.

Apache Software Foundation

Apache Tomcat 9.0.71 has been released with notable changes such as: correct a regression in the refactoring that replaced the use of the URL constructors; use the HTTP/2 error code, NO_ERROR, so that the client does not discard the response upon resetting an HTTP/2 stream; and change the default of the system property, GET_CLASSLOADER_USE_PRIVILEGED, to true unless the Expression Language library is running on Tomcat. More details on this release may be found in the changelog.

JHipster

JHipster Lite 0.26.0 has been released featuring a number of bug fixes and enhancements such as: a new annotation, @ExcludeFromGeneratedCodeCoverage, to replace the existing @Generated annotation in places where it was explicitly added to skip a code coverage check; a refactored generate.sh script for Spring Boot; and add git information for generated Spring Boot applications.

Kotlin

JetBrains has released Kotlin 1.8.0 featuring: new experimental functions for JVM to recursively copy or delete directory content; improved performance in the kotlin-reflect artifact; compatibility with Gradle 7.3; and a new -Xdebug compiler option for a better debugging experience. More details on this release may be found in the what’s new page.

This week’s Java roundup for January 2nd, 2023, features news from JDK 20, JDK 21, Ideal Graph Visualizer open-sourced, Spring Tools 4.17.1, Open Liberty 23.0.0.1, Quarkus 2.15.2, Quarkus OpenAPI Generator 2.0, Apache Tomcat CVE, Apache TomEE certification, Apache James 3.7.3, Apache Camel 3.20.1, MyFaces Core 4.0-RC3, Ktor 2.2.2, JHipster Lite 0.25, JobRunr 5.3.3, SourceBuddy 2.1, CircleCI CVE.

By Michael Redlich

This week’s Java roundup for December 19th, 2022 features news from OpenJDK, JDK 20, JDK 21, Spring Cloud 2022.0.0, point releases for other Spring projects, Open Liberty 22.0.0.13, Quarkus 2.15.1, Micronaut 3.7.5, Helidon 3.1.0, Hibernate 6.2.CR1, Eclipse Vert.x 4.3.7, point releases for Groovy, Camel 3.20, MicroStream joins Eclipse, Kotlin 1.8-RC2, and introducing SourceBuddy, Jarviz and Just.

OpenJDK

Ioi Lam, consulting member of technical staff at Oracle, has proposed improved support for archived Java heap objects in class data sharing (CDS) because Project Leyden will, more-than-likely, make extensive use of archived Java heap objects.

Due to a number of defined limitations in the G1, SerialGC and ParallelGC garbage collection algorithms related to CDS, the goals in this proposal are: uniform support of CDS for all collectors; and minimize the code needed for each collector to support CDS.

Recently submitted and subsequently updated issues already related to proposal are:

InfoQ will monitor progress on this proposal.

JDK 20

Build 29 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 28 that include fixes to various issues. More details on this build may be found in the release notes.

JDK 21

Build 3 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 2 that include fixes to various issues.

For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

The release of Spring Cloud 2022.0.0, codenamed Kilburn, delivers GA updates to Spring Cloud sub-projects such as: Spring Cloud OpenFeign 4.0.0, Spring Cloud Commons 4.0.0, Spring Cloud Function 4.0.0 and Spring Cloud Starter Build 2022.0.0. There are, however, breaking changes with the removal of sub-projects: Spring Cloud CLI, Spring Cloud for Cloud Foundry and Spring Cloud Sleuth. Spring Cloud 2022.0.0 builds upon Spring Framework 6.x and Spring Boot 3.x and includes compatibility with Jakarta EE and requires a Java 17 baseline. Further details on this release may be found in the release notes and InfoQ will follow up with a more detailed news story.

Versions 6.0.1, 5.8.1, 5.7.6 and 5.6.10 of Spring Security have been released featuring bug fixes and improvements in documentation. In all four releases, the deprecated set-state and set-output commands defined in GitHub Actions have been replaced, presumably with the recommended $GITHUB_STATE and $GITHUB_OUTPUT environment files. More details on these releases may be found in the release notes for version 6.0.1, version 5.8.1, version 5.7.6 and version 5.6.10.

Spring Boot 3.0.1 has been released featuring 54 bug fixes, improvements in documentation and dependency upgrades such as: Spring Security 6.0.1, Spring Integration 6.0.1, Reactor 2022.0.1, Tomcat 10.1.4 and Jetty 11.0.13. Further details on this release may be found in the release notes.

Spring Boot 2.7.7 has also been released featuring 24 bug fixes, improvements in documentation and dependency upgrades such as: Spring Security 5.7.6, Spring Integration 5.5.16, Reactor 2020.0.26, Tomcat 9.0.70 and Jetty 9.4.50.v20221201. More details on this release may be found in the release notes.

The release of Spring for GraphQL 1.1.1 ships with new features such as: new builder customizers to customize the QuerydslDataFetcher and QueryByExampleDataFetcher repository classes by allowing these repositories to implement customizer interfaces; and relaxing the generic type check in @Argument Map as it was determined that this was too strict. There were also dependency upgrades to: Micrometer 1.10.2, Reactor 2022.0.1, Spring Framework 6.0.3 and Spring Security 6.0.1. Further details on this release may be found in the release notes.

Spring Modulith 0.2 has been released that delivers: a new @ApplicationModuleListener annotation to ease the declaration of asynchronous, transactional event listeners that run in a transaction; the application module dependency structure is now also exposed as Spring Boot actuator; and the Postgres event publication registry schema now follows Postgres best practices. More details on this release may be found in the release notes.

Open Liberty

IBM has released Open Liberty 22.0.0.13 featuring: the ability to configure the maximum age of their First Failure Data Capture (FFDC) application data collection system; and fixes for CVE-2022-3509 and CVE-2022-3171, both of which have parsing issues with text data and binary data, respectively, in the Protocol Buffers Java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 that can lead to a denial of service attack.

Quarkus

Red Hat has released Quarkus 2.15.1.Final that ships with bug fixes, improvements in documentation and dependency upgrades to Vert.x 4.3.6, Infinispan 14.0.3.Final, Dekorate 3.1.3 and mongo-client.version 4.8.1. Further details on this release may be found in the changelog.

Micronaut

The Micronaut Foundation has released Micronaut 3.7.5 featuring bug fixes and improvements such as: a change in the resulting Health status output from “Health monitor failed check with status {}” to “Health monitor check with status {}” since Health status only reports UP or DOWN; and an instance of the TextStreamCodec class now requires a bean of type ByteBufferFactory to fix a loading issue. More details on this release may be found in the release notes.

Helidon

Oracle has released Helidon 3.1.0 featuring: new Exponential and Fibonacci strategies defined in the Retry interface; support for the MicroProfile Config specification via a new MPConfigSourceProvider interface; a new relativeUris property in the OidcConfig class to allow an OIDC web client to use a relative path on the request URI; and dependency upgrades such as GraalVM 22.3.0, Netty 4.1.86.Final and PostgreSQL JDBC driver 42.4.3.

Hibernate

The first release candidate of Hibernate ORM 6.2 provides: support for Java records, mapping composite/struct types, and the Jakarta Persistence 3.1 specification; UUID support for MariaDB 10.7 and SQL Server 2008; allow the @SqlInsert, @SqlUpdate, @SqlDelete annotations to refer to a SecondaryTable class; and a new @PartitionKey annotation to identify a field of an entity that holds the partition key of a table.

Eclipse Vert.x

In response to a number of reported bugs found in version 4.3.6, Eclipse Vert.x 4.3.7 has been released featuring a dependency upgrade to Netty 4.1.86 to address CVE-2022-41881, HAProxyMessageDecoder Stack Exhaustion DoS, and CVE-2022-41915, HTTP Response Splitting from Assigning Header Value Iterator. Further details on this release may be found in the release notes.

Apache Software Foundation

A maintenance release of Apache Groovy 3.0.14 features bug fixes, dependency upgrades and two improvements: the static type checker does not recognize closure input parameter when implementing an interface with a map; and the evaluateExpression() method defined in the StaticTypeCheckingSupport class can now provide lightweight evaluation for simple expressions. More details on this release may be found in the release notes.

Apache Groovy 2.5.20, also a maintenance release, features bug fixes, dependency upgrades and the same type checker improvement as described in version 3.0.14. Further details on this release may be found in the release notes.

The release of Apache Camel 3.20.0 delivers over 200 bug fixes, improvements, dependency upgrades and new features such as: provide completion for positional file path parameters (camel-jbang component); added support for Event Resources (camel-kubernetes component); provide a prefixId to the route model such that generated IDs of the route is prefixed (camel-core component); and a new camel-etcd component. More details on this release may be found in the release notes.

MicroStream

MicroStream has announced that they have joined the Eclipse Foundation as a member. With MicroStream already integrated with Helidon and Micronaut, their goal is to closely collaborate with the Eclipse community and actively contribute to Eclipse projects. InfoQ will follow up with a more detailed news story.

Kotlin

The second releases candidate of Kotlin 1.8.0 delivers fixes such as: an IllegalStateException upon reading a class that delegates to a Java class with a definitely non-nullable type with a flexible upper bound; an argument for the UseSerializers class does not implement an instance of the KSerializer interface or does not provide serializer for a concrete type; and no mapping for symbol, VALUE_PARAMETER SCRIPT_IMPLICIT_RECEIVER, on the JVM IR backend.

SourceBuddy

SourceBuddy, a new utility that compiles Java source code dynamically created in a Java application, was introduced by Peter Verhas, architect at EPAM Systems, this past week and has also quickly released version 2.0 featuring: a major restructuring of the class loading structure; hidden and non-hidden classes may now be mixed; and removal of the loadHidden() method in favor of the hidden() method for each added source separately. As the latter feature is a breaking change, it was necessary to provide a major release within the short timeframe. InfoQ will follow up with a more detailed news story.

Jarviz

Jarviz, a new JAR file analyzer utility, has been introduced by Andres Almiray to the Java community. Version 0.1.0 delivers: GAV support to resolve JARs; streamline manifest commands; and resolve the output directory before invoking URL-based processors. Further details on this release may be found in the release notes and InfoQ will follow up with a more detailed news story.

Just

Just, a command Line toolkit for developing Spring Boot applications, was introduced by Maciej Walkowiak, freelance architect & developer, earlier this month. Version 0.12.0, released this past week, features: a significant improvement to the just kill command such that it stops/kills a running Docker container, instead of killing the Docker process, when it learns that there is a Docker container running on a chosen port; two new configuration properties, just.build.extra-args and just.build.maven.profiles, for the just build command to simplify the build configuration; and the value, SPRING_BOOT, can be set to the just.framework property if the framework autodetection fails. InfoQ will follow up with a more detailed news story.