MMS • Michael Redlich
Article originally posted on InfoQ. Visit InfoQ
This week’s Java roundup for January 16th, 2023, features news from JDK 20, JDK 21, Spring Cloud Gateway 4.0, Spring Boot 3.0.2 and 2.7.8, Spring Modulith 0.3, Liberica JDK versions 19.0.2, 17.0.6, 11.0.18 and 8u362, Payara Platform, Micronaut 3.8.2, WildFly 26.1.3, TomEE 8.0.14, first three milestone releases of Job Runr 6.0 and Gradle 8.0-RC2.
JDK 20
Build 32 of the JDK 20 early-access builds was made available this past week, featuring updates from Build 31 that include fixes to various issues. More details on this build may be found in the release notes.
JDK 21
Build 6 of the JDK 21 early-access builds was also made available this past week featuring updates from Build 5 that include fixes to various issues. More details on this build may be found in the release notes.
For JDK 20 and JDK 21, developers are encouraged to report bugs via the Java Bug Database.
Spring Framework
Spring Cloud Gateway 4.0 has been released featuring new filters that enhance caching, request headers and JSON processing.
The release of Spring Boot 3.0.2 delivers bug fixes, improvements in documentation and dependency upgrades such as: Spring Framework 6.0.4, Spring Data 2022.0.1, Apache Tomcat 10.1.5 and Micrometer 1.10.3. More details on this release may be found in the release notes.
Similarly, the release of Spring Boot 2.7.8 delivers bug fixes, improvements in documentation and dependency upgrades such as: Spring Framework 5.3.25, Spring Data 2021.2.7, Apache Tomcat 9.0.71 and Micrometer 1.9.7. It is also important to note that the coordinates of the MySQL JDBC driver has changed from mysql:mysql-connector-java
to com.mysql:mysql-connector-j
. More details on this release may be found in the release notes.
Spring Modulith 0.3 has been released with new features such as: instances of the PublishedEvents
interface may now see events published from asynchronous event listeners; a new dedicated interface, ApplicationModuleInitializer
, to be executed on application startup to demarcate components in modules-specific order; and allow information exposed by the JSON actuator to be statically rendered. More details on this release may be found in the release notes.
BellSoft
BellSoft has released a Critical Patch Update (CPU) for versions 17.0.5.0.1, 11.0.17.0.1 and 8u361 of Liberica JDK, their downstream distribution of OpenJDK. CPU releases include patches for Common Vulnerabilities and Exposures (CVE). In addition, a Patch Set Update (PSU) for versions 19.0.2, 17.0.6, 11.0.18 and 8u362 of Liberica JDK, containing non-critical fixes and general improvements, was also made available. Overall, this release features 778 bug fixes and backports of which 24 issues were addressed by BellSoft.
Payara
Payara has released their January 2023 edition of the Payara Platform that includes Community Edition 6.2023.1 and Enterprise Edition 5.47.0.
The Community Edition delivers bug fixes, component upgrades, and the ability to use an environment variable when using the create-connector-connection-pool
command with the asadmin
utility. More details on this release may be found in the release notes.
Similarly, the Enterprise Edition delivers bug fixes, component upgrades and improvements such as: the ability to use an environment variable when using the create-connector-connection-pool
command with the asadmin
utility; Java Native Access (JNA) is now compatible on Apple Silicon chips; and the Start-Up, Post-Boot, Deployment and Post-Start-Up phases have been streamlined for consistent behavior. More details on this release may be found in the release notes.
For both editions, an upgrade to OpenSSL 1.1.1q provides a security fix in Payara Docker images.
Micronaut
The Micronaut Foundation has released Micronaut 3.8.2 featuring bug fixes and updates to modules: Micronaut Security 3.9.2, Micronaut Views 3.8.1, Micronaut Micrometer 4.7.1, and Micronaut Servlet 3.3.5. More details on this release may be found in the release notes.
WildFly
WildFly 26.1.3 is a maintenance release that addresses CVE-2022-46364, a vulnerability in which a Server-Side Request Forgery (SSRF) attack is possible from parsing the href
attribute of XOP:Include
in Message Transmission Optimization Mechanism (MTOM) requests. Dependency upgrades include: Jackson Databind 2.12.7.1, Apache CXF 3.4.10 and Eclipse Implementation of Jakarta XML Binding 2.3.3. More details on this release may be found in the release notes.
TomEE
TomEE 8.014 has been released featuring bug fixes and dependency upgrades such as: Hibernate 5.6.14, Tomcat 9.0.71, Apache CXF 3.4.10 and HSQLDB 2.7.1. More details on this release may be found in the release notes.
JobRunr
Three milestone releases of JobRunr 6.0 were made available this past week.
The first milestone release features new functionality and improvements such as: Job Builders that provide a single API to configure all the aspects of a Job
class via a builder instead of using the @Job
annotation; Job Labels such that jobs can be assigned labels that will be visible in the dashboard; support for Spring Boot 3.0; and improvements in stability.
The second milestone release allows for multiple instances of the JobScheduler
class with different table prefixes inside one application and an update of all transitive dependencies.
The third milestone release provides a bug fix related to Amazon DocumentDB.
Gradle
The second release candidate of Gradle 8.0.0 features improvements to the Kotlin DSL and buildSrc
, the latter of which will now behave more like included builds, such as running buildSrc
tasks directly, skipping tests, having init tasks and including other builds with buildSrc
. There were also performance improvements with enhancements to the configuration cache such as loading tasks from the cache entry and running tasks as isolated and in parallel. More details on this release may be found in the release notes.