This week's Java roundup for January 22nd, 2024 features news highlighting: WildFly 31.0.0, Eclipse Store 1.1.0, BellSoft Liberica Native Image Kit, multiple Quarkus and JHipster Lite releases and Jakarta EE 11 updates.
OpenJDK
After its review had concluded JEP 455, Primitive Types in Patterns, instanceof, and switch (Preview), has been promoted from Proposed to Target to Targeted for JDK 23. This JEP, under the auspices of Project Amber, proposes to enhance pattern matching by allowing primitive type patterns in all pattern contexts, and extend instanceof and switch to work with all primitive types. Aggelos Biboudis, Principal Member of Technical Staff at Oracle, has recently published an updated draft specification for this feature.
JDK 23
Build 7 of the JDK 23 early-access builds was made available this past week featuring updates from Build 6 that include fixes for various issues. More details on this release may be found in the release notes.
JDK 22
Build 33 of the JDK 22 early-access builds was also made available this past week featuring updates from Build 32 that include fixes to various issues. Further details on this build may be found in the release notes.
For JDK 23 and JDK 22, developers are encouraged to report bugs via the Java Bug Database.
Jakarta EE 11
In his weekly Hashtag Jakarta EE blog, Ivar Grimstad, Jakarta EE Developer Advocate at the Eclipse Foundation, has provided an update on the progress of Jakarta EE 11 and beyond. As per the Jakarta EE Specification Process, the Jakarta EE Specification Committee will conduct a progress review of the planned Jakarta EE 11 release and vote on a ballot to approve. If the ballot does not pass, the release date of Jakarta EE 11 could be delayed.
Also, the Jakarta EE Working Group has been thinking beyond Jakarta EE 11 and discussing some ideas for new specifications, such as Jakarta AI. The group has created this Google Doc for the Java community to review and provide input/feedback.
Spring Framework
The Spring Framework team has disclosed that versions 6.1.3 and 6.0.16, released on January 11, 2024, addressed CVE-2024-22233, Spring Framework Server Web DoS Vulnerability, that allows an attacker to provide a specially crafted HTTP request that may cause a denial-of-service condition if the application uses Spring MVC and Spring Security 6.1.6+ or 6.2.1+ is on the classpath.
Version 3.2.1 and 3.1.8 of Spring Shell have been released deliver notable changes: a resolution for the command alias not working on the type level when the subcommand is empty; a split of the JLine dependencies due to issues with native image and to avoid importing classes that may not be needed in an application; and a resolution to the shell cursor not being restored in the terminal multiplexer (tmux) if the shell is hiding the cursor. Both versions build upon Spring Boot 3.2.2 and 3.1.8, respectively. More details on these releases may be found in the release notes for version 3.2.1 and version 3.1.8.
The release of Spring Cloud Commons 4.1.1 has been released featuring a bug fix in which implementations of the Spring Framework BeanPostProcessor interface were not registered correctly when the @LoadBalanced annotation bean was instantiated during auto-configuration. Further details on this release may be found in the release notes.
BellSoft
BellSoft has released versions 23.1.2 for JDK 21 and 23.0.3 for JDK 17 of their Liberica Native Image Kit builds as part of the Oracle Critical Patch Update for January 2024 to address several security and bug fixes. Other notable improvements include: support for AWT and JavaFX fullscreen mode; intrinsified memory copying routines on AMD64 platforms and, where available, they now use AVX instructions for better performance; and SubstrateVM monitor enter/exit routines for accelerated startup of native images.
WildFly
Red Hat has released version 31 of WildFly with application server features such as: support for MicroProfile 6.1, Hibernate ORM 6.4.2, Hibernate Search 7.0.0 and Jakarta MVC 2.1; and the ability to exchange messages from the MicroProfile Reactive Messaging 3.0 specification with Advances Messaging Queuing Protocol (AMQP) 1.0. This release also introduces WildFly Glow, a command line and a set of tools to "provision a trimmed WildFly server instance that contains the server features that are required by an application." InfoQ will follow up with a more detailed news story.
Quarkus
Red Hat has also released version 3.6.7 of Quarkus with notable changes such as: ensure that the refreshed CSRF cookie retains its original value based on the presence of the token header; dependency management for the Hibernate JPA 2 Metamodel Generator; and a resolution to entity manager issues with Spring Data JPA when using multiple persistence units. More details on this release may be found in the changelog.
Quarkus 3.2.10.Final, the tenth maintenance release in the 3.2 LTS release train, primarily delivers resolutions to CVEs such as: CVE-2023-5675, an authorization flaw with endpoints used in Quarkus RestEasy Reactive and Classic applications customized by Quarkus extensions using the annotation processor; and CVE-2023-6267, an annotation-based security flaw in which the JSON body that a resource may consume is being processed, i.e., deserialized, prior to the security constraints being evaluated and applied. Further details on this release may be found in the changelog.
Helidon
The release of Helidon 4.0.4 delivers notable changes such as: a resolution to the currentSpan() method defined in the TracerProviderHelper class throwing a NullPointerException in situations where an implementation of the TracerProvider class is null; a cleanup and simplification of the logic to determine which type of IP addresses, v4 or v6, to consider during name resolution in WebClient configuration; and security propagation is now disabled when not properly configured. More details on this release may be found in the changelog.
Micronaut
The Micronaut Foundation has released version 4.2.4 of the Micronaut Framework featuring Micronaut Core 4.2.4, bug fixes, dependency upgrades and updates to modules: Micronaut AWS, Micronaut Flyway, Micronaut JAX-RS, Micronaut JMS, Micronaut MicroStream, Micronaut MQTT and Micronaut Servlet. Further details on this release may be found in the release notes.
Hibernate
The release of Hibernate Reactive 2.2.2.Final ships with: a dependency upgrade to Hibernate ORM 6.4.2.Final; removal of unused code that caused a ClassCastException in Quarkus at start up; and new annotations, @EnableFor and @DisabledFor, to enable and disable, respectively, tests for database types. More details on this release may be found in the release notes.
The second alpha release of Hibernate Search 7.1.0 provides: compatibility with Hibernate ORM 6.4.2.Final, Lucene 9.9.1 and Elasticsearch 8.12; an integration of the Elasticsearch/OpenSearch vector search capabilities; and the ability to look up the capabilities of each field when inspecting the metamodel. Further details on this release may be found in the release notes.
Eclipse Store
The release of Eclipse Store 1.1.0 delivers new features such as: monitoring support using the Java Management Extensions (JMX) framework; integration with Spring Boot 3.x; and an implementation of JSR 107, Java Temporary Caching API (JCache). More details on this release may be found in the release notes.
Infinispan
Versions 15.0.0.Dev07 and 14.0.22.Final of Infinispan ship with dependency upgrades and resolutions to notable bug fixes such as: a flaky test failure from the testExpirationCompactionOnLogFile() method defined in the SoftIndexFileStoreFileStatsTest class; an IllegalArgumentException from within the getMembersPhysicalAddresses() method defined in the JGroupsTransport class; and a NullPointerException due to a failover of the Hot Rod Client hanging. Further details on these releases may be found in the release notes for version 15.0.0.Dev07 and version 14.0.22.
JHipster
Versions 1.3.0, 1.2.1 and 1.2.0 of JHipster Lite have been released to deliver bug fixes, dependency upgrades and new features/enhancements such as: use of the LinkedHashSet class instead of the HashSet class for improved reproducible generated code; use of Signals and Control Flow, new features of Angular 17; and support for Protocol Buffers. More details on these releases may be found in the release notes for version 1.3.0, version 1.2.1 and version 1.2.0.
Testcontainers for Java
The release of Testcontainers for Java 1.19.4 ships with bug fixes, improvements in documentation and new features such as: an enhancement in the exec command that supports setting a work directory and environmental variables; support for MySQL 8.3; and an increase of the default startup time for Selenium to 60 seconds. Further details on this release may be found in the release notes.
Gradle
The third release candidate of Gradle 8.6 provides continuous improvement in: support for custom encryption keys in the configuration cache via the GRADLE_ENCRYPTION_KEY environment variable; improvements in error and warning reporting; improvements in the Build Init Plugin to support various types of projects; and enhanced build authoring for plugin authors and build engineers to develop custom build logic. More details on this release may be found in the release notes.