BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Java News Roundup: Major Spring Releases, Resilience4j, Open Liberty, GlassFish, Kotlin 1.8-Beta

Java News Roundup: Major Spring Releases, Resilience4j, Open Liberty, GlassFish, Kotlin 1.8-Beta

Bookmarks

This week's Java roundup for November 21st, 2022, features news from JDK 20, major, point and patch releases for Spring (namely Boot, Web Services, Security, Batch, Authorization Server, REST Docs, Framework, Modulith, GraphQL, Apache Kafka and RabbitMQ), Open Liberty 22.0.0.12, GlassFish 7.0-M10, GraalVM Native Build Tools 0.9.18, Resilience4j 2.0, Apache Tomcat 8.5.84 and Kotlin 1.8-Beta.

JDK 20

Build 25 of the JDK 20 early-access builds was also made available this past week, featuring updates from Build 24 that include fixes to various issues. More details on this build may be found in the release notes.

For JDK 20, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

Following the major release of Spring Framework last week, VMware has followed up with a number of other major releases in some of their other projects. It is important to note that these major releases, namely, Spring Boot 3.0, Spring Web Services 4.0, Spring Security 6.0, Spring Batch 5.0, Spring Authorization Server 1.0, Spring REST Docs 3.0, Spring for GraphQL 1.1.0, Spring for Apache Kafka 3.0 and Spring for RabbitMQ 3.0 (Spring AMPQ), all feature a baseline of JDK 17 and Jakarta EE 9.

More than four-and-a-half years since the release of Spring Boot 2.0 and more than a year in the making with over 5800 commits, Spring Boot 3.0 is now available to the Java community. Similar to Spring Framework 6.0, major highlights include: support for generating native images with GraalVM that supersedes the experimental Spring Native project; and improved observability with Micrometer and Micrometer Tracing. Further details on this release may be found in the release notes. Josh Long, Java Champion and first Spring Developer Advocate at VMware, recently spoke to InfoQ with his thoughts on the major releases of Spring Framework 6.0 and Spring Boot 3.0.

Versions 2.7.6 and 2.6.14 of Spring Boot both feature bug fixes, improvements in documentation and dependency upgrades such as: Spring Framework 5.3.24, Spring Web Services 3.1.4, Hibernate 5.6.14.Final, PostgreSQL 42.3.8, Reactor 2020.0.25, and Spring REST Docs 2.0.7. More details on these releases may be found in version 2.7.6 and version 2.6.14. As per VMware open source policy, version 2.6.14 is the last release in the 2.6 release train.

The release of Spring Web Services 4.0 features: the use of GitHub releases via a changelog to track issues on a per-milestone basis; collapse identical catch blocks/branches; update syntax and spellings in documentation; and dependency upgrades to Spring Framework 6.0, Spring Security 6.0.0 and nexus-staging-maven-plugin 1.6.13. Further details on this release may be found in the release notes.

Spring Security versions 6.0 and 5.8 are now available:

  • Version 6.0 adds integration with Spring observability and supports AOT processing provided by Spring Framework 6.0. More details on this release, including a number of breaking changes, may be found in the what's new page.
  • Version 5.8 delivers enhancements such as: improvements in session handling; expanded support for the AuthorizationManager interface; and additional in-depth defense for the Cross Site Request Forgery (CSRF) vulnerability. Further details on this release may be found in the what's new page.

Spring Batch 5.0 has been released featuring: a new getDataSource() method for the DefaultBatchConfiguration class; support for observability with Micrometer and Micrometer Tracing; improved testing for the SystemCommandTasklet class; an implementation of Java Records in the FieldExtractor interface; and support to configure the transaction manager in the SimpleJobOperator and SimpleJobExplorer classes. More details on this release may be found in the release notes.

Over two-and-a-half years since it was first introduced to the Java community, the release of Spring Authorization Server 1.0 delivers a new features and dependency upgrades to Spring Framework 6.0, Spring Security 6.0 and 6.0-RC2, Spring Boot 3.0-RC2, Jakarta Servlet 6.0, HyperSQLDB 2.7.1 and Jackson 2.14. Further details on this release may be found in the release notes.

Spring Authorization Server 0.4 has been released featuring: an upgrade to JUnit 5; update links to current version of OAuth 2.1; assert unique identifiers in the JdbcRegisteredClientRepository class; add logging for consistency with Spring Security; and dependency upgrades to Spring Framework 5.3.24, Spring Security 5.8 and Jackson 2.14. More details on this release may be found in the release notes.

The release of Spring REST Docs 3.0 ships with: separately documenting form and query parameters that were once mixed together in documentation of request parameters; documenting request and response cookies; publication of a bill of materials (BOM) with coordinates org.springframework.restdocs:spring-restdocs-bom; and integration with REST Assured now requires version 5.2. Classes and methods that were deprecated in Spring REST Docs 2.0 have been removed. Further details on this release may be found in the release notes.

Spring REST Docs 2.0.7 has been released featuring bug fixes in which: a problem documenting a response with custom status code in classes defined in the webtestclient package; and a PayloadHandlingException being thrown when improperly converted URL data in the request body upon using the modifyUris() method. More details on this release may be found in the release notes.

Small patch releases of Spring Framework, versions 6.0.2 and 6.0.1, provide bug fixes, improvements in documentation and new features such as: rely on the standard parameter name resolution in Jakarta Bean Validation 3.0; make the SourceHttpMessageConverter class optional; completely deprecate the LocalVariableTableParameterNameDiscoverer class to avoid its exposure in native images; and make the generate() method defined in the GeneratorStrategy interface unreachable to save on memory when converting to native image. Further details on these releases may be found in the release notes for version 6.0.2 and version 6.0.1.

The release of Spring Modulith 0.1 completes the integration of the now defunct predecessor Moduliths project. This version provides bug fixes and a dependency upgrade to Spring Boot 3.0. Spring Modulith project lead Oliver Drotbohm, Spring staff 2 engineer at VMware, recently spoke to InfoQ about the Spring Modulith project.

Spring for GraphQL 1.1 has been released, delivering support for GraphQL Java 19 as a baseline (along with JDK 17 and Jakarta EE 9) and aligns with Spring Boot 3.0. Other new features include support for: observability through Micrometer, context propagation through the Micrometer Context Propagation Library; AOT and GraalVM Native Images; and updates to the GraphQlArgumentBinder class that can now bind Java Collections; and a new ArgumentValue class that can expose information about whether an argument was entirely omitted. More details on this release may be found in the release notes.

Similarly, Spring for GraphQL 1.0.3 was also released featuring bug fixes, enhancements and improvements in documentation. Further details on this release may be found in the release notes.

Spring for Apache Kafka 3.0 and Spring for RabbitMQ 3.0 were made available to the Java community:

  • Spring for Apache Kafka 3.0 features: support for a global single instance of a EmbeddedKafkaBroker class across multiple test classes; several enhancements on the @RetryableTopic annotation with non-blocking retries; and methods defined in the KafkaTemplate class now return an instance of CompletableFuture class instead of the now-deprecated ListenableFuture. More details on this release may be found in the what's new page.
  • Spring for RabbitMQ 3.0 features: support for RabbitMQ super streams with single active consumers; methods defined in the AsyncRabbitTemplate and RabbitStreamTemplate methods now return an instance of CompletableFuture instead of ListenableFuture (similar to Spring for Apache Kafka); and the previously deprecated remoting support has been removed. Further details on this release may be found in the what's new page.

Open Liberty

IBM has released Open Liberty 22.0.0.12 featuring a bug fix that addresses CVE-2022-37734, a vulnerability in GraphQL Java in which an attacker can launch a Denial of Service by sending a malicious GraphQL query that consumes CPU resources. Developers are encouraged to upgrade to GraghQL Java versions 19.0+, 18.3 and 17.4.

Eclipse GlassFish

The Eclipse Foundation has provided the tenth milestone release of GlassFish 7.0.0 featuring: an integration of Helidon Config 3.0.2, Eclipse Jersey 3.1.0 and Shoal 3.0.1; the addition of REST JDBC management tests; support for MicroProfile JWT; and adding the Jakarta MVC 2.1 TCK results for GlassFish 7.0.0-M9. GlassFish 7.0.0-M10 compiles and runs on JDK 11 to JDK 19 and is considered a release candidate that contains the final Jakarta EE 10 APIs and final Jakarta EE 10 implementation components.

GraalVM Native Build Tools

On the road to version 1.0, Oracle Labs has released version 0.9.18 of Native Build Tools, a GraalVM project consisting of plugins for interoperability with GraalVM Native Image. This latest release provides: a trim of the GraalVM version to fix support for Windows; an upgrade to GraalVM metadata repository 0.2.5; and enhancements to the NativeImageUtils class by adding tests for the escapeArg() method and eliminating the escaped quoted regular expression arguments with the args parameter. More details on this release may be found in the changelog.

Resilience4j

Version 2.0.0 of Resilience4j, a fault tolerance library for Java, has been released featuring dependency upgrades to JDK 17, Kotlin 1.7.20, Spring Boot 2.7 and Micronaut 3.7.3. Vavr, a functional library for Java, was removed as a dependency. InfoQ will follow up with a more detailed news story.

Apache Tomcat

Apache Tomcat 8.5.84 has been released featuring fixes such as: a concurrency issue in evaluation of expression language containing lambda expressions; and correct the date format used with the expires attribute of HTTP cookies in which a single space rather than a single dash should be used to separate the day, month and year components to be compliant with RFC 6265. There was also a dependency upgrade to Apache Commons Daemon 1.3.2. Further details on this release may be found in the changelog.

Kotlin

JetBrains has released Kotlin 1.8.0-Beta featuring: compatibility with Gradle 7.3; recursive Path utility functions in the standard library; support for Xcode 14 in Kotlin/Native; and discontinuation of support for the old JVM backend. More details on this release may be found in the what's new page.

About the Author

Rate this Article

Adoption
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

BT