This week's Java roundup for February 5th, 2024, features news highlighting: the first release candidate of JDK 22, JBoss Enterprise Application Platform 8.0, IBM Semeru Runtimes first quarter 2024 updates, LangChain4j 0.27.0, and multiple point releases for Micronaut, Helidon and Eclipse Vert.x.
JDK 23
Build 9 of the JDK 23 early-access builds was made available this past week featuring updates from Build 8 that include fixes for various issues. More details on this release may be found in the release notes.
JDK 22
Build 35 of the JDK 22 early-access builds was also made available this past week featuring updates from Build 34 that include fixes to various issues. Further details on this build may be found in the release notes.
As per the JDK 22 release schedule, Mark Reinhold, chief architect, Java Platform Group at Oracle, formally declared that JDK 21 has entered its first release candidate as there are no unresolved P1 bugs in Build 35. The anticipated GA release is scheduled for March 19, 2024.
The final set of 12 features for the GA release in March 2024 will include:
- JEP 423: Region Pinning for G1
- JEP 447: Statements before super(...) (Preview)
- JEP 454: Foreign Function & Memory API
- JEP 456: Unnamed Variables & Patterns
- JEP 457: Class-File API (Preview)
- JEP 458: Launch Multi-File Source-Code Programs
- JEP 459: String Templates (Second Preview)
- JEP 460: Vector API (Seventh Incubator)
- JEP 461: Stream Gatherers (Preview)
- JEP 462: Structured Concurrency (Second Preview)
- JEP 463: Implicitly Declared Classes and Instance Main Methods (Second Preview)
- JEP 464: Scoped Values (Second Preview)
For JDK 23 and JDK 22, developers are encouraged to report bugs via the Java Bug Database.
Jakarta EE 11
In his weekly Hashtag Jakarta EE blog, Ivar Grimstad, Jakarta EE developer advocate at the Eclipse Foundation, has provided an update on the road to Jakarta EE 11 with a more formal milestone release plan that follows up on the recent release of Jakarta EE 11-M1. Developers can expect milestones 2, 3 and 4 to be released in March, April and May 2024, respectively. As Grimstad stated: "It is the first time we are using Milestones for a Jakarta EE release. Hopefully, it will turn out to be a good idea that will help us complete the release as planned in June/July this year [2024]."
Eclipse GlassFish
The second milestone release of GlassFish 8.0.0 delivers notable changes such as: removal of CDI tests using the @ManagedBean annotation due to the Jakarta Managed Beans specification having been removed from the Jakarta EE Platform; a resolution to the startserv script that incorrectly reported a bash syntax error; and a resolution to the ConcurrentModificationException in the context map propagator. More details on this release may be found in the release notes.
Spring Framework
The release of Spring Tools 4.21.1 features bug fixes, early access builds for Eclipse 2024-03 milestone, and improvements: availability of viewing and editing of log levels in VSCode for live running Spring Boot apps, if enabled on the the application via Spring Boot Actuators; and the ability to show "Refactor Preview" in VSCode before applying the changes from OpenRewrite recipes. Further details on this release may be found in the release notes.
JBoss Enterprise Application Platform
Red Hat has released version 8.0 of the JBoss Enterprise Application Platform, which extends Java support in the cloud with security enhancements, improved cloud workflow tools, and compatibility with Jakarta EE 10, contributing to streamlined application modernization for customers and continued support for enterprise Java application development. InfoQ will follow up with a more detailed news story.
Micronaut
The Micronaut Foundation has released version 4.3.0 of the Micronaut Framework featuring Micronaut Core 4.3.4, bug fixes, dependency upgrades and updates to modules such as: Micronaut GCP, Micronaut Liquibase, Micronaut Data and Micronaut Validation. New modules, Micronaut Chatbots and Micronaut EclipseStore, were also introduced in this version. More details on this release may be found in the release notes.
Similarly, the follow up release of Micronaut Framework 4.3.1 features Micronaut Core 4.3.5, bug fixes, dependency upgrades and updates to modules: Micronaut Security, Micronaut Data, and Micronaut Logging. Further details on this release may be found in the release notes.
IBM Semeru Runtimes
IBM has released version 9.0 of Universal Base Image (UBI) minimal Liberty container images, a stripped down image which allows for the production of smaller application images, with support for Semeru Runtimes Java 21 JRE. The UBI 9 minimal images are available starting with the release of Open Liberty 24.0.0.1.
IBM has also released the 1Q2024 quarterly update of the Semeru Runtime, Open Edition versions 21.0.2, 17.0.10, 11.0.22 and 8.0.402 based on Eclipse OpenJ9 0.43 and OpenJDK jdk-21.0.2+13, jdk-17.0.10+7, jdk-11.0.22+7 and jdk8u402-b06, respectively. This release contains the latest CPU and security fixes from the Oracle Critical Patch Update for January 2024.
Quarkus
Red Hat has released version 3.7.2 of Quarkus with notable changes such as: a resolution to SSL requests hang when an endpoint returns a CompletableFuture; always execute the OpenIDConnectSecurityFilter class at runtime to ensure that the OpenAPI document will use the runtime value of the quarkus.oidc.auth-server-url property; and a new CheckCrossReferences class to check the cross references of canonical IDs. More details on this release may be found in the changelog.
Helidon
The release of Helidon 4.0.5 delivers notable resolutions to issues such as: tests defined in the KafkaSeTest class failing on Windows OS; a NullPointerException from a user test by adding a null check for the resource path in the HelidonTelemetryContainerFilter class; and problems handling character encodings in URIs. Further details on this release may be found in the changelog.
Similarly, Helidon 3.2.6 has been released providing dependency upgrades and notable changes such as: manually count the number of offered tasks instead of relying solely on the inaccurate value returned by the getActiveCount() method defined in the ThreadPool class; and a resolution to the currentSpan() method defined in the TracerProviderHelper class throwing a NullPointerException in situations where an implementation of the TracerProvider class is null. More details on this release may be found in the changelog.
Hibernate
The release of Hibernate ORM 6.4.4.Final ships with dependency upgrades and resolutions to issues such as: a NullPointerException upon using the default instance of the BytecodeProvider interface after upgrading WildFly to Hibernate 6.4.3; a memory leak using the BasicTypeRegistry class; and an IllegalStateException due to an unsupported combination of tuples in queries. Further details on this release may be found in the list of issues.
Eclipse Vert.x
Versions 4.5.3 and 4.4.8 of Eclipse Vert.x both ship with notable resolutions to issues such as: CVE-2024-1300, a vulnerability that allows an attacker to send Transport Layer Security (TLS) client "hello" messages with fake server names, triggering a JVM out-of-memory error due to a memory leak in TCP servers configured with support for TLS and Server Name Indication (SNI); a NullPointerException in the decodeError() method defined in the PgDecoder class; and temporary files generated by the WebClient interface not being removed. More details on these releases may be found in the release notes for version 4.5.3 and version 4.4.8.
Eclipse JKube
The release of Eclipse JKube 1.16.0 provides notable changes such as: support for the Spring Boot application properties placeholders generated from the configuration; a new JKubeArchiveDecompressor class with initial support for .tgz and .zip files; and support for parsing Docker image names with IPv6 address literals. Further details on this release may be found in the release notes.
Infinispan
The release of Infinispan 14.0.24 provides many dependency upgrades and improvements: preventing leaks from an implementation of the Java MBeanServer interface from within the HotRodClient class; and enabling the Insights Java Client by default. More details on this release may be found in the release notes.
LangChain for Java
Version 0.27.0 of LangChain for Java (LangChain4j) provides many bug fixes, new integrations with Infinispan and MongoDB, and notable updates such as: improved support for AstraDB and Cassandra; a fallback strategy for the LanguageModelQueryRouter class; and an enhance to the ServiceOutputParser class that allows the outputFormatInstructions() method to document nested objects in the jsonStructure() method. Further details on this release may be found in the release notes.
JHipster
Version 1.4.0 of JHipster Lite have been released to deliver bug fixes, dependency upgrades and new features/enhancements such as: a new module to auto-enable Spring local profile for development; support for programmatically declare dependencies in a Maven profile; and a rename of getJavaVersion() method to javaVersion() to align with the JHipster Lite convention of not using the get prefix. More details on this release may be found in the release notes.
Testcontainers for Java
The release of Testcontainers for Java 1.19.5 ships with a downgrade of Apache Commons Compress from version 1.25.0 to version 1.24.0 to avoid classpath conflicts due to a recent change in Commons Compress 1.25.0. Further details on this release may be found in the release notes.
Java Operator SDK
The release of Java Operator SDK 4.8.0 features notable changes such as: improved logging of conflicting exceptions; the ability for multiple controllers reconciling same resource type, but with different labels; and a resolution to multiple dependents of same type exceptions. More details on this release may be found in the release notes.
Multik
Version 0.2.3 of Multik, the multidimensional array library for Kotlin, has been migrated to Kotlin 1.9.22. New features include: use of pinned arrays to optimize the sin, cos, log, exp functions in Kotlin/Native; implementation of complex numbers in Kotlin/Native using the Vector128 class; and enhanced performance on Windows OS and Apple Silicon processors. Further details on this release may be found in the release notes.
Gradle
Gradle 7.6.4, the fourth maintenance release, features: an upgrade to Apache Ant 1.10.14 to address CVE-2020-11979, a vulnerability in which an attacker can inject modified source files into a build process due to the fixcrlf task deleting temporary files and creating new ones without the permissions assigned to the current user; an upgrade to Google Guava 32.1.1 to address CVE-2023-2976, a vulnerability in the FileBackedOutputStream class that allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class; and an upgrade to Apache Ivy 2.5.2 to address CVE-2022-46751, a vulnerability in Apache Ivy in which an attacker can exfiltrate data, access resources limited to the machine running Ivy, or disturb the execution of Ivy in different ways due to improper restriction of XML External Entity Reference. More details on this release may be found in the release notes.