This week's Java roundup for March 25th, 2024, features news highlighting: JEP 466, Class-File API (Second Preview), targeted for JDK 23; milestone releases of Jakarta Data and Jakarta NoSQL specifications; the second release candidate for JobRunr 7.0.0; and point releases for Spring projects, Quarkus, Helidon and LangChain4j.
OpenJDK
After its review has concluded, JEP 466, Class-File API (Second Preview), has been promoted from Proposed to Target to Targeted for JDK 23. This JEP proposes a second round of preview to obtain feedback from the previous round of preview: JEP 457, Class-File API (Preview), delivered in JDK 22. This feature provides an API for parsing, generating, and transforming Java class files. This will initially serve as an internal replacement for ASM, the Java bytecode manipulation and analysis framework, in the JDK with plans to have it opened as a public API. Goetz has characterized ASM as "an old codebase with plenty of legacy baggage" and provided background information on how this draft will evolve and ultimately replace ASM.
JDK 23
Build 16 of the JDK 23 early-access builds was made available this past week featuring updates from Build 15 that include fixes for various issues. Further details on this release may be found in the release notes.
Jakarta EE
The fourth milestone release of the Jakarta Data 1.0.0 specification features notable changes such as: removal of the countBy() method from the BasicRepository interface as it was a magical method name query and considered awkward; replace Sort<T> by Sort<? super T> where appropriate to allow sorting by a member of a super entity; and a new method, elements(), added to the inner Cursor interface, defined in the PageRequest interface, that automatically packages elements as an unmodifiable list. More details on this release may be found in the changelog.
Similarly, the first milestone release of Jakarta NoSQL 1.0.0 specification features notable changes such as: removal of the Document, Key-Value and Column Family APIs as they are now maintained in Jakarta Data; and the addition of new annotations, @MappedSuperclass, @Embeddable, @Inheritance, @DiscriminatorColumn and @DiscriminatorValue for improved support of NoSQL databases. More details on this release may be found in the changelog.
Spring Framework
Spring Cloud 2023.0.1, codenamed Leyton, has been released featuring bug fixes and notable updates to sub-projects: Spring Cloud Kubernetes 3.1.1; Spring Cloud Function 4.1.1; Spring Cloud OpenFeign 4.1.1; Spring Cloud Stream 4.1.1; and Spring Cloud Gateway 4.1.2. This release is based on Spring Boot 3.2.4. More details on this release may be found in the release notes.
The release of Spring for GraphQL 1.2.6 delivers bug fixes, improvements in documentation, dependency upgrades and new features: recommended use of the PERSISTED_QUERY_MARKER field defined in the GraphQL PersistedQuerySupport class to avoid a GraphQL AssertException due to persisted queries that don’t contain standard queries; use either first or after arguments to determine forward pagination in conjunction with the last and before arguments to determine backward pagination. This version will be shipped with the upcoming releases of Spring Boot 3.1.11 and 3.2.5. More details on this release may be found in the release notes.
Quarkus
The release of Quarkus 3.9.1 provides notable changes such as: the new naming strategy for Quarkus reactive extensions; support for OIDC Client JWT Bearer authentication; and an initial release of the new declarative Quarkus WebSockets extension. More details on this release may be found in the changelog.
Helidon
The release of Helidon 3.2.7 features notable changes such as: a replacement of the deprecated the overloaded from() methods, defined in the Multi interface, with corresponding create() methods; and a replacement of the deprecated readTransaction() and writeTransaction() methods, defined in the Neo4j Session interface, with the executeRead() and executeWrite() methods, respectively, in the Neo4jHealthCheck class. More details on this release may be found in the changelog.
Similarly, the of release of Helidon 2.6.7 ships with notable changes such as: a refresh of the MicroProfile Fault Tolerance static method cache upon CDI shutdown; support for disabling security providers through configuration; and a resolution to a NullPointerException from a disable feature in the OidcSupport class. More details on this release may be found in the changelog.
Open Liberty
IBM has released version 24.0.0.3 of Open Liberty featuring: enabling of default verbose garbage collection on IBM Java and IBM Semeru Runtimes; support for back-channel logout on OpenID Connect clients and servers; and a resolution to CVE-2023-50312, a vulnerability in IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.2 that could provide weaker-than-expected security for outbound TLS connections caused by a failure to honor user configuration.
Apache Software Foundation
Versions 10.1.20 and 8.5.100 of Apache Tomcat ship with notable changes such as: ensure that the URI, query string and protocol are not corrupted when restoring a saved POST request body after a successful FORM authentication; and align error handling for the Writer and OutputStream classes to ensure the use of either class once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. For the milestone release, the team decided to reduce the minimal Java version to JDK 17. More details on these releases may be found in the release notes for version 10.1.20 and version 8.5.100.
The release of Apache Camel 4.5.0 provides bug fixes, dependency upgrades and new features such as: the creation of new Camel Milvus, Camel Qdrant and Camel AWS Bedrock components to support the Milvus and Qdrant vector databases and AWS Bedrock, respectively; and improved support for the bind command in Camel JBang with the ability to set properties and enhanced error handling. More details on this release may be found in the release notes.
Eclipse Foundation
Versions 4.5.7 and 4.4.9 of Eclipse Vert.x 4.5.7 both deliver notable changes such as: a resolution to CVE-2024-29025, a vulnerability in Netty versions before 4.1.108.Final by which an attacker can send a chunked post consisting of many small fields that will be accumulated, with no limits, in the bodyListHttpData list; and a resolution to Vert.x building its virtual thread factory at runtime with the correct reflection calls. More details on these releases may be found in the release notes for version 4.5.7 and version 4.4.9.
The release of Eclipse JKube 1.16.2 provides notable fixes such as: the addition of a JKubeBuildStrategy field in the WatcherContext class to throw an exception if using a Kubernetes Watch (k8s:watch/k8sWatch) in a buildpacks build strategy; the OpenShift Maven plugin generates a YAML file with a route target port that doesn't correctly map to the target port causing a Kubernetes pod that is not accessible through the route if the service port is different than the target port. More details on this release may be found in the release notes.
TornadoVM
TornadoVM 1.0.3, the third maintenance release, delivers bug fixes and improvements such as: support for multiple Java threads running different instances of the TornadoVM execution plans; new API extensions to query and apply filters to backends and devices from the TornadoExecutionPlan class; and support for the TornadoNativeArray class data types to obtain memory segments without the header offset. More details on this release may be found in the release notes.
JobRunr
The second release candidate of JobRunr 7.0.0, a library for background processing in Java that is distributed and backed by persistent storage, features bug fixes, enhancements and new features: the ability to configure a shutdown period of BackgroundJobServer class; access to labels via JobContext class; and use of the Spring Data Redis LettuceConnectionFactory class to obtain an instance of the Lettuce RedisClient class. More details on this release, including information about the version 7.0.0 GA release on April 9, 2024, may be found in the release notes.
LangChain4j
Versions 0.29.1 and 0.29.0 of LangChain4j have been released providing notable features such as: advanced retrieval augmented generation (RAG) with Azure AI Search; support for function calling Mistral AI; and a new module to support AWS Anthropic Claude on Bedrock. More details on these releases may be found in the release notes for version 0.29.1 and version 0.29.0.
Java Operator SDK
The release of Java Operator SDK 4.8.2 features: a resolution to pruning issues of fields being delivered from the server by ignoring server-managed fields for server-side apply (SSA) matching; and improved integration tests by increasing the timeout from 20 to 40 minutes. More details on this release may be found in the release notes.
MicroStream
The release of MicroStream 8.1.2 provides code cleaning and adjustment for direct byte buffers in order to avoid possible VM crashes due to a removed check in G1GC in JDK 21.0.2. More details on this release may be found in the release notes.