WildFly 27, Spring Release Candidates, JEPs for JDK 20, Project Reactor

This week’s Java Roundup for November 7, 2022 includes what’s new from OpenJDK, JDK 20, OpenSSL CVEs, Build 20-loom+20-40, Spring Framework 6.0-RC4, Spring Boot 3.0-RC2, Spring Security 6.0-RC2, Spring Cloud 2021.0.5, WildFly 27, WildFly Bootable JAR 8.1, Quarkus 2.14.0 and 2.13.4, Project Reactor 2022.0, Micrometer Metrics 1.10 and Tracing 1.0, JHipster Lite 0.22.0 and Camel Quarkus 2.14 and 2.13.1.

OpenJDK

JEP 432, Capture pattern (second preview)was promoted by candidate to suggested target Status for JDK 20. This JEP is updated since JEP 405, Capture pattern (preview)to include: added support for inferring type arguments of generic record patterns; Added support for record patterns appearing in the header of an extended for statement; and remove support for named record patterns.

JEP 433, Pattern matching for switches (fourth preview)was promoted by candidate to suggested target Status for JDK 20. This JEP is updated since JEP 427, Pattern Matching for Switch (Third Preview)included: a simplified grammar for switch labels; and deduction of type arguments for generic type patterns and record patterns is now supported in switch Expressions and statements along with the other constructs that support patterns.

The next step in a long history of dealing with the inherently uncertain realm stop() and stop(Throwable) Methods defined in the Thread and ThreadGroup classes , was defined in JDK-8289610, Reduce Thread.stop. This suggests dismantling the stop() method in the Thread Class to throw in unconditionally UnsupportedOperationException and discard them ThreadDeath class to remove. This requires updates for Section 11.1.3 the Java Language Specification and Section 2.10 the Java Virtual Machine Specification, where asynchronous exceptions are defined.

JDK20

23 build of the JDK 20 Early Access Builds was also made available last week, with Update of Build 22, which includes fixes for various expenditure. More details on this build can be found in the Release Notes.

To the JDK20Developers are encouraged to report bugs through the Java bug database.

OpenSSL

OpenSSLa commercial, full-featured toolkit for general-purpose cryptography and secure communications projects released Two Common Vulnerabilities and Exposures (CVE) reports affecting OpenSSL versions 3.0.0 through 3.0.6 that may lead to a denial of service or remote code execution.

CVE-2022-3602, X.509 email address 4-byte buffer overflowwould allow an attacker to use a specially crafted email address that could overflow four bytes on the stack.

CVE-2022-3786, Buffer overflow in X.509 variable-length email addresseswould allow an attacker to create a buffer overflow caused by a malicious email address abusing any number of bytes containing the “.” characters (decimal 46) on the stack.

BellSoft has reported that OpenJDK distributions that include Liberica JDK are not affected by these vulnerabilities as they use their own implementation of TLS. Developers are encouraged to update to OpenSSL version 3.0.7.

project loom

Build 20-Loom+20-40 of Project Loom Early Access Builds was made available to the Java community and is based on build 22 of JDK 20 Early Access builds. This build also includes a snapshot of the ScopedValue APIcurrently developed in JEP 429, Range Values ​​(Incubator). It is important to note that JEP was 429, originally called Extent-Local Variables (Incubator). renamed Mid-October 2022.

spring frame

That Fourth Release Candidate from spring frame 6.0.0 ships with new features such as: B.: Support for the Jakarta WebSocket 2.1 Specification; introduces them DataFieldMaxValueIncrementer Interface for SQL Server sequences; and presents a variant of the findAllAnnotationsOnBean() method on the ListableBeanFactory Interface for maintenance and possible reuse when retrieving annotations. There were also dependency upgrades too Micrometer 1.10.0, Micron context propagation 1.0.0 and Jackson 2.14.0. More details about this release can be found in the Release Notes.

That second release candidate from spring boots 3.0.0 offers changes /actuator Endpoints and dependency upgrades to Jakarta EE specs such as: Jakarta persistence 3.1, Jakarta servlet 6.0.0, Jakarta WebSocket 2.1, Notes on Jakarta 2.1, Jakarta JSON Binding 3.0and Jakarta JSON Processing 2.1. More details about this release can be found in the Release Notes.

That second release candidate from spring security 6.0.0 delivers: a new one addFilter() method to SpringTestContext Class that allows a Spring Security probe to specify a filter; the createDefaultAssertionValidator() method in the OpenSaml4AuthenticationProvider class should make it easier to add static parameters to the ValidationContext Class; and numerous improvements in the documentation. More details about this release can be found in the Release Notes.

spring cloud 2021.0.5 codenamed Jubilee released with upgrades for the sub-projects like: Spring Cloud Kubernetes 2.1.5, Spring Cloud Config 3.1.5, Spring Cloud Function 3.2.8, Spring Cloud Config 3.1.5 and Spring Cloud Openfeign 3.1.5. More details about this release can be found in the Release Notes.

red hat

Red Hat has provided major and point releases for Wild Fly and Quarcus.

That publication from Wild Fly 27 adds support for Jakarta EE 10, MicroProfile 5.0, JDK 11 and JDK 17. There are also dependency upgrades too Hibernate ORM 6.1, Hibernate Search 6.1, infinity 14, JGroups 5.2, Sleep calmly 6.2 and welding 5. WildFly 27 is a compatible implementation for Jakarta EE 10 that has passed the TCKs in platform, network and core profiles. Jakarta EE 8 and Jakarta EE 9.1 are no longer supported. InfoQ will follow with a more detailed message.

WildFly Bootable JAR 8.1 released with support for JDK 11, examples after upgrading to Jakarta EE 10 and a remote control dev-watch. For more details about bootable JAR, please refer to the documentation.

RedHat has released Quarkus 2.14.0.Final, which ships with: support for Jandex 3, the class and annotation indexer; new Redis commands supporting JSON, graph and probabilistic data structures; and caching annotations for Infinispan. More details about this release can be found in the changelog.

Red Hat has too released Quarkus 2.13.4.Final includes: a minimum version of GraalVM 22.3; Dependency upgrades to JReleaser 1.3.0 and Mockito 4.8.1; and improvements such as support programmatically multipart/form-data Answers. More details about this release can be found in the changelog.

On the Path to Quarkus 3.0, Red Hat plans to support: Jakarta EE 10; MicroProfile 6.0; Hibernation ORM 6.0; HTTP/3; improved virtual threads and structured concurrency support based on their initial integration; a new gRPC server; and an overhauled dev UI. InfoQ will follow with a more detailed message.

project reactor

project reactor 2022.0.0 was released with subproject upgrades: Reactor Core 3.5.0, Reactor Addons 3.5.0, Reactor Pool 1.0.0, Reactor Netty 1.1.0, Reactor Kafka 1.3.13 and Reactor Kotlin Extensions 1.2.0.

micrometer

That publication from Micrometer Metrics 1.10.0 adds support for: Jetty 11; Creating instances of KeyValues class of each iterable; Kotlin coroutines that use different metric prefixes in the StackdriverMeterRegistry Class; and a news provider in the WarnThenDebugLogger reduce class String Instance creation when debug level is not enabled.

That publication by Micrometer Tracing 1.0.0 Features: Establishment of context passing Library as a compile-time dependency to avoid having to explicitly define it on the classpath; support for RemoteServiceAddress in sender/receiver contexts; a handler that enables tracking of data available for metrics; and setting an error status to on OpenTelemetry Span when recording an exception.

JHipster Lite

JHipster Lite 0.22.0 was released released with an upgrade to Spring Boot 3.0, a new PostgreSQL dialect module; a refactor of AsyncSpringLiquibaseTest Class; Correct the dependency declaration of the database drivers and developer tools; and removing the JPA properties that don’t change the default values.

Apache Software Foundation

maintaining alignment with QuarcusVersion 2.14.0 of Camel Quarcus was released which matches Camel 3.19.0 and Quarkus 2.14.0.Final. It offers full support for new extensions, CloudEvents and Barand brings JVM support to the DSL modeline. More details about this release can be found in the list of problems.

Similar, Camel Quarcus 2.13.1 was released which ships with Camel 3.18.3, Quarkus 2.13.3.Final and several bug fixes.

Comments are closed.