Contact Info

Atlas Cloud LLC 600 Cleveland Street Suite 348 Clearwater, FL 33755 USA

support@dedirock.com

Client Area
Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3

This week’s Java roundup for September 9th, 2024 features news highlighting: the September 2024 Payara Platform, Piranha Cloud and Micrometer releases, Spring Framework 6.2.0-RC1, Spring Data 2024.1.0-M1, JBang 0.118.0 and Groovy 5.0.0-alpha-10.

Build 37 remains the current build in the JDK 23 early-access builds. Further details on this release can be explored in the release notes and insights on the new JDK 23 features can be found in this InfoQ news story.

Build 15 of the JDK 24 early-access builds was released this past week, featuring updates from Build 14 that include fixes for various issues. More details on this release can be viewed in the release notes.

For JDK 23 and JDK 24, developers are encouraged to report bugs via the Java Bug Database.

Oracle Labs has released version 0.10.3 of Native Build Tools, a GraalVM project consisting of plugins for interoperability with GraalVM Native Image. This latest release provides notable changes such as: a refactor of the MergeAgentFilesMojo class (and related classes) to remove the macro from the merger init command and throw a more informative message from the MojoExecutionException if the command doesn’t exist; a resolution to incorrect results while parsing command-line arguments due to the presence of whitespaces in the Windows file system; and a resolution to the nativeTest command unable to be executed when using JUnit 5.11.0-M2. More details on this release may be found in the changelog.

The first release candidate of Spring Framework 6.2.0 delivers bug fixes, improvements in documentation, dependency upgrades and new features such as: an instance of the ResponseBodyEmitter now allows the registration of multiple state listeners; a rename of some class names for improved consistency in the org.springframework.http.client package due to the recent introduction of the ReactorNettyClientRequestFactory class; and a refactor of the ETag record class for improved comparison logic and exposing it on methods defined in the HttpHeaders class. More details on this release may be found in the release notes and what’s new page.

Similarly, Spring Framework 6.1.13 has also been released providing bug fixes, improvements in documentation, dependency upgrades and new features such as: errors thrown from the stop() method, defined in the SmartLifeycle interface, results in an unnecessary wait for the shutdown timeout; and an end to logging the value of result after changes made to the WebAsyncManager class as it was decided to allow applications to do so via other classes. More details on this release may be found in the release notes.

The Spring Framework team has disclosed CVE-2024-38816, Path Traversal Vulnerability in Functional Web Frameworks, a vulnerability in which an attacker can create a malicious HTTP request to obtain any file on the file system that is also accessible to the process on the running Spring application. The resolution was implemented in version 6.1.3 and backported to versions 6.0.4 and 5.3.40.

Versions 2024.1.0-M1, 2024.0.4, and 2023.1.10 of Spring Data have been released, featuring bug fixes and updates to dependencies in sub-projects including Spring Data Commons 3.4.0-M1, 3.3.4, and 3.2.10; Spring Data MongoDB 4.4.0-M1, 4.3.4, and 4.2.10; Spring Data Elasticsearch 5.4.0-M1, 5.3.4, and 5.2.10; and Spring Data Neo4j 7.4.0-M1, 7.3.4, and 7.2.10. These releases will be integrated into future updates of Spring Boot versions 3.4.0-M3, 3.3.4, and 3.2.10, respectively.

Version 4.25.0 of Spring Tools is now available, as announced in a recent blog post. Significant updates include enhancements to Microsoft Visual Studio Code that introduce code lenses for SPEL expressions and AOP annotations with Copilot, along with syntax highlighting and validation for CRON expressions within the Spring Framework’s @Scheduled annotation. More information about this release can be found in the release notes.

Open Liberty version 24.0.0.9 has been released, featuring support for the MicroProfile Telemetry 2.0 specification. This version also facilitates the continued use of third-party cookies in Google Chrome by incorporating Cookies Having Independent Partitioned State (CHIPS) and resolves CVE-2023-50314, a vulnerability that could allow secured information to be accessed via spoofing attacks.

The latest September 2024 release of the Payara Platform is now available and includes Community Edition 6.2024.9 and Enterprise Editions 6.18.0 and 5.67.0. These updates emphasize security improvements, such as the prevention of malicious URL injection through a Host header and securing password logs in the admin interface under high logging levels. Detailed release notes can be found for Community Edition 6.2024.9, and Enterprise Edition 6.18.0 and Enterprise Edition 5.67.0.

The Micronaut Foundation has released version 4.6.2 of the Micronaut Framework including Micronaut Core 4.6.5, improved documentation, and module updates: Micronaut Data, Micronaut OpenAPI/Swagger Support, Micronaut SQL Libraries, Micronaut JAX-RS, Micronaut Cache, Micronaut Views, and Micronaut Security. More information on this update can be found in the release notes.

Quarkus 3.14.3, the second maintenance release delivers enhancements, dependency updates, and a new feature supporting the initial implementation of a Software Bill of Materials (SBOM) using the CycloneDX standard. Additional details about this release are available in the changelog.

The third milestone release of Micrometer Metrics 1.14.0 includes bug fixes, documentation improvements, dependency updates, and new features such as the exclusion of metrics registration from the CaffeineCacheMetrics</code class when statistics are not enabled; and a fix for metrics not being collected when an instance of the Java ExecutorService interface, wrapped in the monitor() method, defined in the ExecutorServiceMetrics class, shuts down. More insights can be found in the release notes.

Versions 1.13.4 and 1.12.10 of Micrometer Metrics address significant issues including overwritten metric percentiles specified via Spring Boot in application.yaml, and a non-resolvable dependency, io.micrometer:concurrency-tests, mistakenly added to the Bill of Materials (BOM). Details about these updates can be explored in the release notes for version 1.13.4 and version 1.12.10.

“`html

Versions 1.4.0-M3, 1.3.4 and 1.2.10 of Micrometer Tracing 1.4.0 provide dependency upgrades and a resolution to a dependency convergence error when trying to use the io.micrometer:micrometer-tracing-bridge-otel dependency after upgrading to Micrometer Tracing 1.3.1. Further details on these releases may be found in the release notes for version 1.4.0-M3, version 1.3.4 and version 1.2.10.

Versions 11.0.0-M25, 10.1.29 and 9.0.94 of Apache Tomcat deliver bug fixes, dependency upgrades and notable changes such as: ensure that any instance of the Jakarta Servlet ReadListener interface is notified via a call to the onError() method if an HTTP/2 client resets a stream before the servlet request body is fully written; and an improvement in exception handling with methods annotated with the Jakarta WebSocket @OnMessage annotation that avoids the connection to automatically close. More details on these releases may be found in the release notes for version 11.0.0-M25, version 10.1.29 and version 9.0.94.

A regression affecting these versions, shortly after they were released, was reported and confirmed with configurations using HTTP/2. The Apache Tomcat team recommends a temporary fix by setting the property, discardRequestsAndResponses, to true on instances of the UpgradeProtocol element for HTTP/2. The Tomcat team plans to release a fix for this regression during the week of September 16, 2024.

The tenth alpha release of Apache Groovy 5.0.0 delivers bug fixes, dependency upgrades and improvements that support: ​​method references and method pointers in annotations; and the use of multiple @Requires, @Ensures and @Invariant annotations, located in the groovy-contracts package, that enable class-invariants, pre- and post-conditions. More details on this release may be found in the release notes.

“`

Similarly, the release of Apache Groovy 4.0.23 features bug fixes and dependency upgrades. More details on this release may be found in the release notes.

The sixth milestone release of Project Reactor 2024.0.0 provides dependency upgrades to reactor-core 3.7.0-M6. There was also a realignment to version 2024.0.0-M6 with the reactor-netty 1.2.0-M5, reactor-pool 1.1.0-M5, reactor-addons 3.6.0-M2, reactor-kotlin-extensions 1.3.0-M2 and reactor-kafka 1.4.0-M1 artifacts that remain unchanged. Further details on this release may be found in the changelog.

Next, Project Reactor 2023.0.10, the tenth maintenance release, provides dependency upgrades to reactor-core 3.6.10. There was also a realignment to version 2023.0.10 with the reactor-netty 1.1.22, reactor-pool 1.0.8, reactor-addons 3.5.2, reactor-kotlin-extensions 1.2.3 and reactor-kafka 1.3.23 artifacts that remain unchanged. More details on this release may be found in the changelog.

Finally, Project Reactor 2022.0.22, the twenty-second maintenance release, provides dependency upgrades to reactor-core 3.5.20 and reactor-netty 1.1.22 and reactor-pool 1.0.8, reactor-addons 3.5.2 and reactor-kotlin-extensions 1.2.3. There was also a realignment to version 2022.0.22 with the reactor-kafka 1.3.23 artifacts that remain unchanged. Further details on this release may be found in the changelog. This version is also the last in the 2022.0 release train as per the OSS support schedule.

The release of Piranha 24.9.0 brings updates such as: TCK revisions in the Piranha Core Profile to accommodate various Jakarta EE specifications (Jakarta Annotations 2.1.1, Jakarta Dependency Injection 2.0.2, Jakarta JSON Binding 3.0.0, etc.); enhancements in their Arquillian adapter for refined deployment and un-deployment processes, also introducing features to set the HTTP port and JVM arguments. More information can be accessed via their documentation and issue tracker.

The release of JHipster Lite 1.18.0 includes bug fixes, documentation enhancements, dependency updates, and novel features like the new class, OpenApiContractApplicationService, which belongs to a new API monitoring backwards incompatible changes to OpenAPI contracts; also, a refactoring of the vue-core module to boost testing is recorded. Note the removal of deprecated code which may introduce breaking changes. Additional info on this version is explained in the release notes.

Version 0.118.0 of JBang fixes bugs and adds a new linuxdistro provider to detect already installed JDKs in the /usr/lib/jvm directory of developers. More details can be found in the release notes.

The first release candidate of Ktor 3.0.0 includes bug fixes and new features like support for Kotlin 2.0.0; an enhanced staticZip utility that enables watching changes and reloading of ZIP files; plus support for managing HTTP errors. Further details are available in the release notes.

Gradle 8.10.1, the first maintenance release, provides resolutions to issues: a performance degradation with version 8.10.0 due to dependency resolutions with detached configurations; an instance of the LifecycleAwareProject class is equal, via the equals() method, to an instance of the corresponding DefaultProject class, but not the other way around; and Gradle validating isolated projects when the configuration cache is disabled. More details on this release may be found in the release notes.


Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.

Share this Post
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x