This week's Java roundup for August 15th, 2022, features news from JDK 19, JDK 20, Spring Boot versions 2.7.3 and 2.6.11, Spring Authorization Server versions 1.0.0-M1 and 0.4.0-M1, Spring Security versions 5.7.3, 5.6.7 and 5.8.0-M2, Spring Cloud Dataflow 2.9.5, Spring Shell 2.1.1, Payara Platform 5 Community Edition, Micronaut 3.6.1, Helidon 3.0.1 and Apache Camel 3.14.5.

JDK 19

Build 36 of the JDK 19 early-access builds was made available this past week, featuring updates from Build 35 that include fixes to various issues. More details on this build may be found in the release notes.

As per the JDK 19 release schedule, Mark Reinhold, chief architect, Java Platform Group at Oracle, formally declared that JDK 19 has entered the first release candidate phase due to no unresolved P1 bugs in build 36.

JDK 20

Build 11 of the JDK 20 early-access builds was also made available this past week, featuring updates from Build 10 that include fixes to various issues. Further details on this build may be found in the release notes.

For JDK 19 and JDK 20, developers are encouraged to report bugs via the Java Bug Database.

Spring Framework

It was a very busy week over at Spring as a number of point and milestone releases were made available for Spring Boot, Spring Authorization Server, Spring Security, Spring Cloud Dataflow and Spring Shell.

Spring Boot 2.7.3 has been released featuring 48 bug fixes, improvements in documentation and dependency upgrades such as: Spring Security 5.7.3, Hazelcast 5.1.3, MySQL 8.0.30, Groovy 3.0.12 and GraphQL Java 18.3. More details on this release may be found in the release notes.

Spring Boot 2.6.11 has also been released featuring 40 bug fixes, improvements in documentation and dependency upgrades such as: Spring Security 5.6.7, MySQL 8.0.30, Reactor 2020.0.22, Hibernate Validator 6.2.4.Final and Dropwizard Metrics 4.2.11. Further details on this release may be found in the release notes.

Pursuant to the recent announcement related to the 1.0 GA release of Spring Authorization Server in November 2022, the first milestone release has been made available. New features include: upgrades to JDK 17 and Gradle 7.4.2; and dependency upgrades such as Spring Framework 6.0.0-M5, Spring Boot 3.0.0-M4, Spring Security 6.0.0-M6, org.hsqldb:hsqldb:2.6.1, jakarta.servlet-api:5.0.0 and mockito-core:4.6.1. More details on this release may be found in the release notes and in this InfoQ news story.

Concurrent with Spring Authorization Server 1.0.0-M1, the first milestone release of version 0.4.0, also scheduled to be released in November 2022, has been made available. New features include: and an enhancement to samples that call the UserInfo endpoint; and allow for configuration for authorization code time-to-live (five minutes). There were also dependency upgrades to Spring Framework 5.3.22, Spring Security 5.8.0-M2, nimbus-jose-jwt:9.23 and the Gradle Enterprise plugin. Further details on this release may be found in the release notes.

On the road to Spring Security 5.8.0, the second milestone release has been made available. New features include: a new hash-based Content-Security-Policy for SAML post pages; allow for customization of a redirect strategy; and the ability to set permissions for GitHub actions. More details on this release may be found in the release notes.

Spring Security 5.7.3 and 5.6.7 have been released featuring: add a Kotlin example demonstrating how to integrate with the WebTestClient class; and the ability to set permissions for GitHub actions. Dependency upgrades for both releases include: Spring Framework 5.3.22, Project Reactor 2020.0.22, hibernate-entitymanager 5.6.10.Final and Eclipse Jetty 9.4.48. Further details on this release may be found in the release notes for version 5.7.3 and version 5.6.7.

Spring Cloud Dataflow 2.9.5 has been released featuring a dependency upgrade to Spring Boot 2.5.14 and fixes such as: hide sensitive data from audit dashboard after updating a stream; a failure to create a stream with multiple input and output bindings with VMware Tanzu 1.12.2; and backport the changes for removing bootstrap loading from the logout page. More details on this release may be found in the release notes.

Spring Shell 2.1.1 has been released that ships with backport fixes for: split built-in command documents; an incorrect completion for command-line options; and Spring Shell defaulting to the base Jakarta EE validator. Further details on this release may be found in the release notes.

Payara

In conjunction with the release of Payara Platform Enterprise 5.42.0 last week, Payara has released the corresponding Community Edition 5.2022.3 that includes the security fix for CVE-2022-37422, a zero-day vulnerability that affects web applications deployed in the default context root within all distributions of the Payara Platform, along with six component updates and seven improvements.

Micronaut

The Micronaut Foundation has released Micronaut 3.6.1 featuring bug fixes to several Micronaut modules that include: Micronaut Security, Micronaut Servlet and Micronaut GCP. More details on this release may be found in the release notes.

Helidon

Helidon 3.0.1, a maintenance release, has been made available featuring changes such as: restoring the injection behavior of Map from configuration; an updated WebSocketHandler to correctly propagate query parameters from WebServer to Tyrus, the reference implementation of JSR 356, Java API for WebSocket; and add examples for Helidon SE and Helidon MP to update counters of HTTP response status ranges.

Apache Camel

Apache Camel 3.14.5 has been released featuring 15 improvements and fixes such as: a context that failed to start when a cron configuration had expired in camel-quartz. There were also dependency upgrades to Spring Boot 2.6.10, camel-spring-boot 2.6.10, and camel-any23 2.7. Further details on this release may be found in the release notes.

</div