Adblock test (Why?)

Source link

This week’s Java roundup for April 8th, 2024 features news highlighting: JobRunr 7.0; introducing the Commonhaus Foundation; the April 2024 edition of Payara Platform; JEP 473, Stream Gatherers (Second Preview), and JEP 469, Vector API (Eighth Incubator), Proposed to Target for JDK 23; and Devnexus 2024.

OpenJDK

Less than a week after having been declared a candidate, JEP 473, Stream Gatherers (Second Preview), has been promoted from Candidate to Proposed to Target for JDK 23. This JEP proposes a second round of preview from the previous round, namely: JEP 461, Stream Gatherers (Preview), delivered in JDK 22. This will allow additional time for feedback and more experience with this feature with no user-facing changes over JEP 461. This feature was designed to enhance the Stream API to support custom intermediate operations that will “allow stream pipelines to transform data in ways that are not easily achievable with the existing built-in intermediate operations.” More details on this JEP may be found in the original design document and this InfoQ news story. The review is expected to conclude on April 16, 2024.

Similarly, JEP 469, Vector API (Eighth Incubator), has been promoted from Candidate to Proposed to Target for JDK 23. This JEP incorporates enhancements in response to feedback from the previous seven rounds of incubation: JEP 460, Vector API (Seventh Incubator), delivered in JDK 22; JEP 448, Vector API (Sixth Incubator), delivered in JDK 21; JEP 438, Vector API (Fifth Incubator), delivered in JDK 20; JEP 426, Vector API (Fourth Incubator), delivered in JDK 19; JEP 417, Vector API (Third Incubator), delivered in JDK 18; JEP 414, Vector API (Second Incubator), delivered in JDK 17; and JEP 338, Vector API (Incubator), delivered as an incubator module in JDK 16. Originally slated to be a re-incubation by reusing the original Incubator status, it was decided to keep enumerating. The Vector API will continue to incubate until the necessary features of Project Valhalla become available as preview features. At that time, the Vector API team will adapt the Vector API and its implementation to use them, and will promote the Vector API from Incubation to Preview. The review is expected to conclude on April 16, 2024.

JEP 475, Late Barrier Expansion for G1, has been promoted from its JEP Draft to Candidate status. This JEP proposes to simplify the implementation of the G1 garbage collector’s barriers, which record information about application memory accesses, by shifting their expansion from early in the C2 JIT’s compilation pipeline to later. The goal is to reduce the execution time of C2 when using the G1 collector.

JDK 23

Build 18 of the JDK 23 early-access builds was made available this past week featuring updates from Build 17 that include fixes for various issues. Further details on this release may be found in the release notes.

Spring Framework

The first milestone release of Spring Framework 6.2.0 delivers bug fixes, improvements in documentation, dependency upgrades and numerous new features such as: replace use of the deprecated Jakarta Expression Language ELContext class in favor of the Jakarta Pages VariableResolver interface in the JspPropertyAccessor; an improved DefaultMessageListenerContainer class to support first-class virtual threads; and the addition of configuration and exposure of the Java DataSource interface to the LocalEntityManagerFactoryBean class. More details on this release may be found in the release notes.

Similarly, versions 6.1.6, 6.0.19 and 5.3.34 of Spring Framework have been released to primarily address CVE-2024-22262, Spring Framework URL Parsing with Host Validation (3rd report), a vulnerability in which applications that use the UriComponentsBuilder class to parse an externally provided URL and perform validation checks on the host of the parsed URL, may be vulnerable to an open redirect attack or a server-side-request forgery attack if the URL is used after passing validation checks. This CVE is the same as CVE-2024-22259 and CVE-2024-22243, but with different input. New features include: log column types that aren’t supported by the database driver in the getResultSetValue() method defined in the JdbcUtils class; avoid cloning an empty array of instances of the Annotation interface in the TypeDescriptor class; and consistent support for generic FactoryBean type matching when using the getBeanProvider() method defined in the DefaultListableBeanFactory class. More details on these releases may be found in the release notes for version 6.1.6, version 6.0.19 and version 5.3.34.

The first release candidate of Spring Data 2024.0.0 provides new features: support for value expressions for improved in expressions in entity- and property-related annotations that aligns with Spring Framework @Value annotation; and compatibility with the new MongoDB 5.0 driver containing a deprecated API that has now been removed. There were also upgrades to sub-projects such as: Spring Data Commons 3.3.0-RC1; Spring Data MongoDB 4.3.0-RC1; Spring Data Elasticsearch 5.3.0-RC1; and Spring Data Neo4j 7.3.0-RC1. More details on this release may be found in the release notes.

Similarly, versions 2023.1.5 and 2023.0.11 of Spring Data have been released providing bug fixes and respective dependency upgrades to sub-projects such as: Spring Data Commons 3.2.5 and 3.1.11; Spring Data MongoDB 4.2.5 and 4.1.11; Spring Data Elasticsearch 5.2.5 and 5.1.11; and Spring Data Neo4j 7.2.5 and 7.1.11. These versions may also be consumed by the upcoming releases of Spring Boot 3.2.5 and 3.1.11, respectively.

Versions 2.3.0-RC1, 2.2.2 and 2.1.5 of Spring HATEOAS have been released to primarily upgrade to the latest releases of Spring Framework that address the aforementioned CVE-2024-22262 along with dependency upgrades to Project Reactor 2023.0.5 and Lombok 1.18.32. More details on these releases may be found in the release notes for version 2.3.0-RC1, version 2.2.2 and version 2.1.5.

Sergi Almar, Java and Spring Software Engineer and Spring I/O organizer, has introduced the Spring Builders initiative, an environment for Spring Framework developers to learn, present their Spring-related work, and connect with other Spring developers.

Payara

Payara has released their April 2024 edition of the Payara Platform that includes Community Edition 6.2024.4 and Enterprise Edition 6.13.0. Both editions feature a security fix for CVE-2023-4043, a vulnerability in which parsing JSON from untrusted sources would allow attackers to exploit the built-in support for parsing numbers with large scale to exploit the number of edge cases where the input text of a number can lead to much larger processing time than one would expect.

There were also a number of component upgrades and a resolution to a NullPointerException using profiled settings with MicroProfile Config. More details on these releases may be found in the release notes for Community Edition 6.2024.4 and Enterprise Edition 6.13.0.

Open Liberty

IBM has released version 24.0.0.4-beta of Open Liberty featuring: support for JDK 22 and an updated preview of Jakarta Data that includes the recent 1.0.0-M3 release in which the static metamodel was introduced. This allows for more type-safe usage, and the ability to define repository find methods with the @Find annotation.

Micronaut

The Micronaut Foundation has released version 4.3.8 of the Micronaut Framework featuring Micronaut Core 4.3.14, bug fixes, improvements in documentation, and updates to modules: Micronaut Security and Micronaut SQL Libraries. Further details on this release may be found in the release notes.

Quarkus

Quarkus 3.9.3, the second maintenance release (3.9.0 was skipped), features notable fixes such as: the inability to access any of the static resources defined in an application using REST and servlets with a custom implementation of the Jakarta RESTful Web Services ExceptionMapper interface; and routing for the index.html file fails with a HTTP status code 404 for directories. More details on this release may be found in the changelog.

Helidon

The release of Helidon 4.0.7 provides notable changes such as: a disabled instance of the OidcFeature class no longer throws a NullPointerException; properly return Optional.empty() for a current span if there is no current OpenTelemetry span; and avoid using replicated default values for lists when creating from the corresponding builder pattern or instances. More details on this release may be found in the release notes.

WildFly

The first beta release of WildFly 32 features bug fixes, component upgrades and improvements such as: integrate the Open Worldwide Application Security Project (OWASP) dependency check plugin into the WildFly build; mark as optional or remove references to the deprecated Jakarta Annotations @ManagedBean annotation; and the removal of some outdated Quickstart examples. More details on this release may be found in the release notes.

Apache Software Foundation

The first milestone release of Apache TomEE 10.0.0 delivers bug fixes, dependency upgrades and new features: a MicroProfile OpenAPI Reader example; and improved logging when failing to load a class. There was also a resolution to CVE-2023-35116, a vulnerability in Jackson Databind 2.15.2 and below such that an attacker can craft an object that uses cyclic dependencies that may result in a denial of service. More details on this release may be found in the release notes.

Micrometer

Version 1.13.0-RC1 of Micrometer Metrics ships with dependency upgrades and new features such as: allow for customizing Prometheus properties via the PrometheusConfig interface; announce that configuration for an instance of the OtlpMeterRegistry class has been found at startup; and a new constructor containing a logger name for the WarnThenDebugLogger class for metadata discrepancy logging. More details on this release may be found in the release notes.

Similarly, versions 1.12.5 and 1.11.11 of Micrometer Metrics 1.12.5 provide dependency upgrades and new features such as: use the same description for the same meter name in Log4j2Metrics class; and deprecate the DefaultUriMapper and PoolingHttpClientConnectionManagerMetricsBinder classes in httpcomponents package as they seem to have been missed when deprecating other classes in the same package. More details on these releases may be found in the version 1.12.5 and version 1.11.11.

Versions 1.3.0-RC1, 1.2.5 and 1.1.12 of Micrometer Tracing provide dependency upgrades to version 1.13.0-RC1, 1.12.5 and 1.11.11 of Micrometer Metrics. More details on these releases may be found in the release notes for version 1.3.0-RC1, version 1.2.5 and version 1.1.12

Project Reactor

The first milestone release of Project Reactor 2024.0.0 provides dependency upgrades to reactor-core 3.7.0-M1 and reactor-netty 1.2.0-M1. There was also a realignment to version 2024.0.0-M1 with the reactor-kafka 1.4.0-M1, reactor-pool 1.1.0-M1, reactor-addons 3.6.0-M1 and reactor-kotlin-extensions 1.3.0-M1 artifacts that remain unchanged. More details on this release may be found in the changelog.

Next, Project Reactor 2023.0.5, the fifth maintenance release, provides dependency upgrades to reactor-core 3.6.5 and reactor-netty 1.1.18. There was also a realignment to version 2023.0.5 with the reactor-kafka 1.3.23, reactor-pool 1.0.5, reactor-addons 3.5.1 and reactor-kotlin-extensions 1.2.2 artifacts that remain unchanged. More details on this release may be found in the changelog.

Next, Project Reactor 2022.0.18, the eighteenth maintenance release, provides dependency upgrades to reactor-core 3.5.16 and reactor-netty 1.1.18. There was also a realignment to version 2022.0.18 with the reactor-kafka 1.3.23, reactor-pool 1.0.5, reactor-addons 3.5.1 and reactor-kotlin-extensions 1.2.2 artifacts that remain unchanged. Further details on this release may be found in the changelog.

And finally, the release of Project Reactor 2020.0.43, codenamed Europium-SR43, provides dependency upgrades to reactor-core 3.4.37 and reactor-netty 1.0.44. There was also a realignment to version 2020.0.43 with the reactor-kafka 1.3.23, reactor-pool 0.2.12, reactor-addons 3.4.10, reactor-kotlin-extensions 1.1.10 and reactor-rabbitmq 1.5.6 artifacts that remain unchanged. More details on this release may be found in the changelog.

Hibernate

The second release candidate of Hibernate ORM 6.5.0 delivers bug fixes and improvements such as: improved use of Java time objects and timezone offsets that are now directly marshaled through the JDBC driver as defined by JDBC 4.2; a new layout to configure the format in which query results are stored in the query cache; and support for a Java record to be used as a parameter in the Jakarta Persistence @IdClass annotation. This release also provides a technical preview of the new Jakarta Data specification based on the Hibernate annotation processor.

Versions 7.1.1.Final, 7.0.1.Final and 6.2.4.Final of Hibernate Search, all maintenance releases, ship with dependency upgrades and notable changes such as: update potentially misleading error message about the minimum Elasticsearch version required for vector search capabilities; a resolution to possible issues with mass indexing when an ORM discriminator multi-tenancy is in use; and correct supported Java version discrepancies in the reference documentation. More details on this release may be found in the release notes.

The Hibernate team has also announced that it has joined the Commonhaus Foundation, a new foundation described below.

JobRunr

After two release candidates, version 7.0 of JobRunr, a utility to perform background processing in Java, has been released to the Java community. New functionality and improvements include: built-in support for virtual threads that are enabled by default when using JDK 21; the InMemoryStorageProvider class now allows for a poll interval as small as 200ms that is useful for testing; and the ability to configure the shutdown period of BackgroundJobServer class. Breaking changes include: the delete(String id) method in the JobScheduler class has been renamed to deleteRecurringJob(String id); and updates to the StorageProvider interface and the Page and PageRequest classes that include new features. More details on this release may be found in the release notes. InfoQ will follow up with a more detailed news story.

Infinispan

Infinispan 15.0.1.Final, the first maintenance release, provide notable changes such as: avoid a server shutdown upon an error with Infinispan Insights; and a resolution to the SoftIndexFileStore API pointing to a non-existent data location upon clearing the index; and. More details on this release may be found in the changelog.

Piranha

The release of Piranha 24.4.0 delivers notable changes such as: the addition of coreprofile start, coreprofile run and coreprofile stop commands to the Piranha CLI; a rebrand of Payara Uber, the wrapper that will allow developers to run everything in a JAR file, to Payara Fin; and expose the --https-keystore-file and --https-keystore-password parameters to the Maven plugin. Further details on this release may be found in their documentation and issue tracker.

JDKUpdater

Versions 14.0.39+63 and 14.0.39+61 of JDKUpdater, a new utility that provides developers the ability to keep track of updates related to builds of OpenJDK and GraalVM. Introduced in mid-March by Gerrit Grunwald, principal engineer at Azul, these releases include updates such as: initial support of a download feature that enables developers to download JDKs from different vendors; change the menu bar icon to SVG format which will allow an automatic switch of colors depending on the text color of the menu bar; and move the switches for SDKMAN!, JBang, Homebrew and Nix to separate screen settings. More details on this release may be found in the release notes.

JReleaser

April 10, 2024 marked the third anniversary of JReleaser, a release automation tool for Java and non-Java projects with the goal to simplify creating releases and publishing artifacts to multiple package managers while providing customizable options. Created by Andres Almiray, Senior Principal Product Manager at Oracle, this anniversary was celebrated with the announcement that JReleaser has joined the Commonhaus Foundation, a new foundation described below.

Apache Software Foundation

Versions 5.0.0-alpha-8 and 4.0.21 of Apache Groovy feature bug fixes, dependency upgrades and improvements such as: support for JDK 23; and a new meta instance of the Closure abstract class to enhance SQL metadata access for the five variants of the execute method. More details on these releases may be found in the release notes for version 5.0.0-alpha-8 and version 4.0.21.

JHipster

The release of JHipster 8.3.0 provides bug fixes, dependency upgrades to Spring Boot 3.2.4 and Gradle 8.7, and notable changes such as: a replacement of the jhipster-dependencies in favor of Spring Boot’s dependency management; experimental support for Spring Cloud Gateway MVC; and an improvement in Spring context caching during tests. More details on this release may be found in the release notes.

JetBrains Ktor

JetBrains has released version 2.3.10 of Ktor, the asynchronous framework for creating microservices and web applications, that include improvements and fixes such as: a resolution to inconsistent behavior of Netty that return null or an empty string for query parameters without values; support for IPv6 addresses in the NettyConnectionPoint and CIOConnectionPoint classes; and s​​upport for the ZIP64 format to overcome limitation of 65535 entries. More details on this release may be found in the changelog.

Commonhaus Foundation

The Commonhaus Foundation, a new non-profit organization dedicated to the sustainability of open source libraries and frameworks, was introduced to the Java community this past week to provide succession planning and fiscal support for self-governing open-source projects.

Their mission is to:

Empower a diverse community of developers, contributors, and users to create, maintain, and evolve open source libraries and frameworks, ensuring long-term growth and stability through shared stewardship and community collaboration.

Founders, Erin Schnabel, Distinguished Engineer at Red Hat, Ken Finnigan, OpenTelemetry Architect at Lumigo, and Cesar Saavedra, Senior Technical Marketing Manager at GitLab, will serve as Chair, Board Member and Treasurer, respectively.

Open source projects having already joined Commonhaus at its launch include Hibernate, Jackson, OpenRewrite, JBang, JReleaser, and Morphia.

Devnexus

The 20th edition of Devnexus 2024, held at the Georgia World Congress Center in Atlanta, Georgia, this past week, featured speakers from the Java community who delivered workshops and talks on topics such as: Jakarta EE, Java Platform, Core Java, Architecture, Cloud Infrastructure and Security.

Devnexus, hosted by the Atlanta Java Users Group (AJUG), has a history that dates back to 2004 when the conference was originally called DevCon. The Devnexus name was introduced in 2010.

The conference also featured on-site live interviews with speakers interested in participating. Entitled DevOps Speakeasy and Build Propulsion Lab, these interviews were facilitated by employees representing JFrog and Gradle, respectively. An example interview that has already been published, Brian Demers, Developer Advocate at Gradle, interviewed Matt Brown, Solutions Architect at Endor Labs. InfoQ will follow up with a more detailed news story.

Adblock test (Why?)

Source link

Whether you are a business executive or a competent IT pro, managed services can ease your job by helping you to concentrate on important tasks. Key benefits of managed IT include the expertise of the whole IT team, commitment, and industry knowledge that are aimed at your core business.

All these advantages help you focus on the core competencies of your business, whereas a managed IT service provider can assist you with complex and time-consuming tasks such as:

• Cloud computing
• Datacenter solutions
• End-user support
• Cyber security, asset management, and computer systems
• Disaster recovery planning

It seems like a lot is taken off your plate, right? Believe it or not, you could get all these and more with the right IT service provider. Continue reading to learn more about its benefits and what you need to know before hiring one.

Managed IT services: What to consider before hiring one

If this is your first time hiring or outsourcing IT support in Canada, for instance, you might be wondering about costs, security, convenience, and many other relevant aspects. If so, you’re not alone, and it’s perfectly understandable to feel hesitant about it. After all, having access to competitive IT support can significantly influence your business’s growth.

So, what must you know before hiring IT experts to help you take care of your business? See the quick list below to get a better idea:

• Experience and expertise: Look for IT support with experience in your industry or have worked with businesses of similar size and complexity. They must have expertise in the specific technologies and systems your company uses.
• Scope of services: Determine if they provide the services you need, such as help desk support, network management, cybersecurity, and cloud services. Understand the terms of their SLAs, including response times, resolution times, and uptime guarantees.
• Costs: Understand their pricing model and what is included in their fees. Consider both upfront costs and long-term expenses. Evaluate if the cost aligns with the value and level of service provided.
• Scalability and flexibility: Consider if they can scale their services to meet your company’s growth. Look for flexibility in their service offerings, allowing you to customize services based on your changing needs.

Eventually, reliable managed IT service provider will boost your business competitiveness and efficiency. Shifting towards a trustworthy IT service provider will provide you extra benefits, like:

• Control over OPEX costs

Investment in IT infrastructure and systems can be expensive. It will require upfront, which will make operating expenses tough as your company grows. When choosing an outsourced managed IT service, these expenditures are combined into a fixed, single OPEX cost. Because a managed IT service provider usually works with fixed monthly charges, things like maintenance, repairs, and breakdowns are computed into your operating budget without breaking your bank.

• Avoid operational and sunk costs

Working with an in-house team requires adequate sunk costs like monthly salaries, office upkeep, benefits, and insurance. Also, it consumes both money and time to train employees to let them learn about your current processes and systems. By outsourcing IT initiatives to an expert, you can decrease huge capital expenses that are otherwise spent on in-house IT management systems. Together with reducing your capital expenses, managed IT service can also decrease your IT related costs. For example, managed services can save your expenses on:

• Licensing
• Consulting
• Emergency repairs
• Training
• Also, you benefit from decreased labor rates

·      Experience and expertise

Your outsourced managed IT service provider has required certifications, qualifications, expertise, and training specific to your field. Your service provider will provide you access to the best administrators with special skill sets. Also, you will have access to the latest technology, which can be executed smoothly and rapidly.

• Quick response time

These days, business operations can’t be delayed by downtime or technical issues. Particularly during peak traffic hours, having 24/7 support is essential to ensure high productivity. In this way, support service will always be available to you no matter whether it’s day or night, weekday, weekend, or holiday.

·      Cyber security support

A managed IT service provider who complies with PCI will help decrease risks relating to the use of credit card, client’s data, and any sensitive information. Your service provider will apply security strategies to make sure your business complies with security standards.

• Quick time to market

Cloud computing by IT management will bring high-speed outcomes, eliminating IT inefficiencies. It means quick time to the market and high productivity.

• Decrease risk

Investment in business always carry some risk, irrespective of its nature. Some of the most common risks include:

• Changing technologies
• Financial conditions
• Government laws and
• Changing market conditions

With a managed IT service, you can reduce your risks.