This week’s Java roundup for March 3rd, 2025 features news highlighting: milestone releases of Spring Cloud 2025.0.0, GlassFish 8.0.0 and Grails 7.0.0; point releases of Spring gRPC 0.4.0, Helidon 4.2.0, Quarkus 3.19.2 and JHipster 1.29.1 and 1.29.0; the fourth release candidate of Netty 4.2.0; and Devnexus 2025.
JDK 24
Build 36 remains the current build in the JDK 24 early-access builds. Further details may be found in the release notes.
JDK 25
Build 13 of the JDK 25 early-access builds was also made available this past week featuring updates from Build 12 that include fixes for various issues. More details on this release may be found in the release notes.
For JDK 24 and JDK 25, developers are encouraged to report bugs via the Java Bug Database.
GlassFish
The tenth milestone release of GlassFish 8.0.0 delivers bug fixes, dependency upgrades and new features such as: various updates to support the upcoming release of JDK 24; disable the deprecated TLS 1.0 and TLS 1.1 specifications by default; and a migration away from deprecated WeldListener class in favor of the WeldInitialListener class. Further details on this release may be found in the release notes.
Spring Framework
The second milestone release of Spring Cloud 2025.0.0, codenamed Northfields, features bug fixes and notable updates to sub-projects: Spring Cloud Kubernetes 3.3.0-M2; Spring Cloud Function 4.3.0-M2; Spring Cloud Stream 4.3.0-M2; and Spring Cloud Circuit Breaker 3.3.0-M2. This release is based upon Spring Boot 3.5.0-M2. More details on this release may be found in the release notes.
The release of Spring gRPC 0.4.0 provides bug fixes, improvements in documentation, dependency upgrades and new features such as: a new ChannelBuilderOptions class used for customizers, graceful channel shutdowns and interceptors that was added to the GrpcChannelFactory and GrpcChannelBuilderCustomizer interfaces; and a rename of the GrpcChannelConfigurer interface to GrpcChannelBuilderCustomizer to “more accurately represent its purpose and for consistency with the server-side terminology.” Further details on this release may be found in the release notes.
Helidon
The release of Helidon 4.2.0 delivers bug fixes, improvements in documentation, dependency upgrades and new preview features:
- Helidon Service Inject, an extension to the core service registry that adds concepts of injection into a constructor, instances of scoped service instances, and an intercept method invocation. This change removes the original Helidon Inject, i.e., modules under the
inject/endpoint, and replaces all usages with the service registry. - A LangChain4j integration with the service registry and an OpenAI provider and Oracle embedding store provider.
- Support for Coordinated Restore at Checkpoint (CRaC).
More details on this release may be found in the changelog.
Quarkus
Quarkus 3.19.2, the first maintenance release (version 3.19.0 was skipped), ships with bug fixes, dependency upgrades and new features such as: a much improved Quarkus update utility for stability and aesthetics; and improved interoperability between an instance of the QuarkusUnitTest class and the JUnit @TestFactory annotation. Further details on this release may be found in the changelog.
Netty
The fourth release candidate of Netty 4.2.0 provides bug fixes, dependency upgrades and new features such as: support for a new property, IORING_SETUP_CQSIZE, that allows a larger completion queue (CQ) ring without changing the size of the submission queue (SQ) ring; and a requirement that an instance of the ThreadExecutorMap class must restore old instance of the EventExecutor interface to eliminate losing the current EventExecutor. More details on this release may be found in the issue tracker.
Grails
The third milestone release of Grails 7.0.0 delivers bug fixes, dependency upgrades and new features such as: an updated ContainerGebSpec class to support cross-platform file input and inclusion of the Geb ScreenshotReporter by default; and a consolidation of various projects and profiles to reduce the time to publish a release. With the transition of Grails to the Apache Foundation, the next milestone is planned to be released as Apache Grails 7.0.0-M4. Further details on this release may be found in the release notes.
JHipster
The release of JHipster Lite 1.29.1 and 1.29.0 features an upgrade to Axios 1.8.2 that resolves a critical security issue as described in CVE-2025-27152, a vulnerability in Axios, up to and including version 1.8.1, where passing absolute URLs, rather than protocol-relative URLs, to Axios even if the baseURL property is defined. The request to the specified absolute URL is sent with the potential to cause a server-side request forgery (SSRF) and a leakage of credentials. More details on these releases may be found in the release notes for version 1.29.1 and version 1.29.0.
Devnexus 2025
The 21st edition of Devnexus 2025, held at the Georgia World Congress Center in Atlanta, Georgia, this past week, featured speakers from the Java community who delivered workshops and talks on topics such as: Jakarta EE, Java Platform, Core Java, Architecture, Cloud Infrastructure and Security.
Hosted by the Atlanta Java Users Group (AJUG), Devnexus has a rich history that dates back to 2004 when the conference was originally called DevCon. The Devnexus name was introduced in 2010.
The conference also featured on-site live interviews with speakers interested in participating. Entitled Unfiltered Developer Insights and Everyday Heroes, these interviews were facilitated by employees representing Neo4j and HeroDevs, respectively. Also, a new episode of OffHeap was recorded featuring Erin Schnabel, Ivar Grimstad and Bob Paulin.
