This week’s Java roundup for September 8th, 2025, features news highlighting: OpenJDK JEPs targeted for JDK 26 and new candidates; first integration of GPULlama3.java with LangChain4j; milestone releases of Spring Framework, Spring Data and Spring AI; Spring Authorization Server moving to Spring Security; the September 2025 edition of Open Liberty; and a point release of JBang.
OpenJDK
JEP 517, HTTP/3 for the HTTP Client API, has been elevated from Proposed to Target to Targeted for JDK 26. This JEP proposes to “update the HTTPClient API to support the HTTP/3 protocol, so that libraries and applications can interact with HTTP/3 servers with minimal code change.“
JEP 522, G1 GC: Improve Throughput by Reducing Synchronization, has been elevated from Candidate to Proposed to Target for JDK 26. This JEP proposes to reduce the overhead of the G1 garbage collector to improve synchronization between application threads and GC threads. The review is expected to conclude on September 15, 2025.
JEP 524, PEM Encodings of Cryptographic Objects (Second Preview), has been elevated from its JEP Draft to Candidate status. This JEP proposes a second round of preview, with changes, after the first round of preview, namely JEP 470, PEM Encoding of Cryptographic Objects (Preview), to be delivered in the upcoming release of JDK 25. Changes include: a rename of the PEMRecord class to PEM; and an enhancement of the PEMEncoder and PEMDecoder classes to support the encryption and decryption of the KeyPair and PKCS8EncodedKeySpec classes.
JEP 523, Make G1 the Default Garbage Collector in All Environments, has been elevated from its JEP Draft 8359802 to Candidate status. This JEP proposes to set the Garbage-First Garbage Collector (G! GC) as the “default in all environments, rather than just server environments.” If a garbage collector is not specified on the command line, the G1 GC will always be selected by the HotSpot JVM.
JDK 25
Build 36 remains the current build in the JDK 25 early-access builds. Further details on this release may be found in the release notes.
JDK 26
Build 15 of the JDK 26 early-access builds was made available this past week featuring updates from Build 14 that include fixes for various issues. More details on this release may be found in the release notes.
TornadoVM
The TorandoVM team has introduced the first integration of GPULlama3.java with LangChain4j. Developers are now able to compile and run pure-Java inference models on GPUs with TornadoVM for Llama3, Mistral AI, Qwen AI and Phi3.
Spring Framework
The ninth milestone release of Spring Framework 7.0.0 delivers bug fixes, improvements in documentation, dependency upgrades and new features such as: the addition of a createException() method to the ConvertibleClientHttpResponse inner interface, defined in the RestClient interface, to more easily expose default error handling; and the addition of the DataFieldMaxValueIncrementer interface for the SqliteMaxValueIncrementer class to implement. Further details on this release, including breaking changes, may be found in the release notes and this wiki page.
The sixth, and last, milestone release of Spring Data 2025.1.0 features support for: Spring Framework 7; Jakarta Persistence 3.2 and Jakarta Servlet 6.1 under Jakarta EE 11; Kotlin 2.2; and the recent release of Jackson 3.0. Other new features include: an increased use of the Jakarta Persistence Query Language (JPQL) to ultimately replace use of the QueryCriteria interface; and support for composite IDs (or composite keys) in the Spring Data JDBC and Spring Data R2DBC sub-projects for improved mapping of an entity with an attribute for each column in the composite ID. More details on this release, including breaking changes, may be found in the release notes.
The first milestone release of Spring AI 1.1.0 ships with bug fixes, improvements in documentation, dependency upgrades and new features such as: a refactoring of the auto-configuration modules on the MCP server that now uses a protocol-based configuration approach; and the addition of annotation-based configuration support for MCP clients and server. Further details on this release may be found in the release notes.
The Spring Security team has announced that the Spring Authorization Server project will be moving to Spring Security. Joe Grandja, Principal Software Engineer at VMware Tanzu and Spring Security committer, stated:
[Spring Authorization Server] has reached that point of maturity and stability and we believe the time is now to move it to Spring Security 7.0. The main benefit this will provide our users is a streamlined developer experience.
The team has ensured developers that impact on this move will be minimal.
Open Liberty
The release of Open Liberty 25.0.0.9 delivers: support for RFC6090, Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES), that enhances the JSON Web Token 1.0 (jwt-1.0) feature; and a resolution to four CVEs, most notably of which is CVE-2025-48976, a vulnerability in Apache Commons FileUpload where allocation of resources for multipart headers, with insufficient limits, may result in a denial of service.
Micrometer
The third milestone release of Micrometer Metrics 1.16.0 delivers dependency upgrades and new features such as: a new MeterConvention interface to allow a direct way for users to control the convention of widely adopted instrumentation components; and avoid creation of the DistributionStatisticsConfig class when builders of the Timer and LongTaskTimer interfaces are not being used. More details on this release may be found in the release notes.
The third milestone release of Micrometer Tracing 1.6.0 features notable dependency upgrades: Uber Nullaway 0.12.9; OpenTelemetery Instrumentation 2.19.0; and Mockito 5.19.0. Further details on this release may be found in the release notes.
Project Reactor
The seventh milestone release of Project Reactor 2025.0.0 provides dependency upgrades to reactor-core 3.8.0-M7, reactor-netty 1.3.0-M7, reactor-pool 1.2.0-M7, reactor-addons 3.6.0-RC5 and reactor-kotlin-extensions 1.3.0-RC4. More details on this release may be found in the release notes.
Similarly, Project Reactor 2024.0.10, the tenth maintenance release, provides dependency upgrades to reactor-core 3.7.11, reactor-netty 1.2.10, reactor-pool 1.1.4, reactor-addons 3.5.3, reactor-kotlin-extensions 1.2.4 and reactor-kafka 1.3.24. Further details on this release may be found in the release notes.
JBang
The release of JBang 0.130.0 delivers bug fixes, improvements in documentation and a new feature that provides support and completion and setup for the fish shell. More details on this release may be found in the release notes.
