FOSDEM is around the corner and a group of great speakers is lined up to talk about the OpenJDK and the many different ways in which to make use of it.
Each comes from a different part of the OpenJDK ecosystem, with different perspectives, and therefore unique insights into what to expect for this year.
Tip—in each expectation/prediction for 2023 below, click the author's name and you'll be brought to information about their session that you can attend, all for free, at FOSDEM on Sunday, 5 February, in the Foojay.io room.
Use of older versions of Java, notably JDK 6 and 7, will continue and not see much reduction, while also an increasing number of users will make the switch to the latest LTS Java, OpenJDK 17, and there will be a significant increase in Java users looking for a supported alternative to the Oracle JDK.
— Simon Ritter (Azul)
I have loved seeing how the Java ecosystem is continuously evolving and improving. For example, the GraalVM Community Edition is coming to OpenJDK and is now supported by more tools such as the Spring Framework, while relatively new initiatives, such as Coordinated Restore at Checkpoint (CRaC) project, show that we have even more interesting solutions to look forward to as well.
Tools like Spring Boot Migrator, Eclipse Migration Toolkit for Java and OpenRewrite will hopefully help projects to migrate more easily and faster to the latest Java (LTS) releases in order to receive (security) updates and be able to use the latest exciting new features.
— Johan Janssen (ASML)
As businesses continue to grow in 2023, many applications will at some point run into scaling issues — what works fine at a low transaction, volumes don’t work well, or at all, at high volumes. Real-time technology solutions like the open-source Hazelcast Platform have helped many businesses overcome their scaling issues to provide high throughput and low latency at tremendous scale.
It is exciting to see how Real-time compute APIs help leverage the processing capabilities of a distributed cluster, so we aren’t leaving large potential performance gains on the table. The combination of Real-time storage and computing provides a unique synergy that enables applications to address real-time use cases at any scale.
— Fawaz Ghali (Hazelcast)
When Log4Shell and Spring3Shell were found, I was working at my previous job as a Software Engineer at a Dutch on-line retail platform. These vulnerabilities meant that we had to urgently upgrade all of our microservices. This was a reason for my team to take a closer look at tools and processes used to keep our dependencies up to date, and safely upgrade them.
We added Renovate to all our repositories. This is a bot that can automatically create Pull Requests to upgrade vulnerable dependencies when a new version is available. This saves us time as developers, because we do not need to actively check for available upgrades ourselves. When the build fails, we know there is additional work to do to be able to upgrade.
Unfortunately, bots like Renovate cannot do these changes for us. This is where other tools can help. IntelliJ IDEA offers a migration refactor that can help you migrate your dependencies, for example from JUnit4 to JUnit5 or from the Javax to Jakarta namespace. Other tools like ErrorProne or OpenRewrite can also help you make changes to your code.
In general, I'm a big fan of anything that helps us to manage our dependencies and makes our lives as developers easier. One new feature that was added to IntelliJ IDEA last year is Package Search, which helps you manage dependencies. It allows you to add, upgrade and remove dependencies directly in your IDE.
Another interesting feature I'm really excited about is the Package Checker plugin, bundled with IntelliJ IDEA Ultimate. This plugin will highlight dependencies with known vulnerabilities in your build file and provide links to information about the relevant CVE's and their severity, as well as familiar ways to upgrade them directly in your IDE (if new versions are available). Alternatively, it's possible to open the Vulnerable Dependencies window showing vulnerable dependencies in your project, along with more information about them.
— Marit van Dijk (JetBrains)
What I've found most interesting is how frameworks now raise the minimum required Java version to Java 17 and beyond.
Companies can no longer get away with Java 8 — and I look forward to enabling teams with the tools to upgrade and stay up to date!
— Tim te Beek (OpenRewrite)
Over the last year there have been a great number of improvements and additions to the various frameworks, libraries, and tools in the Java ecosystem. Some of these even gained further significant adoption and popularity, such as the Elasticsearch stack, leading to an increased market demand for even more specific Java technology skill sets.
Another area that has seen significant progress is the deployment of Java applications in Kubernetes environments, including a number of Java runtime improvements, and the development of tools that facilitate that process.
— Martin Toshev (European Patent Office)
Join the Foojay Slack to discuss the above and more, further articles coming soon, in this series, and see you at FOSDEM 2023!