Java Ecosystem Update: Jakarta EE 12 Delayed, Spring Shell 4.0.1, and Major Framework Releases

The Java ecosystem continues to evolve with a wave of releases and updates across major frameworks and specifications. This week's roundup highlights both incremental improvements and strategic shifts in the Java landscape, from Jakarta EE's revised timeline to new features in popular frameworks.

Jakarta EE 12 Timeline Adjusted

In a significant development for enterprise Java, the Jakarta EE 12 release has been pushed back to late 2026. Ivar Grimstad, Jakarta EE Developer Advocate at the Eclipse Foundation, explained that the delay stems from resource constraints following Jakarta EE 11's one-year postponement.

"From the discussions in the Jakarta EE Platform calls the last couple of weeks, it looks like we won't see a release of Jakarta EE 12 on this side of summer (on the Northern Hemisphere at least)."

Despite the delay, several specifications have reached milestone 2 releases, including Jakarta Contexts and Dependency Injection 5.0, Jakarta Persistence 4.0, and Jakarta RESTful Web Services 5.0. The working group aims to align Jakarta EE 12 with Java's LTS release cycle, targeting a major release approximately six to nine months after an LTS Java version.

Spring Shell 4.0.1 Enhances CLI Experience

Spring Shell 4.0.1 delivers its first maintenance release with several notable improvements. The enhanced CLI parser now accepts boolean values without requiring explicit true or false parameters, streamlining command-line interactions. Additionally, the new DefaultCompletionProvider class provides enumeration-based completion for enum-type options, improving developer productivity.

Open Liberty 26.0.0.1 Strengthens Security and Performance

Open Liberty's latest GA release introduces a new log throttling mechanism enabled by default, preventing excessive log output when identical events occur repeatedly within short timeframes. This feature addresses a common operational challenge in production environments.

The release also resolves critical security vulnerabilities, including CVE-2025-12635, which affected versions 25.0.0.12 and below by allowing cross-site scripting through improper user input validation. Additional fixes address NullPointerException issues in the SocketRWChannelSelector class.

Quarkus 3.31 Advances with JDK 25 Support

Quarkus 3.31 brings full support for JDK 25, positioning itself at the forefront of Java innovation. The release introduces a new Maven packaging type called quarkus, optimized specifically for Quarkus applications with improved lifecycle builds and better integration.

An experimental extension, Hibernate with Panache Next, simplifies persistence code across Hibernate ORM, Hibernate Reactive, and the Jakarta Data specification, demonstrating Quarkus's commitment to developer experience.

Apache Tomcat Security and Compatibility Updates

Apache Tomcat releases versions 11.0.18, 10.1.52, and 9.0.115 with important security and compatibility improvements. Notably, these versions now ignore TLSv1.3 cipher suites by default in the SSLHostConfig class for consistency across OpenSSL and JSSE implementations.

The releases also resolve a regression affecting the getContent() method when called via getResource() on Java's ClassLoader, addressing failures that occurred under specific circumstances.

JHipster 9.0.0 Beta 2 Refines Developer Experience

JHipster's second beta release addresses stability issues discovered in the first beta while introducing significant enhancements. The update adds support for Spring Boot 4.0 and migrates to using the @EnableWebSocketSecurity annotation, replacing the deprecated AbstractSecurityWebSocketMessageBrokerConfigurer class.

The CI and testing infrastructure has undergone a comprehensive overhaul, reflecting the project's maturity and focus on enterprise-grade development workflows.

Gradle 9.3.1 Resolves Critical Build Issues

Gradle 9.3.1 addresses several important issues, including failures when storing build cache output with filenames containing non-BMP (Basic Multilingual Plane) characters. The release also restores the ModuleVersionSelector interface, now deprecated, to maintain compatibility with the useTarget() method in the DependencyResolveDetails interface.

JDK Development Continues

Development on JDK 26 and JDK 27 progresses with early-access builds. Build 33 of JDK 26 and Build 7 of JDK 27 include various bug fixes and improvements. Developers are encouraged to report issues through the Java Bug Database, contributing to the stability of these upcoming releases.

Strategic Implications for Java Developers

These updates reflect several broader trends in the Java ecosystem. The Jakarta EE timeline adjustment highlights the challenges of coordinating enterprise specifications across multiple vendors and the importance of aligning with Java's release cadence. Meanwhile, the focus on security improvements across Open Liberty and Tomcat underscores the ongoing priority of hardening Java infrastructure.

The advancements in Quarkus, particularly JDK 25 support and the new packaging type, demonstrate the framework's aggressive positioning for next-generation Java development. Similarly, Spring Shell's enhancements show continued investment in improving developer tooling and productivity.

For enterprise Java teams, these releases offer both immediate benefits through security fixes and performance improvements, as well as strategic considerations around technology adoption and migration planning. The Jakarta EE delay, while potentially disruptive to some roadmaps, provides additional time for vendors to mature their implementations and for developers to prepare for the next major enterprise Java release.

As the Java ecosystem continues to evolve, staying current with these updates while maintaining stability in production environments remains a key challenge for development teams navigating the modern Java landscape.