Skip to content

3.10.0.CR1

Pre-release
Pre-release
Compare
Choose a tag to compare
@quarkusbot quarkusbot released this 16 Apr 19:11
· 4194 commits to main since this release
3.10.0.CR1
899db1b

Major changes

  • #36504 - Allow authentication mechanism selection for a REST endpoint with annotation
  • #37816 - Optional support for the OIDC session cookie dir encryption
  • #39295 - Move package config to an interface
  • #39415 - Extension for the Hibernate Search Standalone Pojo Mapper with Elasticsearch
  • #39793 - Support for verifying OIDC JWT claims with custom Jose4j Validator
  • #39812 - Support resolving of static OIDC tenants based on token issuers
  • #40056 - Add OIDC TokenCertificateValidator

Complete changelog

  • #10267 - LDAP Security - Don't re-authenticate on every request
  • #14851 - Quarkus keycloak authorization usability improvements.
  • #26182 - Hibernate Search Standalone Pojo Mapper: Hibernate Search without Hibernate ORM / datasource
  • #34664 - Provide a way to specify HttpAuthenticationMechanism per JAX-RS resource
  • #35952 - Get management interface resolved port when quarkus.management.test-port set to 0
  • #36504 - Allow authentication mechanism selection for a REST endpoint with annotation
  • #37676 - Bump com.microsoft.azure.functions:azure-functions-java-library from 2.2.0 to 3.1.0
  • #37700 - Bump com.amazonaws:aws-lambda-java-events from 3.11.3 to 3.11.4
  • #37785 - Consider using direct JWE encryption of the OIDC session cookie
  • #37816 - Optional support for the OIDC session cookie dir encryption
  • #37875 - Restart and other hotkey in devui
  • #38026 - Missing security requirement on operation level, declared @RolesAllowed in implementing class derived from a generated openapi java interface
  • #38373 - Webauthn improvements : docs, customisable cookies, virtual thread support
  • #38535 - OIDC Tenant Resolution for web-app applications does not explain that the session cookie has a tenant id recorded
  • #38696 - OIDC Multitinancy by actual answer from teenant
  • #38940 - Offer a way to block inside custom SecurityContext.isUserInRole with resteasy-reactive
  • #39011 - quarkus-redis-client tracing
  • #39015 - Bump org.wiremock:wiremock-standalone from 3.4.1 to 3.4.2
  • #39061 - RunOnVirtualThread should avoid using Netty FastThreadLocals
  • #39104 - Use followOutput for lra-coordinator container
  • #39156 - Add the ability to ask for devservices to use the shared network
  • #39170 - Bump actions/upload-artifact and download-artifact to v4
  • #39182 - WebSockets Next: detect incorrect path parameter usage
  • #39269 - Simplify configuration based mapping of token roles to deployment-specific SecurityIdentity
  • #39295 - Move package config to an interface
  • #39322 - [Mandrel 23.0] hibernate-orm-panache-kotlin native integration tests fail with 23.0 build and 23.1.2 sdk.
  • #39339 - Simplify configuration based mapping of token roles to deployment-specific SecurityIdentity
  • #39348 - Remove message to avoid using testNative until proven it works
  • #39391 - AuthenticationSuccessEvent event is not created on successful authorization using FormAuthenticationMechanism
  • #39395 - Invalid warnings about SQL Server version "0.0.0" on startup
  • #39406 - Improve documentation for AMQP client options about setting a heartbeat
  • #39407 - Fix update-version.sh script
  • #39414 - Deploy relocations for snapshots
  • #39415 - Extension for the Hibernate Search Standalone Pojo Mapper with Elasticsearch
  • #39417 - OIDC TenantConfigResolver and TenantResolver are called even if the tenant id is already resolved
  • #39424 - Bump org.asciidoctor:asciidoctorj from 2.5.11 to 2.5.12
  • #39425 - Support for verifying OIDC JWT claims with custom Jose4j Validator
  • #39446 - WebSockets Next: add endpoints to the DevUI's 404 page
  • #39456 - Bump com.google.errorprone:error_prone_annotations from 2.25.0 to 2.26.1
  • #39457 - Quarkus OpenTelemetry Rest Client Span Name with Route (URL Path Template)
  • #39459 - Add key listeners to the log in Dev UI
  • #39462 - WebSockets Next: detect incorrect path parameter usage
  • #39464 - WebSockets Next: add basic Dev UI
  • #39465 - WebSockets Next: add convenient way to handle the subprotocol header
  • #39469 - Easy way to add deployment methods in Dev UI
  • #39473 - Upgrade to Jandex 3.1.7
  • #39481 - Push project version to RESTEasy Reactive TCK
  • #39483 - Add ApplicationArchive.getResolvedDependency()
  • #39484 - WebSockets Next: add basic Dev UI
  • #39486 - Improve OIDC named tenant-specific configuration exceptions and make sure userinfo/token verification is enforced for named tenants
  • #39489 - Opentelemetry Redis Instrumentation
  • #39490 - Updates to Schema programmatic API in Infinispan
  • #39492 - Optimize OIDC tenant id resolution
  • #39493 - Fire SecurityEvent on Form authentication login success
  • #39499 - Bump com.unboundid:unboundid-ldapsdk from 6.0.11 to 7.0.0
  • #39500 - Bump io.quarkus:quarkus-platform-bom-maven-plugin from 0.0.102 to 0.0.103
  • #39507 - RestEasy Jackson test fails in certain time zones
  • #39509 - Update Flyway to 10.10.0
  • #39512 - Move Keycloak Authorization Enforcer Tenant config to runtime and improve usability with aggregated policy enforcer paths
  • #39518 - Migrate Elytron Security extensions from config classes to @ConfigMapping
  • #39524 - Handle trailing/leading spaces in all relevant datasource configuration properties
  • #39534 - Use URL path template when tracing REST clients where possible
  • #39535 - Bump smallrye-config.version from 3.7.0 to 3.7.1
  • #39537 - Bump org.apache.groovy:groovy from 4.0.19 to 4.0.20
  • #39538 - Bump com.amazonaws:aws-xray-recorder-sdk-aws-sdk-v2 from 2.15.1 to 2.15.2
  • #39539 - Bump com.google.guava:guava from 33.0.0-jre to 33.1.0-jre
  • #39540 - Bump org.commonmark:commonmark from 0.21.0 to 0.22.0
  • #39542 - WebSockets Next: attempt to diagnose BroadcastOnOpenTest
  • #39551 - RestEasy Jackson test fails in certain time zones
  • #39552 - Fix formatter-maven-plugin build cache misses
  • #39553 - Consider enabling UserInfo cache by default for OAuth2 providers
  • #39554 - Make VCS URI annotation configurable
  • #39555 - Management HTTP and "main" HTTP servers can reuse the same server/port
  • #39556 - Consider setting an internal ID token lifespan to the access token lifespan for OAuth2 providers
  • #39567 - Bump org.mockito:mockito-core from 5.10.0 to 5.11.0
  • #39573 - Small Dev UI documentation update
  • #39585 - WebSockets Next: Dev UI - display endpoints on the 404 page
  • #39588 - Enable usage of random port for the Management Interface
  • #39596 - Flyway Sql server doesn't work in native after bump to 10.10
  • #39597 - Fix Flyway SQL server in native after bump to 10.10
  • #39601 - Guide on Reactive SQL incomplete
  • #39602 - Clients do not receive error response in case of an exception when using default gRPC API with @Blocking or @RunOnVirtualThread
  • #39603 - Migrate Keycloak Authorization config classes to the @ConfigMapping
  • #39607 - Bump com.gradle:quarkus-build-caching-extension from 0.10 to 0.12
  • #39609 - Bump apicurio-registry.version from 2.5.9.Final to 2.5.10.Final
  • #39611 - Update Dev UI Endpoints page to use new NotFoundHandler
  • #39620 - Improvements to the Reactive SQL Clients guide
  • #39624 - WebSockets Next: enable configuration of supported subprotocols
  • #39629 - Bump org.awaitility:awaitility from 4.2.0 to 4.2.1
  • #39646 - Enable Develocity Predictive Test Selection for Gradle plugin IT
  • #39647 - Avoid running useless goals in subsequent CI builds
  • #39648 - Revert EndUserSpanProcessor integration
  • #39649 - Migrate the Security extension config classes to @ConfigMapping
  • #39650 - Migrate the Quarkus SmallRye JWT config classes to @ConfigMapping
  • #39665 - Add Elytron ldap cache
  • #39669 - quarkus.native.enabled=false is not reflected when maven profile has native
  • #39673 - Bump kubernetes-client-bom from 6.10.0 to 6.11.0
  • #39676 - Ping Ladislav for Redis issues
  • #39680 - Change to receive files outside the classpath in mongodb liquibase
  • #39683 - Receive files outside the classpath in quarkus-liquibase-mongodb
  • #39686 - Bump artemis.version from 2.32.0 to 2.33.0
  • #39687 - Bump asm.version from 9.6 to 9.7
  • #39704 - Fix usage of Netty pooled allocator with Virtual Threads
  • #39714 - Allow native profile to be overridden
  • #39720 - Receive files outside the classpath in quarkus-liquibase
  • #39721 - Bump io.quarkus.develocity:quarkus-project-develocity-extension from 1.0.7 to 1.0.8
  • #39722 - Bump elasticsearch-opensource-components.version from 8.12.2 to 8.13.0
  • #39724 - Bump org.mvnpm.at.mvnpm:vaadin-webcomponents from 24.3.8 to 24.3.10
  • #39726 - Fix Quarkus main integration/virtual-threads module compilation
  • #39728 - Minimal maven version misalligned with quarkus/independent-projects
  • #39732 - Use maven.min.version property in supported-maven-versions
  • #39743 - Resolve quickstarts branch depending on target
  • #39747 - Drop usage of wrapForJDK8232879
  • #39768 - Update to Mutiny 2.6.0 and Reactive Messaging 4.20.0
  • #39771 - WebSockets Next: error handlers part 3
  • #39779 - Using quarkus-smallrye-openapi, OpenApiHandler.getOpenApiDocumentService is null when quarkus.arc.strict-compatibility=true
  • #39780 - Bump commons-io:commons-io from 2.15.1 to 2.16.0
  • #39785 - Point to quickstart branch when deploying new versioned doc
  • #39791 - Only enable PTS for pull requests targeting main
  • #39793 - Support for verifying OIDC JWT claims with custom Jose4j Validator
  • #39795 - Bump org.wiremock:wiremock-standalone from 3.4.2 to 3.5.1
  • #39802 - Make sure pathFilter is applied to workspace module content tree
  • #39806 - Prefer single char String intrinsics over String one
  • #39812 - Support resolving of static OIDC tenants based on token issuers
  • #39813 - Improvement in search-path handling of quarkus-liquibase and quarkus-liquibase-mongodb
  • #39816 - Improvement in liquibase and liquibase-mongodb search-path handling in ResourceAccessor
  • #39817 - Bump org.wiremock:wiremock-standalone from 3.5.1 to 3.5.2
  • #39818 - Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.0 to 3.6.1
  • #39824 - Replace wrong Vertx direct allocator with Netty one
  • #39827 - SmallRye OpenAPI: add missing @Inject annotation
  • #39832 - Qute global values should probably be lazy
  • #39837 - ArC: replace thread locals with fields in CreationalContextImpl
  • #39842 - Bump com.gradle.enterprise from 3.16.2 to 3.17 in /devtools/gradle
  • #39843 - Bump elasticsearch-opensource-components.version from 8.13.0 to 8.13.1
  • #39844 - Bump jacoco.version from 0.8.11 to 0.8.12
  • #39846 - Compilation error in WebSocketSessionContext with GraalVM SDK 22
  • #39849 - OIDC automatic session cookie splitting is broken
  • #39850 - Fix OIDC cookie related tenant id and chunk calculation issues
  • #39852 - WebSockets Next: error handlers part 4
  • #39855 - Make SessionContextState a static nested class
  • #39858 - WebSockets Next: introduce OpenConnections
  • #39860 - Upgrade sshd to 2.12.1
  • #39863 - Make sure the scripts listing dependencies are locale independent
  • #39865 - Include LICENSE in source jar
  • #39867 - Small documentation enhancement/formating
  • #39869 - Add LICENSE file to released jars
  • #39870 - Bump com.google.cloud.tools:jib-core from 0.26.0 to 0.27.0
  • #39874 - Update Liquibase to 4.27.0
  • #39881 - Allow to customize OIDC token x5c certificate chain verification
  • #39882 - Quarkus Messaging Blocking Signatures execution mode fix for inner channels
  • #39885 - Fix the recent OIDC tenancy doc refactoring error
  • #39890 - Add (3.8 LTS) to SECURITY.md
  • #39899 - Allow finer tuning of shared network usage by DevServices
  • #39900 - Upgrade to Develocity API 1.21
  • #39904 - Reorder Grpc server interceptors to apply exception handler correctly
  • #39906 - Disable default RemoteCacheManager configuration with Dev Services in Infinispan
  • #39912 - When multiple authentication mechanisms are available, http path permission is not working properly
  • #39918 - Property to enable/disable default client in Infinispan Dev Services
  • #39920 - Allow to inject JAX-RS ResourceInfo into custom HTTP Security Policy
  • #39921 - Link doc validation error to doc guides
  • #39932 - Add .mvn/.gradle-enterprise/ back to .gitignore
  • #39933 - Use Maven batch mode when executing codestart tests
  • #39937 - Handle 'area/netty' in Quarkus GitHub Bot
  • #39943 - Kafka client: set default log level to warning for package org.apache.kafka.common.telemetry
  • #39944 - Support configuring SyslogHandler max message length
  • #39945 - Detect basic authentication is implicitly required when it can be safely determined and enable the basic auth by default for such scenarios
  • #39948 - Avoid identity hashcode on the production runtime classloader
  • #39949 - Fixing the tenant annotation check order in the OIDC renant resolver
  • #39953 - Introduce Quarkus for the Web documentation
  • #39958 - Add maxLength configuration option to SysLog
  • #39959 - Qute: add global variables as computed data
  • #39960 - MessageBundle naming issue
  • #39963 - Add mvnpm support in webjar-locator
  • #39967 - Keep OAuth2 user info in the encrypted session cookie by default
  • #39973 - Allow dependabot to update SmallRye BeanBag
  • #39975 - Bump com.gradle.develocity from 3.17 to 3.17.1 in /devtools/gradle
  • #39978 - Hot Reloading conflicts with Maven Flatten Plugin
  • #39980 - Auto security for OpenAPI when using Interface
  • #39982 - Parameter to skip Maven goal executions before quarkus:dev, skipping flatten plugin by default
  • #39985 - Remove unused import
  • #39987 - Update OpenTelemetry exporter link
  • #39988 - Context Propagation performance issue and init issue
  • #39990 - Fix MessageBundle key/file name resolver algorithm
  • #39992 - () breaks title in devui
  • #39995 - Go back to raw Maven read/write for bootstrap
  • #39996 - REST Client @RestForm does not convert for List<T>
  • #39997 - Make REST Assured version available in the build
  • #40002 - Fix url encoding issue for Dev UI Page with unusual chars
  • #40011 - Support using List for sending multiple form values in REST Client
  • #40012 - Upgrade to SmallRye Fault Tolerance 6.3.0
  • #40014 - Introduce encoding config option for static resources
  • #40017 - Introduce TemplateInstance#setLocale and TemplateInstance#setVariant
  • #40018 - Fix various IT modules and add them to the CI matrices
  • #40019 - Changing Accept Header in PreMatching filter isn't considered by MessageBodyWriter
  • #40022 - Take MediaType set in pre-match filter into account during serialization
  • #40025 - Use OAuth2 access token expiry time to set an internal ID token age
  • #40026 - Fix LICENSE reference in ci-actions-incremental.yml
  • #40028 - Collect only runtime static resources for native builds
  • #40037 - Import DB data from data.sql when using quarkus-spring-data-jpa extension
  • #40038 - Updates to Infinispan 15.0.1.Final
  • #40039 - Support data.sql in Spring Data JPA module
  • #40040 - Qute: do not register TemplateInstance as non-blocking type by default
  • #40046 - Mention data.sql in Spring Data JPA docs
  • #40049 - Fix the preview.yml workflow
  • #40050 - Add topics to validation.adoc to test the preview
  • #40051 - Clarify REST Client multipart support
  • #40052 - Support FileUpload in REST Client for MultiPart requests
  • #40053 - Fix collapsing in config reference
  • #40056 - Add OIDC TokenCertificateValidator
  • #40063 - Fix typo in cassandra.adoc
  • #40067 - Qute: fix NativeImageResourceBuildItem registration on Windows
  • #40068 - Introduce markers for static and runtime init recorder methods
  • #40073 - Explain how logging can be configured in the smallrye-graphql-client guide
  • #40088 - Correct asciidoc syntax error
  • #40093 - Remove useless section in REST Client doc
  • #40094 - Support FileUpload as multipart type in REST Client
Assets 2
Loading