OpenJDK has been active in refining features for the upcoming JDK 25, with several Java Enhancement Proposals (JEPs) making significant strides.

JEPs Targeted for JDK 25

Two JEPs have been elevated to Targeted status:

• JEP 510: Key Derivation Function API – This proposal finalizes the Key Derivation Function API, which allows cryptographic algorithms for deriving keys from a secret key and other data. It aims to enable security providers to implement KDF algorithms in Java or native code. More details can be found here.
• JEP 506: Scoped Values – Scoped Values allow sharing of immutable data across threads, making them preferable over thread-local variables, especially with the increasing number of virtual threads. For more, see the proposal here.

Proposed JEPs for JDK 25

Four JEPs have moved from Candidate to Proposed to Target status:

• JEP 519: Compact Object Headers – This JEP aims to reduce the size of object headers in the HotSpot JVM from up to 128 bits down to 64 bits, improving memory efficiency. More details are available here.
• JEP 515: Ahead-of-Time Method Profiling – This proposal will enhance application startup times by making method-execution profiles from previous runs instantly available when the HotSpot JVM starts. Details can be found here.
• JEP 514: Ahead-of-Time Command-Line Ergonomics – This JEP simplifies ahead-of-time cache creation, accelerating Java application startup. More information is available here.
• JEP 507: Primitive Types in Patterns – This JEP proposes a third round of preview to enhance pattern matching for primitive types. It is part of Project Amber.

New JEP Candidates

Additionally, JEP 520: JFR Method Timing & Tracing has been elevated to Candidate status. This JEP proposes extending the JDK Flight Recorder for method timing and tracing via the Instrumentation interface. More on this can be found here.

JDK 25 Release Schedule

The timeline for JDK 25 is as follows:

• Rampdown Phase One: June 5, 2025
• Rampdown Phase Two: July 17, 2025
• Initial Release Candidate: August 7, 2025
• Final Release Candidate: August 21, 2025
• General Availability: September 16, 2025

The current feature set includes JEPs like Stable Values and Structured Concurrency, among others.

Java Development and AI Tools

The Java community continues to evolve, with significant advancements in AI programming tools.

JetBrains Updates

JetBrains has rolled out major updates to its IDEs, integrating AI capabilities to enhance developer productivity. The AI Assistant and coding agent Junie are now bundled under a single subscription.

The updates include improved model support, allowing developers to utilize AI for multi-file changes and complex tasks. More details can be found in the announcement here.

AI in Java Development

Understanding and best practices for AI tools are crucial for developers. For instance, Anthropic provides best practices for using their command-line tool, Claude Code, emphasizing the importance of context in guiding AI behavior. More insights can be found here.

The Spring AI ChatClient now supports various prompt engineering patterns, enhancing developers' ability to build responsive AI applications. Explore these patterns here.

Security Vulnerabilities Overview

The CISA Vulnerability Bulletin released on May 12, 2025, highlights several new vulnerabilities, including:

• 1 Click WordPress Migration Plugin – Vulnerable to unauthorized data modification, with a CVSS score of 8.8. More details can be found here.

• Avira Prime – Local privilege escalation vulnerability with a CVSS score of 7.8. Information can be found here.

Understanding these vulnerabilities is crucial for organizations to safeguard their systems.

For enterprises looking to enhance security and manage user authentication effectively, SSOJet offers robust solutions such as Single Sign-On (SSO) and Multi-Factor Authentication (MFA). Explore our API-first platform featuring directory sync, SAML, OIDC, and magic link authentication at ssojet.com.

*** This is a Security Bloggers Network syndicated blog from SSOJet authored by Devesh Patel. Read the original post at: https://ssojet.com/blog/java-development-updates-key-features-vulnerabilities-news/