The Arrival of Java 24
JDK 24 is now available!
Oracle is proud to announce the general availability of JDK 24 for developers, enterprises, and end-users.
New with Java 24
JDK 24 delivers twenty-four enhancements that are significant enough to warrant their own JDK Enhancement Proposals – JEPs, including eight preview features and one incubator feature. They cover improvements to the Java Language, APIs, performance, and the tools included in the JDK.
Language Improvements:
Primitive Types in Patterns, instanceof, and switch 2nd Preview [JEP 488]
Enhances pattern matching by allowing primitive types in all pattern contexts and extend instanceof and switch to work with all primitive types. This is a preview language feature.
Flexible Constructor Bodies 3rd Preview[JEP 492]
In constructors in the Java programming language, allows statements to appear before an explicit constructor invocation, i.e., super(..) or this(..). The statements cannot reference the instance under construction, but they can initialize its fields. Initializing fields before invoking another constructor makes a class more reliable when methods are overridden. This is a preview language feature.
Module Import Declarations 2nd Preview [JEP 494]
Enhances the Java programming language with the ability to succinctly import all of the packages exported by a module. This simplifies the reuse of modular libraries but does not require the importing code to be in a module itself. This is a preview language feature.
Simple Source Files and Instance Main Methods 4th Preview [JEP 495]
Evolves the Java programming language so that beginners can write their first programs without needing to understand language features designed for large programs. Far from using a separate dialect of the language, beginners can write streamlined declarations for single-class programs and then seamlessly expand their programs to use more advanced features as their skills grow. Experienced developers can likewise enjoy writing small programs succinctly, without the need for constructs intended for programming in the large. This is a preview language feature.
Libraries
Enhances the Stream API to support custom intermediate operations. This will allow stream pipelines to transform data in ways that are not easily achievable with the existing built-in intermediate operations.
Providess a standard API for parsing, generating, and transforming Java class files.
Scoped Values 4th Preview [JEP 487]
Introduces scoped values, which enable a method to share immutable data both with its callees within a thread, and with child threads. Scoped values are easier to reason about than thread-local variables. They also have lower space and time costs, especially when used together with virtual threads (JEP 444) and structured concurrency (JEP 480). This is a preview API.
Vector API 9th Incubator [JEP 489]
Introduces an API to express vector computations that reliably compile at runtime to optimal vector instructions on supported CPU architectures, thus achieving performance superior to equivalent scalar computations.
Structured Concurrency 4th Preview [JEP 499]
Simplifies concurrent programming by introducing an API for structured concurrency. Structured concurrency treats groups of related tasks running in different threads as a single unit of work, thereby streamlining error handling and cancellation, improving reliability, and enhancing observability. This is a preview API.
Performance and Runtime
Compact Object Headers Experimental [JEP 450]
Reduces the size of object headers in the HotSpot JVM from between 96 and 128 bits down to 64 bits on 64-bit architectures. This will reduce heap size, improve deployment density, and increase data locality.
Late Barrier Expansion for G1 [JEP 475]
Simplifies the implementation of the G1 garbage collector’s barriers, which record information about application memory accesses, by shifting their expansion from early in the C2 JIT’s compilation pipeline to later.
Ahead-of-Time Class Loading & Linking [JEP 483]
Improves startup time by making the classes of an application instantly available, in a loaded and linked state, when the HotSpot Java Virtual Machine starts. Achieve this by monitoring the application during one run and storing the loaded and linked forms of all classes in a cache for use in subsequent runs. Lay a foundation for future improvements to both startup and warmup time.
ZGC: Remove the Non-Generational Mode [JEP 490]
Removes the non-generational mode of the Z Garbage Collector (ZGC), keeping the generational mode as the default for ZGC.
Synchronize Virtual Threads without Pinning [JEP 491]
Improves the scalability of Java code that uses synchronized methods and statements by arranging for virtual threads that block in such constructs to release their underlying platform threads for use by other virtual threads. This will eliminate nearly all cases of virtual threads being pinned to platform threads, which severely restricts the number of virtual threads available to handle an application’s workload.
Security Libraries
Key Derivation Function API Preview [JEP 478]
Introduces an API for Key Derivation Functions (KDFs), which are cryptographic algorithms for deriving additional keys from a secret key and other data. This is a preview API.
Quantum-Resistant Module-Lattice-Based Key Encapsulation Mechanism [JEP 496]
Enhances the security of Java applications by providing an implementation of the quantum-resistant Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM). Key encapsulation mechanisms (KEMs) are used to secure symmetric keys over insecure communication channels using public key cryptography. ML-KEM is designed to be secure against future quantum computing attacks. It has been standardized by the United States National Institute of Standards and Technology (NIST) in FIPS 203.
Quantum-Resistant Module-Lattice-Based Digital Signature Algorithm [JEP 497]
Enhances the security of Java applications by providing an implementation of the quantum-resistant Module-Lattice-Based Digital Signature Algorithm (ML-DSA). Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of signatories. ML-DSA is designed to be secure against future quantum computing attacks. It has been standardized by the United States National Institute of Standards and Technology (NIST) in FIPS 204.
Source Code (won’t affect JDK binaries)
Generational Shenandoah (Experimental) [JEP 404]
Enhances the Shenandoah garbage collector with experimental generational collection capabilities to improve sustainable throughput, load-spike resilience, and memory utilization.
Linking Run-Time Images without JMODs [JEP 493]
Reduces the size of the JDK by approximately 25% by enabling the jlink tool to create custom run-time images without using the JDK’s JMOD files. This feature must be enabled when the JDK is built; it will not be enabled by default, and some JDK vendors may choose not to enable it.
Maintenance and Clean Up
Prepare to Restrict the Use of JNI [JEP 472]
Issues warnings about uses of the Java Native Interface (JNI) and adjust the Foreign Function & Memory (FFM) API to issue warnings in a consistent manner. All such warnings aim to prepare developers for a future release that ensures integrity by default by uniformly restricting JNI and the FFM API. Application developers can avoid both current warnings and future restrictions by selectively enabling these interfaces where essential.
Remove the Windows 32-bit x86 Port [JEP 479]
Removes the source code and build support for the Windows 32-bit x86 port. This port was deprecated for removal in JDK 21 with the express intent to remove it in a future release.
Permanently Disable the Security Manager [JEP 486]
The Security Manager has not been the primary means of securing client-side Java code for many years, it has rarely been used to secure server-side code, and it is costly to maintain. We therefore deprecated it for removal in Java 17 via JEP 411 (2021). As the next step toward removing the Security Manager, we will revise the Java Platform specification so that developers cannot enable it and other Platform classes do not refer to it. This change will have no impact on the vast majority of applications, libraries, and tools. We will remove the Security Manager API in a future release.
Warn upon Use of Memory-Access Methods in sun.misc.Unsafe [JEP 498]
Issues a warning at run time on the first occasion that any memory-access method in sun.misc.Unsafe is invoked. All of these unsupported methods were terminally deprecated in JDK 23. They have been superseded by standard APIs, namely the VarHandle API (JEP 193, JDK 9) and the Foreign Function & Memory API (JEP 454, JDK 22). We strongly encourage library developers to migrate from sun.misc.Unsafe to supported replacements, so that applications can migrate smoothly to modern JDK releases.
Deprecate the 32-bit x86 Port for Removal [JEP 501]
Deprecates the 32-bit x86 port, with the intent to remove it in a future release. This will thereby deprecate the Linux 32-bit x86 port, which is the only 32-bit x86 port remaining in the JDK. It will also, effectively, deprecate any remaining downstream 32-bit x86 ports. After the 32-bit x86 port is removed, the architecture-agnostic Zero port will be the only way to run Java programs on 32-bit x86 processors.
A reminder on Preview and Incubator features
Preview features are fully specified and fully implemented Language or VM Features of the Java SE Platform; and yet impermanent. They are made available in JDK Feature Releases to allow for developer feedback based on real-world uses, before becoming permanent in a future release. This also affords tool vendors the opportunity to work towards supporting features before they are finalized into the Java SE Standard. APIs in Incubator modules put non-final APIs and non-final tools in the hands of developers and users so that we can gather feedback that will ultimately improve the quality of the Java platform.
Other changes
Besides the changes described in the JEPs, there are many smaller changes listed in the release notes which will be of interest to many application developers and system administrators. These include deprecation of obsolete APIs and removal of previously deprecated ones.
Some of the key updates from the Java 24 release notes:
Configurable New Session Tickets Count for TLSv1.3 (JDK-8328608)
security-libs/javax.net.ssl
A new system property, jdk.tls.server.newSessionTicket, sets the number of TLSv1.3 resumption tickets sent by a JSSE server per session. It can be set on the command line with -Djdk.tls.server.newSessionTicket=#, where # ranges from 0 to 10. The default is 1.
Mechanism to Disable TLS Cipher Suites by Pattern Matching (JDK-8341964)
security-libs/javax.net.ssl
TLS cipher suites can be disabled with the jdk.tls.disabledAlgorithms security property in the java.security configuration file using one or more “” wildcard characters. For example, “TLS_RSA_” disables all cipher suites that start with “TLS_RSA_”. Only cipher suites starting with “TLS_” are allowed to have wildcard characters.
New Option to Extract a JAR File to a Specific Directory Using the jar Tool (JDK-8173970)
tools/jar
The jar tool’s extract operation has been enhanced to allow the --dir or the -C options to be used to specify the directory where the archive will be extracted.
Example Usages:
jar -xf foo.jar -C /tmp/bar/
or
jar --extract --file foo.jar --dir /tmp/bar/
Either of these commands will extract the foo.jar to the /tmp/bar directory.
New Reader.of(CharSequence) Method (JDK-8341566)
core-libs/java.io
The static factory method java.io.Reader.of(CharSequence) has been added to get a Reader that reads characters from a CharSequence, String and StringBuilder are examples of a CharSequence. The returned Reader is more efficient than using a java.io.StringReader in some cases, as the latter requires conversion to String and synchronization.
New Method Process.waitFor(Duration) (JDK-8336479)
core-libs/java.lang
A new, overloaded method, java.lang.Process#waitFor(Duration), has been added. The existing waitFor() method with timeout needs both a primitive time out value and its unit. The new method uses java.time.Duration so that the user will not be confused with the unit.
Support for Unicode 16.0 (JDK-8319993)
core-libs/java.lang
This release upgrades the Unicode version to 16.0, which includes updated versions of the Unicode Character Database and Unicode Standard Annexes #9, #15, and #29:
- The
java.lang.Characterclass supports the Unicode Character Database, which adds 5,185 characters, for a total of 154,998 characters. The new additions include seven new scripts:- Garay is a modern-use script from West Africa.
- Gurung Khema, Kirat Rai, Ol Onal and Sunuwar are four modern-use scripts from Northeast India and Nepal.
- Todhri is an historic script used for Albanian.
- Tulu-Tigalari is an historic script from Southwest India.
- The
java.text.Bidiandjava.text.Normalizerclasses support Unicode Standard Annexes, #9 and #15, respectively. - The
java.util.regexpackage supports Extended Grapheme Clusters based on the Unicode Standard Annex #29.
For more details about Unicode 16.0, refer to the Unicode Consortium’s release note.
New JAR Command Option to Not Overwrite Existing Files (JDK-8335912)
core-libs/java.util.jar
The jar tool’s extract operation has been enhanced to allow the --keep-old-files and the -k options to be used in preventing the overwriting of existing files.
Examples:
jar xkf foo.jar
or
jar --extract --keep-old-files --file foo.jar
Either of these commands will extract the contents of foo.jar. If an entry with the same name already exists in the target directory, then the existing file will not be overwritten.
New MXBean to Monitor and Manage Virtual Thread Scheduler (JDK-8338890)
core-svc/java.lang.management
A new, JDK-specific monitoring and management interface, jdk.management.VirtualThreadSchedulerMXBean, has been added to allow Java Management Extension (JMX) based tooling to monitor and manage the virtual thread scheduler. The interface supports monitoring the virtual thread scheduler’s target parallelism, the threads used by the scheduler, and the number of virtual threads queued to the scheduler. It also supports dynamically changing the scheduler’s target parallelism.
New jcmd Commands Thread.vthread_scheduler and Thread.vthread_pollers (JDK-8337199)
core-svc/tools
Two commands have been added to the jcmd command line tool to print information that may be useful when diagnosing issues with virtual threads.
jcmd <pid> Thread.vthread_scheduler prints the virtual thread scheduler, the target parallelism, number of threads, and other useful counters. The output also includes the delayed task schedulers that support virtual threads doing timed operations.
jcmd <pid> Thread.vthread_pollers prints the I/O pollers that support virtual threads doing blocking network I/O operations.
Support for Including Security Properties Files (JDK-8319332)
security-libs
The java.security security properties file, and those referred to by the java.security.properties system property, now support including other properties files. The directive include <path-to-a-file> can be used for this purpose. The effect of including a file is equivalent to defining its properties inline at the inclusion point. Find more information and examples in the Security Properties Files Inclusion section of the Security Developer Guide and in JDK-8319333.
As a result of this change, the name include can no longer be used to define a property in a security properties file. If the name include is passed to the java.security.Security::getProperty or ::setProperty APIs, an IllegalArgumentException is thrown.
Document Standard Hash and MGF Algorithms for RSASSA-PSS Signature (JDK-8248981)
security-libs/java.security
A new section for PSSParameterSpec algorithm names has been added to the Java Security Standard Algorithm Names specification. This section lists the standard hash and message generation function (MGF) algorithms that can be specified when initializing an RSASSA-PSS signature with a PSSParameterSpec object.
SunPKCS11 Provider Is Enhanced to Use CKM_AES_CTS Mechanism If Supported by Native PKCS11 Library (JDK-8330842)
security-libs/javax.crypto:pkcs11
The SunPKCS11 provider has been enhanced to support the following AES CTS transformations for the Cipher service type:
- AES/CTS/NoPadding
- AES_128/CTS/NoPadding
- AES_192/CTS/NoPadding
- AES_256/CTS/NoPadding
The Addendum to NIST Special Publication 800-38A defines three variants of Ciphertext Stealing for CBC mode: CBC-CS1, CBC-CS2, and CBC-CS3. To ensure interoperability with SunJCE and Kerberos, which use the CS3 variant, the SunPKCS11 provider needs to know the variant implemented by the underlying PKCS #11 library and convert the data if it is not in the CS3 variant. A new SunPKCS11 provider configuration attribute named cipherTextStealingVariant is introduced and must be set with any of the following values: CS1, CS2, or CS3, to indicate the CTS variant of the underlying PKCS #11 library. An exception exists for NSS as it is known to be CS1. Otherwise, the PKCS #11 CKM_AES_CTS mechanism is disabled.
New Summary Page for External Specifications (JDK-8344041)
tools/javadoc(tool)
The API documentation contains a new summary page listing external specifications referenced by Java SE and JDK APIs. A link to the new summary page can be found in the Index page linked in the API documentation navigation bar.
jpackage Supports WiX Toolset v4 and v5 on Window (JDK-8319457)
tools/jpackage
jpackage can use WiX Toolset v4 and v5, in addition to v3, on Windows. It will automatically choose the newest installed version.
jpackage supports custom WiX sources in both WiX v3 and v4 formats. If WiX Toolset v4 or v5 is used, jpackage will automatically convert custom WiX sources in WiX v3 format to WiX v4 format.
Finally, like all feature releases, JDK 24 includes hundreds of performance, stability, and security updates including adapting to underlying OS and firmware updates and standards. Users and application developers usually benefit from these changes without noticing them, but information on each of them can be found in the OpenJDK issue tracker.
And the constant feature, included in all JDK releases: Predictability
JDK 24 is the 15th Feature Release delivered on time through the six-month release cadence. This level of predictability allows developers to easily manage their adoption of innovation thanks to a steady stream of improvements.
Java’s ability to boost performance, stability, and security continues to make it the world’s most popular programming language.
Oracle will not offer long-term support for JDK 24; we will provide updates until September 2025 when it will be superseded by Oracle JDK 25.
Java 24, Together
As with previous releases, Java 24 is the result of the contributions of many individuals and organizations in the OpenJDK Community — we all build Java, together!
JDK 24 Fix Ratio
The rate of change over time in the JDK releases has remained largely constant for years, but under the six-month cadence the pace at which production-ready features and improvements are delivered has sharply increased.
The changes in JDK 24 range from significant new features to small enhancements to routine maintenance, bug fixes, and documentation improvements. Each change is represented in a single commit for a single issue in the JDK Bug System.
Of the 31,187 JIRA issues marked as fixed in Java 11 through Java 24 at the time of their GA, 22,107 were completed by people working for Oracle while 9,080 were contributed by individual developers and developers working for other organizations. Going through the issues and collating the organization data from assignees results in the following chart of organizations sponsoring the development of contributions in Java:
In Java 24, of the 2,463 JIRA issues marked as fixed, 1,657 were completed by Oracle, while 806 were contributed by other members of the Java community.
Oracle would like to thank the developers working for organizations including Alibaba, Amazon, Google, IBM, Intel, ISCAS, Red Hat, Rivos, and SAP for their notable contributions. We are also thankful to see contributions from smaller organizations such as Ampere Computing, Bellsoft, JetBrains, and NTT Data, as well as independent developers who collectively contributed 6% of the fixes in Java 24.
Additionally, we would like to thank the following individuals who provided invaluable feedback on build quality, logged good quality bugs, or offered frequent updates:
- Rafael Winterhalter (ByteBuddy)
- Marc Hoffmann (JaCoCo)
- Yoann Rodière (Hibernate projects)
- Robert Scholte (Apache Maven)
Further, through the OpenJDK Quality Outreach program we would like to thank the following FOSS projects and individuals who provided excellent feedback on testing Java 24 early access builds to help improve the quality of the release:
- Apache Ant (Jaikiran Pai)
- Apache Commons (Benedikt Ritter)
- Apache Derby (Rick Hillegas)
- Eclipse Jetty (Simone Bordet)
- Hibernate projects (Sanne Grinovero)
- RxJava (David Karnok)
Resources
Java continues to be the #1 programming language for today’s technology trends. As the on-time delivery of improvements with Java 23 demonstrates, through continued thoughtful planning and ecosystem involvement, the Java platform is well-positioned for modern development and growth in the cloud.
Kee up with news and updates by:
- Visiting Dev.java (Oracle’s dedicated portal to advance your Java knowledge and community participation).
- Visiting Inside.java (news and views by the Java Team at Oracle).
- Listening to the Inside.java podcasts (an audio show for Java Developers brought to you directly from the people that make Java at Oracle).
- Listening to the Duke’s Corner Podcast (an audio show that features the personal stories, experiences and expertise of Java community luminaries).
- Watching Inside.java Newscasts (a video show extending the Inside.java podcast).
- Watching Java on YouTube (Oracle’s Java videos to help grow your Java expertise).
- Watching JEP Café (Oracle’s technical exploration into popular JDK Enhancement Proposals).
- Watching Sip of Java (Oracle’s 1-minute shorts offering introductions into lesser known Java enhancements).
- Joining the OpenJDK mailing lists (to learn about the progress of your favorite OpenJDK projects).
- Following OpenJDK and Java on X.
- Subscribing to the Inside Java Newsletter (a monthly publication summarizing many of the key Java technology and community updates from Oracle).