Release Notes - WildFly - Version 36.0.0.Final - HTML format

Sub-task

  • [WFLY-20025] - Remove all non-breaking uses of ModuleIdentifier in JCA subsystem
  • [WFLY-20168] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in BATCH
  • [WFLY-20169] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in IIOP
  • [WFLY-20171] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in BEAN VALIDATION
  • [WFLY-20173] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in JCA
  • [WFLY-20174] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in EJB
  • [WFLY-20177] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in UNDERTOW
  • [WFLY-20183] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in REST
  • [WFLY-20184] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in JPA
  • [WFLY-20185] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MAIL
  • [WFLY-20186] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in JMS
  • [WFLY-20187] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in POJO
  • [WFLY-20188] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in SAR
  • [WFLY-20189] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in WEBSERVICES
  • [WFLY-20192] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in WELD
  • [WFLY-20193] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in TXN
  • [WFLY-20194] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MICROMETER
  • [WFLY-20196] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in OPENTELEMETRY
  • [WFLY-20197] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP CONFIG
  • [WFLY-20198] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP Fault Tolerance
  • [WFLY-20199] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP HEALTH
  • [WFLY-20200] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP JWT
  • [WFLY-20201] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP LRA
  • [WFLY-20202] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP OPENAPI
  • [WFLY-20203] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP REACTIVE MESSAGING
  • [WFLY-20204] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP TELEMETRY
  • [WFLY-20205] - Use ModuleDependency.Builder instead of deprecated ModuleDependency ctor in MP REACTIVE STREAMS
  • [WFLY-20254] - MP OpenAPI TCK is never run with the security manager
  • [WFLY-20256] - MP Health TCK is never run with the security manager
  • [WFLY-20257] - MP JWT TCK is never run with the security manager
  • [WFLY-20258] - MP LRA TCK is never run with the security manager
  • [WFLY-20259] - MP REST Client TCK is never run with the security manager
  • [WFLY-20260] - MP Telemetry TCK is never run with the security manager
  • [WFLY-20266] - MP Reactive Messaging TCK is never run with the security manager
  • [WFLY-20268] - MP Reactive Streams Operators TCK is never run with the security manager
  • [WFLY-20289] - Remove use of ModuleIdentifier from ModuleIdentifierValidatorBuilder
  • [WFLY-20391] - Suppress deprecation warnings from MSC, Singleton and Clustering APIs in the quickstart

Feature Request

  • [WFLY-13828] - Support for remote+tls by EJBClient and remote-outbound-connection
  • [WFLY-18582] - [Community] Add a prometheus endpoint to the micrometer extension
  • [WFLY-20476] - [Community] Promote ajp-listener AJP_ALLOWED_REQUEST_ATTRIBUTES_PATTERN to community
  • [WFLY-20477] - [Community] Promote undertow subsystem's reuse-x-forwarded and rewrite-host header configurability to community stability

Bug

  • [WFLY-19384] - Flaky LRA TckParticipantTests tests
  • [WFLY-19725] - configure-elytron.cli CLI scrip in Jaxrs-Jwt QS logs a warning messages
  • [WFLY-19729] - *TxClientEJBForwardingTestCase fail while trying to configure legacy security-realm and with security manager
  • [WFLY-19841] - QuickStart ejb-multi-server is not possible to deploy into server in domain mode
  • [WFLY-19925] - The MicroProfileHealthIT tests in quickstarts are failing when are testing the OpenShift server
  • [WFLY-19950] - The Spring Resteasy quickstart logs a warnings on the OpenShift
  • [WFLY-20102] - Server.getRoute with obfuscate-session-route repeats INFO messages and route encoding
  • [WFLY-20130] - helloworld-jms logs missing
  • [WFLY-20141] - Multiple @Deployment-s in microprofile test suite are attaching unnecessary classes to deployments, e.g. test class itself
  • [WFLY-20217] - Mixed domain test failures in the 'Standard - Alt Dist' job
  • [WFLY-20237] - ClientInterceptorReturnData* tests fail on Semeru 21
  • [WFLY-20242] - Module testsuite/integration/elytron doesn't work properly with -DskipTests=false
  • [WFLY-20244] - Update HostExcludesTestCase configuration to work with WF35
  • [WFLY-20271] - Enhance Scripts tests to ignore warning about JDK's sun.misc.Unsafe usage on JDK24+
  • [WFLY-20277] - Ignore persistence units in app-client container archive when deploying on server
  • [WFLY-20282] - Byteman based tests fail on JDK24 when attempting to install policy into JDK
  • [WFLY-20283] - OutOfMemoryError in CDRInputStream_1_0 Due to Improper Byte Array Size Calculation on JDK 21
  • [WFLY-20288] - Upgrade org.jboss.universe.producer:wildfly-producers to 1.3.13
  • [WFLY-20290] - CLI command "server=name:import-journal" for messaging subsystem throws "NoClassDefFoundError:" in Java 17
  • [WFLY-20297] - Wrong property being set in Base Server Build Demander module
  • [WFLY-20302] - ObjectStoreBrowser doesn't allow to register external OSBTypeHandler
  • [WFLY-20310] - Fix Persistence TCK failure in jpa/core/metamodelapi/attribute/Client#getJavaMember when bytecode enhancement is enabled by default
  • [WFLY-20311] - SFSBs that are created but never invoked will never expire
  • [WFLY-20313] - Datasource subsystem fails to parse 5.0 and 6.0 XA DataSource configurations
  • [WFLY-20325] - MicroProfile Health: CDI Extension doesn't reset the disabled default procedures configuration when undeploying
  • [WFLY-20329] - Incorrect module identifier handling in WeldDeploymentProcessor
  • [WFLY-20343] - SingleSignOnUnitTestCase test fails with the Bootable JAR in WildFly Preview
  • [WFLY-20345] - Invalid WildFly Bot config after moving directories under legacy directory.
  • [WFLY-20350] - Provided jboss.dist ignored in testsuite/integration/smoke
  • [WFLY-20352] - Quickstarts logging unexpected warnings when run on JDK 21
  • [WFLY-20371] - Steps for uninstalling operator in ejb-txn-remote-call fail
  • [WFLY-20374] - Using ts.layers with the preview-server-tests profile doesn' execute most test modules
  • [WFLY-20383] - Compilation warnings on microprofile-reactive-messaging-kafka quickstart
  • [WFLY-20395] - DeploymentDescriptorInterceptorBindingsProcessor doesn't take into account superclass methods
  • [WFLY-20400] - MP TCK Rest Client tests started to fail since JDK24 EA 25+
  • [WFLY-20406] - ReactiveEngineProvider should load ReactiveEngines in a privileged block
  • [WFLY-20411] - QS messaging-clustering-singleton server 2 provision stuck on wildfly:start command
  • [WFLY-20420] - ConsoleAccessLogDefinition doesn't add a requirement for the org.wildfly.event.logger module
  • [WFLY-20424] - QS ejb-multi-server logs warning WFLYCLINF0033: Attribute 'marshaller' is configured to use a deprecated value
  • [WFLY-20427] - Cache inconsistencies when using ORACLE Database
  • [WFLY-20429] - Some quickstart have maven compiler plugin configs targeting JDK 11
  • [WFLY-20432] - EJB: String[] method parameter and overriden methods in ejb-jar.xml interceptor-binding is failing to deploy
  • [WFLY-20436] - Messaging test XML does not conform to its subsystem schema
  • [WFLY-20439] - WFLY-15452 & WFLY-14255 added new attributes to XML parsing description for every undertow subsystem schema version
  • [WFLY-20440] - DomainTestSuite test XML for messaging-activemq subsystem does not comply with its schema
  • [WFLY-20447] - Fix http-custom-module README
  • [WFLY-20464] - DistributableSession - IllegalStateException
  • [WFLY-20467] - Tools BOM may be out of sync with channel manifest
  • [WFLY-20475] - Attribute 'elytron-enabled' in the jca subsystem when using the JBoss Server Migration Tool
  • [WFLY-20482] - Improve context name conflict handling with Metrics and Micrometer
  • [WFLY-20499] - wildfly-ee-galleon-pack-layer-tests do not appear to propegate system proxy settings to wildfly-glow's maven resolver
  • [WFLY-20514] - org.wildfly.unstable.api.annotation:unstable-api-annotation-classpath-indexer missing a license
  • [WFLY-20521] - Cannot use CDI with Jakarta Persistence + application defined datasources without explicitly disabling byte code enahacement
  • [WFLY-20533] - Only add -Djava.security.manager=allow if the security mangaer is explicitly enabled
  • [WFLY-20542] - Security manager failures persisting timers
  • [WFLY-20544] - Recurring PublicKeyAsFileLocationURLTest failure SE 21+SM
  • [WFLY-20545] - Undertow.Server.lookupSecurePort can throw NPE
  • [WFLY-20546] - ListenerService closes port after unregistering listener
  • [WFLY-20550] - (CVE-2025-2251) Block additional classes identified by security researchers as being useful in exploit gadgets

Task

  • [WFLY-17478] - The old security and picketlink subsystems should move under "legacy"
  • [WFLY-19136] - Add test for testing the example configurations
  • [WFLY-19212] - Remove the Security Manager extension from WildFly Preview default configuration.
  • [WFLY-19536] - Add -Djdk.tracePinnedThreads=full to the args passed to testsuite server launches
  • [WFLY-19722] - Add some TRACE level logging to the Undertow deployment process to better track how the security domain is mapped.
  • [WFLY-19983] - Remove all non-breaking uses of ModuleIdentifier
  • [WFLY-20148] - Clean up WildFlyRegistry handing in MicrometerSubsystemRegistrar
  • [WFLY-20158] - Remove ununsed method on WildFlyOpenTelemetryConfig
  • [WFLY-20164] - Use ModuleDependency.Builder instead of deprecated ModuleDependency constructor
  • [WFLY-20224] - Remove uses of deprecated Attachments.ADDITIONAL_ANNOTATION_INDEXES_BY_MODULE
  • [WFLY-20230] - Remove use of deprecated Attachments.MODULE_IDENTIFIER
  • [WFLY-20233] - Remove eager Telemetry CDI bean initialization logic in MP FT TCK made redundant by WFLY-20075
  • [WFLY-20236] - ExternalJMSDestinationDefinitionMessagingDeploymentTestCase can 'ignore' existing queues
  • [WFLY-20245] - Remove use of ModuleIdentifier in PermissionParserExpressionsTestCase
  • [WFLY-20272] - Update microprofile-certification.sh to reflect that WildFly is now MP 7 compatible
  • [WFLY-20274] - Incorrect plugin execution order for testsuite/integration/manualmode on Windows
  • [WFLY-20275] - Remove XercesUsageTestCase
  • [WFLY-20278] - Reactivate SingleSignOnUnitTestCase which has been disabled for 13 years
  • [WFLY-20295] - Ban the org.wildfly.security:wildfly-elytron dependency
  • [WFLY-20315] - Rename testsuite/integration/microprofile
  • [WFLY-20320] - Change use of Attachments.ADDITIONAL_ANNOTATION_INDEXES to ADDITIONAL_INDEX_MODULES
  • [WFLY-20322] - Add HtmlUnit based test for the welcome page
  • [WFLY-20339] - Suppress CVE-2024-4109 as triaged as not a security vulnerability
  • [WFLY-20348] - Remove uses of deprecated ModuleDependency.getIdentifier()
  • [WFLY-20361] - Add tests on the vertx instance usage in opentelemetry subsystem
  • [WFLY-20365] - Split OidcWithDeploymentConfigTest for different stability levels
  • [WFLY-20372] - Remove smallrye-mutiny-vertx-kafka-client dependency
  • [WFLY-20393] - Ensure that only one bytecode transformer is added for each Persistence Unit
  • [WFLY-20435] - Add a GitHub workflow to run the MicroProfile test suite
  • [WFLY-20460] - Renew expired OWASP suppressions where applicable and remove remaining ones that have expired.
  • [WFLY-20495] - Improve resilience to interrupts of clustering tests sensitive to topology changes
  • [WFLY-20497] - Make OidcBaseTest more resistant to setup failures
  • [WFLY-20510] - Remove the jboss.org link from the welcome page
  • [WFLY-20519] - JCA: remove elytron-enabled attribute usage from integration testsuite
  • [WFLY-20534] - Update the WildFly vs WildFly Preview document for current differences
  • [WFLY-20551] - JCA: don't set WorkManager and DistributedWorkManager's elytron-enabled attribute to false in the legacy subsystem versions

Component Upgrade

  • [WFLY-19781] - Upgrade to SmallRye Reactive Messaging 4.25.0
  • [WFLY-20085] - Upgrade cxf from 4.0.5 to 4.0.6
  • [WFLY-20160] - Add Hibernate ORM 7 to the WildFly EE preview
  • [WFLY-20208] - Upgrade Byte Buddy to 1.15.11
  • [WFLY-20238] - Upgrade SmallRye Fault Tolerance from 6.7.1 to 6.7.2
  • [WFLY-20246] - Upgrade Vert.x to 4.5.11
  • [WFLY-20249] - Upgrade Byteman to 4.0.24
  • [WFLY-20252] - Upgrade SmallRye Fault Tolerance from 6.7.2 to 6.7.3
  • [WFLY-20264] - com.github.luben:zstd-jni from 1.5.6-8 to 1.5.6-9
  • [WFLY-20269] - Upgrade SmallRye OpenAPI to 4.0.6
  • [WFLY-20270] - Upgrade JGroups to 5.3.14.Final
  • [WFLY-20276] - Upgrade Weld from 5.1.4.Final to 5.1.5.Final
  • [WFLY-20286] - Upgrade WildFly to Glow 1.3.0.Final
  • [WFLY-20303] - Upgrade Arquillian from 1.9.2.Final to 1.9.3.Final
  • [WFLY-20304] - Upgrade smallrye-mutiny-vertx libraries to 3.15.1
  • [WFLY-20305] - (WF 36) Upgrade HAL to 3.7.8.Final
  • [WFLY-20306] - Upgrade Wiremock to 3.10.0
  • [WFLY-20309] - Upgrade RESTEasy MicroProfile 3.0.0.Final to 3.0.1.Final
  • [WFLY-20316] - Upgrade commons-codec:commons-codec from 1.17.1 to 1.17.2
  • [WFLY-20319] - Upgrade WildFly Core to 28.0.0.Beta1
  • [WFLY-20323] - Upgrade openjdk-orb to 10.1.1.Final
  • [WFLY-20326] - Upgrade Hibernate Search to 8.0 in WildFly Preview
  • [WFLY-20327] - Upgrade org.eclipse.persistence:eclipselink from 4.0.4 to 4.0.5
  • [WFLY-20328] - Upgrade Micrometer from 1.14.2 to 1.14.3
  • [WFLY-20332] - Upgrade to Vert.X 4.5.12
  • [WFLY-20333] - Upgrade smallrye-mutiny-zero to 1.1.1
  • [WFLY-20335] - Upgrade Mojarra to 4.0.9
  • [WFLY-20336] - Update io.grpc:grpc-api to 1.70.0
  • [WFLY-20338] - Bump version.io.netty from 4.1.116.Final to 4.1.117.Final
  • [WFLY-20341] - Upgrade Apache Mime4j from 0.8.11 to 0.8.12
  • [WFLY-20344] - Upgrade smallrye-health to 4.2.0
  • [WFLY-20354] - Upgrade Narayana to 7.2.1.Final
  • [WFLY-20358] - Upgrade Infinispan to 15.0.13.Final
  • [WFLY-20359] - Upgrade to org.glassfish:jakarta.enterprise.concurrent:3.0.1 to address intermittent TCK failures
  • [WFLY-20360] - Upgrade SmallRye OpenAPI to 4.0.8
  • [WFLY-20363] - Upgrade ironjacamar from 3.0.10.Final to 3.0.13.Final
  • [WFLY-20364] - Upgrade SmallRye Fault Tolerance from 6.7.3 to 6.8.0
  • [WFLY-20367] - Upgrade to SmallRye Reactive Messaging 4.27.0
  • [WFLY-20368] - Upgrade to SmallRye Config 3.11.2
  • [WFLY-20381] - Upgrade to Hibernate ORM 6.6.7.Final
  • [WFLY-20390] - Upgrade WildFly Core to 28.0.0.Beta3
  • [WFLY-20392] - Upgrade to Hibernate ORM 7.0.0.Beta5
  • [WFLY-20397] - Upgrade to SmallRye Config 3.12.0
  • [WFLY-20398] - Upgrade WildFly Preview to Weld 6.0.1.Final
  • [WFLY-20401] - Upgrade Mojarra from 4.0.9 to 4.0.10
  • [WFLY-20402] - Upgrade vertx to 4.5.13
  • [WFLY-20403] - Upgrade netty to 4.1.118.Final (resolves CVE-2025-24970, CVE-2025-25193)
  • [WFLY-20404] - Upgrade zstd-jni to 1.5.6-10
  • [WFLY-20408] - Upgrade to SmallRye Config 3.12.2
  • [WFLY-20421] - Upgrade Infinispan to 15.1
  • [WFLY-20422] - Upgrade wildfly-clustering to 6.0.0.Final
  • [WFLY-20426] - Upgrade JGroups to 5.3.15.Final
  • [WFLY-20428] - Upgrade Eclipse ECJ to 3.33.0
  • [WFLY-20437] - Upgrade Micrometer from 1.14.3 to 1.14.4
  • [WFLY-20438] - Upgrade com.github.luben:zstd-jni to 1.5.7-1
  • [WFLY-20444] - Upgrade JGroups AWS to 3.0.1.Final and software.amazon.awssdk to 2.30.32
  • [WFLY-20445] - Upgrade WildFly HTTP Client to 2.1.0.Final
  • [WFLY-20449] - Upgrade WildFly Core to 28.0.0.Beta4
  • [WFLY-20450] - Upgrade the OWASP dependency-check plugin to 12.1.0
  • [WFLY-20451] - Upgrade Netty to 4.1.119.Final
  • [WFLY-20453] - Upgrade RESTEasy to 6.2.12.Final
  • [WFLY-20454] - Upgrade RESTEasy to 7.0.0.Beta1 in WildFly Preview
  • [WFLY-20456] - Upgrade SmallRye Fault Tolerance from 6.8.0 to 6.9.0
  • [WFLY-20457] - Upgrade MicroProfile Fault Tolerance to 4.1.2 (TCK fix release)
  • [WFLY-20466] - Upgrade wildfly-clustering to 6.0.1.Final
  • [WFLY-20468] - Update to Narayana LRA 1.0.0.Final
  • [WFLY-20469] - Update microprofile-lra to 2.0.1
  • [WFLY-20470] - Update WildFly Preview's Jakarta Concurrency API to 3.1.1
  • [WFLY-20471] - Update WildFly Preview's Jakarta Faces API to 4.1.2
  • [WFLY-20472] - Update WildFly Preview's Jakarta Validation API to 3.1.1
  • [WFLY-20473] - Update WildFly Preview's Eclipse Mojarra to 4.1.3
  • [WFLY-20474] - Upgrade Jackson from 2.18.2 to 2.18.3
  • [WFLY-20479] - Update Mojarra to 4.0.11
  • [WFLY-20480] - Update Micrometer to 1.14.5
  • [WFLY-20481] - Upgrade WildFly Arquillian to 5.1.0.Beta10
  • [WFLY-20483] - Upgrade HAL to 3.7.9.Final
  • [WFLY-20490] - Upgrade Apache Artemis to 2.40.0
  • [WFLY-20494] - Upgrade WildFly Core to 28.0.0.Beta5
  • [WFLY-20496] - Upgrade to Hibernate Search 7.2.3.Final
  • [WFLY-20501] - Upgrade WildFly Glow to 1.4.0.Final
  • [WFLY-20503] - Bump com.google.guava:failureaccess from 1.0.2 to 1.0.3
  • [WFLY-20504] - Upgrade com.github.luben:zstd-jni from 1.5.7-1 to 1.5.7-2
  • [WFLY-20505] - Upgrade WildFly Core to 28.0.0.Beta6
  • [WFLY-20511] - Upgrade version.io.smallrye.smallrye-config to 3.12.4
  • [WFLY-20513] - Upgrade Arquillian from 1.9.3.Final to 1.9.4.Final
  • [WFLY-20516] - Upgrade to unstable-api-annotation-utils 1.0.2.Final
  • [WFLY-20526] - Upgrade HAL to 3.7.10.Final
  • [WFLY-20529] - Upgrade to WildFly Glow 1.4.1.Final
  • [WFLY-20530] - Upgrade WildFly Preview to Weld 6.0.2.Final
  • [WFLY-20537] - Upgrade wildfly-launcher to 1.0.2.Final
  • [WFLY-20538] - Upgrade WildFly Arquillian to 5.1.0.Beta11
  • [WFLY-20540] - Upgrade smallrye-open-api to 4.0.9
  • [WFLY-20541] - Upgrade JGroups to 5.3.18.Final
  • [WFLY-20548] - Upgrade WildFly Core to 28.0.0.Final

Enhancement

  • [WFLY-19845] - Organize Developer Guide EJB content all in one section
  • [WFLY-20380] - Add org.apache.logging.log4j:log4j-api to wildfly-ee BOM
  • [WFLY-20434] - XP Quickstarts should use EAP Helm Charts
  • [WFLY-20487] - Remove unused Jandex index from org.jipijapa.plugin.spi.PersistenceUnitMetadata + org.jboss.as.jpa.config.PersistenceUnitMetadataImpl

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.