What is new in this release of Liberty

This release introduces key enhancements to Liberty.

What's new

Open Liberty Many of the latest features for Liberty are now documented on the Open Liberty website. For more information, see the Open Liberty blog.

The Liberty features topic lists the features available in Liberty products and highlights recently introduced features with a fix pack icon. Recent fix packs provide the following key enhancements:

[21.0.0.12 and later]
Liberty on Microsoft Azure
You can automatically provision Microsoft Azure resources to move to Liberty and Open Liberty on Azure Red Hat OpenShift and Azure Kubernetes Service. For more information, see IBM WebSphere Product Family on Azure Overview on the Microsoft Azure Marketplace website.
Support for Jakarta EE 9.1
Open Liberty The 21.0.0.12 release adds support for the Jakarta EE platform, version 9.1. You can run Jakarta EE 9.1 applications by using Java SE 8, 11, or 17. Liberty features that support Jakarta EE 9.1 are incremented to new version numbers and, in some cases, new short names. If you are moving applications from Java EE or a previous version of Jakarta EE to Jakarta EE9.1, you might need to update feature versions or short names in your server.xml file. For more information, see Jakarta EE 9.1 feature updates on the Open Liberty website.
Support for Enterprise Beans 4.0
As part of the release Jakarta EE 9.1, the Jakarta Enterprise Beans 4.0 specification includes a few minor changes over the pri version of the specification, Enterprise JavaBeans (EJB) 3.2. All of the Liberty features that support both versions of this specification are still available, but the feature short name is changed from ejb to enterpriseBeans in the 4.0 version. Several API methods are also removed in the 4.0 version. For more information, see Developing EJB applications on Liberty.
Modify HTTP response headers
Open Liberty In 21.0.0.12 and later, you can configure Liberty to modify HTTP response headers. Headers can be appended, overwritten, added, or removed from all responses that are serviced by an HTTP endpoint. This configuration provides more granular control over response headers, so you can modify headers without having to change existing applications or filters. For more information, see the Open Liberty blog.
[21.0.0.11 and later]
Use Kubernetes secrets as Liberty configuration variables
Open Liberty In Liberty 21.0.0.11 and later, configuration variables can be automatically populated from Kubernetes secrets without having to expose them as environment variables. Before 21.0.0.11, to access these secrets in Liberty from configuration variables, they had to be exposed as environment variables in a Kubernetes pod. For more information, see the Open Liberty blog.
Install WebSphere Liberty features on an Open Liberty server
Some WebSphere® Application Server Liberty features are not available for Open Liberty servers. Open Liberty users with an active WebSphere Application Server Liberty license can install WebSphere Application Server Liberty features from a Maven repository by specifying the featuresbom property. For more information, see Installing WebSphere Liberty features on an Open Liberty server.
Print the ephemeral port of the client for each incoming HTTP request to the HTTP access log
Open Liberty In version 21.0.0.11 and later, the %{remote}p HTTP access log format option provides a lightweight way to correlate to network trace and investigate network errors or performance issues. Before version 21.0.0.11, the main way to correlate HTTP requests to network trace was to use WebContainer trace. For more information, see HTTP access logging on the Open Liberty website.
[21.0.0.10 and later]
Java SE 17 support
Open Liberty The 21.0.0.10 release adds support for Java Platform, Standard Edition (Java SE) Version 17. You can use Java SE 17 with Liberty 21.0.0.10 or later. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.
Install IBM Semeru Runtime Certified Edition, Version 11 with IBM® Installation Manager
An online product repository is available to download and install IBM Semeru Runtime Certified Edition, Version 11 with IBM Installation Manager. For more information, see Online product repositories for Liberty offerings.
[21.0.0.9 and later]
MicroProfile programming model support 4.1
Open Liberty Use features in the MicroProfile programming model to develop microservice applications for the enterprise. MicroProfile 4.1 is based on Jakarta EE 8. For more information, see the Open Liberty blog.
Verify the health of your microservices with MicroProfile Health Check 3.1
Open Liberty MicroProfile Health 3.1 introduces the Startup health check, which allows applications to define startup probes that are used for initial verification of the application before the Liveness probe takes over. This health check is useful for applications that require extra startup time on their first initialization. For more information, see Health checks for microservices.
Recover server transactions with peer recovery
Open Liberty You can configure Liberty servers to automatically recover transactions on behalf of other servers. For more information, see Transaction recovery in a cloud environment.
Achieve consistency across message, trace, and console logs with the new TBASIC logging format
Open Liberty A new log format is available in version 21.0.0.9. The TBASIC log format creates a consistent output format across the message, trace, and console logs. Previously, the output for the trace log differed from the output of the message and console logs. For more information, see the Open Liberty blog.
Programmatically determine the status of an endpoint
In version 21.0.0.9, the isActive method is added to the ServerEndpointControlMBean MBean. You can use this method to determine whether an endpoint exists, whether it is started, and whether it is paused. Previously, this MBean had no way to determine whether an endpoint existed and was started. For more information, see the API documentation.
[21.0.0.8 and later]
For z/OS platforms Configure health management with any Java runtime environment
In Liberty version 21.0.0.8 and later, you can configure health management functions with any specification-compliant Java runtime environment (JRE) or Java SDK. Previously, these functions required the use of specific IBM Java developer kits. For more information, see Configuring health management for Liberty.
Bug fixes in version 21.0.0.8
Open Liberty The development team made a number of significant bug fixes in version 21.0.0.8. For more information, see the Open Liberty blog.
[21.0.0.7 and later]
Bug fixes in version 21.0.0.7
Open Liberty Although Liberty 21.0.0.7 doesn't introduce any new features, the development team made a number of significant bug fixes. For more information, see the Open Liberty blog.
[21.0.0.6 and later]
View request timing metrics in MicroProfile Metrics
Open Liberty The Request Timing feature tracks slow and hung servlet requests with a RequestTimingStats MBean. The data from this bean is now retrieved by the MicroProfile Metrics feature and reported on the /metrics or /metricsvendor endpoint. This function is compatible with both the 2.X and 3.X MicroProfile Metrics features. For more information, see the Open Liberty blog.
For z/OS platformsAngel required services property
With the new com.ibm.ws.zos.core.angelRequiredServices bootstrap property, you can configure the Liberty server with specific angel process services. For more information, see the following topics:
For z/OS platformsAngel process version number
Angel version number 17 was added for the 21.0.0.6 product level. For more information, see Process types on z/OS.
[21.0.0.5 and later]
For z/OS platformsIBM z/OS automatic restart management (ARM) to recover application servers
You can activate automatic restart management (ARM), enable the z/OS automatic restart manager feature, and activate automatic restart management (ARM) on the Liberty server. For more information, see the following topics: .
Authenticate to an LDAP server by using Kerberos credentials
Open Liberty Kerberos bind authentication with Generic Security Services API (GSSAPI) is now available for stand-alone LDAP servers and LDAP servers in federated repositories. For more information, see Configure Kerberos authentication for LDAP servers on the Open Liberty website.
Build multipart payloads for your JAX-RS client and services
Open Liberty You can now send multipart requests from your JAX-RS clients or send multipart payloads as responses from their JAX-RS resources. Prior to 21.0.0.5, Liberty supported only receiving multipart/form-data payloads, and not have any APIs to enable users to send multipart payloads. For more information, see Send and receive multipart/form-data parts in JAX-RS on the Open Liberty website.
[21.0.0.4 and later]
Enhance concurrency capabilities with MicroProfile Context Propagation 1.2
Open Liberty MicroProfile Context Propagation 1.2 is a stand-alone MicroProfile specification that aligns with the MicroProfile 4.0 platform and specifically addresses a difference in how MicroProfile Config 2.0 treats empty value configuration properties. For more information, see the Open Liberty blog.
Specify LTPA or JWT authentication for a subset of requests with authentication filters
Open Liberty You can set an authentication filter to select which HTTP servlet requests use Lightweight Third-Party Authentication (LTPA) and JSON web tokens (JWT) for single sign-on authentication. For more information, see the Open Liberty blog.
Control thread dump collection for hung requests with the Request Timing feature
Open Liberty In 21.0.0.4 and later, you can control whether the Request Timing feature collects thread dumps. Previously, there was no option to disable the thread dumps for this feature. For more information, see the Open Liberty blog
Automatically clean up of leaked connections
Open Liberty Liberty connection management can automatically detect and close unsharable connections that are left open by the application across the end of a request. For more information, see the Open Liberty blog.
Specify a location for expanded applications
Open Liberty In 21.0.0.4 and later, you can specify a expansion location on the applicationManager element configuration that is used when the autoExpand attribute is set to "true". Previously, when an application was automatically expanded, the default location for the expanded files was hard coded to the ${server.config.dir}/apps/expanded/ directory. For more information, see the Open Liberty blog.
[21.0.0.3 and later]
MicroProfile programming model support 4.0
Use features in the MicroProfile programming model to develop microservice applications for the enterprise. MicroProfile 4.0 is based on Jakarta EE 8.
Manage external configuration of your microservices with MicroProfile Config 2.0
Open Liberty The MicroProfile Config 2.0 feature is based on the Small Rye implementation of the specification. For more information, see the Open Liberty blog.
Monitor faults in your microservices with MicroProfile Fault Tolerance 3.0
Open Liberty MicroProfile Fault Tolerance 3.0 introduces new metrics tags and clarifies the scope of Bulkheads and Circuit Breakers. For more information, see the Open Liberty blog.
Verify the health of your microservices with MicroProfile Health Check 3.0
Open Liberty Micro Profile Health 3.0 includes updates to the overall default readiness status, changes to a method name and the removal of a deprecated qualifier. For more information, see Health checks for microservices.
Propagate JSON Web Tokens with Micro Profile JWT 1.2
Open Liberty MicroProfile JWT 1.2 simplifies the configuration for managing the validation of the JWT by introducing new MicroProfile Config properties. For more information, see the Open Liberty blog.
Monitor applications with MicroProfile Metrics 3.0
Open Liberty MicroProfile Metrics 3.0 introduces new metric values for the existing SimpleTimer and Timer metrics and more. For more information, see the Open Liberty blog.
Trace the flow of requests between micro services with MicroProfile Open Tracing 2.0
MicroProfile OpenTracing 2.0 upgrades the OpenTracing API to version 0.33.0, which allows the use of tracing backends and their libraries that are built on OpenTracing API 0.33.0. For more information, see the Open Liberty blog.
Document REST APIs with MicroProfile OpenAPI
Open Liberty MicroProfile OpenAPI 2.0 builds on the OpenAPI v3 specification to define a standard, language-agnostic, interface for describing REST APIs, which allows documentation to be generated from the APIs themselves. For more information, see API documentation with OpenAPI.
Develop applications that consume RESTful services with MicroProfile REST Client
MicroProfile REST Client 2.0 adds support for HTTP proxy servers, automatically following HTTP redirects, Server Sent Events, and more configuration options for JSON-B providers and multiple query parameters. For more information, see the Open Liberty blog.
[21.0.0.2 and later]
HTTP Channel Configuration Improvements
Open Liberty The trustedHeaderOrigin and trustedSensitiveHeaderOrigin properties can now be configured with IP address wildcards and hostnames. Previously, these properties accepted only the * or none values, or a list of full IP addresses. For more information, see the Open Liberty blog.
For z/OS platformsAngel process version number
Angel version number 16 was added for the 21.0.0.2 product level. For more information, see Process types on z/OS.
[21.0.0.1 and later]
Schedule JSON Web Token (JWT) payloads with JWT Builder
Open Liberty A new attribute, nbfOffset, is available for the jwtBuilder element. You can use this attribute to configure a not-before (NBF) claim for a JWT payload. For more information, see the Open Liberty blog.
Manage relative linking for HTTP Redirects
Open Liberty A new web container property, redirecttorelativeurl, is available. This property tells an application whether to construct absolute URLs from relative redirect links. Previously, Liberty always converted a relative URL that was provided in the sendRedirect() function to an absolute URL, which can cause problems for applications that use reverse proxy servers. For more information, see the Open Liberty blog.
[20.0.0.12 and later]
Provide and consume gRPC services from your web applications
Open Liberty gRPC Remote Procedural Calls (gRPC) is an open source universal RPC framework. With gRPC support on Liberty, developers can both provide and consume gRPC services from web applications. For more information, see the Open Liberty blog.
Specify Custom JNDI Names for Enterprise Beans
Open Liberty Applications that run on Liberty can now configure and use custom JDNI names or legacy default JNDI names for looking up and injecting enterprise beans. Previously, Liberty supported looking up enterprise beans only by using the specification-defined JNDI names. For more information, see the Open Liberty blog.
Java SE 15 support
The 20.0.0.12 release adds support for Java Platform, Standard Edition (Java SE) Version 15. You can use Java SE 15 with Liberty 20.0.0.12 or later. Liberty runs on any recent Java SE 15 release from AdoptOpenJDK, Oracle, or other OpenJDK vendors. Java SE 15 is not a long-term supported release. Standard support is scheduled to end in March 2021. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.
[20.0.0.11 and later]
Kerberos authentication of data sources
Kerberos authentication of data sources is supported for DB2®, Oracle Database, Microsoft SQL Server, and PostgreSQL. For more information, see Configuring relational database connectivity in Liberty.

Open Liberty For more information in Open Liberty, see Kerberos authentication for JDBC data sources.

Grafana dashboard support for a Thanos data source
Open Liberty The Liberty Grafana dashboards, which visualize data from the MicroProfile Metrics feature, can now visualize data from a Thanos data source. Previously, support for visualizing metrics data with Grafana was only available for Liberty servers that used Prometheus as the data source. For more information, see the Open Liberty blog.
[20.0.0.10 and later]
Install a signed certificate with the Automatic Certificate Management Environment Support feature (acmeCA-2.0)
Open Liberty You can now install a certificate that is signed by a certificate authority (CA) by using the Automatic Certificate Management Environment (ACME) protocol. When the acmeCa-2.0 feature is enabled, the Liberty server automatically requests a certificate from your configured CA at startup if a new certificate is needed. Previously, the default TLS or SSL configuration provided only a self-signed certificate. For more information, see Automatic certificate management with ACME.
[20.0.0.9 and later]
Develop MicroProfile GraphQL queries and mutations faster with the built-in GraphiQL user interface
Open Liberty A built-in GraphiQL user interface is now available for Liberty. You can use this web-based UI to write and execute GraphQL queries and mutations in real time with advanced editing features like command completion, query history, and schema introspection. For more information, see the Open Liberty blog.
Experiment with a third-party GraphQL client API
Open Liberty In version 20.0.0.9 and later, you can experiment with the type-safe SmallRye GraphQL Client API. SmallRye is the underlying implementation of MicroProfile GraphQL, and you can access some of its features by adding the third-party API type visibility to your application. For more information, see the Open Liberty blog.
For z/OS platformsUpdates to SAF Authorization Service API
New methods in the SAF authorization service API can check authorization of a user or group to a dataset. Also, the existing authorization service API was extended to have an option to throw an exception on failure.
[20.0.0.8 and later]
Write JSON logs to the System.out output stream without modification
Open Liberty In version 20.0.0.8 and later, you can write your JSON application logs directly to the System.out or System.err output streams without modification. Previously, when JSON logging was enabled, Liberty embedded anything that was written to the System.out or System.err output streams into the message field of a liberty_message event. For more information, see the Open Liberty blog.
Add new NCSA HTTP access log fields to JSON logs
Open Liberty In versions 20.0.0.8 and later, you can include new National Center for Supercomputing Applications (NCSA) fields in your JSON formatted HTTP access logs. You can also customize which fields to send to the logs, which can then be sent to log analysis platforms such as the Elastic Stack. Previously, only a default set of fields was available. For more information, see the Open Liberty blog.
View job logs for partitions that run on a remote executor with IBM MQ
In versions 20.0.0.8 and later, job logs are created for partitions that run on a remote executor. Previously, no job logs were available for partitions that ran on a remote executor. For more information, see Enabling multiple server partitions support by using the IBM MQ messaging provider.
For z/OS platformsisValidGroup SAF Authorized Registry Path and updates to UserRegistry, isValidUser, and isValidGroup methods.
If the Liberty server is configured to use SAF authorized services, it uses the RACROUTE` EXTRACT macro to process the new isValidGroup unauthorized service.

Unless the server uses an Angel for authentication operations, the UserRegistry, isValidUser, and isValidGroup methods return false for user or group names that are created without an OMVS segment. For more information, see Unauthorized services used by the SAF registry.

[20.0.0.7 and later]
For z/OS platformsSpecify a CICS® transaction identifier for transaction recovery with Optimized Adapters
From 20.0.0.7, the new optional CTID parameter specifies a four character CICS transaction identifier that is used for transaction recovery. For more information, see Liberty server transactions for CICS: BBOC, BBO$, and BBO#.
Security
Disable LTPA cookies for TAI or SPNEGO
Open Liberty When a client, such as a browser, is authenticated with a Liberty server, the default response is a single sign-on (SSO) LTPA cookie in the HTTP servlet. As of the 20.0.0.7 release, you can decide whether to receive the LTPA cookie for TAI and SPNEGO authentication if another authentication mechanism is preferred. For more information, see the Open Liberty blog.
Disable JSON JWT SSO cookies
Open Liberty When a client, such as browser, is authenticated with a Liberty server through the JSON Web Tokens (JWT) single SSO feature, the default response is a JWT SSO cookie in the HTTP servlet. As of the 20.0.0.7 release, you can disable JWT cookies for the JWT SSO feature if another authentication mechanism is preferred. For more information, see Disable JWT cookies.
[20.0.0.6 and later]
Control application start order in Liberty
Open Liberty By default, applications start in parallel and finish starting in random order. You can now prevent any application from starting until one or more other applications start. This update is useful in cases where several separate applications have implicit dependencies on each other. For more information, see the Open Liberty blog.
For z/OS platformsManually clear the Liberty authentication cache
Before this release, a revoked user might remain in the Liberty authentication cache until the cache was unused for 10 minutes. With 20.0.0.6, you can manually clear the authentication cache by using either a MODIFY command or an MBean. For more information, see Modify commands on z/OS and com.ibm.websphere.security.authentication.cache.DeleteAuthCache in the list of provided MBeans.
Provision features from a Maven repository
Open Liberty You can now install features into Liberty from Maven Central or an on-premises Maven repository by using a convenient command-line tool. Use the wlp/bin/featureUtility command to find, get information about, and install assets that are in a Maven repository. For more information, see the Open Liberty blog.
Use GraphQL with Liberty
Open Liberty As of 20.0.0.6, Liberty officially supports MicroProfile GraphQL. You can now write code-first GraphQL applications that put clients in control of the data they receive. For more information, see the Open Liberty blog.
View REST visualizations and hover-over descriptions in Liberty Grafana Dashboards
Open Liberty The 20.0.0.6 release introduces a new set of visualizations to the Liberty Grafana dashboards. These visualizations are found under a new tab in the dashboard that is labeled REST. In addition, hover-over descriptions are available to provide a short summary about each visualization and its function. For more information, see the Open Liberty blog.
Web application startup changes in Liberty
Open Liberty With 20.0.0.6, Liberty is updated to consider web applications as started after any calls to the ServletContainerInitializers and ServletContextListeners interfaces are complete. This change moves more of the application initialization into the server startup route and might make applications and the server appear to take longer to start. However, the time it takes for applications to start processing requests is not affected. For more information, see the Open Liberty blog.
[20.0.0.5 and later]
Java SE 14 support
The 20.0.0.5 release adds support for Java Platform, Standard Edition (Java SE) Version 14. You can use Java SE 14 with Liberty 20.0.0.5 or later. Liberty runs on any recent Java SE 14 release from AdoptOpenJDK, OpenJDK, or Oracle. Java SE 14 is not a long-term supported release. Standard support is scheduled to end in September 2020. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.
Configure failover support for EJB persistent timers across multiple Liberty servers
Open Liberty You can now specify the maximum amount of time for an Enterprise JavaBeans (EJB) persistent timer to complete on a server before another server takes over and runs the timer instead. Prior to this release, coordination of automatic EJB persistent timers across multiple Liberty servers was limited to configuring the EJB timer service on each server to persist timers to the same database. A single timer instance was created on one of the servers without the ability to go to another server if the original server stopped or crashed. For more information, see Configuring the enterprise JavaBeans timer service for persistent timers.
Format Liberty console logs with date and time stamps and other relevant information
Open Liberty This release introduces a new option called simple for the consoleFormat logging server configuration attribute, which configures Liberty to output console logs with date and time stamps and other relevant information. Prior to this release, console logs only displayed the message and log level. For more information, see the Open Liberty blog.
Omit specified fields from JSON logging output
Open Liberty You can now specify JSON fields to omit from the JSON logging process. Prior to this release, Liberty logs in JSON format were configured with a default set of fields that could not be altered. For more information, see Configurable JSON field names.
Security
Open Liberty JAAS login modules can now load classes directly from a resource adapter. Prior to this release, to use JAAS login modules, the classes from the resource adapter had to be extracted and configured as a shared library. For more information, see the Open Liberty blog.
[20.0.0.4 and later]
MicroProfile programming model support 3.3
Use features in the MicroProfile programming model to develop microservice applications for the enterprise. MicroProfile 3.3 is based on Java EE 8.
Manage external configuration of your microservices with MicroProfile Config 1.4
Open Liberty MicroProfile Config 1.4 adds updates to the to the built-in and implicit converters. For more information, see the Open Liberty blog.
Monitor faults in your microservices with MicroProfile Fault Tolerance 2.1
Open Liberty MicroProfile Fault Tolerance 2.1 includes new parameters for the @Fallback and @CircuitBreaker annotations. For more information, see the Open Liberty blog.
Verify the health of your microservices with MicroProfile Health Check 2.2
Open Liberty MicroProfile Health Check 2.2 adds annotation literals for the Liveness and Readiness qualifiers. These annotation literals enable programmatic lookup and support for inline instantiation of the qualifiers, which was not supported in previous versions. For more information, see the Open Liberty blog.
Monitor microservice applications with MicroProfile Metrics 2.3
Open Liberty MicroProfile Metrics 2.3 includes a new metric type called a Simple Timer, which is annotated with @SimplyTimed, and runtime-provided metrics that track REST resource method usage. For more information, see the Open Liberty blog.
Easily determine HTTP headers on outgoing requests with MicroProfile Rest Client 1.4
Open Liberty MicroProfile Rest Client 1.4 adds injection into ClientHeadersFactory instances. For more information, see the Open Liberty blog.
Automatically compress HTTP responses
Open Liberty You can now compress HTTP responses by using the <compression> element. Previously, Liberty only considered compression through the use of the $WSZIP private header. For more information, see the Open Liberty blog.
Use YUM and Apt native OS tools to manage your Liberty installations
Open Liberty Liberty is now available as a native Linux® .deb or .rpm package so that you can use yum and apt native OS tools to manage your Liberty installations. For more information, see the Open Liberty blog.
Track usage patterns and performance of services
Open Liberty The JAX-RS 2.1 auto-feature is enabled whenever the jaxrs-2.0 or jaxrs-2.1 feature is specified along with the monitor-1.0 feature in the server.xml file. This auto-feature introduces the capability to collect statistics that are useful for design, debug, and monitoring purposes. For more information, see the Open Liberty blog.
Security
You can now configure the Social Login feature to use OpenShift® service accounts to authenticate and authorize protected resource requests. For more information, see the Open Liberty blog.
[20.0.0.3 and later]
Provide your own certificates and keys for collectives
You can provide your own certificates and keys so that you have a simpler credentials configuration for collectives. For more information, see Configuring a Liberty collective.
Access Kafka-specific properties
Open Liberty You can now access Kafka-specific message properties, such as the message key and message headers. Previously, the basic MicroProfile Reactive Messaging Message API did not let the user access anything other than the payload of the message. For more information, see the Open Liberty blog.
Set the SameSite cookie attribute
You can now set the SameSite attribute on the Session cookie, the LTPA, and JWT cookies, as well as application-defined cookies. The SameSite attribute can be added by adding one or more server.xml configuration options. For more information, see the Open Liberty blog.
[20.0.0.1 and later]
Apply context service references to non-persistent timer method threads
You can now configure the Enterprise JavaBeans (EJB) timer service to use a ContextService instance to control which managed thread contexts are propagated to or created on the non-persistent timer thread. Previously, context service references could not be applied to non-persistent timers. For instance, you can now use the non-persistent timer method context propagation reference option to propagate the security context to the non persistent timer thread. For more information, see Configuring Enterprise JavaBeans timer service.
For z/OS platformsPropagate the z/OS WLM context to the non persistent timer thread
For z/OS platformsYou can now use the non-persistent timer method context propagation reference option to propagate the z/OS WLM context to the non persistent timer thread. Previously, context service references could not be applied to non-persistent timers. For more information, see Configuring Enterprise JavaBeans timer service.
Use OpenShift OAuth server for authentication and authorization
Open Liberty You can now configure the socialLogin-1.0 feature to use the built-in OpenShift OAuth server and OAuth Proxy sidecar as authentication providers. For more information, see the Open Liberty blog.
Monitor the process CPU time
Open Liberty You can now use the new processCpuTime metric in MicroProfile Metrics to monitor the CPU time used by the process on which the JVM is running. For more information, see the Open Liberty blog.
[19.0.0.12 and later]
MicroProfile programming model support 3.2
Use features in the MicroProfile programming model to develop microservice applications for the enterprise. MicroProfile 3.2 is based on Java EE 8.
Provide your own health check procedures with MicroProfile Health Check 2.1
Open Liberty You can now use Micro Profile Health Check 2.1 to provide your own health check procedures to verify the health of your microservice. Previously, you could only use several predefined static methods to construct a Health Check response. For more information, see the Open Liberty blog.
Monitor microservice applications with MicroProfile Metrics 2.2
Open Liberty You can now use MicroProfile Metrics 2.2 to add metrics to your microservice. This version includes updates for the MetadataBuilder API. For more information, see the Open Liberty blog.
Jaeger support in OpenTracing
Open Liberty MicroProfile OpenTracing 1.3 now supports Jaeger as a distributed tracing backend. No user feature is required in the server configuration. For more information, see the Open Liberty blog.
Security
Open Liberty Liberty now supports the reader role for read-only access to select administrative REST APIs, as well as the Admin Center UI. For more information, see the Open Liberty blog.
Open Liberty New options are available to help establish trust for TLS connections. For more information, see the Open Liberty blog.
[19.0.0.11 and later]
Improved request logging with Request Timing 1.0
Open Liberty You can now use the Request Timing 1.0 feature to verify whether a slow request completed and how long it took to complete. Previously, this feature only logged that a slow request was detected and did not log when or whether the request completed. This upgrade helps diagnose the causes and impacts of slow and hung requests. For more information about Request Timing 1.0, see the Open Liberty blog.
Java SE 13 support

For distributed platformsOpen Liberty The 19.0.0.11 release adds support for Java Platform, Standard Edition (Java SE) Version 13. You can use Java SE 13 with Liberty 19.0.0.11 or later. For more information, see the Open Liberty blog. Liberty can run with OpenJDK 13.0.1 or later on the Eclipse OpenJ9 VM. For more information, see Updating the Liberty Java runtime environment or software development kit.

For z/OS platformsJava SE 13 is not available for z/OS. The most recent supported Java SE version for z/OS is Java SE 8. For more information, see Installing IBM SDK, Java Technology Edition on z/OS.

Continuous fix pack delivery

WebSphere Application Server Liberty follows a continuous delivery process. Instead of delivering a large amount of content in a new version, new content is delivered gradually as optional installable features in of each fix pack. Because of the Liberty zero-migration policy, you can update to the latest fix pack and then continue to use your existing configuration and applications, with no unexpected change in behavior.

In contrast to WebSphere Application Server traditional, which has different fix packs for each version, Liberty has a single service stream. A Liberty fix pack contains the same content regardless of which product version you purchased. Fix pack 16.0.0.2 is the next Liberty fix pack after 8.5.5.9.

A diagram that shows a single line of fix packs that apply to both V8.5.5 and V9.0

For installation information, see Installing Liberty.

Multimedia Watch: The Liberty single-stream fix pack delivery video shows how Liberty fix packs are continuously delivered into a single service stream that applies to all product versions. [Transcript]

Fix pack numbering

Beginning with fix pack 16.0.0.2, WebSphere Application Server Liberty fix packs use the following numbering scheme:
Y.R.M.F
where:
  • Y = year, last 2 digits
  • R = release
  • M = modification
  • F = fix pack release during the year

For example, fix pack 16.0.0.2 refers to year 2016, release 0, modification 0, and the second fix pack of the year. For the third fix pack of 2018, the fix name would be 18.0.0.3.

This numbering change applies only to Liberty. WebSphere Application Server traditional fix packs continue to follow the V.R.M.F numbering scheme, where the letters stand for version, release, modification, and fix pack.