What is new in this release of Liberty

This release introduces key enhancements to Liberty.

What's new
Continuous fix pack delivery
Fix pack numbering

What's new

Many of the latest features for Liberty are now documented on the Open Liberty website. For more information about new Liberty features and capabilities, see the Open Liberty blog.

The Liberty features topic lists the features available in Liberty products and highlights recently introduced features with a fix pack icon. Recent fix packs provide the following key enhancements:

WebSphere Liberty operator 1.5.1: Update to the new 1.5.1 release of WebSphere Liberty operator. Version 1.5.1 adds security fix updates for operating system packages and API libraries.; Support for Red Hat® OpenShift® Container Platform 4.20 and Kubernetes 1.33 is added in 25.0.0.11.

Java SE 25 support

Distributed: [AIX MacOS Linux Windows] Open Liberty The 25.0.0.10 release adds support for Java™ Platform, Standard Edition (Java SE) Version 25. You can use Java SE 25 with Liberty 25.0.0.10 or later. Java SE 25 is a Long-Term-Support (LTS) version of Java. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platforms The IBM i platform supports only Java SE 8, Java SE 11, Java SE 17, and Java SE 21. For more information about supported versions of Java on IBM i versions, see Java products and options on IBM i.

WebSphere Liberty container images

UBI 9-minimal based WebSphere Liberty images with Semeru 25 are added in 25.0.0.10. For more information on Liberty images, see Liberty container images.

WebSphere Liberty operator 1.5.0

Update to the new 1.5.0 release of WebSphere Liberty operator.

Support for memory and custom metrics-based autoscaling was added. For more information, see Configure Horizontal Pod Autoscaling for high availability.

Support for collecting performance data for diagnosing problems was added. For more information, see WebSphereLibertyPerformanceData custom resource.

Support for optional pull secrets in custom service accounts was added. For more information, see Configure service account.

The output location of the WebSphereLibertyTrace custom resource was changed to the sub folder logs. The output location of the WebSphereLibertyDump custom resource was changed to the sub folder serverDumps. For more information, see WebSphereLibertyTrace custom resource and WebSphereLibertyDump custom resource.

The output location for Java dumps, when serviceability storage (.spec.serviceability) is enabled, was changed from the serviceability folder to the logs subfolder.

The base image of the Operator and catalog source was changed to UBI 9 Minimal.

Security fix updates for operating system packages and API libraries were added.

MicroProfile 7.1 support: The 25.0.0.8 release adds support for the MicroProfile programming model version 7.1. MicroProfile 7.1 is a minor release. This release introduces the new versions of the MicroProfile OpenAPI and Telemetry features. Jakarta EE 10 is the minimum Jakarta EE version for MicroProfile 7.1.
If you are updating your application from using MicroProfile 7.0 features to using MicroProfile 7.1 features, changes in API behavior might require you to update your application code. For more information, see Differences between MicroProfile 7.1 and 7.0 on the Open Liberty website and the Open Liberty blog.
WebSphere Liberty operator 1.4.4: Extended support has ended for Red Hat OpenShift Container Platform 4.15 and Kubernetes 1.28. For more information, see Red Hat OpenShift Container Platform Lifecycle Policy.

WebSphere Liberty operator 1.4.4: Update to the new 1.4.4 release of WebSphere Liberty operator. Version 1.4.4 adds security fix updates for operating system packages and API libraries.; Support for Red Hat OpenShift Container Platform 4.19 and Kubernetes 1.32 is added in 25.0.0.7.

WebSphere® MQ JMS support for versionless features.: You can enable WebSphere MQ JMS Client features by using the versionless features of wmqJmsClient or wmqMessagingClient with any of the Java EE or Jakarta EE platform names. For more information, see Liberty features.

Use MicroProfile Health 4.0 file-based mechanism for health checks: The MicroProfile Health 4.0 feature (mpHealth-4.0) introduces a new file-based health check mechanism to validate the status of a microservice and its dependencies. For more information, see Health checks for microservices on the Open Liberty website.

Use MicroProfile Telemetry 2.0 to collect access logs to OpenTelemetry: The MicroProfile Telemetry 2.0 feature (mpTelemetry-2.0) can collect access logs to OpenTelemetry by configuring access logging and the accessLog source. For more information, see MicroProfile Telemetry on the Open Liberty website.

Rapid startup for applications that use management and security features

Liberty InstantOn supports a subset of Liberty features. As of the 25.0.0.4 release, the following features are added to this collection:

J2EE Management 1.1 (j2eeManagement-1.1)
Application Client Support for Server 1.0 (appClientSupport-1.0)
Application Client Support for Server 2.0 (appClientSupport-2.0)
Web Service Security 1.1 (wsSecurity-1.1)

With this enhancement, you can rapidly deploy applications that use these features by using Liberty InstantOn. For more information, see Faster startup for containerized applications with Open Liberty InstantOn on the Open Liberty website.

Java SE 24 support

Distributed: [AIX MacOS Linux Windows] Open Liberty The 25.0.0.4 release adds support for Java Platform, Standard Edition (Java SE) Version 24. You can use Java SE 24 with Liberty 25.0.0.4 or later. Java SE 24 is a non-Long-Term-Support (LTS) version of Java. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platforms The IBM i platform supports only Java SE 8, Java SE 11, and Java SE 17. Java SE 21 and Java SE 24 are not supported on IBM i.

Use MicroProfile Telemetry 2.0 to send audit logs to OpenTelemetry

The MicroProfile Telemetry 2.0 feature (mpTelemetry-2.0) can collect and send audit logs to OpenTelemetry by using the audit-1.0 feature or the audit-2.0 feature. For more information, see MicroProfile Telemetry on the Open Liberty website.

WebSphere Liberty container images

UBI 9-minimal based WebSphere Liberty images with Semeru 17, 11, 8 and IBM Java 8 are added in 25.0.0.4. For more information on Liberty images, see Liberty container images.

WebSphere Liberty operator 1.4.3

Update to the new 1.4.3 release of WebSphere Liberty operator. Version 1.4.3 adds security fix updates for operating system packages and API libraries.

Support FIPS 140-3 in Liberty with IBM SDK 8

Distributed: [AIX MacOS Linux Windows] FIPS 140-3 is supported by IBM SDK, Java Technology Edition 8. FIPS 140-3 introduces new algorithms for LTPA keys. For more information, see Setting up Liberty for FIPS compliance.

For IBM i platforms The IBM i platform does not support FIPS 140-3.

New library configuration option

A new configuration option called path is added for the library configuration element. The path sub-element can target either a file or a folder. With this option, you don't need to know the target type ahead of time because the path configuration can accept either a file or a folder target. Previously, all the options for the library element required that you know the target type in advance.

In WebSphere Liberty, for more information about the path configuration option, see Shared Library (library).
For more information about the path configuration option, see the Open Liberty blog.

WebSphere Liberty operator 1.4.2

Update to the new 1.4.2 release of WebSphere Liberty operator. Version 1.4.2 adds security fix updates for operating system packages and API libraries.

Support for Red Hat OpenShift Container Platform 4.18 and Kubernetes 1.31 is added in 25.0.0.3.

Support for AES-256 password encoding: The Liberty securityUtility encode command now uses AES-256 encryption when the --encoding option is set to aes. For AES decryption, Liberty supports both AES-128 and AES-256. Previously, Liberty supported only AES-128 encryption for AES encryption and decryption. For more information, see the securityUtility command documentation.

Configure the web module class loader for an enterprise application

To simplify migration from WebSphere Application Server traditional to Liberty, you can specify the webModuleClassPathLoader attribute for the enterpriseApplication element. This attribute controls which class loader is used for the JARs that are referenced by a web module Class-Path attribute. For more information, see Configuring the web module class loader for an enterprise application.

Rapid startup for applications that use Java Batch and Connectors Inbound Security features

Liberty InstantOn supports a subset of Liberty features. As of the 25.0.0.1 release, the following features are added to this collection:

Batch API (batch-1.0)) and
Jakarta Batch 2.0 (batch-2.0)
Jakarta Batch 2.1 (batch-2.1)
Java Connector Architecture Security Inflow 1.0 (jcaInboundSecurity-1.0)
Jakarta Connectors Inbound Security 2.0 (connectorsInboundSecurity-2.0)

WebSphere Liberty operator 1.4.1

Extended support has ended for Red Hat OpenShift Container Platform 4.12 and Kubernetes 1.25. For more information, see Red Hat OpenShift Container Platform Lifecycle Policy.

MicroProfile 7.0 support: The 24.0.0.12 release adds support for the MicroProfile programming model version 7.0. MicroProfile 7.0 is a major release. It replaces MicroProfile Metrics with MicroProfile Telemetry. Therefore, MicroProfile Metrics moves out of the umbrella release and becomes a stand-alone specification. This release also introduces the new versions of the MicroProfile OpenAPI, Rest Client, Fault Tolerance, and Telemetry features. Jakarta EE 10 is the minimum Jakarta EE version for MicroProfile 7.0.
If you are updating your application from using MicroProfile 6.0 features to using MicroProfile 7.0 features, changes in API behavior might require you to update your application code. For more information, see Differences between MicroProfile 7.0 and 6.1 on the Open Liberty website.
Check for Samesite=None incompatible clients: You can now use SameSite=None cookies without the worry of breaking certain client versions. Previously, cookies with the SameSite=None attribute were rejected or mishandled if they were sent to an incompatible client version. Now, Liberty intercepts cookies with the SameSite=None attribute before they are sent to the web browser and checks whether the User-Agent header specifies an incompatible client version. If an incompatible client is detected, any SameSite=None and Partitioned headers are removed from the cookie.
For more information, see Setting the SameSite attribute on cookies with Open Liberty on the Open Liberty blog.

WebSphere Liberty operator 1.4.1: Update to the new 1.4.1 release of WebSphere Liberty operator. Version 1.4.1 adds security fix updates for operating system packages and API libraries.; WebSphere Liberty Operator optimizes reconciliation time by continuously analyzing the status of instances and reconciliation events and auto-tuning the reconciliation process.
WebSphere Liberty Operator also reduces the number of logs that are written for the Operator with the default info log level. Configuring logging levels is supported for WebSphere Liberty Operator. For more information, see Operator ConfigMap.
Liberty supported on IBM i 7.6: Liberty V24.0.0.12 and later versions are supported on the IBM i 7.6 operating system. For more information, see Minimum supported Java levels.

SE 11 end of support moved from 26.0.0.10 to 27.0.0.10

The Liberty end of support date for Java SE 11 is updated to October 2027. Previously, the end of support date was October 2026. For more information, see Removal notices.

Rapid startup for applications that use authorization and messaging features

Liberty InstantOn supports a subset of Liberty features. As of the 24.0.0.11 release, the following features are added to this collection:

Java Authorization Contract for Containers (jacc-1.5)
Jakarta Authorization 2.0 and 2.1 (appAuthorization-2.0 and appAuthorization-2.1)
Message Server 1.0 (wasJmsServer-1.0)
Messaging Server 3.0 (messagingServer-3.0)
JMS Client for Message Server 2.0 (wasJmsClient-2.0)
Messaging Server Client 3.0 (messagingClient-3.0)

Java SE 23 support

Distributed: [AIX MacOS Linux Windows] Open Liberty The 24.0.0.10 release adds support for Java Platform, Standard Edition (Java SE) Version 23. You can use Java SE 23 with Liberty 24.0.0.10 or later. Java SE 23 is a non-Long-Term-Support (LTS) version of Java. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platforms The IBM i platform supports only Java SE 8, Java SE 11, and Java SE 17. Java SE 21 and Java SE 23 are not yet supported on IBM i.

WebSphere Liberty operator 1.4.0

Support for Red Hat OpenShift Container Platform 4.17 and Kubernetes 1.30 is added in 24.0.0.10.

Simplify your runtime configuration with versionless stand-alone MicroProfile features

Versionless features are now available for the following stand-alone MicroProfile features:

mpContextPropagation
mpGraphQL
mpReactiveMessaging
mpReactiveStreams

In 24.0.0.8, Open Liberty introduced versionless features, which allow you to use Liberty features without worrying about what feature version to use. The initial release of versionless features did not include stand-alone MicroProfile features, which are not part of any MicroProfile umbrella release. For more information, see the Open Liberty website.

Hostname and IP address verification

Hostname and IP address verification are enabled by default. This verification is enforced for target servers in all SSL connections through Open Liberty socket factories. For more information, see the Open Liberty website.

Use MicroProfile Telemetry 2.0 to send logs, metrics, and traces to OpenTelemetry

In this release, the MicroProfile Telemetry 2.0 feature (mpTelemetry-2.0) helps improve the observability of your Java applications by using OpenTelemetry to collect and export logs, metrics, and traces in a standardized way. Previous versions of MicroProfile Telemetry could manage only distributed tracing. For more information, see Collect logs, metrics, and traces with OpenTelemetry on the Open Liberty website.

Continue to use third-party cookies with CHIPS

CHIPS, or Cookies Having Independent Partitioned State, is a new capability from Google Chrome to manage third-party cookies more effectively and maintain website compatibility. By partitioning the cookie jar, CHIPS enables users to block third-party cookies while still allowing sites designed with them to function properly. This feature aims to provide a balance between user privacy and website functions. Liberty now offers several configuration attributes to help you manage partitioned cookies. For more information, see the Open Liberty blog.

WebSphere Liberty operator 1.4.0

Update to the new 1.4.0 release of WebSphere Liberty operator. Version 1.4.0 adds updates to the API libraries.

Support for password encryption including for the managed LTPA keys is added.

Support for DNS configurations is added.

Support for tolerations to allow the scheduler to schedule pods on nodes with matching taints is added.

The WebSphere Liberty operator sets RuntimeDefault as the default value of the seccomp profile. For more information, see Set privileges and permissions for a pod or container (.spec.securityContext).

Additional DNS entries in the certificate for the applications including for StatefulSet and headless service are added. New certificates will be generated for the applications that utilize the .spec.manageTLS functionality.

Use the Audit 2.0 feature to avoid generating unnecessary REST Handler records

The Audit 2.0 feature (audit-2.0) is designed for users who are not using REST Handler applications. It provides the same audit records as the Audit 1.0 feature (audit-1.0) but it does not generate records for REST Handler applications.

If you need to keep audit records for REST Handler applications, continue to use the audit-1.0 feature.

Simplify your runtime configuration with versionless features for the MicroProfile, Jakarta EE, and Java EE platforms

You can enable certain Liberty features without having to specify a particular feature version by using versionless features. Versionless features are available for the MicroProfile, Jakarta EE, and Java EE platforms. For more information, see the Open Liberty website. WebSphere Liberty supports all the available platforms and versionless features that are documented on the Open Liberty website, with the addition of the javaee-6.0 platform, which Open Liberty does not support.

Configure Liberty InstantOn for containerized applications that use IBM MQ

Liberty InstantOn, which improves startup times for containerized applications, now supports the JMS 2.0 Client for IBM MQ (wmqJmsClient-2.0) and Messaging 3.0 Client for IBM MQ (wmqMessagingClient-3.0) features. For more information, see Faster startup for containerized applications with Liberty InstantOn.

Enhanced histogram and timer metrics in MicroProfile 3.0 and 4.0

The 24.0.0.7 release introduces MicroProfile Config properties for MicroProfile 3.0 and 4.0 that are used to configure the statistics that the histogram and timer metrics track and output. These changes are already available in MicroProfile Metrics 5.1. For more information, see the Open Liberty blog.

WebSphere Liberty operator 1.3.3

Update to the new 1.3.3 release of WebSphere Liberty operator.

Support for Red Hat OpenShift Container Platform 4.16 and Kubernetes 1.29 is added in 24.0.0.7.

Support for specifying IBM Cloud Pak for Applications Advanced license entitlements in WebSphereLibertyApplication custom resources is added. For more information, see Tracking Liberty license use in Kubernetes.

WebSphere Liberty operator 1.3.3 introduces the disableServiceLinks configuration option that is used to control service links.

Security fix updates for Go, operating system packages, and API libraries were added.

Faster startup for Spring Boot 3.x applications with Liberty InstantOn: Enable the Coordinated Restore at Checkpoint (crac-1.4) feature and the Spring Boot Support 3.0 feature (springBoot-3.0) to achieve faster startup times for your Spring Boot 3.x applications with Liberty InstantOn. For more information, see the Open Liberty blog.
Use IBM MQ messaging with Liberty InstantOn: The 24.0.0.6 release introduces InstantOn feature support for Jakarta Messaging, Jakarta Connectors, and Jakarta Enterprise Beans Message-Driven Beans (MDB). InstantOn now provides faster startup times for applications that use the Jakarta Messaging API to access external messaging systems like IBM® MQ. These messaging client applications can also manage message delivery to endpoints with message-driven bean listeners. For more information, see the Open Liberty blog.
Configure distributed HTTP session caching with Liberty Instant On support: The 24.0.0.6 release provides InstantOn support for the JCache Session Persistence feature. This feature uses a JCache provider to create a distributed in-memory cache. For more information, see the Open Liberty blog.

WebSphere Liberty operator 1.3.2: Update to the new 1.3.2 release of WebSphere Liberty operator. Version 1.3.2 adds security fix updates for operating system packages and API libraries.

Java SE 22 support

Distributed: [AIX MacOS Linux Windows] Open Liberty The 24.0.0.4 release adds support for Java Platform, Standard Edition (Java SE) Version 22. You can use Java SE 22 with Liberty 24.0.0.4 or later. Java SE 22 is a non-Long-Term-Support (LTS) version of Java. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platforms The IBM i platform supports only Java SE 8, Java SE 11, and Java SE 17. Java SE 21 and Java SE 22 are not yet supported on IBM i.

Debug performance issues with default verbose garbage collection

Open Liberty Enabling verbose garbage collection for your Java runtime can help you debug memory leaks and other performance bottlenecks. Starting in 24.0.0.3, verbose garbage collection is enabled by default when you use IBM Java or IBM Semeru Runtimes as your Java implementation.

Up to 10 verbosegc.XXX.log rolling log files are created in your log directory, with 1024 GC cycles per file, where XXX represents the sequence number of the log file. Previously, verbose garbage collection for Liberty was not enabled by default, regardless of the Java implementation. For more information, see the Open Liberty website.

Enhance security with back-channel logout for OpenID Connect clients and servers

Open Liberty Back-channel logout allows OpenID Connect servers to directly notify OpenID Connect clients of a user logout so each OpenID Connect client can also log the user out locally.

Previously, OpenID Connect servers could notify OpenID Connect clients that a user logged out only by using iframes that were embedded in the OpenID Connect client's web page. If the web page wasn't active, the OpenID Connect client wasn't notified of the logout that occurred on the OpenID Connect server. Back-channel logout solves this problem through direct communication between the OpenID Connect server and clients. For more information, see the Open Liberty blog.

Java 21 Support for Installation Manager

Installation Manager supports Java 21 in Liberty environments. This update builds upon the existing Java 21 support for archive installations, which was introduced in version 23.0.0.11. For more information, see Installing, updating, and uninstalling the Java SDK.

WebSphere Liberty operator 1.3.1

Support for Red Hat OpenShift Container Platform 4.15 is added in 24.0.0.3.

Configure Liberty InstantOn for applications that manage users and groups with SCIM: Liberty InstantOn, which improves startup times for containerized applications, now supports the System for Cross-domain Identity Management feature (scim-1.0). For more information, see Faster startup for containerized applications with Liberty InstantOn and Configuring SCIM for user and group member management.
Negatively acknowledge messages with MicroProfile Reactive Messaging 3.0 and MicroProfile Streams Operators 3.0: The MicroProfile Reactive Messaging 3.0 and MicroProfile Streams Operators 3.0 features introduce new functions, including negative acknowledgments, emitters, and backpressure support. Previously, MicroProfile Reactive Messaging could only positively acknowledge messages. If a problem existed with the payload or if exceptional behavior occurred, no mechanism was available to indicate or to handle the problem if it occurred within the stream. The updated feature and liberty-kafka connector can send or handle these events. For more information, see the Open Liberty blog and Optimizing asynchronous communication with MicroProfile Reactive Messaging on the Open Liberty website.

Use InstantOn with more Liberty features: InstantOn supports a subset of Liberty features. InstantOn now supports features that enable Jakarta and Java XML Web Services and Jakarta and Java Mail functions, and more versions of previously supported features. For more information, see the Open Liberty website.
Verify the authenticity of the Liberty public key: WebSphere Liberty uses its private key to digitally sign each Liberty release. You can use the Liberty public key to check the signature, verify that the package was released by IBM, and that it was not modified since its release. Starting in version 24.0.0.1, you can also verify the authenticity of the Liberty public key by using a provided certificate (.cer) file. For more information, see Verifying Liberty release packages.
WebSphere Liberty operator 1.3.1: Update to the new 1.3.1 release of WebSphere Liberty operator. Version 1.3.1 adds security fix updates for operating system packages and API libraries.

MicroProfile 6.1 support

The 23.0.0.12 release adds support for the MicroProfile programming model version 6.1, which aligns with Jakarta EE 10. MicroProfile 6.1 is a minor release. It includes new versions of the MicroProfile Config, MicroProfile Telemetry, and MicroProfile Metrics features. If you are updating your application from using MicroProfile 6.0 features to using MicroProfile 6.1 features, changes in API behavior might require you to update your application code. For more information, see Differences between MicroProfile 6.1 and 6.0 on the Open Liberty website and the Open Liberty blog.

Configure the MicroProfile OpenAPI endpoint path

MicroProfile OpenAPI generates and serves OpenAPI documentation for Restful Web Services (or JAX-RS) applications that are deployed to Liberty. OpenAPI documentation is served from the /openapi endpoint and a user interface for browsing this documentation is served from the /openapi/ui endpoint. With MicroProfile OpenAPI 3.1 in Liberty 23.0.0.12 and later, you can configure the paths for these endpoints by adding configuration to your server.xml file. For more information, see the Open Liberty website.

Support LTPA keys rotation without a planned outage

In 23.0.0.12 and later, Liberty can automatically generate new primary LTPA keys files while it continues to use validation keys files to validate LTPA tokens. With this update, you can rotate LTPA keys without any disruption to the application user experience. Previously, application users had to log in to their applications again after the Liberty server LTPA keys were rotated. For more information, see the Open Liberty website.

Send the resource parameter with an authorization request that uses the authorization code flow

Authorization requests can be made by using either the implicit flow or the authorization code flow. When requests use the implicit flow, all tokens are returned from the authorization endpoint and the token endpoint is not used. When requests use the authorization code flow, all tokens are returned from the token endpoint. Previously, Liberty sent the resource parameter only during an implicit flow request. If your request needed the resource parameter but could use only the authorization code flow, the request failed. This update enables the resource parameter to be sent with the authorization code flow. For more information, see the Open Liberty blog.

Obtain the role information from the OpenID Connect access token

ID tokens are JSON Web Tokens that conform to the OpenID Connect specification. Previously, Open ID Connect user role information could be obtained only from this ID token. If role information was not provided within the ID token, then the information was not found. This update provides checks to attempt to obtain role information from the Access Token if it is not found within the ID token. For more information, see the Open Liberty website.

Liberty Maven plug-in 3.10 and Liberty Gradle plug-in 3.8

New releases for Liberty Maven and Gradle plug-ins are now available. These releases include Java 21 support and the ability to deploy Spring Boot 3 applications. For more information, see the Liberty Maven plug-in 3.10 release notes and the Liberty Gradle plug-in 3.8 release notes.

Liberty Tools 23.0.12 for Eclipse IDE, IntelliJ IDEA, and Visual Studio Code

Liberty Tools support the latest available releases of Eclipse IDE, IntelliJ IDEA, and Visual Studio Code. This release also includes various enhancements and fixes. For more information, see the following release notes:

Add computed vendor metrics to your dashboards with MicroProfile Metrics 3.0, 4.0, and 5.0

A set of computed vendor metrics is available when you enable the MicroProfile Metrics 3.0, 4.0, or 5.0 feature, without any additional configuration on your part. You can add these metrics directly to your dashboards in various monitoring tools.

Previously, you calculated these metrics from the Time and Total counts that were provided for various monitoring components. For example, to obtain a response time per request metric, you calculated it by using the array of time series data that is provided by the MicroProfile Metrics feature. However, not all monitoring tools support such complex time-series expressions. For more information, see the Open Liberty blog.

Bug fixes in version 23.0.0.11

The development team made several significant bug fixes in version 23.0.0.11. For more information, see the Open Liberty blog.

WebSphere Liberty operator 1.3.0: Update to the new 1.3.0 release of WebSphere Liberty operator. Version 1.3.0 adds security fix updates for operating system packages and API libraries.; Support for Red Hat OpenShift Container Platform 4.14 is added in 23.0.0.11.

Verify feature signatures with the featureUtility command

In version 23.0.0.10 and later, the featureUtility command verifies feature signatures before it installs a feature into the Liberty runtime.

Previously, the featureUtility command verified only checksum data, which verified the integrity of the feature, but not the authenticity. Integrity verification ensures that the feature was not tampered with. Authenticity verification ensures the feature either originated from the Liberty development team or is a user-created feature. The featureUtility command checks both the authenticity and the integrity of features that are downloaded from the Maven Central repository. For more information, see the featureUtility documentation on the Open Liberty website.

Java SE 21 support

The 23.0.0.10 release adds support for Java Platform, Standard Edition (Java SE) Version 21. You can use Java SE 21 with Liberty 23.0.0.10 or later. Liberty runs on any of the Java SE versions that are listed in the Supported Java Releases table on the Open Liberty website. For more information, see Updating the Liberty Java runtime environment or software development kit and the Open Liberty blog.

For IBM i platforms The IBM i platform supports only Java SE 8, Java SE 11, and Java SE 17. Java SE 21 is not yet supported on IBM i.

Continuous fix pack delivery

WebSphere Application Server Liberty follows a continuous delivery process. Instead of delivering a large amount of content in a new version, new content is delivered gradually as optional installable features in of each fix pack. Because of the Liberty zero-migration policy, you can update to the latest fix pack and then continue to use your existing configuration and applications, with no unexpected change in behavior.

In contrast to WebSphere Application Server traditional, which has different fix packs for each version, Liberty has a single service stream. A Liberty fix pack contains the same content regardless of which product version you purchased. Fix pack 16.0.0.2 is the next Liberty fix pack after 8.5.5.9.

A diagram that shows a single line of fix packs that apply to both V8.5.5 and V9.0

For installation information, see Installing Liberty.

Multimedia Watch: The Liberty single-stream fix pack delivery video shows how Liberty fix packs are continuously delivered into a single service stream that applies to all product versions. [Transcript]

Fix pack numbering

Beginning with fix pack 16.0.0.2, WebSphere Application Server Liberty fix packs use the following numbering scheme:

Y.R.M.F

where:

Y = year, last 2 digits
R = release
M = modification
F = fix pack release during the year

For example, fix pack 16.0.0.2 refers to year 2016, release 0, modification 0, and the second fix pack of the year. For the third fix pack of 2018, the fix name would be 18.0.0.3.

This numbering change applies only to Liberty. WebSphere Application Server traditional fix packs continue to follow the V.R.M.F numbering scheme, where the letters stand for version, release, modification, and fix pack.