一、core-libs/java.nio
添加 FileSystems.newFileSystem(Path, Map<String, ?>) 方法
java.nio.file.FileSystems
针对任何将文件内容视作文件系统的文件系统提供者,添加了三个扩展方法:
newFileSystem(Path)
newFileSystem(Path, Map<String, ?>)
newFileSystem(Path, Map<String, ?>, ClassLoader)
需要说明的是 newFileSystem(Path, Map<String, ?>)
方法是在现有 newFileSystem(Path, ClassLoader) 方法基础上,对参数
class loader 作 null处理的调用。因此需要避免如下使用:
FileSystem fs = FileSystems.newFileSystem(path, null);
详细参见: JDK-8218875
二、core-libs/java.nio
java.nio.ByteBuffer 添加了批处理方法 get/put Methods,不需要再通过索引处理。
详细参见:JDK-5029431
三、core-libs/java.time
JapaneseEra.of(3)
or JapaneseEra.valueOf("Reiwa") 替换 JapaneseEra.valueOf("NewEra")
详细参见: JDK-8205432
四、core-libs/java.util:i18n
更新支持 Unicode 12.1
java.lang.Character
更新支持Unicode 12 字符库, 11.0 至 12.0 添加了 554 字符,总计 137,928。包括4个新的 UnicodeScript,UnicodeScript总数达到150个;61 个 emoji 符号。12.1只添加了一个字符:U 32FF SQUARE ERA NAME REIWA。
java.text.Bidi 和java.text.Normalizer
更新支持Unicode 12(Unicode Standard Annexes, #9 and #15)java.util.regex
更新支持Unicode 12(Unicode Standard Annex #29)
详细参见:JDK-8221431
五、hotspot/gc
JEP 351 ZGC Uncommit Unused Memory
ZGC 垃圾回收加强,会将未使用的堆内存返还给操作系统。助益于内存敏感的应用及服务环境。
这个特性默认开启,可以通过配置关闭 -XX:-ZUncommit。另外,因为未使用内存不会被提交,所以堆大小会收缩至最小堆内存
(-Xms
)以内,这也就意味着当 -Xms 和 -Xmx 配置大小相同是,这一特性会被禁用。
-XX:ZUncommitDelay=<seconds>
(默认300s):堆内存多久未使用会被置于未提交状态。
更多信息:JEP 351
详细参见:JDK-8220347
六、hotspot/gc
添加可管理的 -XXSoftMaxHeapSize 配置
使用ZGC垃圾回收器时有效 (-XX: UseZGC
).
使用此配置时,垃圾回收器会尽量避免堆内存超过执行配置的堆内存大小,特殊情况除外,如为了避免发生OutOfMemoryError异常。SoftMaxHeapSize 大小不能超过最大堆配置大小(-Xmx
),此配置默认生效,默认配置值为最大堆配置值。
可管理即为可运行时调整配置。可以通过jcmd命令:VM.set_flag SoftMaxHeapSize <bytes>
或者 HotSpot MXBean 来修改。
此配置适用情景:
- 服务资源敏感:使堆容量使用保持较低水平,同时能够应对临时的大容量使用需求。
- When using a concurrent GC (such as ZGC), you might want to play it safe and increase the confidence level that you will not run into an allocation stall because of an unforeseen increase in allocation rate. Setting a soft max heap size encourages the GC to maintain a smaller heap, which means the GC will collect garbage more aggressively than it otherwise would, making it more resilient to a sudden increase in the application allocation rate.
详细参见:JDK-8222145
七、hotspot/gc
ZGC 最大堆内存上限调整为 16TB
详细参见:JDK-8221786
八、hotspot/runtime
JEP 350 Dynamic CDS Archiving
JEP 350 extends application class-data sharing (AppCDS) to allow the dynamic archiving of classes as a Java application is exiting. It also improves the usability of AppCDS by eliminating the need for users to do trial runs to create a class list for each application. The existing static archiving enabled by the -Xshare:dump
option, using a class list, continues work as is.
The dynamically-generated archive is created on top of the default system archive packaged with the running JDK image. A separate top-layer archive file is generated for each application. The user can specify the filename of the dynamic archive name as the argument to the -XX:ArchiveClassesAtExit
option. For example, the following command creates hello.jsa
:
% bin/java -XX:ArchiveClassesAtExit=hello.jsa -cp hello.jar Hello
To run the same application using this dynamic archive:
% bin/java -XX:SharedArchiveFile=hello.jsa -cp hello.jar Hello
The user could also specify both the base and the dynamic archives in the -XX:SharedArchiveFile
option such as:
-XX:SharedArchiveFile=<base archive>:<dynamic archive>
CSR JDK-8221706 has more details on the command line option.
详细参见:JDK-8207812
九、security-libs/java.security
CRLs 可配置的超时配置
The com.sun.security.crl.readtimeout
CRL查询超时配置(默认15s),配置小于0时使用默认值,配置为0时,超时不起作用。
详细参见:JDK-8191808
十、security-libs/java.security
新命令:-showinfo -tls 用于查询 TLS 配置信息
详细参见:JDK-8219861
十一、security-libs/javax.crypto
MS Cryptography Next Generation (CNG) 支持
SunMSCAPI 提供程序现在支持读取Cryptography Next Generation (CNG) 格式私钥。如Windows秘钥存储器存储的RSA,EC秘钥及EC相关的签名算法如(SHA1withECDSA
, SHA256withECDSA等)。
详细参见:See JDK-8026953
十二、security-libs/javax.crypto:pkcs11
SunPKCS11 提供程序升级支持 PKCS#11 v2.40
这个版本的 SunPKCS11 提供程序支持添加了更多的加密算法支持,如AES/GCM/NoPadding 加解、使用 SHA-2家族消息摘要的DSA签名及RSASSA-PSS签名。
详细参见:JDK-8080462
十三、security-libs/javax.net.ssl
TLS X25519、X448 支持
The named elliptic curve groups x25519
and x448
are now available for JSSE key agreement in TLS versions 1.0 to 1.3, with x25519
being the most preferred of the default enabled named groups. The default ordered list is now:
x25519, secp256r1, secp384r1, secp521r1, x448,
sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1,
secp256k1,
ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192
The default list can be overridden using the system property jdk.tls.namedGroups
.
详细参见:JDK-8171279
十四、security-libs/javax.net.ssl
Session Resumption without Server-Side State in JSSE
The feature allows for the server-side of JSSE to operate stateless. As described in RFC 50771 for TLS 1.2 and below, and RFC 84462 for TLS 1.3, the TLS server sends internal session information in the form of an encrypted session ticket to a client that supports stateless. That session ticket is presented to the server during the TLS handshake to resume the session. This should improve the performance and memory usage of the TLS server under large workloads as the session cache will seldom be used. With less session information cached, some session information may not be available. This feature is not enabled by default and can be turned on by setting two properties.
Note that invalidated stateless TLS sessions could be resumed in the current implementation. The behavior is not guaranteed to be the same in future releases and updates (see bugid JDK-8229148).
Note that in the current implementation, the return value of SSLSession.getID()
is not persistent across resumption for TLS 1.3 and stateless TLS 1.2 connections. This could be an issue if applications rely on the session identifier values. This may change to be consistent a future release (see bugid JDK-8229149).
Two new System properties are added in support of this feature: jdk.tls.client.enableSessionTicketExtension
is used on the client side to toggle the Session Ticket Extension on the ClientHello message for TLS 1.2. Property value: "true
" sends the extension, "false
" does not (default).
jdk.tls.server.enableSessionTicketExtension
enables a server to use stateless session tickets if the client supports it. Clients that do not support stateless session tickets will use the cache. Property value: "true
" enables stateless, "false
" does not (default).
详细参见:JDK-8211018
十五、security-libs/javax.security
SASL 机制禁用配置
属性 jdk.sasl.disabledMechanisms 用户配置禁用
SASL 机制。可以通过配置 Sasl.createSaslClient
或者 the mechanism
argument of Sasl.createSaslServer 的参数启用配置。配置默认为空,不禁用
。
详细参见:JDK-8200400
十六、security-libs/javax.xml.crypto
Canonical XML 1.1 URIs 添加新的字符串常量 INCLUSIVE_11、INCLUSIVE_11_WITH_COMMENTS
位置:javax.xml.crypto.dsig.CanonicalizationMethod
API。
详细参见:JDK-8224767
十七、security-libs/javax.xml.crypto
[xmldsig] Added KeyValueEC_TYPE
The ECKeyValue
type as described in the W3C Recommendation for XML-Signature Syntax and Processing is now supported. A new EC_TYPE
constant has been added to the javax.xml.crypto.dsig.keyinfo.KeyValue
interface. Please note that only the NamedCurve
domain parameter type is currently supported, and the ECParameters
explicit curve parameter type is not supported.
详细参见:JDK-8223053
十八、security-libs/org.ietf.jgss
Added a Default Native GSS-API Library on Windows
A native GSS-API library has been added to JDK on the Windows platform. The library is client-side only and uses the default credentials. It will be loaded when the sun.security.jgss.native
system property is set to "true". A user can still load a third-party native GSS-API library by setting the system property sun.security.jgss.lib
to its path.
详细参见:JDK-6722928
十九、security-libs/org.ietf.jgss:krb5
Support for Kerberos Cross-Realm Referrals (RFC 6806)
The Kerberos client has been enhanced with the support of principal name canonicalization and cross-realm referrals, as defined by the RFC 6806 protocol extension.
As a result of this new feature, the Kerberos client can take advantage of more dynamic environment configurations and does not necessarily need to know (in advance) how to reach the realm of a target principal (user or service).
Support is enabled by default and 5 is the maximum number of referral hops allowed. To turn it off, set the sun.security.krb5.disableReferrals
security or system property to false. To configure a custom maximum number of referral hops, set the sun.security.krb5.maxReferrals
security or system property to any positive value.
See further information in JDK-8223172.
详细参见:JDK-8215032
二十、tools/javac
JEP 354 Switch Expressions (Preview)
Extend switch
so it can be used as either a statement or an expression, and so that both forms can use either traditional case ... :
labels (with fall through) or new case ... ->
labels (with no fall through), with a further new statement for yielding a value from a switch
expression. These changes will simplify everyday coding, and prepare the way for the use of pattern matching in switch
. This is a preview language feature in JDK 13.
详细参见:JDK-8222184
二十一、tools/javac
JEP 355 Text Blocks (Preview)
Add text blocks to the Java language. A text block is a multi-line string literal that avoids the need for most escape sequences, automatically formats the string in a predictable way, and gives the developer control over format when desired. This is a preview language feature in JDK 13.
JDK-8223930 (not public)
二十二、tools/javadoc(tool)
Improved Javadoc Search
The search feature in API documentation generated by Javadoc has been improved. You can now consistently search API documentation using partial terms and camel-case abbreviations. See Javadoc Search Specification for a full description of search features.
详细参见:JDK-8220497
二十三、xml/jaxp
DOM 和 SAX 新的工厂类创建方法:
newDefaultNSInstance()
newNSInstance()
newNSInstance(String factoryClassName, ClassLoader classLoader)
如下:
DocumentBuilder db = DocumentBuilderFactory.newDefaultNSInstance().newDocumentBuilder();
等同于:
DocumentBuilderFactory dbf = DocumentBuilderFactory.newDefaultInstance();
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
详细参见:JDK-8219692
origin doc:https://www.oracle.com/technetwork/java/13-relnote-issues-5460548.html#NewFeature