1. Spring and Java
>> Announcing Jipher: Java Cryptographic Service Provider for FIPS Environments [oracle.com]
Oracle has released Oracle Jipher, a new Java Cryptographic Service Provider that uses the JCA framework. This embeds a FIPS 140-2 validated module, making it easy for Java applications to meet U.S. federal standards without relying on third-party libraries.
>> LangChain4J musings, six months after [frankel.ch]
Explore how to integrate an MCP (Model Context Protocol) server in a LangChain4J application.
Also worth reading:
- >> IBM’s Chief Java Architect Flies in from Canada to Share JVM Optimization Secrets—Will You Be There? [foojay.io]
- >> LittleHorse, a Java Workflow Engine for Distributed Systems Orchestration [infoq.com]
- >> Improving Maven’s dependency:analyze… or not [foojay.io]
- >> Building an AI Chatbot in Java With Langchain4j and MongoDB Atlas [baeldung.com]
Webinars and presentations:
- >> Foojay Webinar Live Stream: Java’s Place in the AI Revolution [foojay.io]
- >> Foojay Podcast #70: Celebrating 5 Years of Foojay [foojay.io]
- >> A Bootiful Podcast: Java Champion, Tessl Devrel head, friend, Virtual JUG co-founder Simon Maple [spring.io]
- >> Finalizing the Java On-ramp – Inside Java Newscast #90 [inside.java]
Time to upgrade:
- >> Spring Boot 3.5.0-RC1 available now [spring.io]
- >> Spring gRPC 0.8.0 available now [spring.io]
- >> Spring Vault 3.1.3 and 3.2.0-M1 available [spring.io]
- >> Spring Modulith 1.4 RC1, 1.3.5, and 1.2.11 released [spring.io]
- >> Spring for Apache Kafka 4.0.0-M2, and 3.3.5 are Available Now [spring.io]
- >> Spring Authorization Server 1.5.0-RC1, 1.4.3 and 1.3.6 available now [spring.io]
- >> Spring for Apache Pulsar 1.1.11 and 1.2.5 are now available [spring.io]
- >> Spring Boot 3.3.11 available now [spring.io]
- >> Spring Boot 3.4.5 available now [spring.io]
- >> Hibernate 7.0.0.CR1 [in.relation.to]
- >> vert.x 5.0.0.CR7 [github.com/eclipse-vertx]
- >> camel-4.10.4 [github.com/apache]
2. Technical & Musings
>> Deep Dive MCP and A2A Attack Vectors for AI Agents [christianposta.com]
Systems that use AI specifications like MCP and A2A are susceptible to specific types of attacks like naming attacks, context poisoning, and rug pulls. The article goes over each type of attack to understand how to address these vulnerabilities.
Also worth reading:
- >> About building up skills [tryingthings.wordpress.com]
- >> QCon London 2025 Day 2: The Form of AI, Securing AI Assistants, WASM Components in FaaS [infoq.com]
- >> What is Architecture? [blog.scottlogic.com]
3. Pick of the Week
>> We Interviewed 100 Eng Teams. The Problem With Modern Engineering Isn’t Speed. It’s Chaos. [earthly.dev]
