What’s the point: Quarkus hits v1.0, Vitess graduates, Spring Vault, Istio

What’s the point: Quarkus hits v1.0, Vitess graduates, Spring Vault, Istio

Red Hat’s Quarkus project has hit v1.0, eight months after the vendor first unveiled the “Kubernetes Native Java framework”. New features in the v1.0 release include “a reactive core based on Vert/x to make reactive programming a first class feature of Quarkus”. Also new is a non-blocking security layer, enabling reactive authentications and authorization, as well as enabling “reactive security operations to integrate with Vert.x”. Spring API compatibility is improved, apparently, and the latest version brings support for Java 8, 11 and 13, when using it on the JVM, with Java 11 native compilation promised soon.

Vitess speeds through CNCF hoops

Cloud native database system Vitess has become the latest Cloud Native Computing Foundation project to earn graduate status. The cap and gown award coincided with Vitess hitting 4.0, a move which brings “significant improvements to SQL query support, experimental support for VReplication,” and usability improvements. Vitess came under the wings of the CNCF back in February 2018. Graduation is a marker that it has “thriving adoption,” a clear governance process, and “a strong commitment to community, sustainability, and inclusivity.”

Spring Vault climbs to 2.2

Spring Vault has hit v2.2 and is now generally available. The latest rev includes support for PCF-based authentication by using instance identity certificates, and adds extensions for “a seamless Kotlin 1.3 experience and Kotlin Coroutines support. Other additions include support for the Jetty HTTP client, and reactive support for AWS IAM authentication. The Enterprise edition also gets Vault namespace support. 

Istio reveals 1.3 series bug 

Istio has issued a security update for its 1.3 series. The updates follows the disclose that Envoy, and hence Istio, are vulnerable to a DoS attack, by triggering an infinite loop if the continue_on_listener_filters_timeout option is set to True. The vulnerability in Istio came with the introduction of the Protocol Detection feature in Istio 1.3, and releases 1.3 through 1.3.4 are affected. The update includes a work around, and the project intends to release a fix as soon as possible.