Oracle releases Java 25 — major language, concurrency, performance and PQC advances
Key update
Oracle announced Java 25 (Oracle JDK 25) on September 16, 2025. The release bundles 18 JDK Enhancement Proposals that are pragmatic for everyday development and for performance‑sensitive systems: pattern matching now supports primitive types; compact source files and instance main methods lower ceremony for small programs and scripts; module import declarations simplify using modular APIs; structured concurrency and scoped values improve correctness and observability for concurrent code; vector API and ahead‑of‑time (AOT) ergonomics/method profiling reduce startup and increase runtime throughput for compute and inference workloads; and security libraries include key derivation and PEM encoding updates with post‑quantum cryptography readiness. Oracle is also offering long‑term support arrangements (with no‑fee updates through September 2028 and extended terms thereafter) and positions JDK 25 with performance packs on OCI. (oracle.com)
Why it matters
This is a consequential release for teams maintaining large Java services and for teams moving JVM code into lower‑latency or AI inference paths. The language and library changes make Java significantly more practical for quick scripts, DevOps utilities, and gradual modernization without rewriting: compact source files and module import declarations reduce on‑ramp friction for small tools and build scripts, while primitive pattern matching and flexible constructor bodies let library and application code be both more expressive and safer. Structured concurrency and scoped values are not just API niceties — they materially reduce common threading bugs and make cancellation and shutdown semantics easier to reason about in microservices and background pipelines. The AOT ergonomics and method‑profiling JEPs directly address cold‑start and warmup costs that matter in containers, serverless, and inference workloads; the Vector API and compact object headers are explicit wins for CPU‑bound services and batch AI inference. From an operations perspective, JFR profiling improvements give better production observability and the stated multi‑year support plan (and OCI performance integration) means enterprise migration and compliance paths are available, but teams should validate license and update policies for post‑September‑2028 terms. Practically: add Java 25 runs to CI, exercise JFR and AOT flows in staging, review any native toolchains or JNI integrations for the VM changes, and treat this release as an opportunity to reduce boilerplate in utility code and to test concurrency improvements in real workloads. (oracle.com)
Source
Read Next
Node.js v25 scheduled for 2025‑10‑15 — semver‑major release imminent
September 30, 2025Node.js v25 is scheduled for October 15, 2025 (commit cutoff 2025‑09‑15). Teams should run CI against the new major, validate native modules, and prepare canary deployments.
Azure Functions Proxies: community support ends 2025‑09‑30 — migrate off Proxies now
September 29, 2025Azure announced Azure Functions Proxies will be unsupported after 2025‑09‑30; teams still using Proxies must inventory and migrate to a supported API surface (APIM, Front Door, or a lightweight reverse proxy) immediately.
NodeShield: runtime SBOM enforcement (CBOM) for Node.js limits supply‑chain attacks with negligible overhead
September 28, 2025A new paper introduces NodeShield, a runtime enforcement system that uses SBOMs extended with per‑dependency capabilities (CBOM) to prevent supply‑chain abuses in Node.js with ~98% effectiveness and <1ms overhead.