Ahoy ghoulish crew! The October edition of Payara’s Monthly Catch is truly spooktacular! Check out this month's highlights – this month’s edition is packed with must-read guides, bewitching tutorials and technical tricks (and treats!) to keep your enterprise Java/Jakarta EE skills sharp as ever.

The EU’s Cyber Resilience Act (CRA) 2024 lays down a “legal framework for essential cybersecurity requirements for placing products with digital elements on the Union market” (CRA, 1). These requirements cover “products with digital elements”. The goal is to establish conditions for developing secure software. Software venders must take security seriously thought the entire SDLC. Consequently, the intention is that “hardware and software products are placed on the market with fewer vulnerabilities and that manufacturers take security seriously throughout a product’s lifecycle” (CRA, 2). 

This blog post will answer some basic questions, based on our understanding of the Act. What is the new Cyber Resilience Act in the EU? What is the key focus of the Cyber Resilience Act and who does it affect? When will the EU Cyber Resilience Act come into force? How do software venders comply with its requirements? Are there obligations for other parties too? And does Payara help its customers to comply with their requirements under the Act? 

We're super excited to announce the third edition of the Virtual Payara Conference! This December we will be focusing on Powering High-Performance Enterprise Java Applications.

• Strategic Insight - Wednesday 11th December 2024, 1-6:30pm GMT - REGISTER HERE

• Developer Insight - Thursday 12th December 2024, 1-7:00pm GMT - REGISTER HERE

Join Day 2 of the Virtual Payara Conference where we will delve into the latest Jakarta EE 11 developer features with hands-on sessions, including Unpoly for single-page apps, OpenID Connect, and OpenAI integration. End the day with career advice and a Java User Group Community panel.

Creating scalable and flexible APIs is essential for today's web applications. When it comes to RESTful APIs in enterprise Java/Jakarta EE software development, one concept that plays a crucial role in driving adaptability, discoverability and evolvability is Hypermedia as the Engine of Application State (HATEOAS). In effect, the HATEOAS principle can help developers to significantly enhance their API designs, making them more powerful and futureproof.

Our latest guide on HATEOAS is specifically designed for developers familiar with RESTful API development using Jakarta REST (formerly known as JAX-RS). In this blog post, we’ll explore the key takeaways from the guide and show you how mastering HATEOAS can transform the way you build and evolve your APIs.

The Common Vulnerabilities and Exposures (CVE®) Program is celebrating its 25th anniversary today! This marks a major milestone in global cybersecurity. Since 1999, the CVE Program has been critical in helping organizations identify, manage and mitigate cybersecurity vulnerabilities through worldwide collaboration. Today, with over 240,000 CVE Records and more than 400 CVE Numbering Authorities (CNAs) across 40 countries, CVE remains a vital resource for vulnerability management and a key component of cybersecurity defense.

Diagnosing issues in production environments can be a daunting task without the right tools. When problems arise, having access to comprehensive diagnostic information is critical for quick resolution. This is where Payara Server's little known diagnostic tool comes into play, offering a powerful solution for collecting important server data on demand.

There’s no shortage of bright minds in software development. Exceptional individuals in the field are solving real-world problems with innovative approaches. As the deadline to submit your entries for our next Hackathon approaches, we look at the winning solutions of our past event, focused on sustainability.

In this interview with the 2nd prize winner, Ricardo Nicolás Canul Ibarra, we talk about his experience, Privee - the application he submitted at the hackathon and how this achievement will shape his future career.  

The Jakarta EE Media and Community Challenge was established by Payara to help showcasing the innovation, creativity and collaboration within the Jakarta EE community. This technical writing challenge encouraged developers, enthusiasts and tech writers to inspire others and advance the community's knowledge on Jakarta EE. Participants from around the globe submitted their entries to share key insights and help drive the community forward.

Following the publication of the 4th place entry "Quantum Sadis", we are delighted to share with you the entry from Mads Opheim titled "Jakarta EE based serverless backend-for-frontend", which has won 3rd place in the Jakarta EE Media and Community Challenge!

When it comes to mission-critical applications for production environments, there is a clear shift in software development towards containerization, microservices or the mid-ground between monoliths and microservices: moduliths. These architectural patterns tend to offer better scalability, flexibility and efficiency in cloud native environments. As a result, application runtimes that have traditionally been well suited to monolithic paradigms, such as the GlassFish community project, can struggle to keep pace with modern development practices.  

Continuous integration and continuous deployment (CI/CD) practices have become the bedrock of today’s successful DevOps practices. These however require exceptional speed, consistency and reliability in order for software professionals to deliver high-quality applications at scale. Automation offers a powerful aid to DevOps engineers involved in CI/CD activities, freeing them from repetitive and menial tasks. By leveraging automated solutions, it is therefore possible to streamline workflows, eliminate bottlenecks and speed up project progress. 

In this article, we discuss with Abdul Rahim, Release Automation Engineer at Payara, key DevOps automation tools as well as how they can support software application development and management.