Jakarta EE Platform Call

Date: 2026-03-31

Present:

• Jared Anderson (IBM)
• Kyle Aure (IBM)
• Neena Jacob (IBM)
• Anija K A (IBM)
• James Perkins (IBM)
• Nathan Rauh (IBM)
• Brian Stansberry (IBM)
• Tom Watson (IBM)
• Jan Westerkamp (iJUG)
• Ivar Grimstad (Eclipse Foundation)
• Michael Redlich (Garden State JUG)
• Scott Marlow (IBM) joining at 11:10AM EDT
• Arjan Tijms (OmniFish)
• César Hernández (Tomitribe )

Top of mind for Jared, James

• No new CCRs this week
• Faces 5.0-M1 is published
• NoSQL 1.1-M2 still in progress
• Still waiting for Platform TCK 11.0.2 to publish
  • https://github.com/jakartaee/specifications/pull/887
    • https://www.eclipse.org/lists/jakarta.ee-spec/msg04247.html “Looking for a volunteer to promote a few pending TCK Service Releases…”
• Persistence TCK 3.2.1 to publish as well
  • https://github.com/jakartaee/specifications/pull/893
• Discussed schedule at the Steering committee
  • They agree that June for Core Profile seems unrealistic at this point.
  • They still would like to have Core Profile by EOY if possible.
• James will be out on April 6 and 7

Jakarta EE 12

• M3 concludes today
  • Published concurrency 3.2 M2 at the new coordinates
    • https://repo.maven.apache.org/maven2/jakarta/concurrency/jakarta.concurrency-api/3.2.0-M2/
  • Faces 5.0 M1 also came in this milestone as discussed above
    • https://repo1.maven.org/maven2/jakarta/faces/jakarta.faces-api/5.0.0-M1/
• M4 week 1 starts tomorrow
• Jakarta REST:
  • A draft PR for the CDI work has been created https://github.com/jakartaee/rest/pull/1340.
  • James to send an email to the rest mailing list to start conversions and request review. Anyone is welcome to review it
• Platform: Is this PR ready to merge?
  • https://github.com/jakartaee/platform/pull/1246
  • No objection was noted on the call and the PR was merged
• Platform API: Should we stage or release Milestone releases?
  • YES
  • Stage vs release discussion for the platform API milestone releases. Do we need to release, or is staging enough?
    • People can reference the staged version of the API in the TCK and can be used by others outside of Jakarta community by referencing staging repo instead of maven
    • Snapshots can be problematic because they can change and go away and cause problems with build repeatability
    • Staged milestone versions can be updated in staging repo where with maven repo they are kept around
    • Concluded that there are reasons to keep publishing to maven
    • Want to be careful that the milestone has good quality before pushing to maven so it is important to have things in staging and be validated
    • Arjan expressed there is value to have the API be available in maven and similarly Scott said the same for the platform TCK
• Arjan reported that the Security specification is progressing to have new updates in it
  • Looking at wanting to combine all of the security specifications as part of EE 12. One specification with 3 sub specifications
  • Jakarta Security and Jakarta Authentication are part of Web Profile, but Jakarta Authorization is in Platform only today
  • Looking to have Authorization added into web profile. Jakarta Security does authorization functions, but doesn’t depend on the Authorization modules from Jakarta Authorization to do it
  • Why was authorization not put into web profile?
    • Authentication and Authorization both weren’t in web profile in the past and authentication was depended on in by security and it moved
    • Ran out of time for authorization work
  • Would want to have a vote on this
    • Step 1. Vote to include Authorization in Web Profile for EE 12
    • Step 2. Vote to remove Authentication and Authorization from Platform and Web Profile when Jakarta Security (5.0 or 6.0) includes them implicitly (in EE 12 or EE 13?)
  • Discussion of how to restructure Jakarta security. Below are some options discussed
    • Jakarta Security loosely depends on Authentication and Authorization as separate specifications still
    • Jakarta Security includes authentication and authorization as part of the specification and not be separate specifications
    • Include Authentication and Authorization API into the Jakarta Security API artifact and not have to have multiple API jars
  • Servlet has some APIs that are security related. May need to have a solution about that. Not something for EE 12 possibly
• Scott: Will https://github.com/jakartaee/enterprise-beans/tree/master/tck be updated for EE 12?
  • These tests are no longer in the Platform TCK
  • Discussed have a 4.1 for EE 12 for removing of security manager references from the spec, but the question is where should the TCK be and which CI
    • Schema updates needed as well for other EJB changes over time when EJB wasn’t changing
    • Update POM to reference new dependency versions
• Future directions call will have new discussions in April. Nothing happened in March with conferences going on
• MicroProfile update
  • MP Steering committee meeting today
  • MP config dependency in NoSQL
  • MP JWT / Jakarta Security could improve their relationship if MP comes to Jakarta