Best of Foojay.ioApril 2026

  1. 1
    Article
    Avatar of foojayioFoojay.io·7w

    Does Java Really Use Too Much Memory? Let’s Look at the Facts (JEPs)

    Java's reputation for excessive memory usage is largely outdated. Modern Java has introduced significant improvements: ZGC and Shenandoah for low-latency GC, virtual threads (JEP 444) reducing per-thread memory from ~1MB to KBs, compact object headers (JEP 450) shrinking object sizes, Class Data Sharing for reduced footprint across JVM instances, and proper container awareness. Practical code examples show that most real-world memory problems stem from developer mistakes like unbounded caches or excessive platform threads, not the JVM itself. Upcoming features like Project Valhalla promise further improvements.

  2. 2
    Article
    Avatar of foojayioFoojay.io·5w

    Spring Boot 3.5 EOL — The CVE Blind Spot Nobody Talks About

    Spring Boot 3.5 reaches end of open-source support on June 30, 2026, but the real risk isn't the migration — it's what happens to CVE reporting afterward. Once a project goes EOL, security researchers stop filing reports against it, maintainers stop triaging, and the CVE pipeline dries up. Vulnerabilities don't disappear; they just stop being recorded. Bad actors exploit this gap by testing CVEs found in supported branches against EOL versions that will never receive patches. Spring Boot 2.7's post-EOL trajectory (e.g., CVE-2024-38807 with no open-source fix) illustrates the pattern. Teams still on 3.5 after June 2026 risk running what the author calls 'zombie dependencies' — technically present, functionally dead from a security standpoint, with scanners showing green while hidden vulnerabilities accumulate. The advice: assess the 3.5-to-4.0 migration scope now, before the silence sets in.

  3. 3
    Article
    Avatar of foojayioFoojay.io·4w

    Dockerizing a Java 26 Project with Docker Init

    A step-by-step guide to containerizing a Java 26 Spring Boot project using Docker Init, the interactive wizard introduced in Docker Desktop 4.27. Docker Init automatically generates a multi-stage Dockerfile, compose.yaml, .dockerignore, and README. The guide covers project setup via Spring Initializr, running docker init, understanding the generated four-stage Dockerfile (dependency resolution, compilation, Spring Boot layer extraction, and minimal runtime image with a non-root user), and a workaround for Java 26 base images using SAP Machine instead of Eclipse Temurin while the latter catches up. A simple REST controller is added to verify the running container.

See all Foojay.io archives