Yes. Johnson 2.1.0 has behavioral changes. Since this might affect people, we indicate that by going 10.2.0
> Am 14.07.2026 um 11:46 schrieb Skander Soltane <[email protected]>: > > Hello Richard, > > Is there a reason for incrementing the minor? I believe last time was about > supporting MP 6.1. > > Thanks a lot. > > Skander > > On Tue, Jul 14, 2026 at 10:40 AM Richard Zowalla <[email protected]> wrote: > >> >> Hello everyone, >> >> This is a vote for the release of Apache TomEE 10.2.0. >> >> This is a maintenance release on the TomEE 10 / Jakarta EE 10 line. Thanks >> to everyone who contributed code and reported issues to make this happen. >> >> Notable changes: >> • Several bug fixes, including a fix for the LinkageError with >> scope="request" (TOMEE-4589, TOMEE-4603, TOMEE-4620, TOMEE-4631) >> • Improvements to the EJB client: sslTruststorePassword is no longer >> sent in outgoing requests, and AuthenticationExceptionnow retains its >> RemoteException cause (TOMEE-4604, TOMEE-4610) >> • A large batch of dependency upgrades, including Tomcat 10.1.57, >> Johnson 2.1.0, CXF 4.1.7, ActiveMQ 6.2.7, Jackson 2.22.1, Mojarra 4.0.18, >> log4j2 2.26.1, and BouncyCastle 1.85 >> >> Our full build is green, so I am happy to call for a vote to release TomEE >> 10.2.0. >> >> Here are the hard facts: >> >> ----- >> Maven Repo >> >> https://repository.apache.org/content/repositories/orgapachetomee-1253/ >> <repositories> >> <repository> >> <id>tomee-10.2.0-rc1</id> >> <name>Testing TomEE 10.2.0-RC1</name> >> <url> >> https://repository.apache.org/content/repositories/orgapachetomee-1253/ >> </url> >> </repository> >> </repositories> >> >> -------- >> Binaries & Source >> https://dist.apache.org/repos/dist/dev/tomee/staging-1253/tomee-10.2.0/ >> >> Tag >> https://github.com/apache/tomee/releases/tag/tomee-project-10.2.0 >> Commit: 3761db889a2db1dc81a62dc3230d17fdfba417a0 >> >> ------- >> Release notes >> >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12356881 >> >> • [TOMEE-4589] - openejb reports an error in web.xml which is wrong >> • [TOMEE-4603] - LinkageError in tomee 10.1 with scope="request" >> • [TOMEE-4620] - Misspelled field accesToken in OIDC TokenResponse >> prevents interoperability with custom JSON providers (Jackson) >> • [TOMEE-4631] - arquillian-tomee-remote: static "registered" latch >> breaks container re-registration on a second Arquillian Manager (e.g. >> failsafe rerunFailingTestsCount) >> • [TOMEE-4604] - Client's HttpConnectionFactory does not strip >> sslTruststorePassword from outgoing request. >> • [TOMEE-4610] - openejb-client: AuthenticationException from >> JNDIContext.authenticate() loses RemoteException cause >> • [TOMEE-4605] - ActiveMQ 6.2.5 >> • [TOMEE-4606] - Commons Codec 1.22.0 >> • [TOMEE-4607] - Jackson 2.12.3 >> • [TOMEE-4608] - Jakarta Faces / Mojarra 4.0.17 >> • [TOMEE-4609] - Smallrye Config 3.17.2 >> • [TOMEE-4611] - Tomcat 10.1.55 >> • [TOMEE-4612] - Neethi 3.2.2 >> • [TOMEE-4614] - ActiveMQ 6.2.6 >> • [TOMEE-4615] - Mojarra 4.0.18 >> • [TOMEE-4617] - CXF 4.1.6 >> • [TOMEE-4618] - SAAJ 3.0.5 >> • [TOMEE-4619] - Upgrade opentelemetry-api 1.63.0 >> • [TOMEE-4622] - Upgrade CXF to 4.1.7 >> • [TOMEE-4623] - Jackson 2.22.0 >> • [TOMEE-4626] - Tomcat 10.1.56 >> • [TOMEE-4627] - Commons Logging 1.4.0 >> • [TOMEE-4629] - saaj-impl 3.0.6 >> • [TOMEE-4630] - ActiveMQ 6.2.7 >> • [TOMEE-4633] - XBean 4.31 >> • [TOMEE-4635] - Tomcat 10.1.57 >> • [TOMEE-4636] - Smallrye Config 3.18.0 >> • [TOMEE-4637] - Jackson 2.22.1 >> • [TOMEE-4638] - log4j2 2.26.1 >> • [TOMEE-4639] - Bouncycastle 1.85 >> >> ------ >> Signature verification >> >> For signature verification, you can check the example script here: >> https://gist.github.com/rzo1/9fb1ca0d58e1fc982d596f2a94b10b32 >> ——— >> >> >> Please VOTE >> >> • [+1] go ship it >> • [+0] meh, don't care >> • [-1] stop, there is a ${showstopper} >> >> The VOTE is open for 72h or as long as needed. >> >> Gruß Richard
