[ruby-talk:444676] [ANN] JRuby 9.4.14.0 Released!

The JRuby community is pleased to announce the release of JRuby 9.4.14.0.

   - Homepage: https://www.jruby.org/
   - Download: Downloads — JRuby.org

JRuby 9.4.14.x targets Ruby 3.1 compatibility.

Thank you to our contributors this release, you help keep JRuby moving
forward! @matthias-fratz-bsz, @ikaronen-relex, @ylecuyer
Compatibility

   - Ruby version is now 3.1.7. (#8966)

Libraries

   - strscan is updated to 3.1.5. (#8897)
   - cgi is updated to 0.3.7 to resolve CVE-2025-27220 and CVE-2025-27219
(#8954, #8966)
   - uri is updated to 0.12.4. (#8966)
   - net-smtp is updated to 0.3.1.1. (#8966)
   - rss is updated to 0.3.1. (#8966)
   - Non-gem stdlib has been updated to Ruby 3.1.7 sources. (#8966)

Build

   - jruby-maven-plugins is updated to 3.0.6 to resolve issues with garbled
gem poms. (#8898)
   - The stdlib build scripts have been modified to work with latest
polyglot-ruby. (#8634, #8963)

Usability

   - bin/ruby and bin/ruby.bat are now shipped in the distribution, to make
installation simpler. (#8875)

29 Issues and PRs resolved for 9.4.14.0

    #8422 ConcurrentLocalContextProvider leaks memory per thread
    #8634 9.4.12.0 unable to build itself
    #8670 Setting system property ‘jruby.gem.home’ works but outputs a
warning
    #8779 Marshal.dump(binding) behavior differs from CRuby
    #8823 Failure in StringScanner#scan_integer when running the HexaPDF
test suite
    #8859 bundle gem does not fully run
    #8866 JRuby 9.4.13.0 introduces LoadError: no such file to load --
Win32API via stdlib/net/http on Windows
    #8875 Pregenerate bin/ruby and bin/ruby.bat
    #8883 Normalize arch to universal-java-version
    #8884 Require the correct case for this library
    #8885 Coerce the chdir for popen
    #8897 Update strscan to fix number scanning at nonzero offset
    #8898 Update maven plugins to latest
    #8902 Sporadic failure in TestArray#test_insert under indy
    #8904 Always check array insert pos
    #8909 Make Binding unmarshalable
    #8918 Don’t set callInfo when target does not use kwargs
    #8919 Update vendored cgi gem
    #8933 Output buffer size calculation for unpack(‘m’) and unpack(‘u’)
can overflow for long inputs
    #8936 Fix integer overflow in buffer length calculation for unpack(‘m’)
and unpack(‘u’)
    #8954 Secuity: Bump cgi to 0.4.2. CVE-2025-27220 CVE-2025-27219
    #8961 Fix index -1 error while searching for feature path
    #8963 Upgrade polyglot and remove openssl lib hack
    #8966 Update stdlib to 3.1.7
    #8968 Pass multi-elt array key for to_h using yieldArray
    #8969 Fix memory leak in Concurrent/ThreadSafeLocalContextProvider
    #8970 Move jruby.gem.home and jruby.gem.path to Options
    #8973 Pathname::glob behavior changed with 9.4.13.0 and later
    #8980 Additional fixes for scheme-based globbing (9.4)