At the moment, it's not quite clear what the long-term prospects for Java are, as a result of several notable developments. While the likelihood of any large-scale or total phase-out of the programming language is low – at least in the immediate future – Java's creator, Oracle, and its many users are in something of a holding pattern. Enterprises that are on the threshold of major legacy application modernization or digital transformation projects would do well to ensure they fully understand Java's current position vis-a-vis that of other coding languages.
Oracle's controversial security email
In November 2018, Oracle publicly stated that it would cease offering security updates for Java 8 SE in January of the following year for business users, while personal customers would receive security patches until December 2020 at the earliest. Because it was already reasonably well known – and confirmed again in Oracle's statement – that a new major update was coming April 16, this didn't earn much attention at first. But not long after, some Java users began receiving emails saying that the critical security patch would only be available for those with active commercial licenses.
According to the infosec blog BleepingComputer, HackerOne, a cybersecurity firm that connects white-hat hackers to enterprises in need of protection, got such an email from Oracle. Alex Rice, the company's co-founder and chief technology officer, said the email detailed how eschewing the update would create critical vulnerabilities for Java users who didn't install it. Since Rice states that he doesn't use Java at all for his business or personal computing needs, he found the message alarming, as if it were a strong-arm tactic to intimidate individuals into purchasing a license.
Implications for the future
BleepingComputer writer Lawrence Abrams noted that at the time of its post – late in the afternoon on March 29, 2019 – Oracle hadn't yet commented on the matter. Whether the computing giant will do so or not is unclear. It is possible that the tone of the email might have been misinterpreted, or that it's a phishing scam with a very clever disguise (including the name of an Oracle account manager and that individual's personal information, which was redacted from Abrams' blog post).
Regardless of how this particular incident plays out, Java isn't going anywhere. As TechRepublic noted, new iterations of the programming language come out almost like clockwork every six months or so, and developers continue to come up with new applications for Java that aim to work around its limitations, such as its trouble with concurrency, formatting issues and the overall question of adaptability. The bottom-line effectiveness of such projects remains to be seen.