Ehcache 2.x is no longer officially maintained by the Java community. Moved DXP internal caching to use Ehcache 3.10.8.
This means any existing ehcache configuration xml files won't be directly compatible and will likely cause errors or unexpected behavior in the new 3.x environment. Users will need to review and rewrite these configurations according to the new 3.x schema.
Release Notes
Esta seção contém informações sobre alterações importantes em recursos e capacidades DXP prontos para uso. Para alterações significativas (Breaking Changes) ou código interno, por favor acesse este link.
The AMD Loader has been removed. Liferay DXP officially supports ESM, which is the official standardized module system for JavaScript, while AMD was a third-party solution. By adopting ESM, products align with the language's native capabilities and future direction. Modern browsers now natively support ESM, allowing for direct use without transpilation or additional loaders. This can lead to reduced bundle sizes, faster initial page loads and simplified development workflows.
Users who are using amd-loader must migrate to the Liferay.loader. See link for more details.
The "Warehouse" field has been removed from the Shipping Option's details panel.
This field was previously available as a selection field within the shipping option configuration, but it is crucial to understand that it was purely informational and did not enforce any actual warehouse restrictions or logistics.
The "Warehouse" field was identified as a source of potential confusion for administrators. Its presence, despite being purely descriptive, could lead to the incorrect assumption that it played a role in applying warehouse restrictions to a shipping option. To ensure clarity and prevent any misleading interpretations, we have decided to remove this field entirely.
Important Note for Administrators: If you used this field for metadata, this information will no longer be visible. We strongly recommend transferring any critical metadata to an alternative location before upgrading to avoid loss. This change does not impact actual warehouse configurations or shipping logic.
This portal-ext property was to Instance/System settings so that the property could be controlled during runtime. Users will need to reconfigure portal if they are currently using this property.
See https://github.com/liferay/liferay-portal/commit/0b2ee06d7ee20972bc8ebd84e2c1c10fb9a41763
What changed?
With the introduction of customizable publication-level permissions, all permissions, including publishing to production, can be changed by an admin or a user with the appropriate "Manage Permissions" capability.
Why was this change made?
Previously, Owners were automatically given the ability to publish content to production, which led to unintentional production changes, especially in environments using Sandbox mode or implementing stricter governance policies. This behavior was inconsistent with customer expectations and Liferay’s broader permission model.
Who is affected?
How should I update my features or implementation?
No need for Updates. You may want to use the new "Permissions" on Publication Settings section to "Edit Permissions" if needed.
What changed?
A new warning message now appears when "Sandbox Only" mode is enabled but publication Owners retain permission to publish. This does not change the behavior of Sandbox mode but introduces a new UI-level validation to prevent unwanted changes.
Why was this change made?
This message prompts admins to review permission settings and avoid potential production changes made in error. The goal is to support secure sandbox and prevent publishing mistakes by making permissions more transparent.
Who is affected?
Publication users with enough access to configure Publications and enable Sandbox mode.
How should I update my features or implementation?
No need for Updates. When enabling Sandbox Only mode, look for the new warning message and use the "Edit Permissions" option to review Owner permissions.
What changed?
Admins can now fully customize the permissions for the "Owner" and other roles in Publications. This includes the ability to revoke critical actions such as "Publish on Production." Previously, users who created a publication were always granted full permissions by default, including publishing rights.
Why was this change made?
This change was introduced to address a gap in the permission model that could unintentionally allow users to publish content to production—even when Sandbox mode was enabled. By enabling permission customization, we close this loophole, giving administrators better governance over content workflows. The new behavior improves system security and reduces the risk of misconfigurations, especially in environments where publishing control is critical.
Who is affected?
All publication users are affected, but the changes are focused on Admins and Publication’ Owners
How should I update my features or implementation?
No need for updates. When reviewing the permissions assigned to the "Owner" role in each publication be sure to use the new "Edit Permissions" modal.
What changed?
Users can filter Navigation Menus by creation or modification date.
API’s now allow retrieving navigation menus by External Reference Code, rather than only by internal IDs.
Why was this change made?
This change improves the reliability and usability of cross-site migration tools, enhances content governance with complete permission handling, and introduces stable referencing via ERCs.
Who is affected?
Developers and Site administrators requesting Navigation Menu’s via Api’s.
How should I update my features or implementation?
No changes are needed. Users may want to use External Reference Code when referencing navigation menus.
The Java EE libraries are no longer in active development. DXP has moved to the modern and evolving enterprise Java platform, Jakarta EE 10. With the migration of the system to Jakarta EE, any Java EE libraries (javax.*) are no longer compatible and must be replaced with the Jakarta EE 10 (jakarta.*) updated versions. This also breaks any 3rd party libraries that rely on Java EE packages. Libraries must be updated to a Jakarta-compatible version.
This affects any users with custom code deployed to the Liferay DXP JVM. Client Extensions are not affected since they run in an external process.
With the migration of the system to Jakarta EE, the following deprecated application servers are no longer supported:
Apache Tomcat 9.0.x
JBoss EAP 7.4
Wildfly 26.1
Weblogic 14c
Users must migrate to a Jakarta EE compatible application server:
Apache Tomcat 10.1.x
JBoss EAP 8.0
Wildfly 30
(Weblogic 15 has not been released, but we are monitoring its availability and plan to add support in a future DXP release).
This change gives users access to actively maintained application servers that leverage the modern Java enterprise ecosystem.
PortletMVC4Spring has migrated to a new version based on Spring 6.0 and Jakarta EE. Users must migrated their existing PortletMVC4Spring projects to version 6.x
The previous versions of PortletMVC4Spring were deprecated due to dependency on Java EE and will no longer work with 2025.Q3 release.
The current version of Liferay Faces was deprecated due to dependency on Java EE and will no longer work with 2025.Q3 release.
However, Liferay is still preparing a new version of the Liferay Faces, based on Jakarta EE 10 and Portlet 4.0, scheduled for release later this year. Since the dependencies in DXP are already migrated, it is expected that the new Faces release will be compatible with 2025.Q3