The Spring Blog

Engineering
Releases
News and Events

This Week in Spring - February 2nd, 2016

Welcome to another installment of This Week in Spring!

This week I’m off to the Microxchg conference in Berlin, Germany, to generally bring the Spring and talk about microservices. Then, it’s off to Stockholm, Sweden for JFokus! As usual, if you’re in either of those places, hit me up!

This week we’ve got a lot to cover so let’s get to it!

Read more...

SpringOne2GX 2015 replay: Implementing a Highly Scalable Stock Prediction System with R, Apache Geode and Spring XD

Recorded at SpringOne2GX 2015.
Presenters: Fred Melo & William Markito Oliveira
Big Data Track
Slides: http://www.slideshare.net/SpringCentral/implementing-a-highly-scalable-stock-prediction-system-with-r-apache-geode-and-spring-xd

Finance market prediction has always been one of the hottest topics in Data Science and Machine Learning. However, the prediction algorithm is just a small piece of the puzzle. Building a data stream pipeline that is constantly combining the latest price info with high volume historical data is extremely challenging using traditional platforms, requiring a lot of code and thinking about how to scale or move into the cloud. This session is going to walk-through the architecture and implementation details of an application built on top of open-source tools that demonstrate how to easily build a stock prediction solution with no source code - except a few lines of R and the web interface that will consume data through a RESTful endpoint, real-time. The solution leverages in-memory data grid technology for high-speed ingestion, combining streaming of real-time data and distributed processing for stock indicator algorithms.

Read more...

SpringOne2GX 2015 replay: Spring Boot is made for tooling

Recorded at SpringOne2GX 2015.
Presenters:Yann Cébron - JetBrains, Stéphane Nicoll, Pivotal
Core Spring Track
Slides: no slides all demo

For many years, IntelliJ IDEA has been widely used in projects employing the Spring Framework. The latest version of the IDE (14.1) now ships with dedicated Spring Boot support. In this practical presentation we’re going to look at some features from IntelliJ IDEA that will help you not only get started with Spring Boot but also guide you along the way, helping with coding and configuration management for your application. As a bonus, we’ll also discover some nice hidden tips and tricks you might not know yet. This talk is all about being more efficient when writing code.

Read more...

SpringOne2GX 2015 replay: Building Highly-Scalable Spring Applications with In-Memory, Distributed Data

Recorded at SpringOne2GX 2015.
Speakers: John Blum & Luke Shannon
Data/Integration Track
Slides: http://www.slideshare.net/SpringCentral/building-highly-scalable-spring-applications-using-inmemory-data-grids-53086251

Building highly scalable, low latency applications while simultaneously preserving consistency, high availability and resiliency requires a new breed of technology. In this presentation we introduce Pivotal GemFire along with the open source offering, Apache Geode. Apache Geode is a proven, distributed, in-memory database with ACID properties that can handle large volumes of transactional data under heavy load. Apache Geode gives Spring-based applications the edge they require as demand changes without sacrificing integrity or the end-user’s experience.

Read more...

SpringOne2GX 2015 replay: Introduction to Reactive Programming

Recorded at SpringOne2GX 2015
Presenters: Stephane Maldini & Rossen Stoyanchev
Web / Javascript Track
Slides: http://www.slideshare.net/SpringCentral/introduction-to-reactive-programming

This is your one stop shop introduction to get oriented to the world of reactive programming. There are lots of such intros out there even manifestos. We hope this is the one where you don’t get lost and it makes sense. Get a definition of what “reactive” means and why it matters. Learn about Reactive Streams and Reactive Extensions and the emerging ecosystem around them. Get a sense for what going reactive means for the programming model. See lots of hands-on demos introducing the basic concepts in composition libraries using RxJava and Reactor.

Read more...

Spring Statemachine 1.1.0.M1 Released

We’re pleased to announce a first milestone release of Spring Statemachine 1.1.0.M1.

We released 1.0.0.M1 April 2015 and 1.0.0.RELEASE October 2015. We’ve also done 2 maintenance releases for 1.0.x series and now it’s time to look in a future with a 1.1.x serie. 1.0.x enters into a maintenance mode while main development will focus on 1.1.x. This doesn’t mean that we’ll stop with 1.0.x, maintenance fixes for it will be done until we’re succesfully transitioned beyond 1.1.x release. It is important in Spring projects to not drop maintenance until users are ready to move on into next minor/major release. We expect 1.0.x and 1.1.x live side by side until we fire out 1.2.x or 2.x serie in foreseeable future.

Read more...

Spring IO Platform 2.0.2.RELEASE

Spring IO Platform 2.0.2.RELEASE is now available from both repo.spring.io and Maven Central.

This maintenance release upgrades the versions of a number of the projects in the Platform to pick up their latest maintenance releases:

  • Spring AMQP 1.5.3.RELEASE
  • Spring Boot 1.3.2.RELEASE
  • Spring Integration Java DSL 1.1.2.RELEASE

The versions of several third-party dependencies have also been updated.

Project Page | GitHub | Issues | Documentation

Read more...

Java DSL for Spring Integration 1.1.2 is available now

Dear Spring Community,

The Spring Integration Java DSL 1.1.2 has been released and is available now from repo.spring.io and Maven Central.

This maintenance release includes several fixes and 3rd party dependency updates.

Thank you everyone for contribution and any kind of feedback!

We don’t have particular plans for version 1.2, because we are looking into the absorption of Java DSL project by the Spring Integration 5.0, where Java 8 is minimal, but feel free to ask us for more features and share any concerns which can be considered to be included in the next maintenance release.

Read more...

AngularJS - Escaping the Expression Sandbox for XSS

UPDATE: This is a summary of XSS without HTML: Client-Side Template Injection with AngularJS. Previously the citation was in the middle of the document and difficult to find. The goal of the summary is to present the exploit and a fix without all the nuances, not to claim the work as my own.

Introduction

AngularJS is a popular JavaScript framework that allows embedding expressions within double curly braces. For example, the expression 1+2={{1+2}} will render as 1+2=3.

This means that if the server echos out user input that contains double curly braces, the user can perform a XSS exploit using Angular expressions.

Read more...

Introducing Spring Cloud Task

Today we are pleased to introduce a new project in the Spring portfolio, Spring Cloud Task. Under the umbrella of the Spring Cloud grouping of projects and the sister project of Spring Cloud Stream, Spring Cloud Task aims to bring functionality required to support short lived microservices to Spring Boot based applications. With this blog post, we are releasing our first milestone of the project and are eager for your input and feedback.

The Goals of Spring Cloud Task

In most cases, the modern cloud environment is designed around the execution of processes that are not expected to end (think web applications or stream modules). If they do, it's considered a failure by the platform and they are typically restarted. While many platforms do have some method to execute a process that is expected to end (a batch job for example), the results of that execution are typically not maintained in a consumable way. Yet for mission critical applications, even though they are short lived, they still have the same non-functional requirements long lived processes have.

Read more...