The Spring Blog

Engineering
Releases
News and Events

Spring Cloud Stream 1.0.0.M4 is now available

On behalf of the team, I am pleased to announce the release of Spring Cloud Stream 1.0.0.M4. The new release comes with a few major changes and enhancements, and it defines core abstractions and primitives that we believe to be essential for the development of distributed real-time data processing applications. To name some of them:

Default publish-subscribe semantics

The most important change in Spring Cloud Stream 1.0.0.M4 is the way in which applications interact with each other. We have opted for a default publish-subscribe model, in which each application that receives messages from a given destination will receive a copy of the message. This is a better fit for the processing model of stream applications, where intermediate topics act as data hubs for the various intersecting data streams, also making scenarios such as tapping easier and more efficient. This feature goes hand in hand with the next, which is consumer groups.

Read more...

This Week in Spring - February 2nd, 2016

Welcome to another installment of This Week in Spring!

This week I’m off to the Microxchg conference in Berlin, Germany, to generally bring the Spring and talk about microservices. Then, it’s off to Stockholm, Sweden for JFokus! As usual, if you’re in either of those places, hit me up!

This week we’ve got a lot to cover so let’s get to it!

Read more...

SpringOne2GX 2015 replay: Implementing a Highly Scalable Stock Prediction System with R, Apache Geode and Spring XD

Recorded at SpringOne2GX 2015.
Presenters: Fred Melo & William Markito Oliveira
Big Data Track
Slides: http://www.slideshare.net/SpringCentral/implementing-a-highly-scalable-stock-prediction-system-with-r-apache-geode-and-spring-xd

Finance market prediction has always been one of the hottest topics in Data Science and Machine Learning. However, the prediction algorithm is just a small piece of the puzzle. Building a data stream pipeline that is constantly combining the latest price info with high volume historical data is extremely challenging using traditional platforms, requiring a lot of code and thinking about how to scale or move into the cloud. This session is going to walk-through the architecture and implementation details of an application built on top of open-source tools that demonstrate how to easily build a stock prediction solution with no source code - except a few lines of R and the web interface that will consume data through a RESTful endpoint, real-time. The solution leverages in-memory data grid technology for high-speed ingestion, combining streaming of real-time data and distributed processing for stock indicator algorithms.

Read more...

SpringOne2GX 2015 replay: Spring Boot is made for tooling

Recorded at SpringOne2GX 2015.
Presenters:Yann Cébron - JetBrains, Stéphane Nicoll, Pivotal
Core Spring Track
Slides: no slides all demo

For many years, IntelliJ IDEA has been widely used in projects employing the Spring Framework. The latest version of the IDE (14.1) now ships with dedicated Spring Boot support. In this practical presentation we’re going to look at some features from IntelliJ IDEA that will help you not only get started with Spring Boot but also guide you along the way, helping with coding and configuration management for your application. As a bonus, we’ll also discover some nice hidden tips and tricks you might not know yet. This talk is all about being more efficient when writing code.

Read more...

SpringOne2GX 2015 replay: Building Highly-Scalable Spring Applications with In-Memory, Distributed Data

Recorded at SpringOne2GX 2015.
Speakers: John Blum & Luke Shannon
Data/Integration Track
Slides: http://www.slideshare.net/SpringCentral/building-highly-scalable-spring-applications-using-inmemory-data-grids-53086251

Building highly scalable, low latency applications while simultaneously preserving consistency, high availability and resiliency requires a new breed of technology. In this presentation we introduce Pivotal GemFire along with the open source offering, Apache Geode. Apache Geode is a proven, distributed, in-memory database with ACID properties that can handle large volumes of transactional data under heavy load. Apache Geode gives Spring-based applications the edge they require as demand changes without sacrificing integrity or the end-user’s experience.

Read more...

SpringOne2GX 2015 replay: Introduction to Reactive Programming

Recorded at SpringOne2GX 2015
Presenters: Stephane Maldini & Rossen Stoyanchev
Web / Javascript Track
Slides: http://www.slideshare.net/SpringCentral/introduction-to-reactive-programming

This is your one stop shop introduction to get oriented to the world of reactive programming. There are lots of such intros out there even manifestos. We hope this is the one where you don’t get lost and it makes sense. Get a definition of what “reactive” means and why it matters. Learn about Reactive Streams and Reactive Extensions and the emerging ecosystem around them. Get a sense for what going reactive means for the programming model. See lots of hands-on demos introducing the basic concepts in composition libraries using RxJava and Reactor.

Read more...

Spring Statemachine 1.1.0.M1 Released

We’re pleased to announce a first milestone release of Spring Statemachine 1.1.0.M1.

We released 1.0.0.M1 April 2015 and 1.0.0.RELEASE October 2015. We’ve also done 2 maintenance releases for 1.0.x series and now it’s time to look in a future with a 1.1.x serie. 1.0.x enters into a maintenance mode while main development will focus on 1.1.x. This doesn’t mean that we’ll stop with 1.0.x, maintenance fixes for it will be done until we’re succesfully transitioned beyond 1.1.x release. It is important in Spring projects to not drop maintenance until users are ready to move on into next minor/major release. We expect 1.0.x and 1.1.x live side by side until we fire out 1.2.x or 2.x serie in foreseeable future.

Read more...

Spring IO Platform 2.0.2.RELEASE

Spring IO Platform 2.0.2.RELEASE is now available from both repo.spring.io and Maven Central.

This maintenance release upgrades the versions of a number of the projects in the Platform to pick up their latest maintenance releases:

  • Spring AMQP 1.5.3.RELEASE
  • Spring Boot 1.3.2.RELEASE
  • Spring Integration Java DSL 1.1.2.RELEASE

The versions of several third-party dependencies have also been updated.

Project Page | GitHub | Issues | Documentation

Read more...

Java DSL for Spring Integration 1.1.2 is available now

Dear Spring Community,

The Spring Integration Java DSL 1.1.2 has been released and is available now from repo.spring.io and Maven Central.

This maintenance release includes several fixes and 3rd party dependency updates.

Thank you everyone for contribution and any kind of feedback!

We don’t have particular plans for version 1.2, because we are looking into the absorption of Java DSL project by the Spring Integration 5.0, where Java 8 is minimal, but feel free to ask us for more features and share any concerns which can be considered to be included in the next maintenance release.

Read more...

AngularJS - Escaping the Expression Sandbox for XSS

UPDATE: This is a summary of XSS without HTML: Client-Side Template Injection with AngularJS. Previously the citation was in the middle of the document and difficult to find. The goal of the summary is to present the exploit and a fix without all the nuances, not to claim the work as my own.

Introduction

AngularJS is a popular JavaScript framework that allows embedding expressions within double curly braces. For example, the expression 1+2={{1+2}} will render as 1+2=3.

This means that if the server echos out user input that contains double curly braces, the user can perform a XSS exploit using Angular expressions.

Read more...