I am pleased to announce that Spring for GraphQL 1.3.6 and 1.4.1 maintenance releases are now available on Maven Central.

• 1.4.1 closes 15 issues. This version will ship with Spring Boot 3.5.4, to be released on July 24th.
• 1.3.6 closes 15 issues. This version will ship with Spring Boot 3.4.8, to be scheduled soon.

Both releases ship two important changes:

1. a performance improvement of our cancellation support; see gh-1242.

Thank you so much to our community for spotting this in production! 2. a much-needed GraphiQL upgrade for the GraphQL explorer, as the former CDN setup was recently broken; see …

On behalf of the team and everyone who has contributed, I am pleased to announce a new milestone for the next Spring Framework generation. The M6 continues delivering new features and refinements on top of 7.0.0-M1, 7.0.0-M2, 7.0.0-M3, 7.0.0-M4 and 7.0.0-M5.

We've made lots of refinements on features delivered in previous milestones, but we also have a new feature that we would like to share.

Retry support in Spring Core

We have been working on the Spring Retry project for a very long time. The Spring team decided that it was time to trim unnecessary features, revisit some of its API and merge the resulting work into the "spring-core" module of Spring Framework. This new Retry support is located in the org.springframework.core.retry…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.1.21 and 6.2.8 are available now.

Spring Framework 6.1.21 ships with 3 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.3.13.

Spring Framework 6.2.8 ships with 39 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.4.7 and 3.5.1.

CVE-2025-41234:

The releases address CVE-2025-41234 for RFD Attack via “Content-Disposition” Header Sourced from Request.

Open source support for Spring Framework 5.3.x and 6.0.x generations has ended, and this is our last OSS release for the 6.1.x generation, see our support page for more information…

On behalf of the Spring for GraphQL team, I am pleased to announce the availability of 1.4.0, the generally available release.

In case you missed those, the 1.4.0-M1 and 1.4.0-RC1 release blog posts described the new features for this generation. The Spring for GraphQL 1.4.0 wiki page should help you to upgrade your application. We will keep updating this page with the feedback we get from the community on our issue tracker and on StackOverflow.

GraphQL Java 24+ baseline

The GraphQL Java team recently released new major releases for the Java DataLoader and GraphQL Java projects. They immediately supersede the 23.x generation so Spring for GraphQL 1.4 will require GraphQL Java 24+ as a baseline. This last-minute change shouldn't affect much your…

On behalf of the team and everyone who has contributed, I am pleased to announce a new milestone for the next Spring Framework generation. The fifth milestone continues delivering new features and refinements on top of 7.0.0-M1, 7.0.0-M2, 7.0.0-M3 and 7.0.0-M4.

Jackson 3.0 support

As of #33798, we default to supporting Jackson 3.x in our entire stack, falling back to Jackson 2.x. Support for the Jackson 2.x generation has been deprecated in Spring Framework, and our current plan is to disable its auto-detection in 7.1, and remove its support entirely in 7.2.

Jackson 3.x uses a new tools.jackson package, which differs from the usual com.fasterxml.jackson. Classes from the "jackson-annotation" artifact (like @JsonView, @JsonTypeInfo) remain in the com.fasterxml.jackson…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.1.20 and 6.2.7 are available now.

Spring Framework 6.1.20 ships with 4 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.3.12.

Spring Framework 6.2.7 ships with 25 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.4.6 and 3.5.0.

CVE-2025-22233:

The releases address CVE-2025-22233 for Spring Framework DataBinder Case Sensitive Match Exception (2nd update).

Open source support for Spring Framework 5.3.x and 6.0.x generations has ended and will expire for the 6.1.x generation next month, see our support page for more information…

On behalf of the Spring for GraphQL team, I am pleased to announce the availability of 1.4.0-RC1, our last stop before the generally available release. In case you missed it, 1.4.0-M1 already shipped lots of new features and improvements.

You can read the full changelog for 1.4.0-RC1 and the upgrade notes on our wiki.

DataLoader observations

The Spring for GraphQL instrumentation creates Micrometer Observations for GraphQL requests and DataFetcher operations. Some data fetching operations are relying on batch loading calls to avoid the "N+1 problem". In previous generations, one would not see the difference between a "full" data fetching operation and one that simply delegates to DataLoader…

I am pleased to announce that Spring for GraphQL 1.3.5 is now available on Maven Central.

1.3.5 closes 12 issues. This version will ship with Spring Boot 3.3.11 and 3.4.5, to be released next week.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Project Page | GitHub | Issues | Documentation | Stack Overflow

On behalf of the team and everyone who has contributed, I am pleased to announce a new milestone for the next Spring Framework generation. The fourth milestone continues delivering new features and refinements on top of 7.0.0-M1, 7.0.0-M2 and 7.0.0-M3.

Class-File API usage for Java 24+ apps

Spring Framework reads class bytecode to collect metadata about the application code. Historically we have used a slim ASM fork for this purpose, through the MetadataReaderFactory and MetadataReader types in the org.springframework.core.type.classreading package. Although Spring applications typically have no direct exposure to this API, this is especially useful when parsing @Configuration…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.1.19 and 6.2.6 are available now.

Spring Framework 6.1.19 ships with 11 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.3.11.

Spring Framework 6.2.6 ships with 35 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.4.5 and 3.5.0-RC1. It's very unusual for us to ship new features in maintenance versions, but this version also brings first-class support for Bean Overrides with @ContextHierarchy. Please refer to the "Context hierarchies with bean overrides" documentation section…