SBOM support in Spring Boot 3.3

Engineering | Moritz Halbritter | May 24, 2024 | ...

Spring Boot 3.3.0 has been released, and it contains support for SBOMs. SBOM stands for "Software Bill of Materials" and describes the components used to build a software artifact. In the context of this blog post, that's your Spring Boot application. These SBOMs are useful because they describe exactly what your application contains. With that information, you can assess if a security vulnerability affects your application, or use automated security tools to scan your applications and alert you on security vulnerabilities.

There are multiple SBOM formats out there, the most widely used ones are CycloneDX, SPDX, and Syft. Spring Boot 3.3.0 supports CycloneDX out of the box. The…

Spring Boot 3.3.0 available now

Releases | Moritz Halbritter | May 23, 2024 | ...

On behalf of the Spring Boot team and everyone that has contributed, I am pleased to announce that Spring Boot 3.3.0 has been released and is available from Maven Central.

This release adds a significant number of new features and improvements. For full upgrade instructions and new and noteworthy features please see the release notes.

What's new in 3.3

The highlights of the 3.3 release include:

  • CDS Support for improved startup times and reduced memory consumption
  • Observability improvements, for example support for Micrometer's @SpanTag, a process InfoContributor and Prometheus 1.x support
  • Spring Security improvements, for example an auto-configuration for JwtAuthenticationConverter
  • Service connection support for Apache ActiveMQ Artemis and LDAP
  • Docker Compose support for Bitnami Container Images
  • Virtual thread support for websockets
  • Support for Base64 resources in property (and YAML) files
  • Support for SBOMs with the new SBOM actuator endpoint
  • A completely revamped documentation

Spring Boot 3.2.6 available now

Releases | Moritz Halbritter | May 23, 2024 | ...

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.2.6 has been released and is now available from Maven Central.

This release includes 75 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Project Page | GitHub | Issues | Documentation | Stack Overflow |

Spring Boot 3.1.12 available now

Releases | Moritz Halbritter | May 23, 2024 | ...

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.1.12 has been released and is now available from Maven Central.

This release includes 49 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

End of open source support for Spring Boot 3.1.x

Spring Boot 3.1.12 marks the end of open source support for Spring Boot 3.1.x. Please upgrade to Spring Boot 3.2.x as soon as possible. If you are not yet ready to upgrade, commercial support for Spring Boot 3.1.x is available

Spring Framework 6.1.8, 6.0.21 and 5.3.36 available now

Releases | Brian Clozel | May 22, 2024 | ...

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.1.8, 6.0.21 and 5.3.36 are available now.

We are releasing out of our usual cycle to fix an AOP regression that was shipped last week.

Spring Integration 6.3 Availalbe, also 6.2.5 & 6.1.9

Releases | Artem Bilan | May 22, 2024 | ...

On behalf of the team and everyone who contributed, I am pleased to announce Spring Integration 6.3.0.

In addition to regular bug fixes, dependency upgrade, there were some deprecation refactoring. The Migration Guide includes some of them.

Here are some notable improvements and new features:

  • The ObservationPropagationChannelInterceptor has been deprecated in favor of enabling observation on the specific channel.
  • The spring-integration-security module is completely removed in favor of API from spring-security-messaging module.
  • The MockIntegrationContext.substituteTriggerFor() API has been introduced.
  • The MessageHistory header is now mutable, append-only container. This provides some performance optimization when we don't create a new Message on every history track.

Spring Batch 5.0.6 and 5.1.2 available now

Releases | Mahmoud Ben Hassine | May 22, 2024 | ...

I am pleased to announce that Spring Batch 5.0.6 and 5.1.2 are available now from Maven Central!

These patch releases come with a number of bug fixes, improvements and dependencies updates. You can find the release notes of each version here: 5.0.6 and 5.1.2.

We look forward to your feedback on Github Issues, Github Discussions, Twitter, and StackOverflow.

Spring Batch Home|Source on Github|Reference documentation

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring Runtime offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all