This Week in Spring - May 27th, 2024

Engineering | Josh Long | May 27, 2024 | ...

Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it will be! I'm in Venice, Italy, on a little vacation, but tomorrow I begin a quick journey to beautiful Sofia, Bulgaria, where I'll be speaking at the amazing JPrime software show (it's my first time speaking there, though not even my 20th time speaking in Bulgaria!). I'm so looking forward to it.

Then, I turn right back around and head to Barcelona, Spain, for the not-to-be-missed Spring IO event! I love Spring IO, and you should too! It is, in my estimation, the premier Spring event in EMEA and an…

Spring Modulith 1.2, 1.1.5, and 1.0.8 released

Releases | Oliver Drotbohm | May 24, 2024 | ...

I am excited to announce the availability of Spring Modulith 1.2 alongside the service releases 1.1.5 and 1.0.8. The latter two contain a lot of bug fixes, improvements and dependency upgrades. 1.2 most notably ships with new features:

  • Support for open application modules
  • Support for a package-info.java alternative for Kotlin
  • Indexes for event publication registry database tables (JDBC)
  • Spring AOT-generated classes excluded from verification
  • Upgrade to Spring Boot 3.3 (while retaining compatibility with 3.2 and 3.1)

Find more information in the full changelogs for 1.2 (RC1, M3, M2, M1), 1.1.5 and 1.0.8

SBOM support in Spring Boot 3.3

Engineering | Moritz Halbritter | May 24, 2024 | ...

Spring Boot 3.3.0 has been released, and it contains support for SBOMs. SBOM stands for "Software Bill of Materials" and describes the components used to build a software artifact. In the context of this blog post, that's your Spring Boot application. These SBOMs are useful because they describe exactly what your application contains. With that information, you can assess if a security vulnerability affects your application, or use automated security tools to scan your applications and alert you on security vulnerabilities.

There are multiple SBOM formats out there, the most widely used ones are CycloneDX, SPDX, and Syft. Spring Boot 3.3.0 supports CycloneDX out of the box. The…

Spring Cloud Data Flow 2.11.3 Released

Releases | Corneil du Plessis | May 24, 2024 | ...

On behalf of the team and everyone who has contributed, I’m happy to announce that Spring Cloud Data Flow 2.11.3 has been released and is now available from Maven Central.

Notable Changes in 2.11.3

  • Updated versions and mitigations for CVEs.

    • CVE-2024-22263 Skipper upload validation vulnerability mitigated.
    • Nimbus 9.37.2
    • BouncyCastle 1.78.1
    • Spring Kafka 2.9.13
    • Embedded Tomcat 9.0.88
    • Netty family
      • Netty to 4.1.109.Final
      • Reactor BOM to 2020.0.43
      • Rsocket BOM to 1.1.4
  • Added tasks/thinexecutions used to list Task Executions more efficiently.

Library Updates

  • Spring Framework 5.3.34
  • Spring Security 5.7.12

Spring Boot 3.3.0 available now

Releases | Moritz Halbritter | May 23, 2024 | ...

On behalf of the Spring Boot team and everyone that has contributed, I am pleased to announce that Spring Boot 3.3.0 has been released and is available from Maven Central.

This release adds a significant number of new features and improvements. For full upgrade instructions and new and noteworthy features please see the release notes.

What's new in 3.3

The highlights of the 3.3 release include:

  • CDS Support for improved startup times and reduced memory consumption
  • Observability improvements, for example support for Micrometer's @SpanTag, a process InfoContributor and Prometheus 1.x support
  • Spring Security improvements, for example an auto-configuration for JwtAuthenticationConverter
  • Service connection support for Apache ActiveMQ Artemis and LDAP
  • Docker Compose support for Bitnami Container Images
  • Virtual thread support for websockets
  • Support for Base64 resources in property (and YAML) files
  • Support for SBOMs with the new SBOM actuator endpoint
  • A completely revamped documentation

Spring Boot 3.2.6 available now

Releases | Moritz Halbritter | May 23, 2024 | ...

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.2.6 has been released and is now available from Maven Central.

This release includes 75 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Project Page | GitHub | Issues | Documentation | Stack Overflow |

Spring Boot 3.1.12 available now

Releases | Moritz Halbritter | May 23, 2024 | ...

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.1.12 has been released and is now available from Maven Central.

This release includes 49 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

End of open source support for Spring Boot 3.1.x

Spring Boot 3.1.12 marks the end of open source support for Spring Boot 3.1.x. Please upgrade to Spring Boot 3.2.x as soon as possible. If you are not yet ready to upgrade, commercial support for Spring Boot 3.1.x is available

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring Runtime offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all