The Spring Blog
Dear Spring Community,
I am happy to announce the 4.1.2 release of the Spring Tools 4 for Eclipse, Visual Studio Code, and Atom.
Highlights from this release include:
- (Spring Boot) new: live hover information for bean wirings now supports war-packaged boot apps running in a local server installation
- (Spring Boot) new: live hover information for
- (Spring Boot) new: bean symbols from XML config files now include exact location information
- (Spring Boot) fixed: navigate to resource in live hovers for apps running on CF works again
- (Spring Boot) fixed: search for symbols in project now happens on the server side to avoid no project-related symbols showing up on the client side before you start typing in a query
- (Spring Boot) performance: improvement to further reduce the CPU load when checking processes for live hovers (#140)
- (Spring Boot) performance: the language server doesn’t trigger a full source and javadoc download for Maven projects anymore
- (Concourse) new: support for hierarchical symbols in file added, produces nice outline view information now
- (Concourse) new: support for YAML anchors, references, extend added (#58)
- (Eclipse) new: quick text search can be switched to non-modal mode (#189)
- (Eclipse) new: quick text search allows results to be filtered for certain file types (#185)
- (Eclipse) fixed: startup performance regression found in early builds on Eclipse 4.11
- various additional bug fixes and improvements
Hi Spring fans! This week I’m excited to welcome Sreee Tummidi, a senior product manager working at the intersection of application security and platform at Pivotal. We talked about security, Spring Security, cloud platforms, OAuth, OIDC and OIDC Connect, SAML, and of course the Cloud Foundry UAA, and tons more.
We have released Spring Security OAuth 2.3.5, 2.2.4, 2.1.4 and 2.0.17 to address CVE-2019-3778: Open Redirector in spring-security-oauth2. Please review the information in the CVE report and upgrade immediately.
For additional changes included in each release, please refer to:
NOTE: For users of Spring Boot 1.5.x and Spring IO Platform Cairo, it is highly recommended to override the
spring-security-oauth version to the latest version containing the fix for the CVE. Please see the Mitigation section in the CVE report for detailed instructions on how to override the version.
The quickest way to generate Spring Boot projects is through start.spring.io. The site provides a curated list of dependencies that you can add to your application based on the selected Spring Boot version. You can also choose the language, build system and JVM version for the project. Over the years, the popularity of start.spring.io as the tool for generating Spring projects has grown exponentially and millions of projects are generated every year using the site.
For the past few months, we’ve been working on a complete overhaul of the project generation API. To better understand the motivation behind this, take a look at the project structure below:
Hi Spring fans! Can you believe it? We’re at the end of yet another season - our fifth! - of Spring Tips! I wasn’t sure at first (when we started down this journey a few years ago) that these videos would take off or become popular but it seems the Spring community’s curiosity knows no bounds!
I try in every season to look at new technology (RSocket and R2DBC, eh, spring to mind..), and to introduce variations on themes (we looked at three projects that extend Spring Cloud to native IaaS-platforms this season!), and to introduce potentially niche but often appreciated topics (this season we looked at BPMN 2 workflow management with Flowable and we looked JavaFX, for example). I also try whenever possible to introduce concepts in terms of Spring (where normally I introduce Spring in terms of the concepts they support). This season was, from that perspective, a success.
Hi Spring fans! Welcome to another installment of This Week in Spring! In the US, Monday was a public holiday so today, Tuesday, feels a bit like Monday and i was happily going through the Monday motions and then I got a reminder that I had to write this week’s installment! Ooops! Thank goodness for technology.
I’m at San Francisco International Airport about to board a fight for the Washington DC edition of the SpringOne Tour. Are you going to be in Washington DC? Reach out and say hi! My direct messages on Twitter are correct, too
The Spring Cloud Connectors library has been with us since the launch event of Cloud Foundry itself back in 2011. One of the main goals of the connector library and Cloud Foundry’s Java buildpack was to “reduce the initial investment when you want to get started with Cloud Foundry”. The connector library creates the Spring bean definitions required to connect to backing services, like databases, using information contained in the VCAP_SERVICES environment variable. The buildpack then replaces these bean definitions you had in your application with those created by the connector library through a feature called ‘auto-reconfiguration’. You may have seen it mentioned in the logs when you pushed an app to Cloud Foundry…
On behalf of the team and everyone who has contributed, I’m happy to announce that Spring Boot 2.1.3 has been released and is is now available from repo.spring.io and Maven Central.
This release includes over 70 fixes, improvements and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.
If you are still using Spring Boot
2.0.x, an upgrade to Spring Boot
2.1.x is strongly encouraged. Following the announcement that Spring Framework
5.0.x will reach its EOL in March, Spring Boot
2.0.x will follow suit with a final release in the
2.0.x line planned for late March. As previously announced, Spring Boot
1.5.x will continue to be maintained until it reaches its EOL in August.
A Bootiful Podcast: an Interview with Spring Contributor and "Learning Spring Boot 2.0" author Greg Turnquist
It was a lot of fun to talk to Greg Turnquist, one of the more industrious and variously applied members of the Spring family, about how he found his way to the Spring team and community, Python, his new book, Spring team legends like Keith Donald and Brian Dussault, and so much more.