Get ahead
VMware offers training and certification to turbo-charge your progress.
Learn moreLast month, the team delivered a release train that includes Spring Framework 6.2 (the final minor version for the Spring Framework 6.x line), Spring Boot 3.4, and a round of minor version updates across the portfolio, this is a time to celebrate the new capabilities that have been added, as well as clarify the long term support arrangement for the portfolio.
Below is just a small sampling of the new and exciting capabilities included in the November releases of the Spring portfolio. We encourage you to check out the release notes for your favorite projects for further details!
The above are just some of the new capabilities within the portfolio. Numerous other enhancements and API improvements as well as deprecations and cleanup in preparation for the major versions next year were released this month.
With the releases of the new versions, all of which enjoy a year of OSS support that includes releases to Maven Central with CVE patches for our community, we also want to take this opportunity to reiterate and clarify the support positions for the entire portfolio. It is important to note that the current support timelines for all of the Spring portfolio projects can be found on the support tab of each project page here on https://spring.io.
As of the end of August of this year, Spring Framework 5.3 and 6.0 both have entered enterprise support periods. This means that no new patches will be released to Maven Central. Going forward all CVE updates and other fixes will be available via the Broadcom support portal. More information on acquiring enterprise support for your Spring applications can be found at https://spring.io/support.
Spring Boot 2.7 went into enterprise support back in November of 2023 and has had 14 releases to the enterprise repository to continue its ongoing support and dependency updates. This long term support program includes hot patches eliminating any gap between a CVE being patched in a project within the Spring portfolio and a version of Spring Boot bringing that fix in. This eliminates the need to override versions of the Spring portfolio to obtain CVE fixes for Tanzu Platform Spring Essentials customers. You can read more about Tanzu Platform Spring Essentials on the support page here.
After the announcement of Spring Framework 5.3 going out of open source support in May of this year, there was some confusion. We want to clarify how the rest of the portfolio will manage releases under our enterprise support going forward. With that announcement, all Spring projects (plus Reactor and Micrometer) will make all releases for versions under enterprise support to the Broadcom customer portal and not to Maven Central. We feel this provides the most consistent experience for our enterprise customers on where to find enterprise artifacts, both the long term support binaries as well as enterprise extensions and OpenRewrite recipes to upgrade your Spring applications.
As we look ahead to the future of the Spring portfolio, we strive to continue to provide the open source software, thought leadership, and leading edge capabilities our community has come to expect in a way that is sustainable for everyone.