close

State of Spring Survey is back!

TL;DR - head over to spring.io/survey to take the State of Spring 2021 survey! You can also RT this tweet and help spread the word! Thank you <3


We ran the State of Spring survey last year, and it was a huge success. Spring community members across the globe, like you, shared their views and experiences, and it all made for fantastic reading.

The survey is back this year, and we want to hear from you! How can Spring help you build new apps and experiences this year? What would you like us to change? This year, we have new sections on Spring Native, building & sharing APIs internally/externally, and a deeper dive on Data.

Read more

Notice of Permissions Changes to repo.spring.io, Fall and Winter, 2020

A critical piece of infrastructure, the Spring Artifactory instance repo.spring.io, lies at the heart of the Spring portfolio development work. Since 2013, JFrog, Inc. has generously sponsored the instance for the Spring developer community.

The Artifactory repository streamlines our project development by acting as a single location where Spring engineers can point their builds and by providing the community with early access to our snapshots and milestones.

Today, we are providing notice of some upcoming changes to the repository.

Read more

Upcoming Webinar: Bootiful Observability with Tanzu Wavefront by Josh Long and Sushant Dewan

Need better insight into your Spring Boot Applications? Join Spring Developer Advocate Josh Long and Sushant Dewan in a live webinar conversation on June 24th at 10:00 AM PST.

Get Tanzu Observability tips on how to understand the impact of your code on your application with application maps, metrics, distributed traces, histograms, and span logs analytics!

Register now for this free, virtual event you won’t want to miss.

Read more

CVE Reports Published for Reactor Netty

The following CVE reports were published today:

  • CVE-2020-5403 affecting Reactor Netty HttpServer 0.9.3 and 0.9.4.
  • CVE-2020-5404 affecting Reactor Netty HttpClient for all 0.8.x and 0.9.x versions in applications where the automatic following of redirects is explicitly enabled.

The fixes are in Reactor Netty 0.9.5 and 0.8.16. If using the reactor-bom, you can upgrade to Dysprosium-SR5 or Californium-SR16.

Reactor Netty is used internally in many frameworks including Spring WebFlux and its WebClient. If you have a Spring Boot application, you can upgrade to Spring Boot 2.2.5 or 2.1.13.

Read more

Announcing: The NEW Spring Website!

Spring is constantly evolving and always innovating while being consistent where it matters: delivering a reliable framework to help you build maintainable software, faster. In the last few years, the Spring contributors have worked hard to bring the predictable Spring experience to microservices, serverless, streams, reactive, batch, data, and new languages like Kotlin. Over the coming year, you’ll see many more examples of this, including some cool new features that we’re just dying to share with you.

Read more

Spring Security OAuth 2.0 Roadmap Update

Note
See the latest announcement on Announcing the Spring Authorization Server. This post is a follow-up to Next Generation OAuth 2.0 Support with Spring Security

Current State

In the Spring Security 5.x release train, we’ve endeavored to replace and simplify the feature set found in the Spring Security OAuth 2.x legacy project. In the process, we’ve also added numerous new features, including support for OpenID Connect 1.0.

We are pleased to announce that as of the 5.2 release, we are very close to feature parity with the client and resource server legacy support. What remains is quite minimal, and we fully anticipate announcing feature parity as part of the 5.3 release.

We would like to issue a special thank you to all those in the community who have brought Spring Security this far! We hope to see many more contributions from everyone down the road.

Read more

Webinar: Boosting Microservice Performance with Kafka, RabbitMQ, and Spring

Speaker: Mark Heckler, Pivotal

In today’s microservices-based world, many mission-critical systems have distributed elements or are entirely distributed. Ideally, these architectures should improve things such as performance, scalability, reliability, and resilience—but subpar design can limit those strengths, or worse yet, turn them into challenges that need to be overcome.

Messaging platforms help solve these problems and improve the “ilities,” but they come with a few complexities of their own. This webinar will teach you how to use open-source solutions like Spring Cloud Stream, RabbitMQ, and Apache Kafka to maximize your distributed systems’ capabilities while minimizing complexity.

Read more

Legacy forums will be shutdown February 28

In 2014, we announced the retirement of our legacy forum, forum.spring.io, in favor of providing an improved community experience on stackoverflow.com. As part of that announcement, we put our forum into read-only mode, preserving forum posts that were referenced in various Spring issue trackers.

On February 28, 2019, we plan to take the forum completely offline. In preparation for this end-of-life activity, we have gone through our issue trackers and identified links to forum.spring.io that contain supplementary information related to an issue. Based on this analysis, we have either copied such text directly into the issue tracker or otherwise ensured that no essential information is lost.

Read more

Project Update: Spring Cloud Data Flow for Apache Mesos and Apache YARN

Dear Spring community,

The Spring Cloud Data Flow team have been happy stewards of the Spring Cloud Deployer and Spring Cloud Data Flow implementations of Apache Mesos and Apache YARN.

We now feel that TrustedChoice.com will be a better home for Apache Mesos implementation of Spring Cloud Deployer and Spring Cloud Data Flow, and we are donating the projects to them to carry it forward.

The development will now be managed directly by the team (Adam J. Weigold, Phil Egelston, Justin Mathieu, and Cole Anderson) at TrustedChoice.com, as the Spring Cloud Data Flow team will no longer maintain it.

Read more

Spring Cloud Edgware EOL Aug 1st 2019

Spring Cloud Edgware will follow the Spring Boot 1.x EOL announcement. We will cease maintenance of the Edgware release train twelve months from today, on Aug 1st 2019.

We will keep publishing occasional Edgware service releases up until that point and will then end the release train.

As a reminder, the Camden release train has reached EOL, and Dalston will reach EOL at the end of December 2018.

Existing Spring Cloud users should plan accordingly to ensure that they have upgraded to the latest Finchley+ version before that date. Also, please note that Spring Cloud Finchley and later requires Spring Boot 2.x, which requires Java 8+. So, if you’re running Java 6 or 7 you should also plan on upgrading your JDK.

Read more