Hear from the Spring team this January at SpringOne. >
close

The State of Spring Survey 2022 Is Here!

The State of Spring survey is here! Please give us your feedback by going to spring.io/survey. Spread the word by sharing these posts on Twitter, LinkedIn, and any other social platform you use!


Spring fans, our annual survey of the Spring community is back! Last year, we dived into the biggest projects and the most popular app patterns built with Spring, and a whole lot more! You told us your views about Spring Native, Data, and what matters to you when you start using a new Spring project.

The survey is back for 2022, and we’re really excited to learn again from you. What matters to you when you build with Spring? What types of apps are you building with Spring? What can we change, and what should remain the same?

Read more

State of Spring Survey is back!

TL;DR - head over to spring.io/survey to take the State of Spring 2021 survey! You can also RT this tweet and help spread the word! Thank you <3


We ran the State of Spring survey last year, and it was a huge success. Spring community members across the globe, like you, shared their views and experiences, and it all made for fantastic reading.

The survey is back this year, and we want to hear from you! How can Spring help you build new apps and experiences this year? What would you like us to change? This year, we have new sections on Spring Native, building & sharing APIs internally/externally, and a deeper dive on Data.

Read more

Notice of Permissions Changes to repo.spring.io, Fall and Winter, 2020

A critical piece of infrastructure, the Spring Artifactory instance repo.spring.io, lies at the heart of the Spring portfolio development work. Since 2013, JFrog, Inc. has generously sponsored the instance for the Spring developer community.

The Artifactory repository streamlines our project development by acting as a single location where Spring engineers can point their builds and by providing the community with early access to our snapshots and milestones.

Today, we are providing notice of some upcoming changes to the repository.

Read more

Upcoming Webinar: Bootiful Observability with Tanzu Wavefront by Josh Long and Sushant Dewan

Need better insight into your Spring Boot Applications? Join Spring Developer Advocate Josh Long and Sushant Dewan in a live webinar conversation on June 24th at 10:00 AM PST.

Get Tanzu Observability tips on how to understand the impact of your code on your application with application maps, metrics, distributed traces, histograms, and span logs analytics!

Register now for this free, virtual event you won’t want to miss.

Read more

CVE Reports Published for Reactor Netty

The following CVE reports were published today:

  • CVE-2020-5403 affecting Reactor Netty HttpServer 0.9.3 and 0.9.4.
  • CVE-2020-5404 affecting Reactor Netty HttpClient for all 0.8.x and 0.9.x versions in applications where the automatic following of redirects is explicitly enabled.

The fixes are in Reactor Netty 0.9.5 and 0.8.16. If using the reactor-bom, you can upgrade to Dysprosium-SR5 or Californium-SR16.

Reactor Netty is used internally in many frameworks including Spring WebFlux and its WebClient. If you have a Spring Boot application, you can upgrade to Spring Boot 2.2.5 or 2.1.13.

Read more

Announcing: The NEW Spring Website!

Spring is constantly evolving and always innovating while being consistent where it matters: delivering a reliable framework to help you build maintainable software, faster. In the last few years, the Spring contributors have worked hard to bring the predictable Spring experience to microservices, serverless, streams, reactive, batch, data, and new languages like Kotlin. Over the coming year, you’ll see many more examples of this, including some cool new features that we’re just dying to share with you.

Read more

Spring Security OAuth 2.0 Roadmap Update

Note
See the latest announcement on Announcing the Spring Authorization Server. This post is a follow-up to Next Generation OAuth 2.0 Support with Spring Security

Current State

In the Spring Security 5.x release train, we’ve endeavored to replace and simplify the feature set found in the Spring Security OAuth 2.x legacy project. In the process, we’ve also added numerous new features, including support for OpenID Connect 1.0.

We are pleased to announce that as of the 5.2 release, we are very close to feature parity with the client and resource server legacy support. What remains is quite minimal, and we fully anticipate announcing feature parity as part of the 5.3 release.

We would like to issue a special thank you to all those in the community who have brought Spring Security this far! We hope to see many more contributions from everyone down the road.

Read more

Webinar: Boosting Microservice Performance with Kafka, RabbitMQ, and Spring

Speaker: Mark Heckler, Pivotal

In today’s microservices-based world, many mission-critical systems have distributed elements or are entirely distributed. Ideally, these architectures should improve things such as performance, scalability, reliability, and resilience—but subpar design can limit those strengths, or worse yet, turn them into challenges that need to be overcome.

Messaging platforms help solve these problems and improve the “ilities,” but they come with a few complexities of their own. This webinar will teach you how to use open-source solutions like Spring Cloud Stream, RabbitMQ, and Apache Kafka to maximize your distributed systems’ capabilities while minimizing complexity.

Read more

Legacy forums will be shutdown February 28

In 2014, we announced the retirement of our legacy forum, forum.spring.io, in favor of providing an improved community experience on stackoverflow.com. As part of that announcement, we put our forum into read-only mode, preserving forum posts that were referenced in various Spring issue trackers.

On February 28, 2019, we plan to take the forum completely offline. In preparation for this end-of-life activity, we have gone through our issue trackers and identified links to forum.spring.io that contain supplementary information related to an issue. Based on this analysis, we have either copied such text directly into the issue tracker or otherwise ensured that no essential information is lost.

Read more

Project Update: Spring Cloud Data Flow for Apache Mesos and Apache YARN

Dear Spring community,

The Spring Cloud Data Flow team have been happy stewards of the Spring Cloud Deployer and Spring Cloud Data Flow implementations of Apache Mesos and Apache YARN.

We now feel that TrustedChoice.com will be a better home for Apache Mesos implementation of Spring Cloud Deployer and Spring Cloud Data Flow, and we are donating the projects to them to carry it forward.

The development will now be managed directly by the team (Adam J. Weigold, Phil Egelston, Justin Mathieu, and Cole Anderson) at TrustedChoice.com, as the Spring Cloud Data Flow team will no longer maintain it.

Read more