On behalf of the Spring AI engineering team and everyone who has contributed, I'm happy to announce that Spring AI 1.0.2 has been released and is now available from Maven Central.

This patch release delivers important stability improvements and bug fixes with 91 improvements, bug fixes, and documentation updates.

Key Improvements

• New Features: GPT-5 model support, MariaDB vector similarity scores, Kotlin data class JSON schema support
• Bug Fixes: Enhanced error handling, thread-safe date formatting, improved null safety
• Documentation: Developer experience improvements and updated guides
• Dependencies: Security updates and performance improvements
…

On behalf of the team and everyone who contributed, I am pleased to announce the Third Milestone of Spring Integration 7.0.0 generation. For convenience, the 7.0.0-M3 artifacts are also available in Maven Central.

In addition, the 6.5.2 and 6.4.7 versions with bug fixes and dependency upgrades have been released.

Some notable changes in 7.0.0-M3 are:

• JUnit 6 upgrade;
• The Nullability via JSpecify and Nullaway is applied to every single package in the project;
• The AbstractPersistentAcceptOnceFileListFilter implementations now deal with full remote file to avoid conflict with the same file name in different directories;
• The AbstractInboundFileSynchronizer now caches the Session.list() result (after filtering) between polls when maxFetchSize is limited;
• The Spring Retry dependnecy has been removed and its API has been replaced with similar one in the Spring Framework Core;
• All the available major/minor dependency upgrades.
…

On behalf of the team and everyone who contributed, we are pleased to announce that Spring for Apache Kafka 4.0.0-M5 has been released. We also released a patch GA version 3.3.10. We extend our gratitude to all contributors who made these releases possible.

This is the final milestone release for the 4.0 series. We plan to release the first release candidate (RC1) next month.

What's New in 4.0.0-M5

Jackson 3 Support: Added comprehensive Jackson 3 support across all serialization and messaging components. The framework automatically detects and prefers Jackson 3 when available, while Jackson…

I am pleased to announce that the third Spring for GraphQL 2.0 Milestone release is now available.

Nullability support in schema mapping inspection

Our Schema Mapping Inspection feature got a recent upgrade thanks to our work on Null-safety in Spring projects.

If your application is written in Kotlin, or is using Null-safety annotations, further inspections will be performed. The GraphQL schema can declare nullable types (Book) and non-nullable types (Book!). We can ensure that both the schema and the application are in sync when it comes to nullability information.

• For schema fields, we can check that the relevant Class properties and DataFetcher return types with the same nullability.
• For field arguments, we can ensure that DataFetcher parameters have the same nullability
…

I am pleased to announce that Spring for GraphQL 1.4.2 is now available on Maven Central. This release closes 10 issues.

This version will ship with Spring Boot 3.5.6, to be released this week.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Project Page | GitHub | Issues | Documentation | Stack Overflow

On behalf of the team and everyone who has contributed, I’m happy to announce that Spring for Apache Pulsar 1.2.10 and 2.0.0-M3 have been released and are now available from Maven Central.

The 1.2.10 release will be included in the upcoming Spring Boot 3.4.10 and 3.5.6 releases. The 2.0.0-M3 release will be included in the upcoming Spring Boot 4.0.0-M3 release.

Please see the release notes (1.2.10 and 2.0.0-M3) for more details.

--- IMPORTANT UPDATE ---

An error occurred in our release process for 6.4.10 and 6.5.4 that did not include Spring Framework 6.2.11.

Given this, we have released 6.4.11 and 6.5.5, which now includes Spring Framework 6.2.11.

On behalf of the team and everyone who has contributed, I am pleased to announce the availability of Spring Security 6.4.10 and 6.5.4.

Spring Security 6.4.10 ships with 4 fixes and several dependency upgrades. This version will be shipped this week with Spring Boot 3.4.10.

Spring Security 6.5.4 ships with 4 fixes and several dependency upgrades. This version will be shipped this week with Spring Boot 3.5.6…

The Spring Security and Spring Framework teams have collaborated to release fixes for the following CVEs.

• CVE-2025-41248: Spring Security authorization bypass for method security annotations on parameterized types
• CVE-2025-41249: Spring Framework Annotation Detection Vulnerability

Both of these CVE reports pertain to vulnerabilities that may be encountered when using security annotations on methods within type hierarchies with a parameterized super type with unbounded generics. See the individual CVE reports for further details.

CVE-2025-41248

The Spring Security 6.4.11 and 6.5.5 open source releases address CVE-2025-41248…

On behalf of the team and everyone who contributed, I am pleased to announce the fifth Milstone for 4.0.0 of Spring AMQP.

The patch versions 3.2.7 also has been released with bug fixes and dependency upgrades.

The most notable change in this milestone is a breaking migration from Spring Retry API to the one provided now in the Spring Framework Core.

See the Release Notes and What's New for more information.

This is the last milestone before Release Candidate in October, so don't hesitate to reach us out in GitHub issues with any feddback!

Cheers, 
Artem

Project Page | GitHub Issues | Contributing | …