On behalf of the Spring Data team I’m happy to announce the first milestone of the Lovelace release train. The release ships over 200 tickets fixed! The most important new features are:

• JPA 2.2 result streaming.
• MongoDB Validator and JsonSchema support.
• Support for MongoDB Change Streams.
• Neo4J OGM 3.1 upgrade.
• Exist/Count projections as well as a fluent template API in Spring Data for Apache Cassandra.
• Spring Data for Apache Geode added JCache Annotation support.
• Query By Example for Redis repository abstractions.
• Spring Data REST offers more fine grained method exposure mechanisms.

In addition to that, we're happy to now have Spring Data JDBC join the release…

On behalf of the team, I am pleased to announce the release of Spring Cloud Skipper 1.0 GA

Skipper is a lightweight tool that allows you to discover Spring Boot applications and manage their lifecycle on multiple Cloud Platforms. You can use Skipper standalone or integrate it with Continuous Integration pipelines to help implement the practice of Continuous Deployment.

The getting started section in the reference guide is the best place to start kicking the tires.

Release Highlights:

• Introduction of Flyway to manage schema along with various schema tweaks.

• Option to delete a release along with its package.

• Refined the REST API.

• Updated properties to YAML converter.

• Add resource metadata in manifest template.

• Separate platform deployers into multiple maven modules.

• Support passing to the shell commands to execute.

• Updated documentation.

• Various bug fixes.

…

On behalf of the team, I am pleased to announce the general availability of Spring Cloud Data Flow 1.3 across a range of platforms

Follow the Getting Started guides for Local Server, Cloud Foundry, and Kubernetes

Release Highlights

Stream updates and rollback

A streaming data pipeline orchestrated as a series of microservice applications has always been the core value of Spring Cloud Data Flow’s design. In Data Flow 1.3 we have provided the ability to update sources, processors, and sinks independently without having to undeploy and redeploy the entire stream.

The stream update and rollback functionality is implemented by delegating the deployment process to a new Spring Cloud project called Skipper. Skipper is a lightweight Spring Boot application, purpose-built to fill this feature gap in Data Flow. Skipper defines a package format, much like helm or brew and can also deploy/undeploy applications to multiple cloud platforms: Local, Cloud Foundry, and Kubernetes. It uses the same Spring Cloud Deployer libraries that have been part of Data Flow since the beginning. Recent presentations at SpringOne 2017 introduces Skipper and the …

I am pleased to announce that Spring IO Platform Brussels-SR7 is now available from both repo.spring.io and Maven Central.

This maintenance release upgrades the versions of a number of the projects in the Platform:

• Spring AMQP 1.7.6
• Spring Boot 1.5.10
• Spring Data Ingalls-SR10
• Spring Framework 4.3.14
• Spring Integration 4.3.14
• Spring Retry 1.2.2
• Spring Security 4.2.4
• Spring Web Flow 2.4.7

The versions of a number of third-party dependencies have also been updated.

Project Page | GitHub | Issues | Documentation

On behalf of the team, it is my great pleasure to announce that Spring Boot 2.0.0.RC1 has been released and is now available from our milestone repository.

This release closes a massive 313 issues and pull requests, and is our first release candidate. At this point we're not anticipating that any major API changes or new features will be added before our final 2.0 GA release.

We've refined a number of items from previous milestone, and provide a number of notable new features including:

• A module to help with legacy property migration
• HTTP/2 support for Jetty (to go along with the Tomcat and Undertow that was added in M7)
• Greatly enhanced GSON support (thanks to an external contribution)
• Improved actuator JSON structures
• Helpful security matchers for both Servlet and Reactive deployements
…

Spring Boot 1.5.10 has been released and is is now available from repo.spring.io and Maven Central.

This release includes an important fix for security vulnerability CVE-2018-1196, which can affect anyone using Spring Boot's systemd and init.d service support. It also provides the latest version of Spring Security which fixed CVE-2018-1199.

In addition the security fix, Spring Boot 1.5.10 includes over 55 fixes, improvements and dependency updates. Thanks to all that have contributed with issue reports and pull requests.

Project Page | GitHub | Issues | Documentation | Stack Overflow | Gitter

We have released Spring Security 5.0.1, 4.2.4, and 4.1.5 to address CVE-2018-1199: Security bypass with static resources Users are encouraged to update immediately.

One of the changes introduced for this CVE was setting StrictHttpFirewall as the default HttpFirewall. User’s can refer to the Javadoc and reference for additional information on how to configure it.

Project Site | Reference | Help

We are pleased to announce the availability of the following maintenance releases; users are encouraged to upgrade at the earliest opportunity.

• Spring Integration - 5.0.1, 4.3.14 and 4.2.13

• Spring Integration for Apache Kafka 3.0.1

• Spring for Apache Kafka - 2.1.2, 2.0.3 and 1.3.3

• Spring AMQP - 2.0.2 and 1.7.6

Spring Integration 4.3.13, Spring AMQP 1.7.6 will be used in the upcoming Spring Boot 1.5.10 release. Spring Integration 5.0.1, Spring AMQP 2.0.2 and Spring for Apache Kafka 2.1.2 will be used in the upcoming release candidate for Spring Boot 2.0.

See the respective project pages at spring.io/projects…

This post was authored by Vedran Pavić

On behalf of the community I’m pleased to announce the release of Spring Session 2.0.1.RELEASE. This maintenance release is focused primarily on addressing a classloading related regression when using a Redis backed session store in combination with Spring Boot’s DevTools.

You can find the complete details of the release in the changelog.

Feedback Please

If you have feedback on this release, I encourage you to reach out via StackOverflow, GitHub Issues, or via the comments section. You can also ping Rob @rob_winch, Joe @joe_grandja, or me @vedran_pavic on…