On behalf of the Data Team and everyone who contributed, I'm pleased to announce the GA release of the 2021.2 release train as well as the 4th Milestone of the 2022.0 one.

Already working on the 2022.0 train, based on Spring Framework 6, Java17 and Jakarta EE 9, the 2021.2 release ships bug fixes and selected back ported features.

Other than dependency upgrades, these are some of the major changes:

• Infrastructure to introspect a projection type.
• Common infrastructure for property-specific value converters.
• Improved support for IdClass handling in data-jpa.
• Declarative Update methods in data-mongodb.
• Reindexing support in data-elasticsearch.
• Direct projections for data-cassandra.
• ACL support for Redis Sentinels.
• Lock and Null precedence support for JDBC.
• Query Rewriter for JPA.
…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.0.0-M4 is available now.

Spring Framework 6.0.0-M4 ships with all the fixes from 5.3.20 released yesterday, and also includes 39 fixes and improvements specific to the 6.0 branch.

Project Page | GitHub | Issues | Documentation

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 5.3.20 and 5.2.22 are available now.

Spring Framework 5.3.20 includes 14 fixes and improvements. Spring Framework 5.2.22 includes 2 backports.

In addition, these releases include fixes for 2 vulnerabilities:

• CVE-2022-22970 "Spring Framework DoS via Data Binding to MultipartFile or Servlet Part" Denial of Service (DoS) attack in Spring MVC or Spring WebFlux applications that handle file uploads and rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. Severity: Medium

• CVE-2022-22971 "Spring Framework DoS with STOMP over WebSocket"
  Denial of service (DoS) attack by authenticated users in Spring applications with a STOMP over WebSocket endpoint. Severity: Medium

…

On behalf of the community, I am pleased to announce that the Service Release 2 of the Spring Cloud 2021.0 Release Train is available today. This was primarily a bug fix release. The release can be found in Maven Central. You can check out the 2021.0.2 release notes for more information.

Notable Changes in the 2021.0.2 Release Train

See the project page for all issues included in the release.

Spring Cloud Commons

• Pass request data context in blocking LoadBalancer client (1090)
• Support custom HTTP status code in LoadBalancer lifecycle (1066)
• Support URI without port for default ServiceInstance ([1054]https://github.com/spring-cloud/spring-cloud-commons/pull/1054))
• Improved calculating Round Robin LoadBalancer position ([1078]https://github.com/spring-cloud/spring-cloud-commons/pull/1078)/files)
…

Dear Spring Community,

I am happy to announce the 4.14.1 release of the Spring Tools 4 for Eclipse, Visual Studio Code, and Theia.

fixes and improvements

• (Spring Boot) fixed: use startupSnapshot instead of startup timer call to avoid wiping out the underlying data
• (Spring Boot) fixed: When vscode opens a Java project for about 2 hours, the suggestion function will fail (#750)
• (VSCode) enhancement: live hovers are now automatically show up when you launch a Spring Boot application in VSCode. Additional JVM args for the Spring Boot app to enable JMX are added to the launch automatically. More details can be found in the user guide section about Live Application Information.
• (VSCode) enhancement: add extension APIs to get live data (#751…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.5.13 has been released and is now available from Maven Central.

This release includes 31 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Project Page | GitHub | Issues | Documentation | Stack Overflow | …

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.6.7 has been released and is now available from Maven Central.

This release includes 38 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Project Page | GitHub | Issues | Documentation | Stack Overflow | …

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.7.0-RC1 has been released and is now available from https://repo.spring.io/milestone.

This release includes more than a 100 bug fixes, enhancements, documentation improvements, and dependency upgrades. Notable new features include:

• Auto-configuration for Kafka Retry Topics
• Auto-configuration for RSocket support in GraphQL

Please see the release notes for more details and upgrade instructions.

Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

On behalf of everyone involved, I'm pleased to announce the availability of the first and final release candidate of Spring for GraphQL 1.0. We're finally going to release a 1.0 version on May 17, the reference version for Spring Boot 2.7.0. We've shipped a few noteworthy changes and one important new feature in this release.

Note: The Spring for GraphqL Boot starter is up-to-date with the changes discussed in this post and Spring Boot 2.7.0-RC1 is scheduled to be released on Thursday this week.

GraphQL over RSocket

Spring for GraphQL started out with the HTTP and WebSocket transports - must haves in the GraphQL world. Our programming model allows adding others too, and our existing infrastructure pointed at another clear candidate: the RSocket protocol…