We are pleased to announce that Spring Cloud Task 2.3.0-M1 is now available on Github and the Spring download repository. Many thanks to all of those who contributed to this release.

What's New?

Spring Cloud Task 2.3.0-M1 is intended to be the version of the framework aligned with Spring Boot 2.3. Updates from 2.2.x include:

• Updates to all dependencies.
• Support for specifying a PlatformTransactionManager to be used by Spring Cloud Task.
• A starter for singl-step Spring Batch jobs.

Let's walk through these updates in more detail.

Update to All Dependencies

As stated earlier, this is first…

On behalf of the community, I’m pleased to announce the release of Spring Security OAuth2 Auto-config 2.3.0.RC1 (release notes), 2.2.7.RELEASE (release notes), 2.1.14.RELEASE (release notes). The release delivers dependency updates to be compatible with the last versions of Spring Boot. Users are encouraged to update to the latest patch release.

Project Site | Reference | Help

Hi, Spring fans! This week I rant about push-button simple deployments and then talk to our friend and Spring and Java community member Eddú Meléndez about working in open-source, his journey to Spring and its community, his various contributions to Spring and more.

Spring Boot has a great observability story. With the Actuator, we auto-configure Micrometer, an application metrics facade that supports numerous monitoring systems. With a few properties, you can start emitting a wide range of metrics out-of-the-box to your favorite monitoring system. And if you need to use distributed tracing, Spring Cloud Sleuth gets you covered.

Tanzu Observability for Wavefront (formerly Wavefront) delivers scalable observability as a service where Spring developers can build analytics-driven dashboards based on multi-sourced data including metrics, traces, histograms…

On behalf of the community, I’m pleased to announce the release of Spring Security 5.4.0-M1! You can find the complete details in the release notes and the highlights below:

OAuth 2.0

gh-8185 - Resource Server configurers pick up a JwtAuthenticationConverter bean

gh-8324 - Configure AuthoritiesMapper in Reactive OAuth2Login

gh-8324 - Validate ID Token Issuer

gh-8337 - Allow custom header during bearer token extraction

gh-8332 - Provide possibility to use custom cache to store JWK Set

Web

gh-8033 - Add server request cache that uses cookie

gh-2693 - Transfer session’s max inactive interval in…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.2.7 has been released and is now available from repo.spring.io and Maven Central.

This release includes 80 bug fixes, enhancements, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

Important Security Advisory

This version of Spring Boot includes a dependency upgrade to Spring Security 5.2.4.RELEASE. It contains fixes for CVE-2020-5407 and CVE-2020-5408, see also the official announcement.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.1.14 has been released and is now available from repo.spring.io and Maven Central.

This release includes 61 bug fixes, enhancements, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

Important Security Advisory

This version of Spring Boot includes a dependency upgrade to Spring Security 5.1.10.RELEASE. It contains fixes for CVE-2020-5407 and CVE-2020-5408, see also the official announcement.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…

On behalf of the community, I’m pleased to announce the release of Spring LDAP 2.3.3 (release notes). The release delivers bug fixes along with some minor improvements. Users are encouraged to update to the latest patch release.

Project Site | Reference | Help

UPDATE 2020-05-13: The following versions of Spring Security address CVE-2020-5407 and CVE-2020-5408

On behalf of the community, I’m pleased to announce the release of Spring Security 5.3.2 (release notes), 5.2.4 (release notes), 5.1.10 (release notes) , 5.0.16 (release notes), 4.2.16 (release notes). These releases deliver bug fixes along with some minor improvements. Users are encouraged to update to the latest patch release.

Project Site | Reference | Help