Dear Spring Community,

I am happy to announce the 4.30.0 release of the Spring Tools for Visual Studio Code, Eclipse and Theia.

important highlights

• (Spring Boot - Eclipse) Embedded into Java source code JPQL/SQL queries syntax highlighting in Java editor
• (Spring Boot) Support for new functional bean registrations via BeanRegistrar, coming in Spring Framework 7
• (Spring Boot) Improvements to Bean Injection completion proposals

updates to the Spring Tools for Eclipse distribution

• early access builds available for Eclipse 2025-06 milestone builds
• branding updates, moving from Spring Tool Suite 4 towards just Spring Tools and Spring Tools for Eclipse
…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Web Services 4.0.13 has been released and is now available from Maven Central.

This release includes 10 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-ws tag.

Project Page | GitHub | Issues | Documentation | …

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Web Services 4.1.0-RC1 has been released and is now available from https://repo.spring.io/milestone.

This release includes 21 enhancements, documentation improvements, dependency upgrades, and bug fixes. Notable new features include:

• Support for Configuring Arbitrary WSS4J Options
• More Flexible HTTP Message Sender

Please see the release notes for more details and upgrade instructions.

Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-ws tag…

Hi, Spring fans! Welcome to another installment of This Week in Spring, which I'm writing from magnificent Minneapolis, Minnesota, where I'm recording an amazing Frontend Masters course introducing Spring Boot.

• I love this article introducing Spring AI in JavaPro magazine
• Want to run an LLM entirely in Java, supercharged with GraalVM native images? Check out this tweet from GraalVM developer advocate Alina Yurenko — it's dope.
• I loved it so much I made a quick YouTube Short on the same topic.
• By the way, want to learn Java? This is a great resource.
• The amazing Spring AI co-lead Christian Tsolov has a great talk introducing MCP.
• Spring team alumnus Arjen Poutsma has helped shape the APIs in Spring for a long time with his famous Poutsma Principles — in this blog, he discusses them.
• Spring Data 2025.0.0-RC1…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Security 5.7.17, 5.8.19, 6.0.17, 6.1.15, 6.2.11, 6.3.9, and 6.4.5 are available now which fix CVE-2025-22234.

Please refer to the releases page for more details.

Commercial customers using Spring Boot 2.7, 3.0, 3.1, or 3.2 will be able to update to Spring Boot 2.7.24.2, 3.0.19.2, 3.1.15.2, or 3.2.13.2 respectively to receive the corresponding Security releases 5.7.17, 6.0.17, 6.1.15, and 6.2.11. These Security versions are available now on the Spring commercial artifact repository and can be accessed with a Spring Enterprise Subscription…

Spring Cloud Data Flow End of Open-Source

TL;DR; Today we're announcing that going forward we will not be maintaining Spring Cloud Data Flow, Spring Cloud Deployer, or Spring Statemachine as open-source projects. Spring Cloud Data Flow 2.11.x, Spring Cloud Deployer 2.9.x, and Spring Statemachine 4.0.x will be the last open-source lines and any future releases will only be made available to Tanzu Spring customers. This change has no impact on the rest of the open-source Spring portfolio or the support obligations of the currently available OSS versions for existing users.

Spring Cloud Data…

On behalf of the team and everyone who has contributed, I am pleased to announce the availability of Spring Security 6.3.9.

Please check the changelog for more details.

Project Page | GitHub | Issues | Documentation

On behalf of the team and everyone who has contributed, I am pleased to announce the availability of Spring Security 6.4.5.

Please check the changelog for more details.

Project Page | GitHub | Issues | Documentation

On behalf of the team and everyone who has contributed, I am pleased to announce the release candidate milestone for the final Spring Security 6 minor release.

Among a number of feature enhancements, there are some that we'd love your attention on as we prepare them for general availability:

Core

• Complete Deprecation of ConfigAttribute, SecurityConfig, and other Access API components.

Specifically, please speak up if you are using any of the ACL Access components that were deprecated.

OAuth 2.0

• Further refinements to DPoP support - #16937, #16921, and #16900

SAML 2.0

• Simplified SAML 2.0 Response validation (docs), Assertion validation (docs), and Authentication conversion (docs)
• A RelayState-based Authentication Request Repository - #14793
…