The Spring Blog

News and Events

java-cfenv 1.0 RC1 Released

The java-cfenv library is new library for accessing Cloud Foundry Services. For Spring Boot users, it extracts service credentials from the VCAP_SERVICES environment variable and sets well known Spring Boot auto-configuration properties.

In this release the following Cloud Foundry Services are supported

  • Databases - DB2, MySQL, Oracle, Postgresql, SqlServer

  • RabbitMQ

  • Cassandara

  • MongoDB

  • Redis

In 1.0 RC1 two other modules were introduced that contain support for Pivotal’s Spring Cloud Service and Single Sign on tiles. The java-cfenv-boot-pivotal-scs module provides support for Config Server and java-cfenv-boot-pivotal-sso module provides support for single sign on.


Spring Vault 2.1.2.RELEASE available

On behalf of the community, I’d like to announce the availability of the Spring Vault service release 2.1.2 available from Maven Central.

This release ships with bug fixes and dependency version updates. Spring Vault 2.1.2 is going to be picked up by Spring Cloud Vault 2.1.2 with the Spring Cloud Greenwich SR1 release in the next days.

For a complete list of changes see the changelog.

End of Life for 1.1.x and 2.0.x Lines

With this release cycle, we have stopped backporting changes to the earlier Spring Vault 2.0.x line. The 2.0.x line has already reached its end of life. For the 1.1.x line, we’re going to backport fixes until Aug 1st, 2019, in alignment with Spring Boot 1.5.x and Spring Cloud Edgware EOL dates.


This Week in Spring - February 26, 2019

Hi Spring fans! What a week! This week I’m in San Francisco, CA; Columbus, OH (for the epic SpringOne Tour stop there), and then it’s off to Tel Aviv, Israel for customer visits and an appearance at the Israel JUG. If you’re around, then I’d love to connect!

Anyway, and as always, we’ve got tons to cover so let’s get to it!


Spring Cloud Finchley.SR3 Now Available

On behalf of the community, I am pleased to announce that the Service Release 3 (SR3) of the Spring Cloud Finchley Release Train is available today. The release can be found in Maven Central. You can check out the Finchley release notes for more information.

Notable Changes in the Finchley Release Train

Spring Cloud Config

  • Spring Cloud Config server now honors the if-modified-since header in requests before
    retrieving data and returns last-modified header in response
  • Issues

Spring Cloud Stream

*Elmhurst.SR2 Release


Spring Cloud Data Flow and Skipper 2.0 RC1 Released

The Spring Cloud Data Flow team is pleased to announce the release of 2.0 RC1 of Data Flow. Follow the Getting Started guides for running on Local, Cloud Foundry, and Kubernetes.

Hand in hand is the 2.0 RC1 release of Spring Cloud Skipper. The getting started section in the reference guide is the best place to start if you want to use Skipper separately from Data Flow.

Here are the highlights for Data Flow

  • Revamped metrics and monitoring of deployed applications on Kubernetes

  • Updated analytics using micrometer

  • Security improvements

  • Dashboard improvements

  • Database migration support


Spring Tools 4.1.2 released

Dear Spring Community,

I am happy to announce the 4.1.2 release of the Spring Tools 4 for Eclipse, Visual Studio Code, and Atom.

Highlights from this release include:

  • (Spring Boot) new: live hover information for bean wirings now supports war-packaged boot apps running in a local server installation
  • (Spring Boot) new: live hover information for @Value annotations (#177)
  • (Spring Boot) new: bean symbols from XML config files now include exact location information
  • (Spring Boot) fixed: navigate to resource in live hovers for apps running on CF works again
  • (Spring Boot) fixed: search for symbols in project now happens on the server side to avoid no project-related symbols showing up on the client side before you start typing in a query
  • (Spring Boot) performance: improvement to further reduce the CPU load when checking processes for live hovers (#140)
  • (Spring Boot) performance: the language server doesn’t trigger a full source and javadoc download for Maven projects anymore
  • (Concourse) new: support for hierarchical symbols in file added, produces nice outline view information now
  • (Concourse) new: support for YAML anchors, references, extend added (#58)
  • (Eclipse) new: quick text search can be switched to non-modal mode (#189)
  • (Eclipse) new: quick text search allows results to be filtered for certain file types (#185)
  • (Eclipse) fixed: startup performance regression found in early builds on Eclipse 4.11
  • various additional bug fixes and improvements

CVE-2019-3778: Spring Security OAuth 2.3.5, 2.2.4, 2.1.4, 2.0.17 Released

We have released Spring Security OAuth 2.3.5, 2.2.4, 2.1.4 and 2.0.17 to address CVE-2019-3778: Open Redirector in spring-security-oauth2. Please review the information in the CVE report and upgrade immediately.

For additional changes included in each release, please refer to:

NOTE: For users of Spring Boot 1.5.x and Spring IO Platform Cairo, it is highly recommended to override the spring-security-oauth version to the latest version containing the fix for the CVE. Please see the Mitigation section in the CVE report for detailed instructions on how to override the version.


What's new with Spring Initializr

The quickest way to generate Spring Boot projects is through The site provides a curated list of dependencies that you can add to your application based on the selected Spring Boot version. You can also choose the language, build system and JVM version for the project. Over the years, the popularity of as the tool for generating Spring projects has grown exponentially and millions of projects are generated every year using the site.

For the past few months, we’ve been working on a complete overhaul of the project generation API. To better understand the motivation behind this, take a look at the project structure below:
Old Structure