Hear from the Spring team this January at SpringOne. >
close

Brian Clozel

Brian Clozel

Spring Framework & Spring Boot committer

Lyon, France

Blog Posts by Brian Clozel

Spring for GraphQL 1.1.0 released

I’m pleased to announce that Spring for GraphQL 1.1.0 is now available on Maven Central. This version will ship with Spring Boot 3.0.0 later this week.

Spring for GraphQL 1.0.0 was released 6 months ago, so why a new minor version now? The team initially planned a 1.1.0 release with one goal in mind: support Spring Framework 6.0 / Spring Boot 3.0 and adapt to the new baseline for that generation:

  • Java 17
  • Jakarta EE 9
  • GraphQL Java 19

In addition, we shipped some new and noteworthy features we think you’ll like:

Read more...

Spring for GraphQL 1.0.3 released

On behalf of everyone involved, I’m pleased to announce that Spring for GraphQL 1.0.3 is now available from Maven Central. This version will be shipped with Spring Boot 2.7.6 due for release later this week.

This release includes a number of enhancements, documentation improvements, dependency upgrades, and a couple of bug fixes. Thanks to all those who have contributed with issue reports and pull requests.

We’re also about to release the 1.1.0 release, targeting Spring Boot 3.0.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Read more...

Spring for GraphQL 1.1.0-RC1 released

I’m pleased to announce that the first release candidate of Spring for GraphQL 1.1.0 is now available from our Milestone repository. This version will be shipped with Spring Boot 3.0.0-RC1 due for release later this week.

This release candidate is the last stop for shipping new features; from that point, we’ll be focusing on bug fixes and documentation improvements. Our goal is to stabilize the current branch for our GA release scheduled next month.

With RC1, we’re shipping our new Observability support in Spring for GraphQL. Based on the new Micrometer Observation work, this infrastructure replaces the former GraphQL Metrics support in Spring Boot 2.7. GraphQL is a good use case for Observability in general, as the GraphQL engine can distribute the data fetching operations over caches, databases, REST APIs and more. It’s important not only to keep track of performance metrics for your GraphQL API, but also to be able to explore traces and investigate production issues.

Read more...

Spring for GraphQL 1.1.0-M1 released

I’m pleased to announce the first milestone release of Spring for GraphQL 1.1.0 is now available from our Milestone repository. This version will be shipped with Spring Boot 3.0.0-M5 due for release later this week.

Spring Boot 3.0 is around the corner and the community is expecting a compatible Spring for GraphQL version to go with it. Currently, the best way to prepare for the Spring Boot 3.0 upgrade is to upgrade to Spring Boot 2.7 and Java 17, but Spring Boot 3.0 has new baseline requirements, namely Java 17, Jakarta APIs and Spring Framework 6.0.

Read more...

Spring for GraphQL 1.0.2 released

On behalf of everyone involved, I’m pleased to announce that Spring for GraphQL 1.0.2 is now available from Maven Central. This version will be shipped with Spring Boot 2.7.4 due for release later this week.

This release includes a number of enhancements, documentation improvements, dependency upgrades, and a couple of bug fixes. Thanks to all those who have contributed with issue reports and pull requests.

We’ve also published today a first milestone for the 1.1.0 release, targeting Spring Boot 3.0.

Read more...

Spring for GraphQL 1.0.1 released

On behalf of everyone involved, I’m pleased to announce the first maintenance release of Spring for GraphQL, it is now available from Maven Central. This version will be shipped with Spring Boot 2.7.2.

This release includes 10 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Project Page | GitHub | Issues | Documentation | Stack Overflow

Read more...

Spring Framework 5.3.20 and 5.2.22 available now

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 5.3.20 and 5.2.22 are available now.

Spring Framework 5.3.20 includes 14 fixes and improvements.
Spring Framework 5.2.22 includes 2 backports.

In addition, these releases include fixes for 2 vulnerabilities:

  • CVE-2022-22970
    “Spring Framework DoS via Data Binding to MultipartFile or Servlet Part”
    Denial of Service (DoS) attack in Spring MVC or Spring WebFlux applications that handle file uploads and rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
    Severity: Medium

  • CVE-2022-22971
    “Spring Framework DoS with STOMP over WebSocket”
    Denial of service (DoS) attack by authenticated users in Spring applications with a STOMP over WebSocket endpoint.
    Severity: Medium

Read more...

Spring for GraphQL 1.0 RC1 Released

On behalf of everyone involved, I’m pleased to announce the availability of the first and final release candidate of Spring for GraphQL 1.0. We’re finally going to release a 1.0 version on May 17, the reference version for Spring Boot 2.7.0. We’ve shipped a few noteworthy changes and one important new feature in this release.

Note: The Spring for GraphqL Boot starter is up-to-date with the changes discussed in this post and Spring Boot 2.7.0-RC1 is scheduled to be released on Thursday this week.

GraphQL over RSocket

Read more...

Spring for GraphQL 1.0.0-M5 Released

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring for GraphQL 1.0.0-M5 is now available from https://repo.spring.io/milestone.

The M5 release is a quick follow-on after the feature-rich M4 release from December. The main goal for M5 was to move the Boot starter out of the Spring GraphQL repository and into Spring Boot proper, ahead of the first Spring Boot 2.7 milestone this Thursday. In addition to that, as always, there was plenty of feedback leading to a number of refinements and fixes.

Read more...