Aloha, Spring fans, from beautiful Maui, Hawaii, where I am with my family on a bit of vacation. It's our daughter's Spring break and so we're enjoying the family time while we can get it! I wanted to take a brief interlude in between the never-enough time on the beach and all the rum to get this week's installment out for y'all, so let's dive right into it!

• A Bootiful Podcast: Event streaming guru Jan Svoboda on Apache Kafka Design Patterns
• An update on Java 17 adoption
• Build To Manage: Proper Exception Handling Makes Your Applications Easier to Build and Manage
• CVE report published for Spring Framework
• Getting Started with Spring WebFlux
• Initial AOT support in Spring Framework 6.0.0-M3
• Java 18 is out! Get the bits while they're hot! Or at least get Java 17. Wouldn't want to be two major versions behind, would ya?
• Java Records tortured with Lombok yet again (builder edition)
• Want an industrial grade Kubernetes distribution? Check out this blog on …

We have released Spring Cloud Function 3.1.7 & 3.2.3 to address the following CVE report.

• CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression

Please review the information in the CVE report and upgrade immediately.

We have released Spring Framework 5.3.17 and Spring Framework 5.2.20 to address the following CVE report.

• CVE-2022-22950: Spring Expression DoS Vulnerability

Please review the information in the CVE report and upgrade immediately.

Spring Boot users should upgrade to 2.5.11 or 2.6.5.

As a follow-up to my blog post from last year's SpringOne, it is time for an update on our Java 17+ baseline efforts!

We established the new baseline on our main branches, with a few milestones out already. The feedback has been very positive, not only in terms of framework improvements but also in terms of the motivation for a Java upgrade at the application level. Of course, it does not end with JDK 17 LTS: JDK 18 is an immediate option already, JDK 19 will be the current release when we go final later this year, with JDK 20 to be in early access by then - and JDK 21 LTS on the horizon…

On behalf of the team and everyone who has contributed, it is my pleasure to announce the general availability of Spring Authorization Server 0.2.3.

You can download it from Maven Central by using the module coordinates:

compile 'org.springframework.security:spring-security-oauth2-authorization-server:0.2.3'

See the release notes for complete details.

To get started using Spring Authorization Server, see the sample to become familiar with setup and configuration.

We would love to gather your feedback as we strive to improve and build upon this release.

Project Page | GitHub Issues | ZenHub…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.5.11 has been released and is now available from Maven Central.

This release includes 56 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Project Page | GitHub | Issues | Documentation | Stack Overflow | …

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.6.5 has been released and is now available from Maven Central.

This release includes 66 bug fixes, documentation improvements, and dependency upgrades. Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.

Project Page | GitHub | Issues | Documentation | Stack Overflow | …

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 2.7.0-M3 has been released and is now available from https://repo.spring.io/milestone.

This release includes over 90 bug fixes, documentation improvements, and dependency upgrades. Notable new features include:

• Support for generating Docker images with Podman
• Improved SanitizingFunction support
• Spring GraphQL 1.0.0-M6 support, including the new GraphQL client

Please see the release notes for more details and upgrade instructions.

Thanks to all those who have contributed with issue reports and pull…

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.0.0-M2 has been released and is now available from https://repo.spring.io/milestone.

This release includes 50 bug fixes, documentation improvements, and dependency upgrades. Notable new features include:

• Reinstated Support for EhCache 3
• Reinstated Support for H2 Console
• Improved @ConstructorBinding Detection

Please see the release notes for more details and upgrade instructions.

Thanks to all those who have contributed with issue reports and pull requests.

How can you help?

If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter…