These days are “Spring Release Days”, with many Spring artifacts releasing new versions, Spring Framework 6.0.0 released its 4th milestone release, which includes all fixes for 5.3.20, as well as 39 fixes and improvements specific to the 6.0 branch. And yesterday Spring Boot 2.7.0 and several branches of Spring Security were released, especially Spring Boot 2.7.0 which is a very important release.
Spring Boot 2.7.0
The most important thing yesterday was the release of Spring Boot 2.7.0, which added a lot of new features and improvements. There are so many things, so I’ll just pick the highlights here.
Auto-configuration changes
Spring Boot 2.7.0 makes a big change to autoconfiguration.
autoconfiguration registration
Spring autoconfiguration classes are now in META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports; previously they were in META-INF/spring.facts. . It is still backwards compatible and both of them will work, but loading auto-configuration from spring.facts is not recommended.
New @AutoConfiguration annotation
A new @AutoConfiguration annotation has been introduced. This class is used to declare the AutoConfig class in AutoConfigRegistration above, which replaces @Configuration and can only be used by the AutoConfiguration class. You can also replace @AutoConfigureAfter and @AutoConfigureBefore with their after, afterNames, before, and beforeNames attributes.
|
|
Test Automation Configuration
If you create your own automation configuration class tests, you should also refer to Autoconfigure Registration above to configure the automation configuration class. Refer to the spring-boot-test-autoconfigure module in the Spring Boot project.
@SpringBootTest configuration item priority
Test properties that you can now add via the properties property of @SpringBootTest or the @TestPropertySource annotation have a higher priority than properties passed to args via the command line.
New Flyway modules
Spring Boot 2.7 has been upgraded to Flyway 8.5 (from 8.0). Since version 8.0, Flyway support for multiple databases has been extracted to the new module.
flyway-firebird(Firebird)flyway-mysql(MariaDB and MySQL)flyway-sqlserver(SQL Server)
If you are using Flyway to manage the above databases, please add the dependencies of the corresponding new modules.
Version 2.1 of the H2 database
Spring Boot 2.7 has been upgraded to H2 2.1.120 . H2 2.x is backward incompatible and fixes many security vulnerabilities.
OkHttp 4
As OkHttp 3 is no longer maintained, Spring Boot 2.7 has been upgraded to OkHTTP 4. As part of this upgrade, the property used to control the version of OkHttp has been changed from okhttp3.version to okhttp.version. If you wish to use OkHttp 3, please change to the corresponding version.
Support for Elasticsearch’s RestHighLevelClient has been deprecated
Elasticsearch has deprecated its RestHighLevelClient . In line with this, Spring Boot’s auto-configuration of RestHighLevelClient has been deprecated. Whenever possible, use the automatically configured low-level RestClient. Alternatively, consider configuring the new client manually.
Spring Boot 2.5 deprecations
Classes, methods and properties that are not recommended in Spring Boot 2.5 have been removed in this release. Please ensure that you are not calling deprecated methods before upgrading.
Note: Spring Boot version 2.5 has been discontinued OSS and free security updates and bug fixes are no longer available.
Spring GraphQL Support
Spring Boot 2.7 now supports Spring GraphQL with the corresponding starter spring-boot-starter-graphql. GraphQL is a query language for APIs and also a language that can cater to data queries.
Opaque token introspection optimization
If you use opaque token introspection in the OAuth2 resource server, the automatically configured introspection no longer requires a dependency on com.nimbusds:oauth2-oidc-sdk. You are able to remove this dependency from the application.
Couchbase and Elasticsearch testing annotations
Added @DataCouchbaseTest and @DataElasticsearchTest to test Couchbase and Elasticsearch databases, respectively.
Podman support
Maven and Gradle plugins now support using the Podman container engine as an alternative to the Docker engine when building images with Cloud Native Buildpacks.
Is Docker really gone?
Cache2k support
Added dependency management and auto-configuration for cache Cache2k. Customize default cache settings by defining the Cache2kBuilderCustomizer bean.
Jackson Mixin Simplified Registration
Jackson’s autoconfiguration will now scan your application package for Mixin classes with the @JsonMixin annotation and register them to the ObjectMapper.
Other
There are some other dependency upgrades, see the official release notes for details.
Spring Security
Yesterday Spring Security 5.7.1, 5.6.5, 5.5.8 were released before M5 of Spring Security 6.6.0 was released.
Spring Security 5.7.1, 5.6.5, 5.5.8 were released the day before yesterday and Spring Security 6.6.0 (M5 version) was released before that.