Last week, we released Spring Data Ingalls SR11 and Kay SR, which include fixes for the following vulnerabilities:

• https://pivotal.io/security/cve-2018-1273
• https://pivotal.io/security/cve-2018-1274

Spring Boot 1.5.11 (superseded by 1.5.12 due to CVE-2018-1275) and 2.0.1 already pull in the above Spring Data versions, including the fixes that were released last week, and are now also available for use.

Please review the information in the CVE reports and upgrade immediately.

Hi Spring fans! This week I'm in Atlanta, Indianapolis and Cincinnati! I'll be speaking at the Atlanta, GA Spring Meetup on Tuesday the 10th where I'll be looking about all things new, bootiful and cloud-native including reactive programming, Spring Web Flux, Spring Cloud Finchley, Spring Cloud Function and Project Riff. Then it's off to Indianapolis where I'll be doing the same talk on Thursday the 12th.

What a crazy week it's been! There's so much to get to this week. I want to call out, first, that there are some CVEs out there and if you haven't already, you should be updating urgently…

Speaker: Josh Long

Hi Spring fans! In this installment of Spring Tips we'll look at the reactive Cloud Foundry Java client. We'll see how to use it support applications that know how to deploy themselves into a cloud target.

It is my pleasure to announce that I have just joined the developer advocacy team at Pivotal, focusing on Spring. I feel privileged to have the opportunity to learn and collaborate with great and passionate engineers from all over the world. Hence, I must say I am really excited for the upcoming journey.

If you would like to follow me, I tweet under @JakubPilimon and blog here.

Before joining Pivotal, I have had the pleasure of consulting with and learning from software development teams across a variety of domains. Whether the domain is e-commerce, pharma, fintech, or insurance—common to all domains in software are the expectations of users. In this post I'm going to introduce some of my…

After a long and exciting journey, we are pleased to announce the General Availability release of the Spring Cloud Stream Elmhurst release train - Elmhurst.RELEASE/2.0.0.RELEASE.

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-stream-dependencies</artifactId>
            <version>Elmhurst.RELEASE</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

Spring Cloud Stream Elmhurst (2.0.0.RELEASE) is available for use in Maven Central and the Spring Repo. The release notes include relevant information about version…

UPDATE 2018-04-09: see follow-up announcement for 4.3.x branch.

Spring Framework 5.0.5 and 4.3.15 (superseded by 4.3.16 with CVE-2018-1275), released earlier this week, include fixes for the following vulnerabilities:

• CVE-2018-1270 --> CVE-2018-1275
• CVE-2018-1271
• CVE-2018-1272

Spring Boot 2.0.1 and 1.5.11 (superseded by 1.5.12 with CVE-2018-1275), that match the above Spring Framework versions, were released today, and are now also available for use.

Please, review the information in the CVE reports and upgrade immediately.

Speaker: Josh Long

Hi Spring fans! In this installment (the first of 2018!) of Spring Tips we look at stream processing in Spring Boot applications with Apache Kafka, Apache Kafka Streams and the Spring Cloud Stream Kafka Streams binder.

Hi Spring fans! What a week! This week I'm in beautiful Dallas, TX, for the Spring One Tour Dallas event which is, like so many of the other cities already, utterly and completely sold out! What a crowd!

Wow #SpringOneTour Dallas, you’re so #bootiful ! pic.twitter.com/SySCBw4UNX

— Josh Long (龙之春, जोश) (@starbuxman) April 3, 2018

And, so, without further ado, let's get to it!

• Spring Framework Juergen Hoeller has just announced Spring Framework 5.0.5 and 4.3.15 are now available.
• Check out the PR supporting Pact v3 in Spring Cloud Contract.next. Now would be a good time to try it out and feedback!
• PCF 2.1 and the Quest for a One Pizza Ops Team
• Check out this shiny new Kotlin DSL for Spring Data Cassandra!
• Spring Boot lead Phil Webb has published a nice look at property binding in Spring Boot 2.0
• Spring Batch 1.0.0. was released ten years and a week ago, on March 28th, 2018. Happy tenth anniversary, Spring Batch!
• Roy Clarkson has just announced that the Spring Cloud Open Service Broker 2.0.0.M2…

Since the first release of Spring Boot, it has been possible to bind properties to classes by using the @ConfigurationProperties annotation. It has also been possible to specify property names in different forms. For example, person.first-name, person.firstName and PERSON_FIRSTNAME can all be used interchangeably. We call this feature “relaxed binding”.

Unfortunately, in Spring Boot 1.x, “relaxed binding” turned out to be a little bit too relaxed. It was quite hard to define exactly what the binding rules were and when specific formats could be used. We also started to get reports of issues that were very hard to fix with our 1.x implementation. For example, in Spring Boot 1.x it is not possible to bind items to a java.util.Set…