On behalf of the entire team and everyone in the community who contributed, we are pleased to announce the general availability of Spring for Apache Kafka 3.0.15 and 3.1.3.

Spring for Apache Kafka 3.0.15 includes a few improvements and bug fixes. In addition, this version now supports the ability to call the enforceRebalance on the Kafka consumer. This release will be included as part of the upcoming Spring Boot 3.1.10 release.

Spring for Apache Kafka 3.1.3 ships with some new features, enhancements, bug fixes and documentation improvements. This release will be part of the upcoming Spring Boot 3.2.4 release…

On behalf of the team and everyone who has contributed, it is my pleasure to announce the general availability of Spring Authorization Server 1.2.3, 1.1.6 and 1.0.6.

The releases address CVE-2024-22258 for PKCE Downgrade in Spring Authorization Server.

Tanzu Spring Runtime

Commercial customers using Spring Boot 2.7 or 3.0 can make use of the new Spring Boot Hotfix release mechanism, providing versions 2.7.20.2 and 3.0.15.2. Spring Boot Hotfix releases are timely releases that patch dependency management to use the latest Spring artifacts when a CVE fix is released. The hotfix versions released…

On behalf of the team and everyone who has contributed, it is my pleasure to announce the release of Spring Authorization Server 1.3.0-M3! The milestone release of Spring Authorization Server contains a few noteworthy new features:

• Add PKI Mutual-TLS client authentication method (tls_client_auth) #1558
• Implement OAuth 2.0 Token Exchange #1525 (see related blog post)

See the 1.3.0-M3 release notes for complete details.

To get started using Spring Authorization Server, see the Getting Started chapter of the reference documentation and the samples to become familiar with setup and configuration…

On behalf of the team and everyone who has contributed, I am pleased to announce that the third milestone of Spring Security 6.3 is released. This release brings several new features that you can check on the release page or on the What's New section of the 6.3 documentation.

In addition to that, Spring Security 6.2.3, 6.1.8, 6.0.10, 5.8.11 and 5.7.12 have been released as well! These releases are mostly composed of bug fixes, dependency upgrades and documentation improvements.

The releases address CVE-2024-22257 for Possible Broken Access Control in Spring Security With Direct Use of…

On behalf of the team and everyone who has contributed, I’m happy to announce that Spring for Apache Pulsar 1.1.0-M2 has been released and is now available from https://repo.spring.io/milestone.

This release will be included in the upcoming Spring Boot 3.3.0-M3 release.

This release includes numerous enhancements, documentation improvements, bug fixes, and dependency upgrades. Notable new features include:

• New spring-pulsar-test module available w/ testing utilites

Please see the release notes for more details.

On behalf of the team and everyone who has contributed, I’m happy to announce that Spring for Apache Pulsar 1.0.4 has been released and is now available from Maven Central.

This release will be included in the upcoming Spring Boot 3.2.4 release.

This release includes documentation improvements, bug fixes, and dependency upgrades.

Please see the release notes for more details.

On behalf of the team and everyone who has contributed, I’m pleased to announce the second milestone 2024.0.0-M2 of the Spring Data 2024.0 release train.

Notable new features include:

• Predicate -based QueryEngine for KeyValue
• Transaction option derivation for MongoDB based on @Transactional labels.

Please see the release notes for more details and upgrade instructions.

Thanks to all those who have contributed with issue reports and pull requests.

Finally, here are the links to the documentation and release notes:

• Spring Data Commons 3.3 M2 - Javadoc - Documentation - Changelog
• Spring Data JPA 3.3 M2 - Javadoc - Documentation - Changelog
• Spring Data for Apache Cassandra 4.3 M2 - Javadoc - Documentation - Changelog
• Spring Data MongoDB 4.3 M2 - Javadoc - Documentation - Changelog
• Spring Data KeyValue 3.3 M2 - Javadoc - Documentation - Changelog
• Spring Data Neo4j 7.3 M2 - Javadoc - Documentation - Changelog
• Spring Data LDAP 3.3 M2 - Javadoc - Documentation - Changelog
• Spring Data REST 4.3 M2 - Javadoc - Documentation - Changelog
• Spring Data Redis 3.3 M2 - Javadoc - Documentation - Changelog
• Spring Data Elasticsearch 5.3 M2 - Javadoc - Documentation - …

On behalf of the team and everyone who has contributed, I’m pleased to announce the availability of 2023.1.4 and 2023.0.10 service releases. These releases ship with dependency upgrades, fixes for regressions and selected improvements.

The upcoming Spring Boot releases 3.2.4, respective 3.1.10 will pick up the above releases by next week.

2023.1.4

• Spring Data Commons 3.2.4 - Javadoc - Documentation - Changelog
• Spring Data JPA 3.2.4 - Javadoc - Documentation - Changelog
• Spring Data for Apache Cassandra 4.2.4 - Javadoc - Documentation - Changelog
• Spring Data MongoDB 4.2.4 - Javadoc - Documentation - Changelog
• Spring Data KeyValue 3.2.4 - Javadoc - Documentation - Changelog
• Spring Data Neo4j 7.2.4 - Javadoc - Documentation - Changelog
• Spring Data LDAP 3.2.4 - Javadoc - Documentation - Changelog
• Spring Data REST 4.2.4 - Javadoc - Documentation - Changelog
• Spring Data Redis 3.2.4 - Javadoc - Documentation - Changelog
• Spring Data Elasticsearch 5.2.4 - Javadoc - Documentation - …

I am happy to announce the availability of Spring HATEOAS 2.1.4, 2.2.1 and 2.3 M1. The releases primarily contain bug fixes and dependency upgrades.

For the 2.1.4 and 2.2.1 service releases we have deviated from our usual dependency upgrade policy which only allows bug fix upgrades of dependencies in bug fix releases. These branches had referenced a version of the JSONPath library that has a CVE attached to it which was only fixed in a new minor release. We exceptionally decided to upgrade to that fixed version.

For a full list of changes, refer to the individual change logs of 2.1.4, 2.2.1 and 2.3 M1…