Spring Boot 1.5 Release Notes
Classes, methods and properties that were deprecated in Spring Boot 1.4 have been removed in this release. Please ensure that you aren’t calling deprecated methods before upgrading. In particular, the HornetQ and Velocity support have been removed.
The following starters that were renamed in Spring Boot 1.4 have now been removed, if you get "unresolved dependency" errors please check that you are pulling in the correctly named starter:
-
spring-boot-starter-ws→spring-boot-starter-web-services -
spring-boot-starter-redis→spring-boot-starter-data-redis
If you have @ConfigurationProperties classes that use JSR-303 constraint annotations, you should now additionally annotate them with @Validated. Existing validation will currently continue to work, however, a warning will be logged. In the future, classes without @Validated will not be validated at all.
Previously, if you had Spring Session and Redis with no particular configuration, Redis was automatically used to store sessions. You now need to specify the store type; existing users of Spring Session with Redis should add the following to their configuration:
spring.session.store-type=redisActuator "sensitive" endpoints are now secure by default (even if don’t have a dependency on "Spring Security"). If your existing Spring Boot 1.4 application makes use of Spring Security (and doesn’t have any custom security configuration) things should work as before. If your existing Spring Boot 1.4 application has custom security configuration and you wish to have open access to your sensitive endpoints, you will need to explicitly configure that in your security configuration. If you’re upgrading a Spring Boot 1.4 application that doesn’t have dependency on Spring Security and you wish to retain open access to your sensitive endpoints you’ll need to set management.security.enabled to false. See the updated reference documentation for more details.
The default role required to access the endpoints has also changed from ADMIN to ACTUATOR. This is to prevent accidental exposure of endpoints if you happen to use the ADMIN role for other purposes. If you want to restore Spring Boot 1.4 behavior set the management.security.roles property to ADMIN.
The InMemoryMetricRepository no longer directly implements MultiMetricRepository. A new InMemoryMultiMetricRepository bean is now registered that satisfies the MultiMetricRepository interface and is backed by a regular InMemoryMetricRepository. Since most users will be interacting with MetricRepository or MultiMetricRepository interfaces (rather than the in-memory implementation) this change should be transparent.
The spring.jpa.database can now be auto-detected for common databases from the spring.datasource.url property. If you’ve manually defined spring.jpa.database, and you use a common database, you might want to try removing the property altogether.
Several database have more than one Dialect (for instance, Microsoft SQL Server has 3) so we might configure one that doesn’t match the version of the database you are using. If you had a working setup before and would like to rely on Hibernate to auto-detect the Dialect, set spring.jpa.database=default. Alternatively, you can always set the dialect yourself using the spring.jpa.database-platform property.
Spring Integration’s @IntegrationComponentScan annotation is now auto-configured. If you follow the recommended project structure, you should try removing it.
If you currently listen for an ApplicationStartedEvent in your code you should refactor to use ApplicationStartingEvent. We renamed this class to more accurately reflect what it does.
The spring-boot-starter-integration POM no longer includes spring-integration-jmx. If you require Spring Integration JMX support you should include a spring-integration-jmx dependency yourself.
Both the Maven and Gradle plugins now by default exclude packaging of the spring-boot-devtools jar in "fat" jars. If you are using devtools remote support you will now need to explicitly set the excludeDevtools property in your build.gradle or pom.xml file.
The Spring Boot Gradle plugin is no longer compatible with Gradle 1.x and early versions of Gradle 2.x. Please ensure you are Gradle 2.9 or higher.
Unfortunately the CRaSH project used by Spring Boot to provide remote SSH support is no longer being actively maintained. With regret, we’ve decided to deprecate remote actuator SSH support and it’s scheduled to be removed entirely in Spring Boot 2.0.
The default order of the OAuth2 resource filter has changed from 3 to SecurityProperties.ACCESS_OVERRIDE_ORDER - 1. This places it after the actuator endpoints but before the basic authentication filter chain. The default can be restored by setting security.oauth2.resource.filter-order = 3
The JSP servlet is no longer in development mode by default. Development mode is automatically enabled when using DevTools. It can also be enabled explicitly by setting server.jsp-servlet.init-parameters.development=true.
In Spring Boot 1.4 and earlier, the Actuator would always configure some ignored paths irrespective of the use of @EnableWebSecurity. This has been corrected in 1.5 so that using @EnableWebSecurity will switch off all auto-configuration of web security thereby allowing you to take complete control.
|
Tip
|
Check the configuration changelog for a complete overview of the changes in configuration. |
A number of third party libraries have been upgraded to their latest version. Updates include Spring Data Ingalls, Jetty 9.4, JooQ 3.9, AssertJ 2.6.0, Hikari 2.5 and Neo4J 2.1. Several Maven plugins have also been upgraded.
A new actuator loggers endpoint allows you to view and change application logging levels on the fly.
There is both a JMX and MVC endpoint available.
For example, to change the logging level with the MVC endpoint, you can issue a POST to /loggers/com.yourcorp.application with the following JSON
{
"configuredLevel": "DEBUG"
}To update the logger using the JMX endpoint you would use the setLogLevel operation.
For more details see the updated documentation.
Spring Boot 1.5 include auto-configuration support for Apache Kafka via the spring-kafka project.
To use Kafka simply include the spring-kafka`depenency and configure the appropriate `spring.kafka.* application properties.
Recieving messages from Kafka is as simple as annotating a method:
@Component
public class MyBean {
@KafkaListener(topics = "someTopic")
public void processMessage(String content) {
// ...
}
}Spring Boot’s actuator module now includes additional support that is activated when you deploy to a compatible Cloud Foundry instance.
The /cloudfoundryapplication path provides an alternative secured route to all NamedMvcEndpoint beans.
Cloud Foundry management UIs can make use of the endpoint to display additional actuator information. For example, Pivotal Cloud Foundry shows health information next to the application status:
You can read more about the Cloud Foundry endpoint in the reference documentation and for and example of the kinds of things it can be used for you can read this blog post about PCF 1.9.
Spring Boot now offers auto-configuration for any compliant LDAP server as well as support for the embedded in-memory LDAP server from Unbounded.
See the documentation for more details.
A new AuditEventsJmxEndpoint bean now allows you to query previously recorded AuditEvents over JMX.
The MBean exposes AuditEventRepository find methods via getData operations.
Audits are automatically recoded for authentication and authorization event and you can record your own events using the AuditEventRepository. That information is also exposed by a new /auditevents MVC endpoint.
It’s now possible to configure various aspects of an auto-configured PlatformTransactionManager using spring.transaction.* properties.
Currently the "default-timeout" and rollback-on-commit-failure properties are supported.
A new JmxEndpoint interface has been introduced to allow you to develop actuator endpoints that are only exposed via JMX.
The interface is very similar to the MvcEndpoint interface already provided for MVC only endpoints.
You can now define flyway migration that are specific to a database vendor.
To use vendor specific migrations, set the flyway.locations property as follows:
flyway.locations=db/migration/{vendor}See this how-to for more details.
It is now possible to define a deprecation level for a property in the metadata. The level can either be warning (default) or error.
Here is an example of manual metadata for a property that got moved in Spring Boot 2:
{
"name": "server.context-parameters",
"type": "java.util.Map<java.lang.String,java.lang.String>",
"description": "ServletContext parameters.",
"deprecation": {
"level": "error",
"replacement": "server.servlet.context-parameters"
}
}So far, when a deprecated property is not bound anymore, we remove the metadata altogether. This new feature allows to flag a property (server.context-parameters here) as an error. Newer versions of your favorite IDE should use that to offer assistance.
It’s now possible to exclude auto-configuration that would usually be imported by a @Test… annotation.
All existing @Test… annotations now include a excludeAutoConfiguration attribute.
Alternatively, you can add @ImportAutoConfiguration(exclude=…) directly to your tests.
Spring Boot 1.5 also introduces a new @JdbcTest annotation that can be used to test direct JDBC interactions.
The Spring Boot Maven and Gradle plugins now support custom fat jar layouts. This feature allows experimental layouts such as this one to be developed outside of Spring Boot. For more details, see the updated documentation.
It is now possible to customize the auto-configured JmsTemplate using additional keys available in the spring.jms.template.* namespace.
-
Mockito 2.x can now be used with
@MockBean(compatibility with Mockito 1.9 remains) -
The embedded launch script now supports a
force-stop -
A new health check for Cassandra has been added
-
Cassandra user defined types are now resolved (via Spring Data’s
SimpleUserTypeResolver) -
The
skipproperty now works for the Spring Boot Maven Pluginrun, 'stop' and 'repackage` goals -
If multiple
mainmethod classes are found, the Maven and Gradle plugins will now automatically use the one annotated with@SpringBootApplication
-
TomcatEmbeddedServletContainerFactory.setTldSkiphas been deprecated in favor ofsetTldSkipPatterns -
ApplicationStartedEventhas been replaced byApplicationStartingEvent -
Several constants in
LoggingApplicationListenerhave been replaced by versions inLogFile -
Caching with Guava has been deprecated since Guava support will be dropped in Spring Framework 5. Upgrade to Caffeine
-
CRaSH support has been deprecated since it’s no longer actively maintained
-
Several protected methods in
EndpointMBeanExporterhave been deprecated following the introduction ofJmxEndpoint -
SearchStrategy.PARENTShas been replaced withSearchStrategy.ANCESTORS. -
Apache DBCP support has been deprecated in favor of DBCP 2
-
The
server.undertow.buffers-per-regionproperty has been deprecated because it is not used (see UNDERTOW-587) -
@AutoConfigureTestDatabasehas been moved fromorg.springframework.boot.test.autoconfigure.orm.jpatoorg.springframework.boot.test.autoconfigure.jdbc