Skip to content

Spring Boot 3.4.0 RC1 Release Notes

Jump to bottom
Phillip Webb edited this page Nov 13, 2024 · 1 revision

Spring Boot 3.4.0-RC1 Release Notes

For changes in earlier milestones, please refer to:

Upgrading from Spring Boot 3.3

Bean-based Conditions

The behavior of @ConditionalOnBean and @ConditionalOnMissingBean has changed when used on a @Bean method and the annotation attribute is set. As before, both conditions will use the return type of the @Bean method as a default for the type to match. Previously, this default was not used if name, type, or value had been set. As of Spring Boot 3.4, this default will also not be used if annotation has been set. To restore the previous behavior, specify both a value that is the return type of the @Bean method and annotation.

RestClient and RestTemplate

Support for auto-configuring RestClient and RestTemplate to use Reactor Netty’s HttpClient or the JDK’s HttpClient has been added. In order of precedence, the supported clients are now:

  • Apache HTTP Components (HttpComponentsClientHttpRequestFactory)

  • Jetty Client (JettyClientHttpRequestFactory)

  • Reactor Netty HttpClient (ReactorClientHttpRequestFactory)

  • JDK HttpClient (JdkClientHttpRequestFactory)

  • Simple JDK HttpURLConnection (SimpleClientHttpRequestFactory)

Notably, if you don’t have an HTTP client library on the classpath, this will likely result in the use of JdkClientHttpRequestFactory where SimpleClientHttpRequestFactory would have been used previously. A particular client can be selected by setting spring.http.client.factory. Supported values are http-components, jetty, reactor, jdk, and simple.

All five clients will follow redirects by default. To disable this behavior, set spring.http.client.redirects to dont-follow.

Dynamic Properties with Testcontainers

Support for defining dynamic properties by injecting a DynamicPropertyRegistry has been deprecated and attempting to do so will now fail by default. Instead of injecting DynamicPropertyRegistry, implement a separate @Bean method that returns a DynamicPropertyRegistrar. This separate bean method should inject the container from which the properties' values will be sourced. This addresses some container lifecycle issues and ensures that the container from which a property’s value has been sourced will have been started before the property is used.

If you wish to continue injecting DynamicPropertyRegistry (at the risk of encountering the lifecycle issue described above), set spring.testcontainers.dynamic-property-registry-injection to either warn or allow. The former will log a warning while allowing the use of an injected DynamicPropertyRegistry. The latter will silently allow the use of an injected DynamicPropertyRegistry, fully restoring Spring Boot 3.3’s behavior.

Controlling Access to Actuator Endpoints

Support for enabling and disabling endpoints has been reworked, replacing the on/off support that it provided with a finer-grained access model that supports only allowing read-only access to endpoint operations in addition to disabling an endpoint (access of none) and fully enabling it (access of unrestricted).

The following properties have been deprecated:

  • management.endpoints.enabled-by-default

  • management.endpoint.<id>.enabled

Their replacements are:

  • management.endpoints.access.default

  • management.endpoint.<id>.access

Similarly, the enableByDefault attribute on @Endpoint has been deprecated with a new defaultAccess attribute replacing it.

As part of these changes, enabled-by-default is now applied consistently and irrespective of the use of @ConditionalOnEnabledEndpoint. If you lose access to an endpoint when upgrading, set management.endpoint.<id>.access to read-only or unrestricted or set management.endpoint.<id>.enabled to true to make the endpoint accessible again.

Additionally, a new property has been introduced that allows an operator to control the permitted level of access to Actuator endpoints:

  • management.endpoints.access.max-permitted

This property caps any access that may have been configured for an endpoint. For example, if management.endpoints.access.max-permitted is set to read-only and management.endpoint.loggers.access is set to unrestricted, only read-only access to the loggers endpoint will be allowed.

OkHttp Dependency Management Removed

Spring Boot no longer depends on OkHttp so it no longer manages its version. If your application has OkHttp dependencies, update its build to use an OkHttp version that meets its needs.

Minimum Requirements Changes

Gradle

The minimum supported version of Gradle 8.x is now 8.4. Support for Gradle 7 (7.6.4 and later) remains.

New and Noteworthy

Tip
 Check the configuration changelog for a complete overview of the changes in configuration.

Buildpacks

Spring Boot now uses the paketobuildpacks/builder-jammy-java-tiny by default. This builder supports ARM and x64 platforms out of the box.

Connection Details

HazelcastConnectionDetails has been added, with implementations for Docker Compose and Testcontainers.

Virtual Threads

OtlpMeterRegistry is now using virtual threads, if enabled.

The Undertow web server now uses virtual threads, if enabled.

Dependency Upgrades

Spring Boot 3.4.0-RC1 moves to new versions of several Spring projects:

  • Spring AMQP 3.2.0-RC1

  • Spring Authorization Server 1.4.0-RC1

  • Spring Batch 5.2.0-RC1

  • Spring Data 2024.1.0-RC1

  • Spring Framework 6.2.0-RC3

  • Spring HATEOAS 2.4.0-RC2

  • Spring Integration 6.4.0-RC1

  • Spring Kafka 3.3.0-RC1

  • Spring Pulsar 1.2.0-RC1

  • Spring Security 6.4.0-RC1

  • Spring Session 3.4.0-RC1

Numerous third-party dependencies have also been updated, some of the more noteworthy of which are the following:

  • Apache Http Client 5.4

  • Flyway 10.20

  • HtmlUnit 4.5.0

  • Jackson 2.18.0

  • Jedis 5.2

  • Micrometer 1.14.0-RC1

  • Micrometer Tracing 1.4.0-RC1

  • MongoDB 5.2.0

  • MySQL 9.1.0

  • OpenTelemetry 1.43.0

  • Rabbit Stream Client 0.18.0

  • Reactor 2024.0.0-RC1

  • Selenium 4.25.0

  • Selenium HtmlUnit 4.25.0

Miscellaneous

Apart from the changes listed above, there have also been lots of minor tweaks and improvements including:

  • The partitioned attribute of session cookies can now be set through properties.

  • A new server.jetty.max-form-keys property has been added to customize Jetty’s max form keys.

  • New properties management.otlp.logging.connect-timeout and management.otlp.tracing.connect-timeout have been added to configure the connect timeout to the OTLP collector.

  • Support for gRPC transport when shipping logs over OTLP has been added.

  • A new spring.docker.compose.arguments property has been added to pass arguments to Docker Compose.

  • When binding a directory in the container which is used by buildpacks in the build process, a warning is now shown.

  • When building a native image with --enable-sbom=sbom, this SBOM is now auto-detected.

  • ClientHttpRequestFactories now supports ReactorClientHttpRequestFactory, easing its use with RestClient and RestTemplate.

  • The DatabaseDriver enum now support the ClickHouse JDBC driver.

  • The new properties management.logging.export.enabled and management.otlp.logging.export.enabled can be used to disable log exporting.

  • The TaskExecutor used by Spring Batch can be customized by defining a TaskExecutor bean annotated with @BatchTaskExectuor.

  • Spring Session auto-configuration now supports the indexed repository type in reactive web applications.

Deprecations in Spring Boot 3.4.0-RC1

  • OtlpAutoConfiguration has been deprecated in favor of OtlpTracingAutoConfiguration

  • management.endpoints.enabled-by-default and management.endpoint.<id>.enabled in favor of management.endpoints.access.default and management.endpoint.<id>.access respectively

  • enableByDefault on @Endpoint in favor of defaultAccess

Pages

Clone this wiki locally