包阅导读总结
1. 关键词:
– Spring、Milestone Releases、Bug Fixes、Dependency Upgrades、New Features
2. 总结:
本文主要介绍了 2024 年 8 月 19 日这一周 Spring 生态系统中包括 Spring Boot、Data、Cloud、Security、Session 等多个项目的里程碑版本发布情况,涵盖了众多的改进、修复和新特性。
3. 主要内容:
– Spring Boot
– 3.4.0 第二个里程碑版本发布,有文档改进、依赖升级和新特性。
– 3.3.3 和 3.2.9 版本发布以解决漏洞。
– Spring Data
– 2024.0.3 和 2023.1.9 版本发布,有错误修复和依赖升级。
– Spring Cloud
– 2024.0.0 的第一个里程碑版本发布,包含子项目更新,与 Spring Boot 3.4.0-M1 兼容。
– Spring Security
– 6.4.0 第二个里程碑版本发布,有错误修复和新特性。
– 6.3.2、6.2.6 和 5.8.14 版本发布,包含错误修复和新功能。
– Spring Authorization Server
– 1.4.0-M1、1.3.2 和 1.2.6 版本发布,有错误修复和新特性。
– Spring Session
– 3.4.0-M2 第二个里程碑版本发布,有依赖升级和新接口。
– 3.3.2 和 3.2.5 版本发布,包含依赖升级和问题解决。
– Spring Modulith
– 1.3 M2、1.2.3 和 1.1.8 版本发布,有错误修复、依赖升级和新特性。
– Spring AI
– 1.0.0 第二个里程碑版本发布,有错误修复、文档改进和新特性。
– Spring for Apache Kafka
– 3.3.0-M2、3.2.3 和 3.1.8 版本发布,有错误修复、依赖升级和新特性。
– Spring for Apache Pulsar
– 1.2.0-M1 第一个里程碑版本发布,有文档改进、依赖升级和新特性。
– 1.1.3 和 1.0.9 版本发布,包含依赖升级。
思维导图:
文章来源:infoq.com
作者:Michael Redlich
发布时间:2024/8/26 0:00
语言:英文
总字数:969字
预计阅读时间:4分钟
评分:89分
标签:Spring Framework,Spring Boot,Spring Data,Spring Cloud,Spring Security
以下为原文内容
本内容来源于用户推荐转载,旨在分享知识与观点,如有侵权请联系删除 联系邮箱 media@ilingban.com
There was a flurry of activity in the Spring ecosystem during the week of August 19th, 2024, highlighting: point and milestone releases of Spring Boot, Spring Data, Spring Cloud, Spring Security, Spring Authorization Server, Spring Session, Spring for Apache Kafka and Spring for Apache Pulsar.
Spring Boot
The second milestone release of Spring Boot 3.4.0 delivers bug fixes, improvements in documentation, dependency upgrades and many new features, such as: an update to the @ConditionalOnSingleCandidate annotation to deal with fallback beans in the presence of a regular single bean; and configure the SimpleAsyncTaskScheduler class when virtual threads are enabled. More details on this release may be found in the release notes.
Versions 3.3.3 and 3.2.9 of Spring Boot have been released to address CVE-2024-38807, Signature Forgery Vulnerability in Spring Boot’s Loader, where applications that use the spring-boot-loader or spring-boot-loader-classic APIs contain custom code that performs signature verification of nested JAR files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another. Developers using earlier versions of Spring Boot should upgrade to versions 3.1.13, 3.0.16 and 2.7.21.
Spring Data
Versions 2024.0.3 and 2023.1.9, both service releases of Spring Data, feature bug fixes and respective dependency upgrades to sub-projects such as: Spring Data Commons 3.3.3 and 3.2.9; Spring Data MongoDB 4.3.3 and 4.2.9; Spring Data Elasticsearch 5.3.3 and 5.2.9; and Spring Data Neo4j 7.3.3 and 7.2.9. These versions can be consumed by Spring Boot 3.3.3 and 3.2.9, respectively.
Spring Cloud
The first milestone release of Spring Cloud 2024.0.0, codenamed Mooregate, features bug fixes and notable updates to sub-projects: Spring Cloud Kubernetes 3.2.0-M1; Spring Cloud Function 4.2.0-M1; Spring Cloud OpenFeign 4.2.0-M1; Spring Cloud Stream 4.2.0-M1; and Spring Cloud Gateway 4.2.0-M1. This release provides compatibility with Spring Boot 3.4.0-M1. Further details on this release may be found in the release notes.
Spring Security
The second milestone release of Spring Security 6.4.0 delivers bug fixes, dependency upgrades and new features, such as: improved support to the @AuthenticationPrincipal and @CurrentSecurityContext meta-annotations to better align with method security; preserve the custom user type in the InMemoryUserDetailsManager class for improved use in the loadUserByUsername() method; and the addition of a constructor in the AuthorizationDeniedException class to provide the default value for AuthorizationResult interface. More details on this release may be found in the release notes and what’s new page.
Similarly, versions 6.3.2, 6.2.6 and 5.8.14 of Spring Security have also been released, providing bug fixes, dependency upgrades and a new feature that implements support for multiple URLs in the ActiveDirectoryLdapAuthenticationProvider class. Further details on these releases may be found in the release notes for version 6.3.2, version 6.2.6 and version 5.8.14.
Spring Authorization Server
Versions 1.4.0-M1, 1.3.2 and 1.2.6 of Spring Authorization Server have been released that ship with bug fixes, dependency upgrades and new features such as: a new authenticationDetailsSource() method added to the OAuth2TokenRevocationEndpointFilter class used for building authentication details from an instance of the Jakarta Servlet HttpServletRequest interface; and allow customizing an instance of the Spring Security LogoutHandler interface in the OidcLogoutEndpointFilter class. More details on these releases may be found in the release notes for version 1.4.0-M1, version 1.3.2 and version 1.2.6.
Spring Session
The second milestone release of Spring Session 3.4.0-M2 provides many dependency upgrades and a new RedisSessionExpirationStore interface so that it is now possible to customize the expiration policy in an instance of the RedisIndexedSessionRepository.RedisSession class. Further details on this release may be found in the release notes and what’s new page.
Similarly, the release of Spring Session 3.3.2 and 3.2.5 ship with dependency upgrades and a resolution to an issue where an instance of the AbstractSessionWebSocketMessageBrokerConfigurer class triggers an eager instantiation of the SessionRepository interface due to a non-static declaration of the Spring Framework ApplicationListener interface. More details on this release may be found in the release notes for version 3.3.2 and version 3.2.5.
Spring Modulith
Versions 1.3 M2, 1.2.3, and 1.1.8 of Spring Modulith have been released that ship with bug fixes, dependency upgrades and new features such as: an optimization of the publication completion by event and target identifier to allow databases to optimize the query plan; and a refactor of the EventPublication interface that renames the isPublicationCompleted() method to isCompleted(). Further details on these releases may be found in the release notes for version 1.3.0-M2, version 1.2.3 and version 1.1.8.
Spring AI
The second milestone release of Spring AI 1.0.0 delivers bug fixes, improvements in documentation and new features such as: improved observability functionality for the ChatClient interface, chat models, embedding models, image generation models and vector stores; a new MarkdownDocumentReader for ETL pipelines; and a new ChatMemory interface that is backed by Cassandra.
Spring for Apache Kafka
Versions 3.3.0-M2, 3.2.3 and 3.1.8 of Spring for Apache Kafka have been released with bug fixes, dependency upgrades and new features such as: support for Apache Kafka 3.8.0; and improved error handling on fault tolerance retries. These releases will be included in the Spring Boot 3.4.0-M2, 3.3.3 and 3.2.9, respectively. More details on this release may be found in the release notes for version 3.3.0-M2, version 3.2.3 and version 3.1.8.
Spring for Apache Pulsar
The first milestone release of Spring for Apache Pulsar 1.2.0-M1 ships with improvements in documentation, dependency upgrades and new features: the ability to configure a default topic and namespace; and the ability to use an instance of a custom Jackson ObjectMapper class for JSON schemas. This release will be included in Spring Boot 3.4.0-M2. Further details on this release may be found in the release notes.
Similarly, versions 1.1.3 and 1.0.9 of Spring for Apache Pulsar have been released featuring dependency upgrades and will be included in Spring Boot 3.3.3 and 3.2.9, respectively. More details on these releases may be found in the release note for version 1.1.3 and version 1.0.9.
