Spring Boot 1.3.0 Full Release Notes

Spring Boot 1.3.0 Release Notes

Upgrading from Spring Boot 1.2

Deprecations from Spring Boot 1.2

Classes, methods and properties that were deprecated in Spring Boot 1.2 have been removed in this release. Please ensure that you aren’t calling deprecated methods before upgrading.

Property renames

The following application.properties keys have been renamed to improve consistency:

• spring.view. to spring.mvc.view.

• spring.pidfile to spring.pid.file

• error.path to server.error.path

• server.session-timeout to server.session.timeout

• servet.tomcat.accessLogEnabled to server.tomcat.accesslog.enabled

• servet.tomcat.accessLogPattern to server.tomcat.accesslog.pattern

• servet.undertow.accessLogDir to server.undertow.accesslog.dir

• servet.undertow.accessLogEnabled to server.undertow.accesslog.enabled

• servet.undertow.accessLogPattern to server.undertow.accesslog.pattern

• spring.oauth2. to security.oauth2.

Jackson

Spring Boot 1.2 registered any Jackson Module beans with every ObjectMapper in the application context. This made it impossible to take complete control of an ObjectMapper bean’s modules. Spring Boot 1.3 will only register Jackson Module beans with ObjectMappers that are created or configured with the auto-configured Jackson2ObjectMapperBuilder. This brings the behaviour of module configuration into line with Boot’s other Jackson configuration.

Logging

Spring specific configuration

In order to prevent double initialization Spring specific log configuration files can now be used. It’s recommended (although not required) that you rename any default log configuration files to use a -spring suffix. For example logback.xml would change to logback-spring.xml.

Initialization failures

In Spring Boot 1.2, if you specified a custom logging configuration file using logging.config and the file did not exist, it would silently fallback to using the default configuration. Spring Boot 1.3 fails due to the missing file. Similarly, if you provided a custom Logback configuration file which was malformed, Spring Boot 1.2 would fall back to its default configuration. Spring Boot 1.3 fails and reports the problems with the configuration to System.err.

Spring HATEOAS

The spring.hateoas.apply-to-primary-object-mapper property has been removed as the Spring HATEOAS auto-configuration has been reworked such that it no longer affects the context’s primary ObjectMapper. It has been replaced with a property named spring.hateoas.use-hal-as-default-json-media-type which controls whether or not the Spring HATEOAS HTTP message converter will handle requests for application/json in addition to requests for application/hal+json.

Security for the /health endpoint

The security settings for what information is visible on the actuator /health endpoint have been tweaked a little to provide better consistency. See the HTTP health endpoint access restrictions section in the reference guide for complete details.

HTTP response compression

Spring Boot 1.2 supported native response compression for Tomcat users, or compression using Jetty’s GZipFilter for users of Jetty, Tomcat, and Undertow. Motivated by the Jetty team’s deprecation of their gzip filter, Spring Boot 1.3 replaces this with support for native response compression in all three embedded containers. As a result the server.tomcat.compression. and spring.http.gzip. properties are no longer supported. The new server.compression.* properties should be used instead.

Embedded Tomcat

Tomcat RemoteIpValve

Tomcat’s RemoteIpValve is now configured and enabled to support x-forwarded-for and x-forwarded-proto headers. If you want to disable RemoteIpValve set server.tomcat.remote-ip-header and server.tomcat.protocol-header to empty strings.

Tomcat session storage

By default tomcat no longer saves session data in /tmp. If you want to use persistent sessions with Tomcat set the server.session.persistent property to true. The server.session.store-dir can be used to save files in a specific location.

Jetty JSPs

The spring-boot-starter-jetty "Starter POM" no longer includes org.eclipse.jetty:jetty-jsp. If you are using Jetty with JSPs you will now need to directly add this dependency yourself.

MVC Stacktrace output

Stacktrace information is now never included when Spring MVC renders an error response. If you want Spring Boot 1.2 behavior set error.include-stacktrace to on-trace-param.

Thymeleaf’s Spring Security integration

Due to the upgrade to Spring Security 4, Spring Boot 1.3 has also upgraded the dependency management and auto-configuration of Thymeleaf’s Spring Security support. The coordinates of the new artifact are org.thymeleaf.extras:thymeleaf-extras-springsecurity4. Please update your pom.xml or build.gradle accordingly.

Missing /templates folder errors

Spring Boot applications no longer fail to start when a /templates folder cannot be found. If you are using a supported templating technology, and you forget to add /templates, a warning is now logged instead.

Groovy templating

The GroovyTemplateProperties class now extends AbstractTemplateViewResolverProperties and provides additional configuration options. If you currently define a prefix.spring.groovy.template.prefix property to define a custom resource location you should rename it to prefix.spring.groovy.resource-loader-location.

Gradle plugin

Dependency management

Spring Boot’s gradle plugin has been updated in this release to use the dependency management plugin. Most users should be unaffected by this change, however those who were using the versionManagement configuration to apply their own blessed versions will have to update their build scripts.

Rather than requiring a properties file to configure version management, the new plugin allows you to use a Maven bom. For example:

dependencyManagement {
    imports {
        mavenBom 'com.example:example-bom:1.0'
    }
}

Application plugin

The Spring Boot Gradle plugin will no longer apply Gradle’s application plugin by default. If you wish to make use of the application plugin you will have to apply it in your build.gradle.

If you do not need the functionality provided by the application plugin, but were using its mainClassName or applicationDefaultJvmArgs properties then you will need to make some minor updates to your build.gradle.

The main class should now be configured using the mainClass property on the springBoot extension, for example:

springBoot {
    mainClass = 'com.example.YourApplication'
}

applicationDefaultJvmArgs should now be configured in your project’s ext block, for example:

ext {
    applicationDefaultJvmArgs = [ '-Dcom.example.property=true' ]
}

If you were configuring your project’s main class using the main property of the application plugin’s run task, you should move this configuration to the bootRun task instead:

bootRun {
    main = com.example.YourApplication
}

Maven plugin

Maven spring-boot:run resources

The Spring Boot Maven plugin no longer adds src/main/resources directly to the classpath when using spring-boot:run. If you want live, in-place editing we recommend using Devtools. The addResources property can be set in your pom.xml if you want to restore Spring Boot 1.2. behavior.

CLI dependency management

Spring Boot 1.3 now supports the use of Maven boms to configure its dependency management in place of the properties file-based metadata. @DependencyManagementBom should be used in place of @GrabMetadata to provide the coordinates of a bom, for example @DependencyManagementBom("io.spring.platform:platform-bom:1.1.2.RELEASE").

Dependencies

Spring 4.2

Spring Boot 1.3 requires Spring Framework 4.2 or later and is not compatible with earlier versions.

Spring Security 4.0

Spring Boot 1.3 uses Spring Security 4.0. See the Spring Security documentation for information on migrating from 3.2.