-
Notifications
You must be signed in to change notification settings - Fork 81
Spring Boot 2.5 release notes and OpenRewrite migrations
-
Use
[EntityManagerFactoryDependsOnPostProcessor]
-
`org.springframework.boot.autoconfigure.data.jpa.EntityManagerFactoryDependsOnPostProcessor` was deprecated in 2.5 for removal in 2.7.
-
The underlying method used to support schema.sql
and data.sql
scripts has been redesigned in Spring Boot 2.5.
spring.datasource.*
properties related to DataSource
initialization have been deprecated in favor of new spring.sql.init.*
properties.
These properties can also be used to initialize an SQL database accessed via R2DBC.
With Spring Boot 2.5.1 and above, the new SQL initialization properties support detection of embedded datasources for JDBC and R2DBC.
By default, SQL database initialization is only performed when using an embedded in-memory database.
To always initialize a SQL database, irrespective of its type, set spring.sql.init.mode
to always
.
Similarly, to disable initialization, set spring.sql.init.mode
to never
.
The new script-based SQL database initialization does not support using separate credentials for schema (DDL) and data (DML) changes.
This reduces complexity and aligns its capabilities with Flyway and Liquibase.
If you require separate credentials for schema and data initialization, define your own org.springframework.jdbc.datasource.init.DataSourceInitializer
beans.
By default, data.sql
scripts are now run before Hibernate is initialized.
This aligns the behavior of basic script-based initialization with that of Flyway and Liquibase.
If you want to use data.sql
to populate a schema created by Hibernate, set spring.jpa.defer-datasource-initialization
to true
.
While mixing database initialization technologies is not recommended, this will also allow you to use a schema.sql
script to build upon a Hibernate-created schema before it’s populated via data.sql
.
Beans of certain well-known types, such as JdbcTemplate
, will be ordered so that they are initialized after the database has been initialized.
If you have a bean that works with the DataSource
directly, annotate its class or @Bean
method with @DependsOnDatabaseInitialization
to ensure that it too is initialized after the database has been initialized.
If you currently define a spring.flyway.url
or spring.liquibase.url
you may need to provide additional username
and password
properties.
In earlier versions of Spring Boot, these settings were derived from spring.datasource
properties but this turned out to be problematic for people that provided their own DataSource beans.
Following its removal from Spring Data in 2021.0.0, auto-configuration for Spring Data Solr has been removed in this release.
The /info
actuator endpoint is no longer exposed over the web by default.
Additionally, if Spring Security is on the classpath and your application doesn’t have a custom security configuration, the endpoint requires authenticated access by default.
Spring Integration now reuses an available TaskScheduler
rather that configuring its own.
In a typical application setup relying on the auto-configuration, this means that Spring Integration uses the auto-configured task scheduler that has a pool size of 1.
To restore Spring Integration’s default of 10 threads, use the spring.task.scheduling.pool.size
property.
The EL implementation that is included in Spring Boot’s web and validation starters has changed. Tomcat’s implementation (org.apache.tomcat.embed.tomcat-embed-el
) is now used in place of the reference implementation from Glassfish (org.glassfish:jakrta.el
).
-→ Nothing to do here
The message
attribute in the default error view is now removed rather than blanked when it is not shown.
If you parse the error response JSON, you may need to deal with the missing item.
You can still use the server.error.include-message
property if you want messages to be included.
We now register a logging shutdown hook by default for jar based applications to ensure that logging resources are released when the JVM exits. If your application is deployed as a war then the shutdown hook is not registered since the servlet container usually handles logging concerns.
Most applications will want the shutdown hook. However, if your application has complex context hierarchies, then you may need to disable it.
You can use the logging.register-shutdown-hook
property to do that.
The Spring Boot Gradle Plugin no longer automatically disables the standard Gradle jar
and war
tasks.
Instead we now apply a classifier
to those tasks.
If you prefer to disable those tasks, the reference documentation includes updated examples.
Spring Boot no longer provides default values for spring.data.cassandra.request.throttler
properties.
If you rely on max-queue-size
, max-concurrent-requests
, max-requests-per-second
or drain-interval
you should set values that make sense for your application.
To streamline the customization of jOOQ’s DefaultConfiguration
, a bean that implements DefaultConfigurationCustomizer
can now be defined. This customiser callback should be used in favour of defining one or more *Provider
beans, the support for which has now been deprecated.
The default version of Groovy has been upgraded to 3.x. If you are using Groovy and also using Spock, you should also upgrade to the latest Groovy 3.0-compatible release of Spock 2.0. Alternatively, use the groovy.version
to downgrade back to Groovy 2.5.
The default version of Hibernate Validate has been upgraded to 6.2.x. Hibernate Validator 6.2 changes how the expression language is used to interpolate constraint messages. Please see this blog post from the Hibernate Validator team for further details.
Reflecting the Spring Boot release compatibility policy, code deprecated in Spring Boot 2.3 has been removed in Spring Boot 2.5. Code deprecated in Spring Boot 2.4 remains in place, and is scheduled for removal in Spring Boot 2.6.
Tip
|
Check the configuration changelog for a complete overview of the changes in configuration. |
It’s now possible to specify a prefix for system environment variables so that you can run multiple different Spring Boot applications in the same environment.
Use SpringApplication.setEnvironmentPrefix(…)
to set the prefix that you want to use when binding properties.
For example, the following will add a myapp
prefix:
SpringApplication application = new SpringApplication(MyApp.class);
application.setEnvironmentPrefix("myapp");
application.run(args);
All properties will now expect a prefixed version.
For example, to change the server port you can set MYAPP_SERVER_PORT
.
All four embedded web containers now support HTTP/2 over TCP (h2c) without any manual customization. To enable h2c, set server.http2.enabled
is true
and leave server.ssl.enabled
set to false
(its default value).
As with the existing h2 support, depending on the embedded web server being used, the use of h2c may require additional dependencies. See the reference documentation for details.
A new generic mechanism is now available if you write code that initializes a DataSource. This mechanism is also now used internally to setup correct bean dependencies for Flyway, Liquibase and Script based initialization.
Most developers won’t need to directly make use of the new mechanism.
However, if you are developing a third-party starter for a data access library, you may want to provide a DependsOnDataSourceInitializationDetector
.
See the updated reference documentation for details.
Support for script-based initialization of an SQL database accessed via R2DBC has been added.
By default, scripts on the classpath named schema.sql
and data.sql
will be applied to the database automatically.
The initialization can be customized using the spring.sql.init.*
configuration properties. Please
see the reference documentation for further details.
If you define a custom DataSource for use with Liquibase we now configure it using a SimpleDriverDataSource
.
We previously used a pooling datasource which was unnecessary and inefficient for database initialization.
The Maven and Gradle plugins both now support the use of custom Buildpacks.
You can set the buildpacks
property to point at directories, tar.gz files, specific builder references or Docker images.
The Maven and Gradle plugins now both support volume bindings that can be passed to the buildpack builder. These allow you to bind local paths or volumes for the buildpack to use.
The /actuator/prometheus
actuator endpoint can now provide both standard Prometheus as well as OpenMetrics responses.
The response returned will depend on the accept header that is provided with the HTTP request.
Actuator will now generate Micrometer metrics for Spring Data repositories.
By default, metrics are named spring.data.repository.invocations
.
To learn more, please see the relevant section of the reference documentation.
Aligning its capabilities with those of Spring MVC, @Timed
can now be used to manually enable timing of requests handled by WebFlux controllers and functional handlers.
To use manual timing, set management.metrics.web.server.request.autotime.enabled
to false
.
When using Actuator, metrics for Mongo’s connection pool and commands sent by the client are now generated automatically. To learn more about MongoDB metrics, please see the relevant section of the reference documentation.
A /quartz
endpoint has been added to Actuator.
It provides detailed information about Quartz jobs and triggers.
Please see the relevant section of the Actuator’s API documentation for further details.
The actuator’s startup
endpoint now supports GET
requests.
Unlike a POST
request, a GET
request to the endpoint does not drain the event buffer and events will continue to be held in memory.
Actuator’s health endpoint now shows the health of the targets of an AbstractRoutingDataSource
.
Each target DataSource
is named using its routing key.
As before, to ignore routing data sources in the health endpoint, set management.health.db.ignore-routing-data-sources
to true
.
This release provides support and is tested against Java 16. Spring Boot 2.5 remains compatible with Java 8.
Spring Boot 2.5 can now use Jetty 10 as an embedded web server. As Jetty 10 requires Java 11, our default Jetty version will remain as 9.
To upgrade to Jetty 10, use the jetty.version
property to override the version.
You should also exclude org.eclipse.jetty.websocket:websocket-server
and org.eclipse.jetty.websocket:javax-websocket-server-impl
from spring-boot-starter-jetty
as they are Jetty 9-specific.
The HTML documentation published by the project has an updated look-and-feel and some new features. You can now easily copy snippets of code to the clipboard by hovering over the sample and clicking the "copy" icon. In addition, many of the samples now include full import statements that can be shown or hidden as required.
We also now have a "dark theme" switcher at the top of each document.
Apart from the changes listed above, there have also been lots of minor tweaks and improvements including:
-
management.endpoints.web.cors.allowed-origin-patterns
can now be used to configure the allowed origin patterns for Actuator endpoints (#24608) -
HttpSessionIdListener
beans are now automatically registered with the servlet context (#24879) -
Couchbase now uses the auto-configured
ObjectMapper
by default (#24616) -
Elasticsearch’s
Sniffer
is now auto-configured when itselasticsearch-rest-client-sniffer
module is on the classpath (#24174) -
spring.data.cassandra.controlconnection.timeout
can now be used to configure the timeout of Cassandra’s control connection (#24189) -
spring.kafka.listener.only-log-record-metadata
can now be used to configure what’s logged when retries are being attempted (#24582) -
Support for Apache Phoenix, auto-detecting
jdbc:phoenix
JDBC URLs (#24114) -
Configuration properties for Rabbit’s key store and trust store algorithms (#24076)
-
The
/actuator
discovery page can now be disabled using themanagement.endpoints.web.discovery.enabled
property. -
The
/actuator/configprops
andactuator/env
endpoints now haveadditional-keys-to-sanitize
properties that can be used to sanitize keys. -
You can now use a
EndpointObjectNameFactory
if you want to customize the name of JMX actuator endpoints. -
A new
DataSourceBuilder.derivedFrom(…)
method has been added that allows you to build a newDataSource
that’s derived from an existing one. -
When Spring Security is on the classpath, configuration properties can now be bound to
RSAPublicKey
andRSAPrivateKey
. -
The RabbitMQ
ConnectionFactory
used by Spring AMQP can now be customized using aConnectionFactoryCustomizer
bean. -
Embedded database auto-configured can now be controlled using the new
spring.datasource.embedded-database-connection
configuration property. It can be set to any of the values ofEmbeddedDatabaseConnection
, includingnone
to disable embedded database auto-configured entirely. -
CloudPlatform
can now automatically detect Azure App Service. -
server.tomcat.keep-alive-timeout
can be used to configure how long Tomcat will wait for another request before closing a keep-alive connection. -
server.tomcat.max-keep-alive-requests
can be used to control the maximum number of requests that can be made on a keep-alive connection before it is closed. -
spring.webflux.session.cookie.same-site
can be used to configure WebFlux’s SameSite cookie policy. It is lax by default. -
Apache HttpClient 5 is now auto-configured for use with WebClient.
-
A new
ApplicationEnvironment
class has been introduced which should improve a small performance boost. -
You can now configure Netty memory using the
spring.netty.leak-detection
property.
Spring Boot 2.5 moves to new versions of several Spring projects:
-
Spring Session 2021.0
-
Spring HATEOAS 1.3
Numerous third-party dependencies have also been updated, some of the more noteworthy of which are the following:
-
Kotlin 1.5
-
Groovy 3.0
-
Flyway 7.7
-
Liquibase 4.3
-
Jackson 2.12
-
Kafka 2.7
-
Cassandra Driver 4.10
-
Embedded Mongo 3.0
-
Hibernate Validator 6.2
-
Jersey 2.33
-
Mockito 3.7
-
MongoDB 4.2
-
JUnit Jupiter 5.7
-
Elasticsearch 7.12
The following notable deprecations have been made in Spring Boot 2.5
-
EntityManagerFactoryDependsOnPostProcessor
inorg.springframework.boot.autoconfigure.data.jpa
has been relocated toorg.springframework.boot.autoconfigure.orm.jpa
✅ -
ActuatorMediaType
andApiVersion
inorg.springframework.boot.actuate.endpoint.http
in favor of equivalents inorg.springframework.boot.actuate.endpoint
🔴 -
Support for beans that implement jOOQ’s
*Provider
callback interfaces orSettings
has been deprecated. ADefaultConfigurationCustomizer
should be used instead. 🔴