Spring Boot, Security, Integration, AI, and AMQP reach third milestone releases while Data and Kafka hit second milestones, delivering new features, bug fixes, and critical security patches.
The Spring ecosystem delivered a wave of milestone releases during the week of March 16th, 2026, with five major projects reaching their third milestone versions and two others advancing to their second milestones. This coordinated release cadence demonstrates Spring's commitment to rapid innovation while maintaining stability across its comprehensive framework portfolio.
Spring Boot 4.1.0 M3: AMQP Support and MongoDB Batch Processing
The third milestone release of Spring Boot 4.1.0 introduces several significant enhancements that expand the framework's capabilities. Most notably, this release adds support for the AMQP 1.0 specification, including auto-configuration for the AmqpConnectionFactory and AmqpClient interfaces. This addition positions Spring Boot to better serve enterprise messaging scenarios that require the advanced features of AMQP 1.0, such as sophisticated routing and transactional messaging.
Another key feature in this release is the introduction of a new spring-boot-batch-data-mongo module, which provides auto-configuration for Spring Batch using MongoDB. This module simplifies the setup process for batch applications that leverage MongoDB as their data store, reducing boilerplate configuration and enabling developers to focus on business logic rather than infrastructure concerns.
The release also includes numerous bug fixes, documentation improvements, and dependency upgrades that enhance overall stability and performance. Developers can find comprehensive details in the official release notes and the accompanying wiki page.
Spring Security 7.1.0 M3: Enhanced Authorization and Critical Vulnerability Fix
Spring Security's third milestone release addresses both functional enhancements and critical security concerns. The new MessageExpressionAuthorizationManager class provides a sophisticated mechanism for authorizing expression-based messages to public APIs, offering developers more granular control over message-level security policies.
A significant addition is the InetAddressMatcher interface, which extracts logic for matching Java InetAddress classes from the Jakarta Servlet HttpServletRequest class. This abstraction enables general reuse across different components and simplifies the implementation of IP-based access control mechanisms.
Perhaps most importantly, this release addresses CVE-2026-22732, a vulnerability that could allow attackers to expose sensitive data through caching mechanisms. The issue stemmed from HTTP headers not being properly written when specifying HTTP response headers for servlet applications using Spring Security. The fix ensures that caching mechanisms cannot inadvertently leak sensitive information, reinforcing Spring Security's position as a robust security framework.
Spring Integration 7.1.0 M3: Cloud Events and Redis Improvements
The Spring Integration team focused on enhancing cloud-native capabilities and improving Redis integration in their third milestone release. A new CloudEventHeadersBuilder class exposes a builder through the headers() method defined in the CloudEvents class, enabling developers to configure cloud event headers with direct values. This enhancement streamlines the creation and manipulation of cloud events, which are increasingly important in modern distributed architectures.
Another notable change involves replacing the Java TimeUnit enum class with the Java Duration class across all RedisQueue* classes. This modernization aligns with contemporary Java best practices and provides more intuitive time-based operations for Redis queue management.
The release also includes various bug fixes and documentation improvements that enhance the overall developer experience when building integration flows.
Spring AI 2.0.0 M3: Enhanced Customization and Configuration
Spring AI's third milestone release brings significant improvements to customization and configuration capabilities. The new McpClientCustomizer interface allows developers to customize named client components, providing greater flexibility in how AI services are integrated and configured within Spring applications.
The ZhiPuAiChatOptions class now features an improved, more generic builder pattern, enabling more flexible configuration options for developers working with ZhiPu AI services. Similarly, the OllamaChatOptions class has gained a new builder pattern, further expanding the framework's support for different AI service providers and their unique configuration requirements.
These enhancements demonstrate Spring's commitment to providing a unified, flexible interface for AI integration while accommodating the diverse needs of different AI service providers and use cases.
Spring AMQP 4.1.0 M3: AMQP 1.0 Support and Queue Management
Spring AMQP's third milestone release focuses on expanding protocol support and improving queue management capabilities. The new @AmqpListener annotation provides support for the AMQP 1.0 specification, enabling developers to create message listeners that can handle the advanced features of this protocol.
The QueueBuilder class gains a new classic() method that ensures a classic queue is set as the default when no arguments are provided. This enhancement simplifies queue creation for developers who prefer or require classic queue behavior while maintaining backward compatibility.
These additions, combined with bug fixes and documentation improvements, strengthen Spring AMQP's position as a comprehensive messaging solution for Spring applications.
Spring Data 2026.0.0 M2: Redis Enhancements and Bulk Operations
Spring Data's second milestone release introduces several powerful features that enhance data access capabilities. The new @EnableRedisListeners annotation in Spring Data Redis enables listener endpoints for publication and subscription, simplifying the implementation of pub/sub patterns in Redis-based applications.
A significant addition to Spring Data MongoDB is the bulkWrite() method in the MongoOperations interface. This method allows for a mix of insert, update, and delete operations in a single method call, dramatically improving performance for batch data operations and reducing the number of round trips to the database.
For Redis 8.4 users, new compare-and-set and compare-and-delete functionality provides atomic operations with configurable command conditions and expiration. These operations enable more sophisticated data consistency patterns and reduce the complexity of implementing optimistic locking scenarios.
Spring for Apache Kafka 4.1.0 M2: Enhanced Acknowledgment and Error Handling
The Spring for Apache Kafka team delivered improvements focused on acknowledgment management and error handling in their second milestone release. A new RENEW acknowledgement type and corresponding renew() method in the ShareAcknowledgment interface extend the acquisition lock on a record when processing takes longer than the configured time. This feature is particularly valuable for scenarios involving long-running processing tasks that might otherwise exceed default timeout limits.
Improvements to the ShareKafkaMessageListenerContainer class add poll-level and listener-level error handling strategies, providing developers with more fine-grained control over how Kafka consumers handle various error conditions. These enhancements contribute to more resilient and maintainable Kafka integration code.
Spring Vault 4.1.0 M1: Certificate Management and Secret Handling
Spring Vault's first milestone release introduces foundational capabilities for certificate and secret management. The new CertificateContainer class provides functionality for issuing, obtaining, and managing certificate bundles, simplifying the integration of certificate-based authentication and encryption in Spring applications.
The introduction of the ManagedSecret class and SecretsRegistry interface offers a more simplified approach to managing secrets obtained from Vault operations using functional callbacks. This design pattern promotes cleaner, more maintainable code when working with sensitive credentials and configuration data.
Looking Ahead: The Spring Ecosystem's Rapid Evolution
These milestone releases collectively demonstrate Spring's aggressive development pace and responsiveness to emerging technology trends. The framework's expansion into AI integration, enhanced messaging capabilities, and improved data access patterns reflects the evolving needs of modern enterprise applications.
The coordinated release schedule across multiple Spring projects also highlights the framework's maturity and the strength of its development processes. By maintaining consistent release cadences and clear communication channels through release notes and documentation, the Spring team enables developers to plan upgrades and adopt new features with confidence.
As these milestone releases progress toward their final versions, developers can expect further refinements, additional features, and comprehensive testing to ensure production readiness. The Spring ecosystem continues to evolve as a comprehensive solution for building modern, cloud-native Java applications that can scale from simple microservices to complex enterprise systems.
For developers working with Spring applications, these releases offer compelling reasons to evaluate and potentially upgrade their projects. Whether the goal is to leverage new AI capabilities, improve messaging performance, enhance security, or simplify data access patterns, the Spring ecosystem provides mature, well-tested solutions that can accelerate development and reduce operational complexity.
Comments
Please log in or register to join the discussion