I am pleased to announce that the second Spring for GraphQL 2.0 Release Candidate is now available.

This release brings back the GraphQL Java 25.x baseline as it will be released in November before our GA date. This also ships a new feature, the support for @EntityMapping with interface types.

What's next?

We have compiled all release notes on our wiki. Our next step is the final release next month!

2.0.0-RC2 is now available from https://repo.404ofchina.website and Maven Central.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Project Page | GitHub | Issues | Documentation | …

I am pleased to announce that Spring for GraphQL 1.4.3 is now available on Maven Central. This release closes 5 issues.

This version will ship with Spring Boot 3.5.7, to be released this week.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Project Page | GitHub | Issues | Documentation | Stack Overflow

I am pleased to announce that the first Spring for GraphQL 2.0 Release Candidate is now available.

This release ships a few refinements and features, including:

• improved nullness checks in the schema mapping inspection
• new GraphQlClient and GraphQlTester Kotlin extensions leveraging reified types
• UUID support in JsonKeysetCursorStrategy
• a new HttpRequestHeaderInterceptor that can copy HTTP headers of interest into the GraphQLContext
• Virtual Threads support in webmvc.GraphQlWebSocketHandler

What's next?

We have compiled all release notes on our wiki. Our next step is the final release next…

On behalf of the team and everyone who has contributed, I am pleased to announce our first release candidate for Spring Framework 7.0. There is another release candidate scheduled by the end of the month, before our GA version in November. We have compiled all the upgrade information, new features and deprecations on the Spring Framework 7.0 release notes preview page.

Resiliency refinements

The new Resiliency feature got a few more refinements in this release. You can now match against exception causes in @Retryable or RetryPolicy, and even include/exclude specific exception types. We also added a new @ConcurrencyLimit programmatic variant for more flexible setups; the @ConcurrencyLimit…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.2.12 is available now.

Spring Framework 6.2.12 ships with 39 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.4.11 and 3.5.7.

CVE-2025-41254:

This release addresses CVE-2025-41254 for "Spring Framework STOMP CSRF Vulnerability".

Open source support for Spring Framework 5.3.x and 6.1.x generations has ended, see our support page for more information. This fix has been applied to the 5.3.46 and 6.1.24 commercial releases, available now.

If you are not a commercial customer, please consider upgrading to an open source supported version at your earliest convenience. Commercial customers using Spring Boot 2.7, 3.1, or 3.2 can make use of Spring Boot Hotfix releases 2.7.29.2, 3.2.18.2 and 3.3.15.2. Releases are available now on the Spring commercial artifact repository and can be accessed with a Spring Enterprise Subscription…

This is a new blog post in the Road to GA series, this time exploring the new capabilities of our HTTP clients. This is also a good time to reflect on the state of HTTP clients in Spring, so we will use this opportunity to explain an important announcement: we are officially deprecating RestTemplate.

Upcoming RestClient features

RestClient has been introduced in Spring Framework 6.1 and evolved in the 6.x line. In the upcoming 7.0 major version we are keeping up the pace with a round of new features.

API Versioning

Spring @Controller now supports the API Versioning concept to better implement different generations of your REST API within a single application. This feature is also supported on the client side, by using an ApiVersionInserter…

I am pleased to announce that the third Spring for GraphQL 2.0 Milestone release is now available.

Nullability support in schema mapping inspection

Our Schema Mapping Inspection feature got a recent upgrade thanks to our work on Null-safety in Spring projects.

If your application is written in Kotlin, or is using Null-safety annotations, further inspections will be performed. The GraphQL schema can declare nullable types (Book) and non-nullable types (Book!). We can ensure that both the schema and the application are in sync when it comes to nullability information.

• For schema fields, we can check that the relevant Class properties and DataFetcher return types with the same nullability.
• For field arguments, we can ensure that DataFetcher parameters have the same nullability
…

I am pleased to announce that Spring for GraphQL 1.4.2 is now available on Maven Central. This release closes 10 issues.

This version will ship with Spring Boot 3.5.6, to be released this week.

How can you help?

If you have general questions, please ask on stackoverflow.com using the spring-graphql tag.

Project Page | GitHub | Issues | Documentation | Stack Overflow

On behalf of the team and everyone who has contributed, I am pleased to announce our last milestone for Spring Framework 7.0. This is our last stop before the release candidate, scheduled next month. We have compiled all the upgrade information, new features and deprecations on the Spring Framework 7.0 release notes preview page.

Resiliency refinements

The new Resiliency feature got a lot of fixes and refinements in this milestone, mostly around RetryException and exception handling. There is a new "programmatic support" section in the reference documentation, in case the annotation-based…

On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework 6.2.11 is available now.

Spring Framework 6.2.11 ships with 23 fixes and documentation improvements. This version will be shipped next week with Spring Boot 3.4.10 and 3.5.6.

CVE-2025-41249

This release addresses CVE-2025-41249 for "Spring Framework Annotation Detection Vulnerability", which was published in conjunction with CVE-2025-41248 for "Spring Security authorization bypass for method security annotations on parameterized types". See Spring Security and Spring Framework Release Fixes for CVE-2025-41248 and CVE-2025-41249…