This Week in Spring – December 16th, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it’s been! We’ve got around nine shopping days ’til Christmas, and the New Year is almost here! Things are moving so quickly and the Spring community is no exception! Let's dive into this week's wonderful...

Exploit for Code Injection in Pivotal_Software Spring_Data_Commons

SpringBoot-Toolkit An interactive penetration-testing tool de...

Spring Data Ahead of Time Repositories - Part 2

Concluding the Road to GA blog post series, let's explore benefits of Spring Data AOT Repositories. Back in May 2025, we first introduced Ahead of Time AOT repositories as a preview feature for JPA and MongoDB with the 3rd Milestone of the next Spring Data generation. This feature, in short, uses...

This Week in Spring - November 18th, 2025

This Week in Spring - November 18th, 2025 Hi, Spring fans! I'm thrilled to be in New York City for an exciting week of joint presentations on Spring AI + Bedrock and Spring Boot with the legendary James Ward. First up: we'll present a workshop at the AI Native Dev Conf today, then speak at the...

EUVD-2018-0511

Malware in sbrugna...

EUVD-2019-0471

Malware in sbrugna...

EUVD-2019-0572

Malware in sbrugna...

EUVD-2022-6811

Malicious code in bioql PyPI...

EUVD-2022-2343

Malicious code in bioql PyPI...

EUVD-2022-5849

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-22965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. The specific exploit requires the...

This Week in Spring - August 19th, 2025

Hi, Spring fans! Welcome to another extra special installment of This Week in Spring - special because the next installment will be delivered from the floors of the Ventian where the extraordinairily awesome SpringOne 2025 event will take place! So, some poetry: T’was the Week Before SpringOne...

This Week in Spring - July 29th, 2025

It's the end of July! JULY! The seventh month of the year, done and dusted! AHHHHH! I've got memories of being on a tropical beach over the winter holidays, sipping rum and dodging mosquitoes like I was doing a rhythmic gymnastics routine just recently. It turns out that was seven months ago, not...

Spring Data JDBC and R2DBC 4.0 will support Composite IDs

I'm happy to announce, that Spring Data JDBC and R2DBC finally support Composite IDs starting with version 4.0.0-M4. Most of you probably know, but just to make sure everyone has the same understanding: From the database point of view a composite id or composite key is a primary key that consists...

This Week in Spring - July 22nd, 2025

Hi, Spring fans! It's almost SpringOne time!! AAAAH it's all moving so quickly! I can hardly stand it. SpringOne's next month, in lovely Las Vegas, and I'll be there. Will you? Have you registered? We'll be looking at the impending Spring Boot 4.0 and Spring Framework 7.0 releases! It's going to ...

CVE-2022-31679

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes...

Spring Data Ahead of Time Repositories

In the past couple of years we have seen heavy investment throughout the Java ecosystem to reduce application startup times. The main focus gravitates around Ahead-of-Time optimizations. May it be condensing code into a GraalVM native executable, capturing already optimized bytecode with...

This Week in Spring - April 22nd, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring , which I'm writing from magnificent Minneapolis, Minnesota, where I'm recording an amazing Frontend Masters course introducing Spring Boot. I love this article introducing Spring AI in JavaPro magazine Want to run an LLM...

This Week in Spring – March 18th, 2025

Hi, Spring fans! I just got back from the amazing JavaOne show held in Redwood Shores. It was a fun, uproarious event and a great chance to reconnect with tons of friends, old and new. I love this community! One of the central highlights of this show? Java 24 is here, finally! And, as usual, we'v...

This Week in Sprng - March 11th, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's a busy week as always, fresh off the rush that was Devnexus and busily preparing for the fun that is JavaOne! It's going to be epic! want to learn about dependency injection, auto-configuration, Spring Framework, Spring...