The version of Spring Framework used by Spring Boot 3.2 no longer attempts to deduce parameter names by parsing bytecode. If you experience issues with dependency injection or property binding, you should double check that you are compiling with the -parameters option. See this section of the "Upgrading to Spring Framework 6.x" wiki for more details.

The default log output now includes your application name whenever you have a spring.application.name property set. If you prefer the previous format, you can set logging.include-application-name to false.

The auto-configured InMemoryUserDetailsManager now backs off when one or more of spring-security-oauth2-client, spring-security-oauth2-resource-server, and spring-security-saml2-service-provider is on the classpath and, since 3.2.2, neither spring.security.user.name nor spring.security.user.password has been configured. Similarly, in reactive applications, the auto-configured MapReactiveUserDetailsService now backs off when one or more of spring-security-oauth2-client and spring-security-oauth2-resource-server is one the classpath and, since 3.2.2, neither spring.security.user.name nor spring.security.user.password has been configured.

If you are using one of the above dependencies yet still require an InMemoryUserDetailsManager or MapReactiveUserDetailsService in your application, define the required bean in your application, or with Spring Boot 3.2.2 and later, configure one or both of spring.security.user.name and spring.security.user.password.

The default value of management.otlp.tracing.endpoint has been removed. The OtlpHttpSpanExporter bean is now only auto-configured if management.otlp.tracing.endpoint has a value. To restore the old behavior, set management.otlp.tracing.endpoint=http://localhost:4318/v1/traces.

Spring Boot now uses version 2.2 of H2 by default. To continue using a database from earlier version of H2 it may be necessary to perform a data migration. Before upgrading, export the database using the SCRIPT command. Create an empty database with the new version of H2 and then import the data using the RUNSCRIPT command.

The Oracle UCP DataSource no longer sets validateConnectionOnBorrow to true by default. If you need to restore the old behavior you can set the spring.datasource.oracleucp.validate-connection-on-borrow application property to true.

Spring Boot now supports Jetty 12. Jetty 12 supports the Servlet 6.0 API, aligning it with both Tomcat and Undertow. Previously, if you were using Jetty with Spring Boot 3.x, the Servlet API had to be downgraded to 5.0. This is no longer necessary. Remove any override of the Servlet API version when upgrading.

Due to significant API differences between Jetty 11 and Jetty 12, Jetty 11 is no longer supported as an embedded web server.

There’s a bug in 1.9.0 of the Kotlin Gradle Plugin that causes additional resource directories to be lost. This breaks native image compilation as resources generated by AOT processing are not included in the native image’s classpath. To work around the problem, apply Kotlin’s Gradle plugin first.

The underlying code that supports Spring Boot’s "Uber Jar" loading has been rewritten now that we no longer need to support Java 8. The updated code makes use of a new URL format which is more compliant with JDK expectations. The previous URL format of jar:file:/dir/myjar.jar:BOOT-INF/lib/nested.jar!/com/example/MyClass.class has been replaced with jar:nested:/dir/myjar.jar/!BOOT-INF/lib/nested.jar!/com/example/MyClass.class. The updated code also makes use of java.lang.ref.Cleaner (which was part of JDK 9) for resource management.

We have made every effort to ensure that, as much as possible, the new code is a transparent replacement for the previous implementation. We do not anticipate that most users will even notice the change. One area where you may notice a change is if you were referring to one of the launcher classes directly as they have new names in the new default launcher:

If you do find issues with the new implementation, however, we have provided a fallback option that will allow you to use the old code.

For Gradle users you can set the bootJar.loaderImplementation to org.springframework.boot.loader.tools.LoaderImplementation.CLASSIC. For example:

For Maven users, you can set the <loaderImplementation> tag on the spring-boot-plugin configuration to CLASSIC. For example:

If you find any unexpected behavior with the new implementation, please raise a GitHub issue.

Classes, methods, and properties that were deprecated in Spring Boot 3.0 have been removed in this release. Please ensure that you aren’t calling deprecated methods before upgrading.

None.

Spring Boot now includes auto-configuration support and starter POMs for the Spring for Apache Pulsar project. See the updated reference documentation for full details.

Spring Boot will now automatically log correlation ID whenever you are using Micrometer tracing. See the updated documentation for details.

Spring Boot 3.2 includes support for the new RestClient interface which has been introduced in Spring Framework 6.1. This interface provides a functional style blocking HTTP API with a similar to design to WebClient.

Existing and new application might want to consider using RestClient as an alternative to RestTemplate.

See the updated reference documentation for details.

When Jetty’s HttpClient is on the classpath, Spring Boot’s HTTP client auto-detection will now configure RestTemplateBuilder to use the new JettyClientHttpRequestFactory that was introduced in Spring Framework 6.1.

Support for JdkClientHttpRequestFactory has been added to ClientHttpRequestFactories. Unlike JettyClientHttpRequestFactory it has not been added to the auto-detection. To use JdkClientHttpRequestFactory you must opt in:

Auto-configuration for JdbcClient has been added, based on the presence of a NamedParameterJdbcTemplate. If the latter is auto-configured, properties of spring.jdbc.template.* are taken into account.

Spring Boot 3.2 ships support for virtual threads. To use virtual threads, you need to run on Java 21 and set the property spring.threads.virtual.enabled to true.

Spring Boot 3.2 ships initial support for JVM Checkpoint Restore (Project CRaC). See the related documentation for more details.

SSL bundles can now be automatically reloaded when the trust material changes. A bundle must opt in to this functionality by settings its reload-on-update property to true. The consumer of the bundle must also support reloading.

Consumers that support reloading are:

• Netty web server

• Tomcat web server

More information about reloading of SSL bundles can be found in the reference documentation.

You can now use Micrometer’s @Timed, @Counted, @NewSpan, @ContinueSpan and @Observed annotations. The aspects for them are now auto-configured if you have AspectJ on the classpath.

Micrometer Tracing’s ObservationHandler beans are automatically registered on the ObservationConfig. Before Spring Boot 3.2.0, uncategorized handlers have been registered before the categorized ones. This has been flipped, categorized handlers are now registered before the uncategorized ones. See #34399 for details.

The default format for B3 trace propagation has been changed from single-no-parent to single.

@Scheduled methods are now instrumented for observability.

Observability for R2DBC has been added. To enable it, include the io.r2dbc:r2dbc-proxy dependency in your project.

Spring for GraphQL is now auto-configured to use the applicationTaskExecutor. This enables out of the box support for controller methods that return Callable.

The auto-configured JwtDecoder or ReactiveJwtDecoder will now use any OAuth2TokenValidator<Jwt> beans for token validation. They are included in a DelegatingOAuth2TokenValidator that is configured as the decoder’s validator.

Support for ServiceConnection has been added for ActiveMQ, with integration for both Testcontainers and Docker Compose. The integration uses the symptoma/activemq image.

Spring Boot’s Docker Compose integration now supports Neo4j. You must configure the NEO4J_AUTH environment variable in your compose YAML to disable authentication (a value of none) or to set a password for the neo4j user (a value of neo4j/your-password).

The WebSocketServerSpec used by the auto-configuration can be customized using properties of the spring.rsocket.server.spec namespace.

If an AuthTokenManager bean is defined, it will be used for authentication with Neo4j. Such a bean takes precedence over the spring.neo4j.authentication.* properties. An AuthTokenManager bean is ignored if custom Neo4jConnectionDetails are defined, for example for a service connection to a Testcontainers or Docker Compose managed database.

New properties have been introduced for configuring the sessions created by the auto-configured JmsTemplate:

• spring.jms.template.session.acknowledge-mode

• spring.jms.template.session.transacted

Similarly, a spring.jms.listener.session.transacted property has been introduced for the auto-configured JmsMessageListenerContainer.

To align with these new properties, please note that the existing spring.jms.listener.acknowledge-mode property has been deprecated and spring.jms.listener.session.acknowledge-mode has been introduced as a replacement.

The default for connection validation on Oracle UCP datasources has been removed. Before 3.2.0-RC1 connection validation was enabled by default, this is no longer the case. If you need connection validation, set the configuration property spring.datasource.oracleucp.validate-connection-on-borrow to true.

In addition to developmentOnly, Spring Boot’s Gradle plugin now also creates a testAndDevelopmentOnly configuration. Unlike developmentOnly, dependencies in this new configuration are included in the test compile and runtime classpaths. It is primarily intended for applications that are using Testcontainers at development time.

Apart from the changes listed above, there have also been lots of minor tweaks and improvements including:

• The features declared in Jackson’s EnumFeature and JsonNodeFeature can now be enabled and disabled using the configuration properties spring.jackson.datatype.enum. and spring.jackson.datatype.jsonnode. respectively.

• Additional build info properties can now have lazy values by using a Provider.

• Transaction manager customization now applies to any type of TransactionManager, not just PlatformTransactionManager.

• Any TransactionExecutionListener beans are now added to the auto-configured transaction manager.

• The port information logged when an embedded WebServer starts has been improved and made more consistent.

• The new property spring.servlet.multipart.strict-servlet-compliance sets whether multipart handling is only used for multipart/form-data requests.

• Logging has been reduced when the handler for the welcome page receives an invalid Accept header, falling back to accepting all MIME types.

• A RestClientBuilderConfigurer, that can be used to apply Spring Boot’s defaults to a RestClient.Builder, has been added.

• The restTemplateBuilderConfigurer bean is no longer backing off on user-defined beans. If you had your own restTemplateBuilderConfigurer bean, please remove it.

• A property has been added to configure the maximum amount of connections for Jetty servers.

• A new property has been added that can be used to verify keys when using PEM SSL bundles.

• When creating a PemSslStoreBundle programatically, a key store password can now be provided.

• spring.application.name is now used for OpenTelemetry’s service.name if no service.name has been set explicitly.

• A new property has been added to configure the base TimeUnit of exported metrics in OTLP registry.

• There’s now connection details support for OTLP metrics and traces. A connection details bean is automatically created if using Testcontainers or Docker Compose with the otel/opentelemetry-collector-contrib image.

• Support for CSP authentication when using Wavefront has been added.

• A new property, flyway.postgresql.transactional-lock can be used to configure Flyway’s use of transactional locks with PostgreSQL.

• Added support for Kafka MessageListenerContainer changeConsumerThreadName property.

• Auto-configure Function<MessageListenerContainer, String> bean to Kafka MessageListenerContainer’s threadNameSupplier.

• A new @ConditionalOnThreading annotation has been introduced to help auto-configure virtual thread concerns.

• Added support for RabbitMQ container forceStop property.

• The WebClient based Zipkin sender now honors the timeouts set through the configuration properties. See #36264 for details.

• When starting an application with AOT mode enabled but AOT processing hasn’t been done in the build, the error message is now more clear.

• When using GraalVM, resource hints for messages.properties and messages_*.properties are now provided automatically.

• Dependency management for Kotlin Serialization is now provided.

• Awaitility (org.awaitility:awaitility) is now part of spring-boot-starter-test.

• The auto-configured JdbcClient bean is now available in tests using @JdbcTest and @DataJpaTest.

• When auto-configuring MockMvc, filters are now registered using the dispatcher types and init parameters from their registration bean.

• Testcontainers can now be initialized in parallel. For this, set spring.testcontainers.beans.startup to parallel.

• Support for an spring.kafka.template.observation-enabled property to support Micrometer observations

Spring Boot 3.2.0 moves to new versions of the following Spring projects:

• Spring AMQP 3.1

• Spring Authorization Server 1.2

• Spring Batch 5.1

• Spring Data 2023.1

• Spring Framework 6.1

• Spring HATEOAS 2.2

• Spring Integration 6.2

• Spring Kafka 3.1

• Spring LDAP 3.2

• Spring Pulsar 1.0

• Spring Retry 2.0

• Spring Security 6.2

• Spring Session 3.2

Third-party dependencies have also been updated, the more noteworthy of which are the following:

• Artemis 2.29

• Brave 5.16

• Elasticsearch Client 8.10

• Flyway 9.22

• GraphQL Java 21.1

• Hibernate 6.3

• JUnit 5.10

• Jedis 5.0

• Kafka 3.6

• Kotlin 1.9

• Liquibase 4.24

• Log4j 2.21

• MariaDB 3.2

• Micrometer 1.12

• Micrometer Tracing 1.2

• Mockito 5.4

• Mongo Java Driver 4.11

• MySQL 8.1

• Neo4j Java Driver 5.10

• OkHttp 4.12

• OpenTelemetry 1.28

• Oracle UCP 23.3

• Rabbit AMQP Client 5.18.0

• Rabbit Stream Client 0.11

• Reactor 2023.0

• Selenium 4.14

• SnakeYAML 2.2