We’re excited to announce the release of Spring Application Advisor 1.4, a significant milestone that demonstrates our commitment to making enterprise application modernization not just possible, but seamless and intelligent.
Many enterprises continue to use Spring Boot 2.7.x for their projects. This is largely due to the significant decisions required when upgrading to Spring Boot 3.0.x, as some open-source components (e.g., Springfox) that were compatible with 2.7.x are no longer supported.
How can you automatically upgrade your Spring apps at scale when some dependencies across your apps are no longer available with the next Spring Boot version?
| Teams need to decide how to consistently replace legacy dependencies and technologies. This consistency facilitates standards and common components, enabling teams to prioritize business value. |
Engineering teams value having the autonomy to select technologies that accelerate iteration. However, aligning technologies across teams, while costly upfront, fosters long-term collaboration and productivity through shared components. Organizations face a significant challenge in standardizing technologies and architectures across their applications due to the unique histories and cultures of each application. This can stem from various sources, such as applications inherited through acquisitions, or historically successful MVPs that rapidly adopted technologies that were relevant at the time.
Spring Application Advisor 1.4 empowers central engineering teams to promote Spring more broadly by allowing them to define automatic migrations, using configuration as code, that are executed as part of an incremental Spring upgrade process in their CI/CD pipelines.
Seamless legacy migration pathways
| 🏃 Fetching and processing upgrade plan details – Step 1: * Upgrade spring-retry from 1.3.x to 2.0.x * Upgrade spring-integration from 5.5.x to 6.3.x * Upgrade reactor from 3.4.x to 3.6.x * Migrate spring-security-jwt from 1.1.x to spring-security:5.8.x * Migrate spring-security-oauth from 2.5.x to spring-security:5.8.x * Migrate springdoc-openapi from 1.8.x to springdoc-openapi-starter:2.6.x * Upgrade reactor-netty from 1.0.x to 1.1.x * Upgrade spring-ws from 3.1.x to 4.0.x * Upgrade azure-sdk-for-java from 1.50.x to 1.51.x * Upgrade spring-framework from 5.3.x to 6.1.x * Upgrade spring-integration-zip from 2.0.x to 6.3.x * Upgrade opensaml from 4.1.x to 4.3.x * Upgrade spring-session from 2.7.x to 3.3.x * Upgrade spring-security from 5.8.x to 6.3.x * Upgrade spring-boot from 2.7.x to 3.3.x * Upgrade spring-authorization-server from 0.4.x to 1.3.x * Upgrade rx-java from 2.2.x to 3.1.x * Upgrade spring-hateoas from 1.5.x to 2.3.x – Step 2: * Upgrade spring-boot from 3.3.x to 3.4.x |
Spring Application Advisor facilitates project transitions (e.g, from spring-security-jwt to spring-security) through configuration as code. Organizations can define their internal component upgrades and establish migration strategies for both third-party and in-house technologies in the same way that Spring Application Advisor does for Spring projects.
The configuration of the upgrade mappings includes, by default, Spring Application Advisor to migrate Spring Security JWT 1.1.x to Spring Security 5.2.x by running a specific Spring enterprise OpenRewrite recipe.
Notice that the official transition is from Spring Security JWT 1.1.x to Spring Security 5.2.x. However, the upgrade plan detects that because this is already a Spring Security 5.8.x application, in order to upgrade it, not only the migration to Spring Security 5.2.x needs to happen, but also the required changes applied by that migration to be in Spring Security 5.8.x.
Customer value: Legacy system modernization no longer requires extensive manual research and custom development. The newest feature provides battle-tested migration paths that have been validated across enterprise environments. This can reduce the risk and cost associated with modernizing applications that depend on deprecated frameworks, while enabling security and compliance requirements to be met throughout the transformation process.
Smart Java upgrade recommendations
Version 1.4 now offers advanced Java upgrade intelligence. This feature verifies the compatibility of upcoming Java versions with your existing Spring dependencies. While non-Spring applications can also be upgraded to newer Java versions, this compatibility verification is not included. This is primarily due to a lack of necessary information from vendors, and compatibility frequently hinges on the specific APIs that are being used.
| 🏃 Generating advices [00m 01s] ok 💡 1 advice(s) found: – java-21: * Upgrades to Java 21 based on your use of Spring Boot or Framework |
All these recommendations can be automatically applied to your code. They will upgrade you to the selected Java version and the API readability improvements related to that version.
Sample of changes produced by the Java 21 upgrade for a Boot 3.x app
Customer value: Rather than a manual assessment of Java compatibility across hundreds or thousands of applications, your teams receive automated, expert-level guidance on Java modernization opportunities. This can translate to reduced security vulnerabilities, improved performance, access to modern language features, and significant time savings in upgrade planning. Organizations can now confidently plan their Java estate modernization with clear visibility into the impact and effort required.
Higher coverage on Spring Security 6.0.x upgrade
Previous versions of Spring Application Advisor facilitated Spring Security 6.0.x upgrades by supporting configuration-level changes. These included adding the @Configuration annotation and utilizing new request and security matchers with lambdas.
The current version expands this coverage to include specific API modifications related to OpenSAML 2 and exploit protection, which are necessary for adopting Spring Security 6.0.x.
In this screenshot, you can see one patch related to exploit protection. The method tokenFromMultipartDataEnabled was deprecated in favor of ServerCsrfTokenRequestAttributeHandler#setTokenFromMultipartDataEnabled, the proper replacement has been automatically applied by Spring Application Advisor.
All these recipes are in the Spring Enterprise Subscription Maven repository and are only available via Spring Application Advisor.
Customer value: Security modernization can become a managed, repeatable process rather than a complex manual effort. Organizations can enable their applications to leverage the latest security frameworks and best practices without extensive security expertise on every development team. This can reduce security vulnerabilities, enabling compliance with modern security standards, and accelerate the adoption of advanced security features.
Breaking down platform barriers: Running on a Windows environment
For the first time, Spring Application Advisor supports Windows environments. This breakthrough helps to eliminate a significant barrier that many enterprise teams have faced when they integrate Spring Application Advisor on CI/CD systems that are running on Windows.
Customer value: Development teams working in mixed-platform environments can now maintain consistent modernization workflows across their entire infrastructure. This enables faster time-to-market for upgrades, reduced complexity in toolchain management, and the ability to leverage the same proven modernization strategies regardless of your underlying operating system. For organizations with Windows-heavy development environments, this opens up enterprise-grade Spring modernization capabilities that were previously inaccessible.
Better developer experience via MCP Server
Spring Application Advisor is simplifying the number of steps required for upgrading or enhancing a Spring application and making the MCP interaction and the developer experience(DX) more fluid.
Specifically, before calculating the upgrade plan, Spring Application Advisor is required to run an additional command that provides some metadata to understand which Spring versions are being used. Now, this process is being automatically executed when an upgrade plan or recommendations are calculated. This means that you can upgrade applications by running a single command: advisor upgrade-plan apply
Customer value: Development teams can focus on business logic rather than build system complexities. This feature removes a common source of upgrade friction and enables modernization efforts that don’t introduce unnecessary complexity into development workflows. Teams experience smoother upgrade processes with reduced manual intervention and fewer opportunities for configuration errors.
Ability to squash upgrades to avoid long builds
The new — squash option allows teams to consolidate multiple upgrade steps into a single step. So, in situations where this can trigger very long build processes, you can optimize the number of builds by sacrificing the review time of the changes.
Customer value: Organizations can align technical upgrade processes with their project management and release planning methodologies. Whether your team prefers incremental changes or comprehensive transformations, the platform adapts to your workflow preferences while maintaining the safety and reliability of the underlying upgrade logic.
The strategic advantage of Tanzu Platform
Spring Application Advisor 1.4 represents more than just a tool update; it’s a strategic capability that enables your organization to do much more:
- Accelerate innovation: By reducing the friction and risk associated with modernization, your teams can focus on delivering business value rather than managing technical debt.
- Optimize resources: Automated guidance and proven migration paths mean your engineering talent can work on differentiating capabilities rather than repetitive modernization tasks.
- Mitigate risk: Enterprise-validated recipes and migration patterns reduce the uncertainty and potential complications associated with large-scale application modernization.
- Enable scale: Whether you’re modernizing dozens or thousands of applications, the platform provides consistent, repeatable processes that scale with your organization’s needs.
Getting started with Spring Application Advisor 1.4
The latest version is available with comprehensive documentation and migration guides available through the official technical documentation.
For organizations evaluating their modernization strategy or looking to accelerate existing initiatives, Spring Application Advisor 1.4 on Tanzu Platform provides the enterprise-grade foundation needed to transform application portfolios with confidence and efficiency.
Ready to transform your application modernization approach? Discover how Tanzu Platform can accelerate your organization’s journey to modern, scalable, and secure applications.
