Spring Boot 4.0.2: Critical Kafka Fixes, Dependency Upgrades & What to Watch
Spring Boot 4.0.2 is a maintenance release that focuses on fixing over 20 bugs—including a critical Kafka transaction auto‑configuration issue—upgrading more than 40 core dependencies, improving documentation, and introducing minor breaking changes, making it essential for Java developers to upgrade promptly.
What’s New in Spring Boot 4.0.2?
Spring Boot 4.0.2 is a maintenance release focused on bug fixes, dependency upgrades, and documentation improvements. It addresses over 20 bugs, upgrades more than 40 dependencies, and includes several critical fixes.
Key Fixes
20 Bug Fixes: fixes across Kafka, WebFlux, Actuator and other core modules. 40+ Dependency Upgrades: Spring Framework 7.0.3, Hibernate 7.2.1, Jackson 2.20.2, Micrometer 1.16.2, Reactor 2025.0.2, and others. Documentation Improvements: corrected errors and outdated links.
Kafka Transaction Auto‑Configuration Regression
The most critical bug fixed is the missing automatic configuration for Kafka transactions ( No TransactionAutoConfiguration) that broke @Transactional Kafka producers, disabled KafkaTemplate transaction support, and could cause data inconsistency. The issue originated from an incorrect auto‑configuration loading order after the 4.0 refactor. Spring Boot 4.0.2 now correctly initializes KafkaTransactionManager. Users of Kafka transactions must upgrade immediately.
Other Notable Fixes
Bean Condition Evaluation Optimization : caches condition checks, reducing startup time by ~10‑15% in high‑concurrency scenarios (issue #48840).
Native Image Compatibility : fixes for GraalVM native image where the /info endpoint crashed due to VirtualThreadSchedulerMXBean support (issue #48812).
Test Framework Fix : @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) no longer applies to the management server, preventing Actuator endpoints from running on the wrong port (issue #48653).
Security Dependency Fix : spring-boot-cloudfoundry no longer forces a hard dependency on spring-boot-security; the dependency is now optional (issue #48685).
Core Dependency Upgrades
Spring Framework 7.0.3 – fixes SpEL memory leak.
Hibernate 7.2.1.Final – improves L2 cache performance.
Jackson 2.20.2 – adds support for Java 25 features.
Micrometer 1.16.2 – resolves thread‑safety issue in Prometheus metric export.
Reactor 2025.0.2 – enhances back‑pressure handling.
Full release notes are available at
https://github.com/spring-projects/spring-boot/releases/tag/v4.0.2.
Breaking Change Notice
The only breaking change is the removal of the unnecessary jetty-ee11-servlets dependency from spring-boot-starter-jetty. Projects that directly use classes from that artifact must add the dependency manually in pom.xml or build.gradle. Example Maven snippet is provided.
<!-- If compilation fails, add manually -->
<dependency>
<groupId>org.eclipse.jetty.ee11</groupId>
<artifactId>jetty-ee11-servlets</artifactId>
</dependency>Upgrade instructions for Maven and Gradle are also shown:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>4.0.2</version>
</parent>Conclusion
Spring Boot 4.0.2, while a minor version, delivers critical fixes—especially the Kafka transaction auto‑configuration bug—that can affect production systems. The upcoming Spring Boot 4.1 preview hints at early support for Project Leyden (Java static images), making the upgrade worthwhile.
Java Tech Enthusiast
Sharing computer programming language knowledge, focusing on Java fundamentals, data structures, related tools, Spring Cloud, IntelliJ IDEA... Book giveaways, red‑packet rewards and other perks await!
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.