Spring Boot 4.0.2 Released: Over 20 Critical Bugs Fixed and Kafka Transaction Issue Resolved
Spring Boot 4.0.2, launched on January 22, brings more than 20 critical bug fixes, restores Kafka transaction auto‑configuration, improves startup performance by up to 15%, stabilizes native‑image support, refines test behavior, upgrades core dependencies, and introduces a few breaking changes, making it a must‑upgrade for production users.
Spring Boot 4.0.2 Release Overview
Released 22 January 2026, Spring Boot 4.0.2 is a stability‑focused patch that fixes more than 20 critical bugs, upgrades over 40 core dependencies, and corrects documentation errors.
Kafka Transaction Auto‑Configuration Restoration
In Spring Boot 4.0.0 and 4.0.1 the TransactionAutoConfiguration for Kafka was not loaded. Consequently: @Transactional on Kafka had no effect.
Transactional capabilities of KafkaTemplate were silently disabled.
Message sending and database updates could become irrecoverably inconsistent.
The root cause was the automatic‑configuration refactor that omitted the dependency declaration for the transaction manager, preventing KafkaTransactionManager from being instantiated.
Spring Boot 4.0.2 resolves the issue by:
Re‑organising the Kafka auto‑configuration dependency chain.
Explicitly declaring the pre‑conditions for loading the transaction auto‑configuration.
Ensuring KafkaTransactionManager is available in the application context.
Bean Condition Evaluation Performance
Repeated BeanFactory condition checks during startup caused unnecessary overhead. The fix introduces caching of condition results and eliminates duplicate scans, yielding an estimated 10 %–15 % reduction in startup time (issue #48840).
Native Image Stability
In Java 25 + GraalVM native‑image environments the Actuator /info endpoint and VirtualThreadSchedulerMXBean support caused startup failures, especially for serverless or cloud‑native deployments (issue #48812). The 4.0.2 update stabilises Actuator under native image and improves overall cloud‑native support.
Test Configuration Alignment
Previously @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) did not affect the Actuator management port, leading to mismatched ports during integration tests (issue #48653). The fix aligns the test‑generated port with the Actuator port, removing the need for manual port debugging.
Security Dependency Decoupling
The spring-boot-cloudfoundry module previously forced a hard dependency on spring-boot-security. In 4.0.2 the security dependency is declared optional, allowing projects that do not use security to avoid the transitive pull‑in.
Core Dependency Upgrades
More than 40 libraries were upgraded, including:
Spring Framework 7.0.3 – fixes a SpEL memory‑leak.
Hibernate 7.2.1.Final – L2 cache performance improvements.
Jackson 2.20.2 – full support for Java 25 language features.
Micrometer 1.16.2 – resolves a thread‑safety issue in Prometheus metric export.
Reactor 2025.0.2 – enhanced back‑pressure handling.
Breaking Change: Jetty Dependency Slimming
The spring-boot-starter-jetty starter no longer includes jetty-ee11-servlets. Projects that reference classes from that module must add the dependency manually:
<dependency>
<groupId>org.eclipse.jetty.ee11</groupId>
<artifactId>jetty-ee11-servlets</artifactId>
</dependency>Upgrade Procedure
Update the parent coordinates in pom.xml to the new version:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>4.0.2</version>
</parent>Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
LuTiao Programming
LuTiao Programming is a friendly community offering free programming lessons. We inspire learners to explore new ideas and technologies and quickly acquire job-ready skills.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
