What’s New in Spring Boot 3.4? Key Upgrades, Config Changes, and Migration Tips

Upgrading Spring Boot 3.3 to 3.4 – RestClient and RestTemplate

RestClient and RestTemplate

Auto‑configuration for RestClient and RestTemplate has been added to support the Reactor Netty HttpClient or the JDK HttpClient. The supported client factories, in order of priority, are:

Apache HTTP Components (

HttpComponentsClientHttpRequestFactory

)

Jetty Client (

JettyClientHttpRequestFactory

)

Reactor Netty HttpClient (

ReactorClientHttpRequestFactory

)

JDK HttpClient (

JdkClientHttpRequestFactory

)

Simple JDK HttpURLConnection (

SimpleClientHttpRequestFactory

)

If no HTTP client library is present on the classpath, Spring may fall back to

JdkClientHttpRequestFactory

instead of the previously used

SimpleClientHttpRequestFactory

. The specific client can be selected with the

spring.http.client.factory

property, which accepts values

http-components

,

jetty

,

reactor

,

jdk

and

simple

. By default all five factories follow redirects; this can be disabled by setting

spring.http.client.redirects=dont-follow

.

Apache HTTP Components and Envoy

Apache HTTP Components changed the default TLS settings of its HttpClient. Most proxies handle the upgrade, but Envoy or Istio may encounter problems. To revert to the previous behavior, define a

ClientHttpRequestFactoryBuilder

bean that creates an

HttpComponentsClientHttpRequestFactoryBuilder

with

setProtocolUpgradeEnabled(false)

:

@Bean
public HttpComponentsClientHttpRequestFactoryBuilder httpComponentsClientHttpRequestFactoryBuilder() {
    return ClientHttpRequestFactoryBuilder.httpComponents()
        .withDefaultRequestConfigManagerCustomizer(builder -> builder.setProtocolUpgradeEnabled(false));
}

Bean Property Validation

In earlier versions, @Validated on @ConfigurationProperties triggered nested validation regardless of @Valid. Starting with Spring Boot 3.4, validation follows the Bean Validation specification: validation starts on the @ConfigurationProperties class and cascades to nested properties only when @Valid is present. Add @Valid to the class to enable cascading validation.

Bean‑Based Conditions

The behavior of @ConditionalOnBean and @ConditionalOnMissingBean on @Bean methods has changed. When annotation attributes such as name, type or value are set, the default matching on the method’s return type is no longer applied. To restore the previous behavior, explicitly specify a value that matches the @Bean method’s return type.

Graceful Shutdown

Graceful shutdown for embedded web servers (Jetty, Reactor Netty, Tomcat, Undertow) is now enabled by default. To revert, set

server.shutdown=immediate

.

Paketo Tiny Builder for OCI Images

When building OCI images with the

spring-boot:build-image

goal or the

bootBuildImage

task, the default Cloud Native Buildpacks builder has changed from

paketobuildpacks/builder-jammy-base

to

paketobuildpacks/builder-jammy-java-tiny

, producing smaller images. The tiny builder does not include a shell, so it may not suit applications that require startup scripts.

Testcontainers and Dynamic Properties

Injection of

DynamicPropertyRegistry

is deprecated and now fails by default. Instead, define a @Bean that returns a

DynamicPropertyRegistrar

. If you still need injection, set

spring.testcontainers.dynamic-property-registry-injection=warn

or

allow

to restore the previous behavior.

@AutoConfigureTestDatabase and Containers

The annotation now automatically detects container‑based databases, removing the need for

replace=Replace.NONE

. To revert to the old behavior, set

replace=Replace.AUTO_CONFIGURED

.

Actuator Endpoint Access Control

Endpoint enable/disable has been redesigned with a finer‑grained access model. The old

none

and

unrestricted

values are replaced by

read‑only

,

unrestricted

, and

none

. Deprecated properties

management.endpoints.enabled-by-default

and

management.endpoint.<id>.enabled

are replaced by

management.endpoints.access.default

and

management.endpoint.<id>.access

. A new property

management.endpoints.access.max-permitted

limits the maximum permitted access level.

Cloud Foundry ConditionalOnAvailableEndpoint

The enum value

EndpointExposure.CLOUD_FOUNDRY

is deprecated; use

EndpointExposure.WEB

instead.

HtmlUnit 4.3

HtmlUnit has been upgraded to 4.3; the Maven coordinates changed from

net.sourceforge.htmlunit:htmlunit

to

org.htmlunit:htmlunit

, and the package name changed accordingly.

Selenium HtmlUnit 4.22

Selenium HtmlUnit driver has been upgraded to 4.22; the Maven coordinates changed to

org.seleniumhq.selenium:htmlunit3-driver

.

WebJars Locator Integration

Update your build to depend on

org.webjars:webjars-locator-lite

instead of

org.webjars:webjars-locator-core

. The latter is now deprecated.

Removal of OkHttp Dependency Management

Spring Boot no longer manages OkHttp versions; update your build if you use OkHttp.

Deprecations from Spring Boot 3.2

All classes, methods and properties deprecated in 3.2 have been removed in 3.4.

Minimum Requirements Changes

Gradle 7.5, 8.0‑8.3 are no longer supported; use Gradle 7.6.4+ or 8.4+.

Latest and Noteworthy

Structured logging now supports ECS, GELF and Logstash formats via

logging.structured.format.file

and

logging.structured.format.console

. New

@Fallback

bean support, additional

ClientHttpRequestFactoryBuilder

interfaces, observability improvements, and many other enhancements are listed.

Additional updates include support for customizers, new properties for logging and OTLP, virtual‑thread integration, Docker Compose enhancements, Testcontainers extensions, Actuator exposer plug‑ins, and numerous dependency upgrades. The article concludes with a list of deprecations in Spring Boot 3.4.