What’s New in Spring Boot 3.4? Key Upgrades, Config Changes, and Migration Tips

Upgrading Spring Boot 3.3 to 3.4 – RestClient and RestTemplate

RestClient and RestTemplate

Auto‑configuration for RestClient and RestTemplate has been added to support the Reactor Netty HttpClient or the JDK HttpClient. The supported client factories, in order of priority, are:

Apache HTTP Components ( HttpComponentsClientHttpRequestFactory)

Jetty Client ( JettyClientHttpRequestFactory)

Reactor Netty HttpClient ( ReactorClientHttpRequestFactory)

JDK HttpClient ( JdkClientHttpRequestFactory)

Simple JDK HttpURLConnection ( SimpleClientHttpRequestFactory)

If no HTTP client library is present on the classpath, Spring may fall back to JdkClientHttpRequestFactory instead of the previously used SimpleClientHttpRequestFactory. The specific client can be selected with the spring.http.client.factory property, which accepts values http-components, jetty, reactor, jdk and simple. By default all five factories follow redirects; this can be disabled by setting spring.http.client.redirects=dont-follow.

Apache HTTP Components and Envoy

Apache HTTP Components changed the default TLS settings of its HttpClient. Most proxies handle the upgrade, but Envoy or Istio may encounter problems. To revert to the previous behavior, define a ClientHttpRequestFactoryBuilder bean that creates an HttpComponentsClientHttpRequestFactoryBuilder with setProtocolUpgradeEnabled(false):

@Bean
public HttpComponentsClientHttpRequestFactoryBuilder httpComponentsClientHttpRequestFactoryBuilder() {
    return ClientHttpRequestFactoryBuilder.httpComponents()
        .withDefaultRequestConfigManagerCustomizer(builder -> builder.setProtocolUpgradeEnabled(false));
}

Bean Property Validation

In earlier versions, @Validated on @ConfigurationProperties triggered nested validation regardless of @Valid. Starting with Spring Boot 3.4, validation follows the Bean Validation specification: validation starts on the @ConfigurationProperties class and cascades to nested properties only when @Valid is present. Add @Valid to the class to enable cascading validation.

Bean‑Based Conditions

The behavior of @ConditionalOnBean and @ConditionalOnMissingBean on @Bean methods has changed. When annotation attributes such as name, type or value are set, the default matching on the method’s return type is no longer applied. To restore the previous behavior, explicitly specify a value that matches the @Bean method’s return type.

Graceful Shutdown

Graceful shutdown for embedded web servers (Jetty, Reactor Netty, Tomcat, Undertow) is now enabled by default. To revert, set server.shutdown=immediate.

Paketo Tiny Builder for OCI Images

When building OCI images with the spring-boot:build-image goal or the bootBuildImage task, the default Cloud Native Buildpacks builder has changed from paketobuildpacks/builder-jammy-base to paketobuildpacks/builder-jammy-java-tiny, producing smaller images. The tiny builder does not include a shell, so it may not suit applications that require startup scripts.

Testcontainers and Dynamic Properties

Injection of DynamicPropertyRegistry is deprecated and now fails by default. Instead, define a @Bean that returns a DynamicPropertyRegistrar. If you still need injection, set

spring.testcontainers.dynamic-property-registry-injection=warn

or allow to restore the previous behavior.

@AutoConfigureTestDatabase and Containers

The annotation now automatically detects container‑based databases, removing the need for replace=Replace.NONE. To revert to the old behavior, set replace=Replace.AUTO_CONFIGURED.

Actuator Endpoint Access Control

Endpoint enable/disable has been redesigned with a finer‑grained access model. The old none and unrestricted values are replaced by read‑only, unrestricted, and none. Deprecated properties management.endpoints.enabled-by-default and management.endpoint.<id>.enabled are replaced by management.endpoints.access.default and management.endpoint.<id>.access. A new property management.endpoints.access.max-permitted limits the maximum permitted access level.

Cloud Foundry ConditionalOnAvailableEndpoint

The enum value EndpointExposure.CLOUD_FOUNDRY is deprecated; use EndpointExposure.WEB instead.

HtmlUnit 4.3

HtmlUnit has been upgraded to 4.3; the Maven coordinates changed from net.sourceforge.htmlunit:htmlunit to org.htmlunit:htmlunit, and the package name changed accordingly.

Selenium HtmlUnit 4.22

Selenium HtmlUnit driver has been upgraded to 4.22; the Maven coordinates changed to org.seleniumhq.selenium:htmlunit3-driver.

WebJars Locator Integration

Update your build to depend on org.webjars:webjars-locator-lite instead of org.webjars:webjars-locator-core. The latter is now deprecated.

Removal of OkHttp Dependency Management

Spring Boot no longer manages OkHttp versions; update your build if you use OkHttp.

Deprecations from Spring Boot 3.2

All classes, methods and properties deprecated in 3.2 have been removed in 3.4.

Minimum Requirements Changes

Gradle 7.5, 8.0‑8.3 are no longer supported; use Gradle 7.6.4+ or 8.4+.

Latest and Noteworthy

Structured logging now supports ECS, GELF and Logstash formats via logging.structured.format.file and logging.structured.format.console. New @Fallback bean support, additional ClientHttpRequestFactoryBuilder interfaces, observability improvements, and many other enhancements are listed.

Additional updates include support for customizers, new properties for logging and OTLP, virtual‑thread integration, Docker Compose enhancements, Testcontainers extensions, Actuator exposer plug‑ins, and numerous dependency upgrades. The article concludes with a list of deprecations in Spring Boot 3.4.