Spring Boot 1.5 版本升級(jí)說明

這是官方的Spring Boot 1.5 版本升級(jí)說明审洞，本文將對(duì)其作出個(gè)人理解。

Upgrading from Spring Boot 1.4

Deprecations from Spring Boot 1.4

Classes, methods and properties that were deprecated in Spring Boot 1.4 have been removed in this release. Please ensure that you aren’t calling deprecated methods before upgrading. In particular, the HornetQ and Velocity support have been removed.

照例說明故觅，過期望门、刪除的方法禁止調(diào)用。
HornetQ 是一個(gè)支持集群和多種協(xié)議息堂，可嵌入、高性能的異步消息系統(tǒng)，完全支持 JMS弥搞。2014年后停止更新，目前的主流是kafka渠旁、rocketmq攀例。
Velocity 是模板引擎，目前主流是前后端分離顾腊。

Renamed starters

The following starters that were renamed in Spring Boot 1.4 have now been removed, if you get "unresolved dependency" errors please check that you are pulling in the correctly named starter:

• spring-boot-starter-ws → spring-boot-starter-web-services
• spring-boot-starter-redis → spring-boot-starter-data-redis

依賴重命名粤铭。
spring-boot-starter-web-services： Web Services 平臺(tái)是 XML + HTTP，即使用 XML 來編解碼數(shù)據(jù)杂靶，HTTP來傳輸數(shù)據(jù)梆惯，其中SOAP 是基于 XML 的簡易協(xié)議。相對(duì)應(yīng)地吗垮，現(xiàn)在更多是JSON + HTTP垛吗。

@ConfigurationProperties validation

If you have @ConfigurationProperties classes that use JSR-303 constraint annotations, you should now additionally annotate them with @Validated. Existing validation will currently continue to work, however, a warning will be logged. In the future, classes without @Validated will not be validated at all.

JSR-303：JAVA EE 6 中的一項(xiàng)子規(guī)范，叫做 Bean Validation烁登，官方參考實(shí)現(xiàn)是Hibernate Validator怯屉。Hibernate Validator 提供了 JSR 303 規(guī)范中所有內(nèi)置 constraint 的實(shí)現(xiàn)，除此之外還有一些附加的 constraint饵沧。
@ConfigurationProperties注解的類锨络，如果有參數(shù)需要校驗(yàn)，要加@Validated注解狼牺，否則會(huì)打印 warn 日志羡儿，升到springboot2.0后，校驗(yàn)會(huì)失效锁右。

Spring Session store

Previously, if you had Spring Session and Redis with no particular configuration, Redis was automatically used to store sessions. You now need to specify the store type; existing users of Spring Session with Redis should add the following to their configuration:

spring.session.store-type=redis

以前失受，如果沒用指定配置，Redis也會(huì)自動(dòng)用于存儲(chǔ)會(huì)話∮缴現(xiàn)在Spring Session使用Redis需要添加以上配置屬性拂到。

Actuator security

Actuator "sensitive" endpoints are now secure by default (even if don’t have a dependency on "Spring Security"). If your existing Spring Boot 1.4 application makes use of Spring Security (and doesn’t have any custom security configuration) things should work as before. If your existing Spring Boot 1.4 application has custom security configuration and you wish to have open access to your sensitive endpoints, you will need to explicitly configure that in your security configuration. If you’re upgrading a Spring Boot 1.4 application that doesn’t have dependency on Spring Security and you wish to retain open access to your sensitive endpoints you’ll need to set management.security.enabled to false. See the updated reference documentation for more details.

如果使用了Spring Security，那么訪問端點(diǎn)默認(rèn)都是安全的码泞，因?yàn)樾枰矸蒡?yàn)證兄旬；如果不想要身份驗(yàn)證，可以配置屬性 management.security.enabled=false。

The default role required to access the endpoints has also changed from ADMIN to ACTUATOR. This is to prevent accidental exposure of endpoints if you happen to use the ADMIN role for other purposes. If you want to restore Spring Boot 1.4 behavior set the management.security.roles property to ADMIN.

可以查看端點(diǎn)的默認(rèn)角色從ADMIN變?yōu)锳CTUATOR领铐，通過配置屬性 management.security.roles 設(shè)置角色悯森。

InMemoryMetricRepository

The InMemoryMetricRepository no longer directly implements MultiMetricRepository. A new InMemoryMultiMetricRepository bean is now registered that satisfies the MultiMetricRepository interface and is backed by a regular InMemoryMetricRepository. Since most users will be interacting with MetricRepository or MultiMetricRepository interfaces (rather than the in-memory implementation) this change should be transparent.

這是監(jiān)控平臺(tái)指標(biāo)數(shù)據(jù)CRUD的接口類，springboot2.0的actuator會(huì)發(fā)生大改绪撵。

spring.jpa.database

The spring.jpa.database can now be auto-detected for common databases from the spring.datasource.url property. If you’ve manually defined spring.jpa.database, and you use a common database, you might want to try removing the property altogether.

spring.jpa.database的數(shù)據(jù)庫信息會(huì)自動(dòng)從spring.datasource.url屬性獲取瓢姻。小心屬性覆蓋。

Several database have more than one Dialect (for instance, Microsoft SQL Server has 3) so we might configure one that doesn’t match the version of the database you are using. If you had a working setup before and would like to rely on Hibernate to auto-detect the Dialect, set spring.jpa.database=default. Alternatively, you can always set the dialect yourself using the spring.jpa.database-platform property.

數(shù)據(jù)庫方言（dialect）是什么音诈？
配置屬性 spring.jpa.database=default 會(huì)自動(dòng)檢測(cè)方言幻碱，配置屬性 spring.jpa.database-platform 自行設(shè)置方言。

@IntegrationComponentScan

Spring Integration’s @IntegrationComponentScan annotation is now auto-configured. If you follow the recommended project structure, you should try removing it.

我的理解是以前通過 @EnableIntegration 注解開啟Integration’s 功能细溅，現(xiàn)在加上 @IntegrationComponentScan 即可褥傍。

ApplicationStartedEvent

If you currently listen for an ApplicationStartedEvent in your code you should refactor to use ApplicationStartingEvent. We renamed this class to more accurately reflect what it does.

ApplicationStartedEvent改名ApplicationStartedEvent，升級(jí)到springboot2.0后喇聊，又補(bǔ)充了一個(gè)新的ApplicationStartedEvent恍风。

Spring Integration Starter

The spring-boot-starter-integration POM no longer includes spring-integration-jmx. If you require Spring Integration JMX support you should include a spring-integration-jmx dependency yourself.

spring-boot-starter-integration不再包含spring-integration-jmx依賴，需要自己手動(dòng)引入誓篱。

Devtools excluded by default

Both the Maven and Gradle plugins now by default exclude packaging of the spring-boot-devtools jar in "fat" jars. If you are using devtools remote support you will now need to explicitly set the excludeDevtools property in your build.gradle or pom.xml file.

現(xiàn)在jar包部署默認(rèn)排除devtools功能朋贬，如果需要遠(yuǎn)程devtools支持，需要手動(dòng)開啟燕鸽。

Gradle 1.x

The Spring Boot Gradle plugin is no longer compatible with Gradle 1.x and early versions of Gradle 2.x. Please ensure you are Gradle 2.9 or higher.

插件升級(jí)兄世，Gradle 版本要求2.9及以上。

Remote CRaSH shell

Unfortunately the CRaSH project used by Spring Boot to provide remote SSH support is no longer being actively maintained. With regret, we’ve decided to deprecate remote actuator SSH support and it’s scheduled to be removed entirely in Spring Boot 2.0.

在springboot2.0的確被移除了啊研。原因未知御滩。

OAuth 2 Resource Filter

The default order of the OAuth2 resource filter has changed from 3 to SecurityProperties.ACCESS_OVERRIDE_ORDER - 1. This places it after the actuator endpoints but before the basic authentication filter chain. The default can be restored by setting security.oauth2.resource.filter-order = 3

關(guān)于Spring OAuth2主要分兩個(gè)服務(wù)，一個(gè)是授權(quán)服務(wù)党远，負(fù)責(zé)獲取內(nèi)部服務(wù)授權(quán)給予的token削解，一個(gè)是資源服務(wù)，主要負(fù)責(zé)輸出鑒權(quán)后請(qǐng)求的數(shù)據(jù)沟娱。這里的order值是指ResourceServerConfiguration類的配置優(yōu)先級(jí)氛驮，現(xiàn)在可以通過配置屬性進(jìn)行修改。

JSP servlet

The JSP servlet is no longer in development mode by default. Development mode is automatically enabled when using DevTools. It can also be enabled explicitly by setting server.jsp-servlet.init-parameters.development=true.

development mode：在開發(fā)模式下济似，容器會(huì)經(jīng)常檢查jsp文件的時(shí)間戳來決定是否進(jìn)行編譯矫废，如果jsp文件的時(shí)間戳比對(duì)應(yīng)的.class文件的時(shí)間戳晚就證明jsp又進(jìn)行了修改，需要再次編譯砰蠢，但是不斷地進(jìn)行時(shí)間戳的比對(duì)開銷很大蓖扑，會(huì)影響系統(tǒng)性能，而在生產(chǎn)模式下系統(tǒng)不會(huì)經(jīng)常想的檢查時(shí)間戳台舱。所以一般在開發(fā)過程中使用開發(fā)模式律杠，這樣可以在jsp修改后再次訪問就可以見到修改后的效果非常方便，而系統(tǒng)上線之后就要改為生產(chǎn)模式，雖然生產(chǎn)模式下會(huì)導(dǎo)致jsp的修改需要重啟服務(wù)器才可以生效灰嫉，但是上線后的改動(dòng)較少而且性能很重要。參考JSP內(nèi)存馬研究
現(xiàn)在沒啥人會(huì)用jsp了吧讼撒，無所謂了。

Ignored paths and @EnableWebSecurity

In Spring Boot 1.4 and earlier, the Actuator would always configure some ignored paths irrespective of the use of @EnableWebSecurity. This has been corrected in 1.5 so that using @EnableWebSecurity will switch off all auto-configuration of web security thereby allowing you to take complete control.

沒理解什么意思椿肩。

New and Noteworthy

Tip：Check the configuration changelog for a complete overview of the changes in configuration.

配置屬性的變化及原因豺谈。

Third-party library upgrades

A number of third party libraries have been upgraded to their latest version. Updates include Spring Data Ingalls, Jetty 9.4, JooQ 3.9, AssertJ 2.6.0, Hikari 2.5 and Neo4J 2.1. Several Maven plugins have also been upgraded.

第三方依賴版本升級(jí)到最新茬末。

Loggers endpoint

A new actuator loggers endpoint allows you to view and change application logging levels on the fly. There is both a JMX and MVC endpoint available. For example, to change the logging level with the MVC endpoint, you can issue a POST to /loggers/com.yourcorp.application with the following JSON

{
  "configuredLevel": "DEBUG"
}

To update the logger using the JMX endpoint you would use the setLogLevel operation. For more details see the updated documentation.

通過調(diào)用 /loggers/包路徑 POST接口盖矫，可以修改改路徑下日志輸出等級(jí)，方便生產(chǎn)環(huán)境日志查看辈双。可以參考Spring boot——Actuator 詳解湃望。

Apache Kafka support

Spring Boot 1.5 include auto-configuration support for Apache Kafka via the spring-kafka project. To use Kafka simply include the spring-kafkadepenency and configure the appropriate spring.kafka.* application properties.
Recieving messages from Kafka is as simple as annotating a method:

@Component
public class MyBean {

    @KafkaListener(topics = "someTopic")
    public void processMessage(String content) {
        // ...
    }

}

主要新增了三個(gè)參數(shù)：errorHandler、groupId证芭、idIsGroup瞳浦。

Cloud Foundry actuator extensions

Spring Boot’s actuator module now includes additional support that is activated when you deploy to a compatible Cloud Foundry instance. The /cloudfoundryapplication path provides an alternative secured route to all NamedMvcEndpoint beans.
Cloud Foundry management UIs can make use of the endpoint to display additional actuator information. For example, Pivotal Cloud Foundry shows health information next to the application status:
[圖片]
You can read more about the Cloud Foundry endpoint in the reference documentation and for and example of the kinds of things it can be used for you can read this blog post about PCF 1.9.

Cloud Foundry 是一個(gè)云原生平臺(tái)，沒用過废士。

LDAP support

Spring Boot now offers auto-configuration for any compliant LDAP server as well as support for the embedded in-memory LDAP server from Unbounded.
See the documentation for more details.

LDAP：輕型目錄訪問協(xié)議叫潦，本質(zhì)上 LDAP 是一種基于 TCP 的協(xié)議，就像 HTTP 一樣官硝。而我們一般談到的 LDAP 矗蕊，大多都是基于該協(xié)議的具體實(shí)現(xiàn)，如微軟的 AD(Active Directory)氢架、OpenLDAP 等傻咖。參考介紹LDAP 概念和原理。
新增spring-boot-starter-data-ldap依賴簡化ldap的配置达箍。

AuditEvents Endpoint Support

A new AuditEventsJmxEndpoint bean now allows you to query previously recorded AuditEvents over JMX. The MBean exposes AuditEventRepository find methods via getData operations. Audits are automatically recoded for authentication and authorization event and you can record your own events using the AuditEventRepository. That information is also exposed by a new /auditevents MVC endpoint.

這是actuator的端點(diǎn)没龙，記錄了用戶認(rèn)證登錄系統(tǒng)相關(guān)的事件信息，包括時(shí)間戳、認(rèn)證用戶硬纤、事件類型解滓、訪問地址、sessionId等信息筝家，實(shí)現(xiàn)方式參考Spring Boot Actuator洼裤，每一個(gè)端點(diǎn)都有案例。

Transaction manager properties

It’s now possible to configure various aspects of an auto-configured PlatformTransactionManager using spring.transaction.* properties. Currently the "default-timeout" and rollback-on-commit-failure properties are supported.

TransactionProperties類溪王，增加了配置屬性：
spring.transaction.default-timeout腮鞍，默認(rèn)的事務(wù)超時(shí)時(shí)間；spring.transaction.rollback-on-commit-failure莹菱，是否在提交失敗時(shí)執(zhí)行回滾移国。

JmxEndpoint interface

A new JmxEndpoint interface has been introduced to allow you to develop actuator endpoints that are only exposed via JMX. The interface is very similar to the MvcEndpoint interface already provided for MVC only endpoints.

JMX(Java Management Extensions)是一個(gè)為應(yīng)用程序植入管理功能的框架 ，從Java5.0開始引入到標(biāo)準(zhǔn)Java技術(shù)平臺(tái)中道伟。參考介紹jmx 是什么迹缀？應(yīng)用場景是什么？蜜徽。
JMX Endpoints祝懂，以JMX形式對(duì)外提供訪問接口拘鞋。實(shí)現(xiàn)方式參考Spring Boot Actuator-JMX Endpoints盆色。

Vendor specific flyway migrations

You can now define flyway migration that are specific to a database vendor. To use vendor specific migrations, set the flyway.locations property as follows:

flyway.locations=db/migration/{vendor}

See this how-to for more details.

Flyway 數(shù)據(jù)庫版本控制的組件缕允。參考介紹Flyway 數(shù)據(jù)庫版本控制障本。

Deprecation level

It is now possible to define a deprecation level for a property in the metadata. The level can either be warning (default) or error.
Here is an example of manual metadata for a property that got moved in Spring Boot 2:

{
  "name": "server.context-parameters",
  "type": "java.util.Map<java.lang.String,java.lang.String>",
  "description": "ServletContext parameters.",
  "deprecation": {
    "level": "error",
    "replacement": "server.servlet.context-parameters"
  }
}

So far, when a deprecated property is not bound anymore, we remove the metadata altogether. This new feature allows to flag a property (server.context-parameters here) as an error. Newer versions of your favorite IDE should use that to offer assistance.

切換新老配置屬性時(shí)驾霜，可以標(biāo)記老屬性粪糙，逐漸棄用刪除蓉冈。

Testing updates

It’s now possible to exclude auto-configuration that would usually be imported by a @Test… annotation. All existing @Test… annotations now include a excludeAutoConfiguration attribute. Alternatively, you can add @ImportAutoConfiguration(exclude=…) directly to your tests.
Spring Boot 1.5 also introduces a new @JdbcTest annotation that can be used to test direct JDBC interactions.

@DataJpaTest、@RestClientTest家夺、@WebMvcTest等注解增加了excludeAutoConfiguration屬性拉馋，用來排除不需要的自動(dòng)配置類煌茴。

Custom fat jar layouts

The Spring Boot Maven and Gradle plugins now support custom fat jar layouts. This feature allows experimental layouts such as this one to be developed outside of Spring Boot. For more details, see the updated documentation.

普通的jar只包含當(dāng)前 jar的信息蔓腐，不含有第三方 jar合住。當(dāng)內(nèi)部依賴第三方j(luò)ar時(shí)撒璧，直接運(yùn)行則會(huì)報(bào)錯(cuò)卿樱，這時(shí)候需要將第三方j(luò)ar內(nèi)嵌到可執(zhí)行jar里繁调。將一個(gè)jar及其依賴的三方j(luò)ar全部打到一個(gè)包中蹄胰，這個(gè)包即為 FatJar裕寨。參考介紹Springboot - Fat Jar詳解宾袜。
這里的layout應(yīng)該是指打包后的jar文件結(jié)構(gòu)庆猫，具體實(shí)現(xiàn)還不了解月培。

JmsTemplate customizations

It is now possible to customize the auto-configured JmsTemplate using additional keys available in the spring.jms.template.* namespace.

在JmsProperties類中新增了Template內(nèi)部屬性類杉畜。

Miscellaneous

• Mockito 2.x can now be used with @MockBean (compatibility with Mockito 1.9 remains)
• The embedded launch script now supports a force-stop
• A new health check for Cassandra has been added
• Cassandra user defined types are now resolved (via Spring Data’s SimpleUserTypeResolver)
• The skip property now works for the Spring Boot Maven Plugin run, 'stop' and 'repackage` goals
• If multiple main method classes are found, the Maven and Gradle plugins will now automatically use the one annotated with @SpringBootApplication

Apache Cassandra 是一套開源分布式 Key-Value 存儲(chǔ)系統(tǒng)寻行。它最初由 Facebook 開發(fā)拌蜘，用于儲(chǔ)存特別大的數(shù)據(jù)。

Deprecations in Spring Boot 1.5

• TomcatEmbeddedServletContainerFactory.setTldSkip has been deprecated in favor of setTldSkipPatterns
• ApplicationStartedEvent has been replaced by ApplicationStartingEvent
• Several constants in LoggingApplicationListener have been replaced by versions in LogFile
• Caching with Guava has been deprecated since Guava support will be dropped in Spring Framework 5. Upgrade to Caffeine
• CRaSH support has been deprecated since it’s no longer actively maintained
• Several protected methods in EndpointMBeanExporter have been deprecated following the introduction of JmxEndpoint
• SearchStrategy.PARENTS has been replaced with SearchStrategy.ANCESTORS.
• Apache DBCP support has been deprecated in favor of DBCP 2
• The server.undertow.buffers-per-region property has been deprecated because it is not used (see UNDERTOW-587)
• @AutoConfigureTestDatabase has been moved from org.springframework.boot.test.autoconfigure.orm.jpa to org.springframework.boot.test.autoconfigure.jdbc

一些方法、類的過期替換析校，就不說了智玻。

Property Renames

• The server.max-http-post-size property has been replaced by technology specific variants (for example server.tomcat.max-http-post-size)
• The spring.data.neo4j.session.scope property has been removed.

server.max-http-post-size 在 ServerProperties 類中吊奢，本來是幾個(gè)servlet容器共用一個(gè)屬性页滚，現(xiàn)在拆分獨(dú)立使用裹驰。