Check this out from my pal DaShaun: in May of 2025, 60% of Spring Boot downloads were for versions no longer supported by the open-source project. That’s a lot. Too much, really.
I can see how it happens. You get an app into production, it runs fine, and then you moveon to the next thing. Meanwhile, the version drifts into “End of Life” territory. OSS support ends (like way back in mid-2023 for the Spring version DaShaun mentioned). If you’re running that today without a commercial contract, you are missing over a dozen essential security patches. Or hoping you can handle it yourself…
Better options are:
-
Upgrade: Move to the supported versions (Spring Boot 3.x or the new 4.x). We have a tool, the Application Advisor, that automates a massive chunk of this migration. I’ve seen DaShaun kick this off with one app with people in an afternoon, doing the work of a team of five roving upgrade devs.
-
Support: If you can’t move yet, you have to pay for the extended runway. VMware Tanzu Spring Enterprise supports 2.7 until June 2029. Then you can take a breather, sleep, check the boxes, all that.
Nobody wants to be on an LTS release forever, it’s not ETS, Eternal Term Support. Plus, you want to be on the latest and greatest (AI!), but sometimes you just need to buy a few years to get your compliance audits green and serene. You can get it!