top | item 44609844

(no title)

bags43 | 7 months ago

Company where I work had huge risk audit.

The second highest risk is using USA based cloud with 66/100.

The first one was using Spring Boot everywhere 77/100. Till the end of 2025 we need to have migration path to something else with 2 PoCs done.

discuss

jchmbrln|7 months ago

I’m completely out of the loop. What’s going on with Spring Boot?

radicalbyte|7 months ago

The VMware apocalypse.

xienze|7 months ago

Probably a bit of overreaction given that Broadcom is now in charge of Spring. At the end of the day it’s a wildly popular open source project — it has a path forward if Broadcom pulls shenanigans.

That said, I have noticed that the free support window for any given version is super short these days. I.e. if you’re not on top of constantly upgrading you’re looking at paid support if you want security patches.

unknown|7 months ago

[deleted]

jcrben|7 months ago

What was the actual risk of using SpringBoot tho?

ntqz|7 months ago

License changes - BSL or closing the source

If there's no money in it for them - reduction of staff or funding leading to slower releases and bugfixes

Moving some features like Spring Cloud / Spring Integration, or new development behind a paywall (think RHEL)

Big users (like Netflix, Walmart, JPMorgan, LinkedIn/Microsoft, etc) would likely be able to pay for it (until they moved off), but smaller companies and individual developers not so much

somehnguy|7 months ago

What's the actual risk though? Just saying it's the riskiest at 77/100 doesn't mean anything.

bags43|7 months ago

Among others:

- license change -> restricting features behind a paid tier (https://spring.io/blog/2025/04/21/spring-cloud-data-flow-com...)

- reducing headcount of people -> slow security patching + not following industry standards

- all eggs in one basket :)

- cut from major clouds (Azure Spring apps)