The Wire · Showcase
SPRING INTEGRATION FIXES CRITICAL LOCK REGISTRY BUG BLOCKING DISTRIBUTED SYSTEMS
By RepoJournal · Filed · About Spring
Spring Integration shipped an emergency fix for JdbcLockRegistry that was causing false application hangs when different keys collided on shared locks.
The Spring Integration team resolved a critical caching logic flaw in JdbcLockRegistry [1] that made the previous lock-sharing approach from DefaultLockRegistry dangerous in production. Different cache keys were colliding on the same ReentrantLock, causing unrelated operations to block each other unnecessarily. This is the fix you've been waiting for if you're running distributed Spring Integration pipelines with JDBC-backed locking. A follow-up improvement [2] landed simultaneously to handle edge cases when cache capacity shrinks, ensuring already-held locks aren't evicted mid-operation. Across the broader portfolio, Spring AMQP and Spring HATEOAS cut through routine dependency updates [3] [4] [5] [6] [7], with Jackson bumped to 2.21.5 and 3.1.5, Log4j patched to 2.25.5, and Logback fixed for Throwable whitelist handling [8]. Nothing breaking in the batch, but the Integration fix demands immediate attention if you're using JDBC locks in a clustered environment.
Action items
- → Upgrade spring-integration to pick up JdbcLockRegistry fix immediately if running distributed systems with JDBC locks spring-projects/spring-integration [immediate]
- → Review your JDBC lock registry configuration and test for false blocking patterns after upgrade spring-projects/spring-integration [plan]
- → Pull Spring AMQP dependency updates at next scheduled release cycle spring-projects/spring-amqp [plan]
References
- [1] GH-11157: Fix caching logic in the `JdbcLockRegistry` ↗ spring-projects/spring-integration
- [2] Adjust cache capacity in the `JdbcLockRegistry` ↗ spring-projects/spring-integration
- [3] Bump org.apache.logging.log4j:log4j-bom from 2.25.4 to 2.25.5 ↗ spring-projects/spring-amqp
- [4] Bump com.fasterxml.jackson:jackson-bom from 2.21.4 to 2.21.5 ↗ spring-projects/spring-amqp
- [5] Bump tools.jackson:jackson-bom from 3.1.4 to 3.1.5 ↗ spring-projects/spring-amqp
- [6] Bump ch.qos.logback:logback-classic from 1.5.37 to 1.5.38 ↗ spring-projects/spring-amqp
- [7] Bump org.hibernate.validator:hibernate-validator from 9.1.1.Final to 9.1.2.Final in the development-dependencies group ↗ spring-projects/spring-amqp
- [8] GH-2533 - Ensure Kotlin 2.2 compatibility. spring-projects/spring-hateoas