Menu
I have an application which has spring-web 5.3.21 security vulnerability. The security scanner suggest to upgrade spring-web to version 6.0.x.
Currently, my application is using spring-boot-starter-parent version 2.7.1.
My question is whether it's possible to only upgrade spring to version 6.0.x but leaving spring-boot at 2.7.1. I was told that I will need to use spring-boot-starter-parent 3.0.x in order for the application to work correctly.
I'm just trying to minimize the changes as much as I can. When I upgraded spring-web to 6.0.x, I got several compile-time errors and I had to update my code to get rid of these errors.
However, when I also change spring-boot-starter-parent to 3.0.x, I got even more errors during compile-time.
The application was written several years ago and I'm not 100% familiar with it so I want to make as little code changes as possible.
532
asked May 31 '26 10:05
So, seems like the best way to go is to move to spring boot 3 when upgrading to spring 6.
59
answered Jun 01 '26 23:06
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With