Home
π GraalVM Native: the senior way to cut AWS cost
There is a way to make your Java microservice boot in 50 milliseconds instead of 8 seconds, without rewriting a single line of business logic. Most developers still package the entire JVM inside the container and pay for that on the AWS bill every month.
With GraalVM Native Image and the AWS SDK for Java 2.x, you compile the application into a native binary and the startup time drops immediately. In this article you will build it from scratch, with Maven, a Dockerfile and a Fargate deploy, and you will understand why this decision became a senior interview question in fintech.
Cucumber 7.34 + Spring Boot 3: BDD from Scratch in 15 Minutes
There is a way to write tests that the Product Owner reads, the QA validates, and the developer runs, all from the same file. With Cucumber 7.34 and Spring Boot 3, the complete setup takes less than 15 minutes. Most Java developers still do not use it, and this article will change that.
π‘ What Codecon's gamification teaches about Dev Experience
Badges, ducks and a Game Show: Codecon Summit 2026 gamification is a real Developer Experience model for your Java team.
Structured Concurrency in JDK 25: the StructuredTaskScope migration guide
You upgraded the project to JDK 25, ran the build and got slapped in the face: your StructuredTaskScope no longer compiles. The ShutdownOnFailure class is gone, throwIfFailed() went up in smoke and the IDE paints everything red. Before you curse Brian Goetz, breathe. The good news is the new API is leaner and harder to misuse. The annoying news is that nobody put a giant banner in the release notes saying "hey, this actually changed".
This article is the migration map. We will see what left, what arrived, how to translate each old pattern into the new one, how to handle errors and timeouts the new way, and why this topic became a senior interview question in 2026. All with code that compiles on JDK 25.
How to prepare your Spring Boot 3 app for the June EOL
If you have a Spring Boot 3 application in production and have not started planning the migration, this article is for you. Spring Boot 3.5 goes EOL on June 30, 2026: no more security patches, no official support.
The good news? Migrate to Spring Boot 4 in phases, without a big bang. Let us get started.
π Spring Boot 4 Has Native Observability Without Actuator
There's a way to configure traces, metrics, and logs in Spring Boot 4 without relying on Actuator as an intermediary. Most developers don't yet know that the official OpenTelemetry starter changed everything. With 2 dependencies in your pom.xml you have production-ready automatic instrumentation, ready to send data to any backend: Grafana, Jaeger, Datadog, or your own OTLP collector.
In this article you'll understand why the previous model (Actuator + Micrometer + OTEL bridge) created unnecessary friction, how the new Spring Boot 4 starter simplifies all of that, and see the complete configuration code to put your app into observable production today.
π Spring Cloud Config: 2 Critical CVEs Leaking GCP Secrets
Picture the scene: you are in an interview for a senior Java position, everything is going well, and the interviewer drops the question that separates the people who memorized a tutorial from the people who have actually been burned in production. "How do you protect the secrets in your Spring Cloud Config Server inside a Kubernetes cluster?" You start talking about property encryption, and he cuts you off: "And what would you do about CVE-2026-40981?"
On May 6, 2026, two high severity flaws landed in Spring Cloud Config Server. One of them, CVE-2026-40981, lets any client with network access read secrets from any GCP project using a single HTTP header, with no authentication at all (CVSS 7.5). The other, CVE-2026-41002, opens the server's Git repository to a Time-Of-Check to Time-Of-Use (TOCTOU) attack. In this article you will understand the vector behind each one, see the code that demonstrates the problem, apply the right patch, and walk away ready for that interview question.
Classic DevOps Disappeared from Java Senior Jobs (What to Do)
You sent your resume to 5 senior Java positions this month. All of them listed Spring Boot, Kubernetes, AWS. You know these cold. But then you saw a line you read twice: "experience with Platform Engineering and IDPs." IDP? You paused. Googled it. "Internal Developer Platform." A concept you never studied, never saw in any course, never encountered at your current job. And right there, you realized: the market turned a page, and nobody told you.
How to Use Virtual Threads the Right Way in Spring Boot 3
You enabled Virtual Threads in Spring Boot, added spring.threads.virtual.enabled=true to application.yaml, deployed to production and saw almost no improvement. Throughput up 10%, latency under load unchanged, pool-exhausted alerts still firing on Fridays. You did everything right by the book.
π CVE-2026-39852: Why Quarkus API Security Will Come Up in Your Java Interview
Every senior Java developer job in 2026 asks for experience with REST API security. But when the interviewer asks "have you ever dealt with an authorization bypass?", most candidates answer with theory. The ones who come with a real case, with code, exploit, and fix, are the ones who move to the next round.
CVE-2026-39852 in Quarkus is exactly that case. A critical vulnerability affecting all versions before 3.34.7 (LTS) and 3.35.2 (main): an attacker hits /api/admin;bypass and your entire @RolesAllowed configuration becomes worthless, while your CI stays green and tests keep passing.
Your Spring Boot Project Will Break with JUnit 6 (And You Do Not Know It Yet)
It was Monday morning, CI green, nobody had touched the tests in weeks. You update the Spring Boot version in pom.xml, push the commit, go get coffee. When you come back: 47 tests failing. ClassNotFoundException: org.junit.platform.runner.JUnitPlatform. The pipeline breaking before even reaching deployment. Here is the root cause, and it is not in your business logic.
JUnit 6 was released in September 2025 and Spring Boot 4 now assumes JUnit 6 as the default. Teams upgrading the Spring ecosystem without preparing their test suites are in for a shock that was not in the changelog. In this article you will understand exactly what changed, what will break, and how to migrate without drama.
GitOps chaos: did ArgoCD or Flux sink your deploy?
It was 11am on a Friday when the platform team realized ArgoCD was reconciling an incorrect state. Nobody knew where the change came from. Nobody could trace who approved the PR. The production cluster was in a different state than what Git said it should be, and the "single source of truth" had become a source of confusion.
Integrate Claude 4 into Spring Boot and Enable Native Reasoning
95% of Java developers integrate AI as a black box. The 5% who enable Claude 4 Thinking Mode in Spring Boot make architectural decisions in seconds.
There is a way to add architectural reasoning to your Spring Boot system without implementing AI from scratch. Most Java developers have not yet discovered that Spring AI already supports the Thinking Mode of Claude 4, which exposes the reasoning process before the final answer.
Page 1 of 3