-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Spring for Apache Kafka 2.0 to 2.1 Migration Guide
In accordance with CVE-2017-4995, only classes in java.util and java.lang will be deserialized by default; to deserialize (trust) other packages, use the addTrustedPackages method on the deserializer or in a customized DefaultJackson2TypeMapper for the message converter.
For the JsonDeserializer, the packages can be provided in the Kafka consumer config in property JsonDeserializer.TRUSTED_PACKAGES.
Since version 1.0.0, some Kafka Streams API has been renamed.
To align with that change, the Spring for Apache Kafka high level API for Streams has been changed to use a new API and renamed respectively.
The KStreamBuilderFactoryBean now is named StreamsBuilderFactoryBean and it now produces a StreamsBuilder instance instead of the deprecated KStreamBuilder.
The bean for the StreamsBuilderFactoryBean populated by the @EnableKafkaStreams process, has been renamed from the defaultKStreamBuilder to the defaultKafkaStreamsBuilder.
The global constant for that name is now KafkaStreamsDefaultConfiguration.DEFAULT_STREAMS_BUILDER_BEAN_NAME.