Changelogs · Upgrading guides · Docs · Get Started
This is a pre-release for the Vaadin 24.1. We appreciate if you give it a try and report any issues you notice. To use this release, you'll need to have following repositories declared in your project (Vaadin pre-releases are not pushed to Maven central) :
<repositories>
<repository>
<id>vaadin-prereleases</id>
<url>
https://maven.vaadin.com/vaadin-prereleases/
</url>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>vaadin-prereleases</id>
<url>
https://maven.vaadin.com/vaadin-prereleases/
</url>
</pluginRepository>
</pluginRepositories>
Changelogs
- Flow (24.1.0.alpha1) and Hilla (2.1.0.alpha1)
- Design System
- Web Components (24.1.0-alpha4)
- Flow Components (24.1.0.alpha1)
- Designer (Release notes)
- Design System Publisher (Documentation)
- TestBench (9.0.1)
- Classic Components(24.0.0)
- Multiplatform Runtime (MPR) (7.0.0)
- Router (1.7.5)
- Vaadin Kits
- Azure Kit (1.0.0)
- Collaboration Engine (6.0.0)
- Kubernetes Kit (2.0.0)
- Observability Kit (2.1.0.alpha2)
- SSO Kit (Documentation)
- Swing Kit (2.0.0)
- Designer (Release notes)
Official add-ons and plugins:
- Spring add-on (24.1.0.alpha1)
- CDI add-on (15.0.0)
- Maven plugin (24.1.0.alpha1)
- Gradle plugin (24.1.0.alpha1)
- Quarkus plugin (2.0.0)
Known Vulnerabilities
-
TestBench brings the dependency
pkg:maven/com.google.guava/guava@31.1-jre, that has the vulnerability described in CVE-2020-8908, the problematic method has been deprecated in guava and it is not used in Vaadin. -
Spring
6.0.6Version has two vulnerabilities CVE-2023-20861 inpkg:maven/org.springframework/spring-expression@6.0.6and CVE-2023-20860 inpkg:maven/org.springframework/spring-webmvc@6.0.6they has been fixed in 6.0.7 as described in this article, for people using spring, please update these Spring packages to6.0.0. We plan to fix it in24.1.0.alpha2Version