Apache Geode 2.0 underwent a major modernization effort, migrating from JDK 8 to JDK 17, adopting Jakarta EE 10, upgrading to Spring Framework 6, and rewriting the CLI with Spring Shell 3.x. The upgrade followed a strict dependency order to avoid cascading failures across 11,000+ Java classes and 32 subprojects. Security was a primary driver, addressing deserialization flaws, SSRF risks, and authentication weaknesses. The effort resulted in 800+ changed files, 18,000+ lines added, and all 10,600+ tests passing. Breaking changes include dropping support for legacy Tomcat versions 6–9.
Table of contents
The Reality of ScaleThe Domino Effect of DependenciesSecurity as a First‑Class DriverMajor Platform TransformationsSort: