Skill

spring-boot-verify

Verifies Spring Boot 4.x projects for dependency compatibility, configuration correctness, and migration readiness. Analyzes pom.xml, build.gradle, and application.yml files.

Spring Boot

Java

npx claudepluginhub joaquimscosta/arkhe-claude-plugins --plugin spring-boot

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Analyzes Spring Boot projects for dependency compatibility, configuration correctness, and migration readiness.

Supporting Assets

EXAMPLES.mdMIGRATION_GUIDE.mdTROUBLESHOOTING.mdWORKFLOW.mdreferences/CONFIGURATION.mdreferences/DEPENDENCIES.md

SKILL.md

Similar Skills

springboot-migration

Migrates Spring Boot apps to version 4 with Java 25 via phased upgrades, including Spring Modulith 2, Testcontainers 2, codebase scanning, and reference guides.

5 files

springboot-architecture

spring-boot4-guide

Guides Spring Boot 4 and Spring Framework 7 development, migration from Boot 3 to 4, and resolution of breaking changes like starter POM renames, Jackson 3, and Jakarta EE 11.

4 files

toby-essentials

springboot-verification

175.2k

Runs verification loop for Spring Boot projects: build with Maven/Gradle, static analysis (SpotBugs/PMD/Checkstyle), tests with Jacoco coverage, security scans, and diff review before PRs or releases.

everything-claude-code

Stats

Parent Repo Stars10

Parent Repo Forks1

Last CommitMar 26, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Spring Boot 4.x Project Verification

Analyzes Spring Boot projects for dependency compatibility, configuration correctness, and migration readiness.

Verification Workflow

Detect Build System → Find pom.xml or build.gradle, extract Spring Boot version
Analyze Dependencies → Check versions, find deprecated libraries, validate compatibility
Validate Configuration → Check application.yml/properties, security config, actuator settings
Generate Report → Structured markdown with severity levels and remediation code
Lookup Docs → Use Exa MCP to fetch latest Spring Boot 4.x documentation when needed

Dependency Quick Reference

Check	Severity	Action
Spring Boot version < 4.0	CRITICAL	Upgrade to 4.0.x
Jackson 2.x (`com.fasterxml`)	CRITICAL	Migrate to Jackson 3 (`tools.jackson`)
`javax.*` imports	CRITICAL	Migrate to `jakarta.*` namespace
`@MockBean` in tests	ERROR	Replace with `@MockitoBean`
Undertow server	ERROR	Switch to Tomcat or Jetty
Java version < 17	ERROR	Minimum Java 17 required
Gradle version < 8.14	ERROR	Upgrade Gradle (required for Kotlin 2.2/Boot 4)
`spring-boot-starter-web`	WARNING	Use `spring-boot-starter-webmvc`
Missing Virtual Threads	INFO	Enable with `spring.threads.virtual.enabled=true`

Configuration Quick Reference

Check	Severity	Action
Security `and()` chaining	CRITICAL	Convert to Lambda DSL closures
`antMatchers()` usage	ERROR	Replace with `requestMatchers()`
`authorizeRequests()`	ERROR	Replace with `authorizeHttpRequests()`
All actuator endpoints exposed	WARNING	Limit to health, info, metrics
100% trace sampling	WARNING	Use 10% in production

Jakarta Namespace Migration

Critical for Spring Boot 3+: All javax.* packages must migrate to jakarta.*:

Old Package	New Package
`javax.persistence.*`	`jakarta.persistence.*`
`javax.servlet.*`	`jakarta.servlet.*`
`javax.validation.*`	`jakarta.validation.*`
`javax.inject.*`	`jakarta.inject.*`
`javax.annotation.*`	`jakarta.annotation.*`

Use Grep to find: import\s+javax\.

Spring Boot 4 New Features

Feature	Configuration	Benefit
Virtual Threads	`spring.threads.virtual.enabled=true`	High concurrency without WebFlux
JSpecify Null-Safety	Add `@NullMarked` to package-info	Framework-wide null contracts
AOT Compilation	Enabled by default	Faster startup times

JSpecify Annotations

Spring Framework 7 uses JSpecify for null-safety:

@NullMarked  // Package or class level - all parameters/returns non-null by default
package com.example.myapp;

import org.jspecify.annotations.Nullable;

public class UserService {
    // @Nullable for parameters/returns that can be null
    public @Nullable User findById(Long id) { ... }
}

Tools to Use

Glob → Find **/pom.xml, **/build.gradle*, **/application.{yml,properties}
Grep → Search for deprecated patterns (@MockBean, com.fasterxml, .and(), import javax.)
Read → Inspect build files and configuration
Exa MCP → Fetch latest Spring Boot 4.x docs: mcp__exa__web_search_exa

Output Format

Generate verification reports with this structure:

## Spring Boot 4.x Verification Report

### Summary
- **Project**: {name}
- **Boot Version**: {detected version}
- **Issues Found**: {n} Critical, {n} Errors, {n} Warnings

### Critical Issues / Errors / Warnings
[Issue details with code remediation]

Detailed References

Workflow: See WORKFLOW.md for step-by-step verification process
Migration Guide: See MIGRATION_GUIDE.md for step-by-step migration from Boot 3.x to 4.0 (also referenced from WORKFLOW.md)
Examples: See EXAMPLES.md for sample verification outputs
Troubleshooting: See TROUBLESHOOTING.md for detection issues
Dependencies: See references/DEPENDENCIES.md for complete version matrix
Configuration: See references/CONFIGURATION.md for validation rules

Critical Reminders

Check Spring Boot version first — Many issues are version-specific
Jakarta namespace migration — javax.* to jakarta.* (required for Boot 3+)
Jackson 3 namespace change — com.fasterxml.jackson to tools.jackson
Security 7 Lambda DSL — and() method removed, closures required
Testing annotations changed — @MockBean to @MockitoBean
Virtual Threads — Enable with spring.threads.virtual.enabled=true for Java 21+
Gradle 8.14+ — Required for Kotlin 2.2 and Spring Boot 4 support
Use official docs — https://docs.spring.io/spring-boot/documentation.html

Related Skills

spring-boot-security — Deep security configuration verification
spring-boot-testing — Testing patterns and coverage analysis
spring-boot-observability — Actuator, metrics, and tracing setup
spring-boot-modulith — Module structure verification
domain-driven-design — DDD architecture patterns