NeatGuyCoding

For engineers already shipping services on the JVM and web stacks, this article starts from a typical Spring Boot + Kotlin real-time interactive application, traces the data path from database signals through reactive SSE to the browser, and breaks human–agent collaboration into three verifiable layers: compile-and-test closure, versioned project memory (CLAUDE.md, rules, Skills), and Hooks plus MCP on the tool-call path. The second half covers gaps in tests and state machines caused by spec-less iteration, how structured clarification (Interview) writes navigation and security decisions into the specification, and how cross-cutting steps can be silently dropped in long conversations—with ideas for segmented execution.

Before a large-scale Spring Boot migration, establish repeatable integration verification and a controlled dependency baseline; then advance in layers—Starter, auto-configuration troubleshooting, Spring context inside an external container, transitional Holder, beanification, Servlet annotation migration, and executable WAR. The article is organized by dependency and runtime layers, contrasts demo-style bootstrap paths with the reference manual’s recommended path, and where official docs do not spell out behavior (for example process lifecycle when only a non-web context starts), leaves engineering-level uncertainty explicit.

With Spring Boot 4 and Spring Framework 7, dependencies split into finer starters by capability; outbound HTTP clients can be isolated from server-side MVC. The same codebase can enable built-in API version negotiation in Spring MVC alongside Spring Data JDBC and RestClient / declarative @HttpExchange clients. Spring Security 7 emphasizes composable Customizer<HttpSecurity>, one-time token login, WebAuthn, and annotation-driven multi-factor authentication.