Environment Variables are no longer decrypted after update to spring boot 3.5 with jasypt

# We are using spring boot with the jasypt-spring-boot library to decrypt passwords. # After the update from spring boot 3.4.7 to 3.5.3, the decryption of environment variables is no longer working. # The reason for that seems to be the performance optimization of [https://github.com/spring-projects/spring-boot/issues/44862.](https://github.com/spring-projects/spring-boot/issues/44862.) For system environment property sources, it bypasses the property source itself with the decryption logic (with jasyspt, it is the EncryptableSystemEnvironmentPropertySourceWrapper) and just accesses the underlying map directly. # There is already an issue for the problem in the jasypt-spring-boot project: [https://github.com/ulisesbocchio/jasypt-spring-boot/issues/409](https://github.com/ulisesbocchio/jasypt-spring-boot/issues/409) The workaround mentioned there is not working for us. Wrapping the SystemEnvironmentPropertySource in a CompositePropertySource prevents the property source from being recognized as the systemEnvironment (see SpringConfigurationPropertySource.isSystemEnvironmentPropertySource). So the optimization is not used and the properties are decrypted again. But that leads to other unintended problems, for example other environment variables were no longer bound correctly (probably because the SystemEnvironmentPropertyMapper was not added as a direct result of the property source not being recognized as systemEnvironment). # Looking at the spring boot code, I don't see a straight forward way to change the jasypt-spring-boot library or just call the decryption logic from another place. Are there any recommondations from the spring boot side on where to add logic like decrypting environment variables? Does anybody know of a better workaround? Any help is appreciated, thank you.