Modernize or Die® - CFML News for July 30th, 2019

We discuss the security vulnerability patched by Adobe, urging you to patch your servers. CBORM 2.0 is released, with a new GitBook for CBORM, as well as the new OrtusBooks.com landing page to get to all of Ortus' Git books easily, all from one place. We ask for your help to spread the word about the podcast. We discuss early bird being extended for Adobe's CF Summit Conference in Las Vegas in October, call for speakers is now closed and speakers and sessions for CF Summit have been announced. In addition to the ColdFusion Specialist Certificate Program workshop prior to the conference, there are now 2 more workshops. We also discuss the CF Summit Ortus Trainings for after the Conference and how to register for them... including a new Discount Code for all of our trainings. We talk about Ortus Solutions' Bootcamp training in India with Luis Majano and mention how CF Camp is coming up fast, tickets are now available, and Brad and Eric announce the workshops they'll be leading at CF Camp. The call for speakers is now closed for CF Camp and speakers will be announced soon.We spotlight a lot of great blog posts, too many to list, so listen to the show. We show off our ForgeBox module of the Week,JSON Web Tokens JWT and our VS Code Hint Tip and Trick of the week being LiveShare. We finish the podcast by thanking our Patreon supporters. For the show notes - visit the website https://cfmlnews.modernizeordie.io/episodes/modernize-or-die-cfml-news-for-july-30th-2019 Music from this podcast used under Royalty Free license from SoundDotCom https://www.soundotcom.com/ and BlueTreeAudio https://bluetreeaudio.com
Watch the full video Online on Youtube - https://youtu.be/ASLg8JGvD2Y


2019-07-30 Weekly News - Episode 12


Hosts:


  • Gavin Pickin - Software Consultant for Ortus Solutions
  • Brad Wood - Lead Architect for Ortus Solutions


News and Events




Security Alert - VE-2019-7839: COLDFUSION CODE EXECUTION THROUGH JNBRIDGE

July 25, 2019 | Trend Micro Research Team

A remote code execution vulnerability has been reported in Adobe ColdFusion. This vulnerability is due to the JNBridge binary protocol port being exposed without any authentication.

A remote unauthenticated attacker can exploit this vulnerability by sending a crafted JNBridge binary protocol message to an affected server. Successful exploitation results in remote code execution as the root or SYSTEM user.

Brad tweeted about this security alert

#ColdFusion folks, hackers waste no time developing exploits for CF when a patch comes out. I hope you have the same sense of urgency when it comes to installing the patches! Also ensure your firewall is only allowing HTTP/S traffic through! #CFML” 



Pete Frietag from Foundeo released another CFML News Issue No 32


Go online to register and get those newsletters emailed to you. Great summary of everything CFML - highlighting the best blog posts and news.


CBORM Updated - Version 2 Released + New GitBook


A complete rewrite of the module to support a more modern and fluent approach to working with Hibernate/ColdFusion ORM.  In this release we had to support 3 versions of Hibernate: 3 (Lucee), 4 (ACF 2016) and 5 (ACF 2018), which in itself proved to be a gargantuan task.

We also focused on bringing more functional programming aspects to working with collections of entities and even introduced cbStreams as part of the cborm module.  This gives you the ability to produce streams out of any method that produces a collection of entities.
We also focused on converting the state of an object graph to a raw ColdFusion data struct as we live in the world of APIs.  We include the mementifier module which allows every single entity to have a getMemento() method that will convert itself and its relationships to raw CF data constructs so you can take that state and either marshall it to another format (json,xml,excel) or audit the state.




New landing page for OrtusBooks.com - see all of our books



Time to get the word out

We’ve had 500+ views on Youtube with 100+ new subscribers
We’ve had 1000+ podcast downloads
But until this last week, Ben Nadel ( who has been blogging like a mad man about ColdFusion lately ) didn’t know we had a CFML podcast, let alone 2.

So i need everyone go to on twitter and tweet that you’re watching / listening to the #modernizeordie #cfmlnews #podcast and why you think others should watch / listen to it.



Adobe CF Summit early bird

Still available as of July 23rd - are they still available now? Get them before they go up.

Certificate Program + Conference Pass $498.00
ColdFusion Security Preconference + Conference Pass $348.00
Conference Pass $99.00
ColdFusion Docker Preconference + Conference Pass $348.00


Adobe CF Summit - Conference


  • Las Vegas at the Mirage October 1-2 ( Tuesday + Wednesday )
  • Biggest CFML Conference of the Year - 500+ people
  • Great Adobe Party
  • Register Now - Early bird was only $99
  •  https://cfsummit.adobeevents.com/
  • Early-bird registration has been extended to June 30, 2019
  • Call for Speakers is now closed!!!
  • Speakers are listed on the website
    Adobe CF Summit Speakers Announced - 31 so far
  • Lots of Ortus Speakers
    • Luis Majano
    • Brad Wood
    • Eric Peterson
    • Gavin Pickin
  • Adobe Speakers 5+
    • Rakshith Naresh
    • Uday Ogra
    • Kailash Bihani
    • Piyush Kumar Nayak
    • Suchika Singh
  • Lots of other great community speakers 15+
    Including but not limited to:
    • Pete Frietag
    • George Murphy
    • Brian Klaas
    • Matt Clemente
    • Giancarlo Gomez
    • Matt Gifford
    • Carl Von Stetten
    • Daniel Fredericks
    • Uma Ghotikar
    • Abram Adams
    • Dan Wilson
    • David Tattersal ( Fusion Reactor )
    • Charlie Arehart
    • Dave Ferguson


Adobe CF Summit - Workshops


Adobe ColdFusion Specialist Certificate Program

From the CF Summit Website:


The Adobe ColdFusion Specialist is a full-day certificate classroom program, delivered by top Adobe ColdFusion experts. You will be enrolled into the course as soon as you register and will receive course instructions and prep materials two weeks prior to the on-site program date. Following the training you will complete an online assessment – upon successful completion, you will receive your Adobe ColdFusion Specialist certificate.



Location
The Mirage, Las Vegas
3400 S Las Vegas Blvd
Las Vegas, Nevada, United States
89109

Dates:
Monday September 30, 2019 - 8:00 AM - 5:00 PM
Price: $399.00 - early bird pricing

  • Pre-conference Training 1: Hands-on ColdFusion Security Workshop
    Trainer : Pete Freitag, Principal Consultant, Foundeo Inc.
  • Pre-conference Training 2: Going from Zero to 60 with Docker and ColdFusion images
    Trainer: Charlie Arehart, Independent Consultant, Carehart






Ortus Solutions Training Workshops at CF Summit after the Conference

Ortus will be doing 2  2-day trainings on Thursday October 3rd, and Friday October the 4th. 

We have two great workshops to select from and they will be held in a much more exclusive and comfortable environment that will allow us to bring you a better learning experience at Executive Hospitality Suite from ARIA Tower Suites . Register as soon as possible as space is very limited!

ColdBox From Zero to Hero
Lead by Gavin Pickin & Eric Peterson

ColdBox From Hero to SuperHero : API Edition
Lead by Luis Majano and Brad Wood

Dates: Thursday, October 3, 2019 at 9:00 AM - Friday, October 4, 2019 at 5:00 PM (PDT)

Location:
ARIA Resort & Casino
3730 S Las Vegas Blvd


More information and a link to register here: https://www.ortussolutions.com/blog/cfsummit-2019-training-bootcamps



ColdBox From Zero to Hero - Bootcamp Training


Bangalore, India | October 16-17, 2019 - by Luis Majano
Very popular ColdBox training, a great way to get your feet wet and jump start your ColdBox development. 

Project Overview:
We will be building a real twitter clone: SoapBox.  We will use HMVC conventions, including BDD / TDD testing to build out the application including the usage of many different ForgeBox modules and industry standards.

Price: $599 for 2 days
Group discounted pricing available for $499






CF Camp - Workshops and Conference

October 17th and 18th in Munich, Freising, Germany.
Read more now: https://www.cfcamp.org/ - Tickets NOW AVAILABLE.
Early bird - July 15, 2019 - 280 EUR - $313.27
Regular - Sep 11 - Oct 15, 2018 - 330 EUR - $369.17
Late - Oct 16 - Nov 8, 2018 - 380 EUR - $425.10

You can see the great lineup of speakers and sessions from last year on the site now. They will update as the speakers and sessions for this year is finalized.

Call for Speaker Deadline was July 7th - Now closed
Speakers have been announced

On Twitter Kai said “I can honestly say this is the best & most diverse programme, @cf_camp  ever had!“

Ortus Speakers
  • Eric Peterson
  • Jorge Reyes
  • Brad Wood

Lots of Great Community Speakers
  • Charlie Arehart
  • Eleftheria Batsou
  • Miguel Beltran
  • Wil de Bruin
  • Jen Doherty
  • Mark Drew
  • Rob Dudley
  • Seb Duggan
  • Nolan Erck
  • Uma Ghotikar
  • Matt Gifford
  • Majid Hajian
  • Michael Hnat
  • Kenigbolo Meya Stephen
  • Kai König
  • Francisco Mancardi
  • Lara Martín
  • Joel Stobart
  • Maciej Treder
  • Dom Watson
  • Sebastian Zartner


Sessions have been announced


Ortus Training at CF Camp
Ortus will be doing a 2 day workshop on the 15th and 16th of October. 

Eric Peterson will be leading - Rest easy at night with TestBox BDD
Brad Wood will be leading the - Hero to Superhero - API REST Edition - name to be confirmed.

Blogs, Tweets and Videos of the Week


Ben Nadel - Sanity Checking Closure Invocation Overhead And Performance In Lucee 5.3.2.77

Fusion Reactor has a Adobe ColdFusion sale
If you want to purchase licenses, save a little with Fusion Reactor.

Pete tweeted about documentation short links
Tweet 1 - For #CFML you can also do (link: https://cfdocs.org/trim) cfdocs.org/trim - I too wish all doc sites did that.
Tweet 2 - Come to think of it, I also created a site for #java docs, eg: (link: http://javadocs.org/string) javadocs.org/string and #css docs (link: http://cssdocs.org/font-weight) cssdocs.org/font-weight  they just redirect to the official docs

Ben Nadel - Exploring Linked / Ordered Structs In Lucee 5.3.2.77

CF Alive Podcast - Elishia Dvorak talks about “Adobe ColdFusion Specialist Certification (new at CF Summit)” in the new episode of the CF Alive Podcast,

Ben Nadel - Understanding Struct Key-Casing Using SerializeJson() In Lucee 5.3.2.77

Matt Gifford released a CFML Wrapper to interactive with the IP API to fetch geolocation data for ip addresses
https://github.com/coldfumonkeh/IPAPI 

Brian Klaas - Using AWS Step Functions in CFML: Wrapping Up the Transcribe, Translate, and Speak Workflow
16 blog posts, epic, thanks Brian for amazing content. Brian’s interview on Modernize or Die Podcast Soapbox Edition will be released this Thursday. Keep an eye out.

Ben Nadel finds this older blog post from CFSimplicity - Lucee 5: simpler access to environment variables

TeraTech - Better Time and Number Formats with ColdFusion


Job Opportunities - @getcfmljobs on twitter



Job Opportunity in Falls Church, VA

ColdFusion Developer position in North Carolina State University at Raleigh, NC,  United States


ForgeBox Module of the Week



ColdBox JSON Web Tokens (JWT) - by Andrew Dixon
https://www.forgebox.io/view/jwt

ColdBox Module for encoding and decoding JSON Web Tokens (JWT). This is a port of the CF-JWT-Simple project which itself is a port of the node.js project node-jwt-simple to CFML. It currently supports HmacSHA256, HmacSHA384, and HmacSHA512 signing algorithms.
box install jwt
Last Update: Jul 03 2019 02:55 PM | Downloads: 41 | Installs: 1680 | Views: 3211 | Versions: 5
 

VS Code Hint Tips and Tricks of the Week



Live Share ms-vsliveshare.vsliveshare
Microsoft - 10,860,671 downloads - 5 stars

Visual Studio Live Share enables you to collaboratively edit and debug with others in real time, regardless what programming languages you're using or app types you're building. It allows you to instantly (and securely) share your current project, and then as needed, share debugging sessions, terminal instances, localhost web apps, voice calls, and more! 



Thank you to all of our Patreon Supporters


These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox, ContentBox, TestBox and all the other boxes keep getting the continuous development they need, and funds the cloud infrastructure at our community relies on like ForgeBox for our Package Management with CommandBox. 

If we’re getting your name wrong please let us know.





Andrew  Davis

Gary  Knight

Jan  Jannek

Joseph  Lamoree

Laksma  Tirtohadi

Richard  Herbert

John  Farrar

Carl  Von Stetten

Don  Bellamy

Samuel  Knowlton

David  Belanger

Yogesh  Mathur

Steven  Klotz

Dan  Card

Jeremy Adams

Brian  White

Didier  Lesnicki 

Scott Steinbeck

Jordan Clark

Matthew Clemente

Da Li


You can see an up to date list of all sponsors on Ortus Solutions' Website


★ Support this podcast on Patreon ★

Switch to Modernize or Die ® Podcast - SoapBox Edition - Switch to Modernize or Die ® Podcast - Conference Edition

Powered by

Music from this podcast used under Royalty Free license from SoundDotCom and BlueTreeAudio

© 2019 Ortus Solutions