Modernize or Die® - CFML News Podcast for August 22nd, 2023 - Episode 202

2023-08-22 Weekly News - Episode 202

Watch the video version on YouTube at

  • Eric Peterson - Senior Developer at Ortus Solutions
  • Grant Copley - Senior Developer at Ortus Solutions

Thanks to our Sponsor - Ortus Solutions

The makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. 
A few ways  to say thanks back to Ortus Solutions:
Patreon Support (stupendous)

We have 40 patreons:

News and Announcements

Exciting News! Only 3 Tickets Left for Our #ColdBox 7 Workshop!
Luis Majano and Gavin Pickin will guide you through an incredible learning journey with insider tips and tricks. Hurry, Register now!

Lucee Critical Security Alert, August 15th, 2023 - CVE-2023-38693
(XXE [XML External Entity] vulnerabilities)
The Lucee team received a responsible disclosure for a security vulnerability which affects all previous releases of Lucee.

After reviewing the report and confirming the vulnerability, the Lucee team then conducted a further security review and found additional vulnerabilities which have been addressed as part of this security update.

Latest Stable Releases (recommended)

Backported Stable Releases
In addition, as we are aware that some Lucee users have not yet upgraded from older versions, we have also published Stable Releases for these older versions with the vulnerability.

The agenda for Adobe ColdFusion Summit 2023 is live now!

New Releases and Updates

CommandBox 5.9.1 Released!
We are pleased to announce the general availability of CommandBox 5.9.1. This is a very small release with two changes.

Update to Lucee
Update bundled JRE to 11.0.20+8
Note Lucee contains critical security patches.

The new Lucee version affects the core CLI runtime as well as the default server you get when running "server start" with no cfengine specified.  Possible compatibility issues related to the major bump in Lucee version:

  • This Lucee version does not include Hibernate, so the Ortus Hibernate extension is installed.  We will stop doing this in 6.0
  • This Lucee version has strict XML parsing settings on by default which may affect any servers you start which parse XML containing DTDs.

Webinar / Meetups and Workshops

Hawaii ColdFusion Meetup Group — Graph QL & ColdFusion
Speaker: Mark Takata

Friday, August 25, 2023 @ 12 PM HAST (Hawaii Standard Time)

GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.

GraphQL is a query language for APIs and a runtime for executing those queries with your existing data. It provides a more efficient, powerful, and flexible alternative to REST.

In ColdFusion 2023 we are providing a native method of consuming and sending data across GraphQL using GQL. This includes support for fragments, variables, aliases, queries, mutations, subscriptions and more.

Also, this talk will go over on why to use Graph QL over REST APIs.

Adobe Upcoming Events

Webinar - Road to Fortuna Series: Exploring the New Google Cloud Platform Features
10:00 AM PDT
Online Event
Mark Takata

During the Road to Fortuna Series: Exploring the New Google Cloud Platform Features webinar, Mark Takata will explore the new native hooks that Adobe ColdFusion is adding to work with the Google Cloud Platform. He will focus on features related to the GCP FireStore document database, Storage capabilities, and PubSub messaging features, providing attendees with valuable insights into how these features can be leveraged to optimize application development and delivery on the Google Cloud Platform. The session will be highly technical and will provide attendees with practical examples and use cases.

CFCasts Content Updates

Recent Releases
Coming Soon
  • More ForgeBox and VS Code Podcast snippet videos
  • ColdBox Elixir from Eric
  • Mastering CBWIRE v3 from Grant

Conferences and Training

Adobe CF Summit West
Las Vegas 2-4th of October.
Get your early bird passes now.
Session passes @ $199
Professional passes @ $299.
First round of speakers has been announced - with some great sessions

STUDENTS can get a free pass if they are enrolled at tertiary level educational institutions

Ortus CF Summit Training - ColdBox 7 Zero to Hero
Date: October 4th - 5th, 2023 | Right after Adobe CFSummit, 2023
Speakers: Luis Majano & Gavin Pickin
Location: Las Vegas, Nevada
Venue: Regus - Las Vegas - 3960 Howard Hughes Parkway Paradise #Suite 500 Las Vegas, NV 89169 United States
Ticket Price
  • Regular Price Tickets: $699 — Only 3 left!
  • 25% Discount today:
  • Less than 2 miles from the Mirage - 30 mins walk
  • Next to Marriot hotel - 2 min walk
  • 1 mile to Top Golf - 20 min walk
  • 5 min walk to Fogo de Chão Brazilian Steakhouse
  • 5 min walk to starbucks
  • 5 min walk to Lo-los chicken and waffles

Into the Box LATAM

November 30th
University of Business in El Salvador.

ITB 2024

Location: Optica in Washington, DC
Announcement Blog Post:
Dates: May 15-17, 2024
Get Blind Tickets Now:

More conferences

Need more conferences, this site has a huge list of conferences for almost any language/community.

Blogs, Tweets, and Videos of the Week

08/10/2023 - Blog - Ben Nadel - Sanity Check: Using Overflow Scrolling On CSS Flexbox Panels

I'm a huge fan of CSS Flexbox. As someone who had (?has?) to support IE11 up until the very end, CSS Flexbox became my go-to for complex layouts. However, even with years of Flexbox experience under my belt, I'm not always confident that I understand exactly how it will behave when it contains overflowing content. One scenario in which I've been using Flexbox recently is to create a dynamic set of "panels". Consider a set of side-by-side panels in which one panel is dynamically added or removed to and from the DOM (Document Object Model), respectively. Is it safe to apply overflow:auto to these CSS Flexbox panels?

08/13/2023 - Blog - Ben Nadel - Error "Type" Isn't Always A String In Adobe ColdFusion

Yesterday, while working on Dig Deep Fitness, my ColdFusion fitness tracker, I accidentally consumed an ordered struct as if it were an array. As expected, ColdFusion threw an error; however, my centralized error handling logic broke because the type property of the thrown error was not a string, it was a complex Java object. I don't think I'd ever run into this issue before - I've always believed that the type, message, detail, and extendedInfo properties were guaranteed to be a string. I guess not.

Here’s your joke translation for the day:

08/16/2023 - Blog - Brad Wood - Use CommandBox’s rate limiter on only certain requests

This came up in conversation internally at Ortus today and I wanted to write it down somewhere public. There has already been a setting in CommandBox for some time called web.maxRequests in the server.json to limit the total number of concurrently-running requests for the entire server. Once this pool is full, any additional incoming requests will be queued until there are free threads available.

The problem scenario is what if you allow 25 concurrent requests (max threads) and someone whacks the refresh button 30 times on a report that takes 5 minutes to run? Well, all your available threads will be busy for the next 5 minutes and your site won’t respond to other requests in the meantime, even if they are quick ones.

The same potential scenario goes for CommandBox 6’s new multi-site mode. The worker thread pool in Undertow is global and applies to all sites. That means if you have 2 sites and allow 100 concurrent requests and site 1 is using all of them, there will be no threads left to process any requests for site 2.

The solution to both of these scenarios is a server rule that is built into Undertow called request-limit(). You can specify a request limit for an entire site or even for a specific type of request.


Several positions available on

Listing over 87 ColdFusion positions from 58 companies across 41 locations in 5 Countries.

2 new jobs listed in the last two weeks

Full-Time - ColdFusion Developer at Quincy, MA
Posted: August 09, 2023

Full-Time - Coldfusion at Thiruvananthapuram, Kerala
Posted: August 18, 2023

Other Job Links
There is a jobs channel in the CFML slack team, and in the Box team slack now too

ForgeBox Module of the Week

Remember Me
by David Levin

RememberMe is a Coldbox module designed to work in conjunction with your authentication system to "remember" and automatically log in users on subsequent website visits.

VS Code Hint Tips and Tricks of the Week

i18n Ally
All in one i18n extension for VS Code

Supports multi-root workspaces
Supports remote development
Supports numerous popular frameworks
Supports linked locale messages
Uses i18n for the extension itself, of course. Translation List

Thank you to all of our Patreon Supporters

These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox,  ContentBox, TestBox and all the other boxes keep getting the continuous development they need, and funds the cloud infrastructure at our community relies on like ForgeBox for our Package Management with CommandBox.

You can support us on Patreon here

Don’t forget, we have Annual Memberships, pay for the year and save 10% - great for businesses everyone.

  • Bronze Packages and up, now get a ForgeBox Pro and CFCasts subscriptions as a perk for their Patreon Subscription.
  • All Patreon supporters have a Profile badge on the Community Website
  • All Patreon supporters have their own Private Forum access on the Community Website
  • All Patreon supporters have their own Private Channel access BoxTeam Slack

Top Patreons (stupendous)
  • John Wilson - Synaptrix
  • Tomorrows Guides
  • Jordan Clark
  • Gary Knight
  • Giancarlo Gomez 
  • David Belanger  
  • Dan Card
  • Jeffry McGee - Sunstar Media
  • Dean Maunder
  • Kevin Wright
  • Doug Cain 
  • Nolan Erck 
  • Abdul Raheen

And many more Patreons

You can see an up to date list of all sponsors on Ortus Solutions' Website

Thanks everyone!!!

★ Support this podcast on Patreon ★

Switch to Modernize or Die ® Podcast - SoapBox Edition - Switch to Modernize or Die ® Podcast - Conference Edition

Powered by

Music from this podcast used under Royalty Free license from SoundDotCom and BlueTreeAudio

© 2019 Ortus Solutions