2023-08-22 Weekly News - Episode 202

Watch the video version on YouTube at https://youtube.com/live/HJHCDA-UbV8?feature=share

Hosts: 

Thanks to our Sponsor - Ortus Solutions

The makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. 
A few ways  to say thanks back to Ortus Solutions:

 
Patreon Support (stupendous)

We have 40 patreons:
https://www.patreon.com/ortussolutions.


News and Announcements

Exciting News! Only 3 Tickets Left for Our #ColdBox 7 Workshop!
Luis Majano and Gavin Pickin will guide you through an incredible learning journey with insider tips and tricks. Hurry, Register now!

https://twitter.com/ortussolutions/status/1692624601350643716
https://www.eventbrite.com/e/workshop-coldbox-from-zero-to-hero-tickets-659169262007?aff=oddtdtcreator

Lucee Critical Security Alert, August 15th, 2023 - CVE-2023-38693
(XXE [XML External Entity] vulnerabilities)
The Lucee team received a responsible disclosure for a security vulnerability which affects all previous releases of Lucee.

After reviewing the report and confirming the vulnerability, the Lucee team then conducted a further security review and found additional vulnerabilities which have been addressed as part of this security update.

Latest Stable Releases
5.4.3.2 (recommended)
5.3.12.1

Backported Stable Releases
In addition, as we are aware that some Lucee users have not yet upgraded from older versions, we have also published Stable Releases for these older versions with the vulnerability.

5.3.9.173
5.3.8.237
5.3.7.59

https://dev.lucee.org/t/lucee-critical-security-alert-august-15th-2023-cve-2023-38693/12893

The agenda for Adobe ColdFusion Summit 2023 is live now!
https://cfsummit.adobeevents.com/agenda/
https://twitter.com/coldfusion/status/1693582117203030287

New Releases and Updates

CommandBox 5.9.1 Released!
We are pleased to announce the general availability of CommandBox 5.9.1. This is a very small release with two changes.

Update to Lucee 5.4.3.2
Update bundled JRE to 11.0.20+8
Note Lucee 5.4.3.2 contains critical security patches.

The new Lucee version affects the core CLI runtime as well as the default server you get when running "server start" with no cfengine specified.  Possible compatibility issues related to the major bump in Lucee version:

https://www.ortussolutions.com/blog/commandbox-591-released

Webinar / Meetups and Workshops

Hawaii ColdFusion Meetup Group — Graph QL & ColdFusion
Speaker: Mark Takata

Friday, August 25, 2023 @ 12 PM HAST (Hawaii Standard Time)

GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.

GraphQL is a query language for APIs and a runtime for executing those queries with your existing data. It provides a more efficient, powerful, and flexible alternative to REST.

In ColdFusion 2023 we are providing a native method of consuming and sending data across GraphQL using GQL. This includes support for fragments, variables, aliases, queries, mutations, subscriptions and more.

Also, this talk will go over on why to use Graph QL over REST APIs.

https://www.meetup.com/hawaii-coldfusion-meetup-group/events/294631289/

Adobe Upcoming Events

Webinar - Road to Fortuna Series: Exploring the New Google Cloud Platform Features
FRIDAY, AUGUST 25, 2023
10:00 AM PDT
Online Event
Mark Takata
https://google-cloud-platform-adobe-coldfusion.meetus.adobeevents.com/

During the Road to Fortuna Series: Exploring the New Google Cloud Platform Features webinar, Mark Takata will explore the new native hooks that Adobe ColdFusion is adding to work with the Google Cloud Platform. He will focus on features related to the GCP FireStore document database, Storage capabilities, and PubSub messaging features, providing attendees with valuable insights into how these features can be leveraged to optimize application development and delivery on the Google Cloud Platform. The session will be highly technical and will provide attendees with practical examples and use cases.

CFCasts Content Updates

https://www.cfcasts.com

Recent Releases

Coming Soon

Conferences and Training

Adobe CF Summit West
Las Vegas 2-4th of October.
Get your early bird passes now.
Session passes @ $199
Professional passes @ $299.
First round of speakers has been announced - with some great sessions
https://cfsummit.adobeevents.com/

STUDENTS can get a free pass if they are enrolled at tertiary level educational institutions

Ortus CF Summit Training - ColdBox 7 Zero to Hero
Date: October 4th - 5th, 2023 | Right after Adobe CFSummit, 2023
Speakers: Luis Majano & Gavin Pickin
Location: Las Vegas, Nevada
Venue: Regus - Las Vegas - 3960 Howard Hughes Parkway Paradise #Suite 500 Las Vegas, NV 89169 United States
Ticket Price

Spotlight

WIN WIN WIN WIN
https://www.eventbrite.com/e/workshop-coldbox-from-zero-to-hero-tickets-659169262007?aff=oddtdtcreator

Into the Box LATAM
November 30th
University of Business in El Salvador.
https://latam.intothebox.org/

ITB 2024
Location: Optica in Washington, DC
Announcement Blog Post: https://www.ortussolutions.com/blog/our-into-the-box-2024-venue-and-dates-are-set
Dates: May 15-17, 2024
Get Blind Tickets Now: https://www.eventbrite.com/e/into-the-box-2024-the-new-era-of-modernization-tickets-663126347757

More conferences

Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/

Blogs, Tweets, and Videos of the Week

08/10/2023 - Blog - Ben Nadel - Sanity Check: Using Overflow Scrolling On CSS Flexbox Panels

I'm a huge fan of CSS Flexbox. As someone who had (?has?) to support IE11 up until the very end, CSS Flexbox became my go-to for complex layouts. However, even with years of Flexbox experience under my belt, I'm not always confident that I understand exactly how it will behave when it contains overflowing content. One scenario in which I've been using Flexbox recently is to create a dynamic set of "panels". Consider a set of side-by-side panels in which one panel is dynamically added or removed to and from the DOM (Document Object Model), respectively. Is it safe to apply overflow:auto to these CSS Flexbox panels?

https://www.bennadel.com/blog/4499-sanity-check-using-overflow-scrolling-on-css-flexbox-panels.htm


08/13/2023 - Blog - Ben Nadel - Error "Type" Isn't Always A String In Adobe ColdFusion

Yesterday, while working on Dig Deep Fitness, my ColdFusion fitness tracker, I accidentally consumed an ordered struct as if it were an array. As expected, ColdFusion threw an error; however, my centralized error handling logic broke because the type property of the thrown error was not a string, it was a complex Java object. I don't think I'd ever run into this issue before - I've always believed that the type, message, detail, and extendedInfo properties were guaranteed to be a string. I guess not.

https://www.bennadel.com/blog/4500-error-type-isnt-always-a-string-in-adobe-coldfusion.htm

Here’s your joke translation for the day: https://twitter.com/Updates4Devs/status/1690681934890819584


08/16/2023 - Blog - Brad Wood - Use CommandBox’s rate limiter on only certain requests

This came up in conversation internally at Ortus today and I wanted to write it down somewhere public. There has already been a setting in CommandBox for some time called web.maxRequests in the server.json to limit the total number of concurrently-running requests for the entire server. Once this pool is full, any additional incoming requests will be queued until there are free threads available.

The problem scenario is what if you allow 25 concurrent requests (max threads) and someone whacks the refresh button 30 times on a report that takes 5 minutes to run? Well, all your available threads will be busy for the next 5 minutes and your site won’t respond to other requests in the meantime, even if they are quick ones.

The same potential scenario goes for CommandBox 6’s new multi-site mode. The worker thread pool in Undertow is global and applies to all sites. That means if you have 2 sites and allow 100 concurrent requests and site 1 is using all of them, there will be no threads left to process any requests for site 2.

The solution to both of these scenarios is a server rule that is built into Undertow called request-limit(). You can specify a request limit for an entire site or even for a specific type of request.


https://community.ortussolutions.com/t/use-commandboxs-rate-limiter-on-only-certain-requests/9750

CFML Jobs

Several positions available on https://www.getcfmljobs.com/

Listing over 87 ColdFusion positions from 58 companies across 41 locations in 5 Countries.

2 new jobs listed in the last two weeks

Full-Time - ColdFusion Developer at Quincy, MA
Posted: August 09, 2023
https://www.getcfmljobs.com/jobs/index.cfm/united-states/CFDeveloper-Quincy-MA/11594

Full-Time - Coldfusion at Thiruvananthapuram, Kerala
Posted: August 18, 2023
https://www.getcfmljobs.com/jobs/index.cfm/india/Coldfusion-at-Thiruvananthapuram-Kerala/11595

Other Job Links
There is a jobs channel in the CFML slack team, and in the Box team slack now too

ForgeBox Module of the Week

Remember Me
by David Levin

RememberMe is a Coldbox module designed to work in conjunction with your authentication system to "remember" and automatically log in users on subsequent website visits.

https://forgebox.io/view/rememberMe

VS Code Hint Tips and Tricks of the Week

i18n Ally
All in one i18n extension for VS Code

Supports multi-root workspaces
Supports remote development
Supports numerous popular frameworks
Supports linked locale messages
Uses i18n for the extension itself, of course. Translation List

https://marketplace.visualstudio.com/items?itemName=lokalise.i18n-ally

Thank you to all of our Patreon Supporters

These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox,  ContentBox, TestBox and all the other boxes keep getting the continuous development they need, and funds the cloud infrastructure at our community relies on like ForgeBox for our Package Management with CommandBox.

You can support us on Patreon here https://www.patreon.com/ortussolutions


Don’t forget, we have Annual Memberships, pay for the year and save 10% - great for businesses everyone.

And many more Patreons

You can see an up to date list of all sponsors on Ortus Solutions' Website
https://ortussolutions.com/about-us/sponsors

Thanks everyone!!!