Modernize or Die® - CFML News Podcast for December 10th, 2024 - Episode 224

2024-12-10 Weekly News — Episode 224

Watch the video version on YouTube at https://youtube.com/live/bV2CxQprVQM?feature=share

Hosts: 
  • Gavin Pickin - Senior Developer at Ortus Solutions
  • Grant Copley - Senior Developer at Ortus Solutions

Big Thanks to our Sponsor - Ortus Solutions

The makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there including BoxLang.
A few ways to say thanks back to Ortus Solutions:
 

Patreon Support (jolly)
We have 59 patreons:
https://www.patreon.com/ortussolutions.


News and Announcements

Adobe CF2025 Beta is now open

Get an exclusive sneak peek at what’s next for ColdFusion! Sign up for the ColdFusion 2025 Beta Program and get early access to shape the future with us. Engage with the community in the forums, share your thoughts, and keep up with the newest updates and features.

Make Your Voice Heard and Win Big!

Join our weekly engagement challenge during the ColdFusion 2025 Beta! Every week, we’ll reward top contributors with exciting prizes. Your feedback matters, and the more you share, the higher your chances of winning. Don’t miss out—get involved and be rewarded!

Deep Dive Sessions and Demo Code Access!

We’re thrilled to announce that for each feature in ColdFusion 2025, there will be exclusive deep-dive sessions hosted by the engineers who built it. These sessions will offer valuable insights and in-depth explanations straight from the experts.

Additionally, we’ve set up a central GIT repository where all demo code will be hosted. This is the same repository where Mark has already pushed his code, and it will be the hub for all developers to share their contributions. Check out the GIT links and start exploring the code!

Check out the curated webinar schedule and join us!

https://coldfusion.adobe.com/2024/11/code-the-future-join-the-coldfusion-2025-beta-today/

TestBox Latest Updates and News!
Did You Miss It? The New TestBox Site & v6.0 Are Here!
Share Your Feedback and Get Featured on Our Site!
We’re thrilled to have launched the new TestBox website and TestBox 6.0! If you haven’t had a chance to explore yet, visit TestBox to discover updated documentation, powerful resources, and features that make testing more efficient than ever.
https://www.ortussolutions.com/blog/testbox-updates-and-news

New Releases and Updates
ICYMI - CommandBox 6.1.0 Released!
We are pleased to announce the release of CommandBox 6.1.0, the latest release of our CLI, REPL, and Server, and Package Manager.  This is a minor update to our last release.  It has a handful of new features, and bug fixes, as well as better out-of-the-box support for BoxLang, our new CFML-compatible JVM language.

New Features
  • WebSocket Server
  • Updates to run BoxLang
  • Add command to deploy Lucee lex or lco files
  • Check if an entry has a hash associated to it and validate it

Improvement
  • Sort by date last started when finding a server by web root
  • Make semantic version prerelease identifiers not case sensitive
  • default servlet pass predicate include Boxlang files

Tasks
  • Update to Undertow 2.2.33.Final
  • Update to Lucee 5.4.6.9
  • Update bundled JRE to 11.0.23+9

9 Bugs

https://www.ortussolutions.com/blog/commandbox-610-released
https://commandbox.ortusbooks.com/


BoxLang Beta 23 and 24 Released

12/2/24 - BoxLang 1.0.0 Beta 24 Launched
3 New Features
6 Improvements
4 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-24-launched

11/23/24 - BoxLang 1.0.0 Beta 23 Launched
4 New Features
2 Improvements
1 Tasks
10 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-23-launched

Webinars, Meetups and Workshops

Online CF Meetup - From Development to Deployment: Load Testing ColdFusion Applications with Dakota Clum
Thursday, December 12, 2024
9:00 AM to 10:00 AM PST
This session will go over how to load test a ColdFusion application after it is deployed in your environment. We will cover load testing options, setting up a simulated load test, and tuning adjustments that can be made as a result of load testing.
https://www.meetup.com/coldfusionmeetup/events/304881310/

ADOBE CF 2025 Beta - Seminars

ColdFusion 2025: What’s new and exciting
Mark Takata
December 2, 2024

Security and Stability in ColdFusion
Parvathy and Atul
December 3, 2024

VS Code plugin changes
Vikas Yadav
December 4, 2024

Smart language additions in ColdFusion
Ashudeep Sharma
December 5, 2024

Performance enhancements
Satyam Mishra
December 9, 2024

Unleash the power of Revamping CFCharts for modern applications
Yukti Agrawal
December 10, 2024

Spreadsheets & CSV Processing
Nikhil Dubey
December 11, 2024

Microsoft Graph Integration in ColdFusion: Unlocking data with Oauth
Shiva Marella
December 13, 2024

What’s new in containers
Suchika
December 17, 2024

Recap and QnA
Mark Takata
December 18, 2024

CFCasts Content Updates

https://www.cfcasts.com

Conferences and Training

ICYMI - CF Summit India 2024
Join us for the Adobe ColdFusion India Summit, a premier, completely free event where developers, industry experts, and thought leaders come together to explore the latest in ColdFusion and web development. Network with peers, meet the ColdFusion engineering team, get your questions answered, discover strategies to boost your career and grow your business—all at no cost.
Price: Free
December 7, 2024
2 Cities: Bengaluru and Noida
Register: https://cf-indiasummit-2024.attendease.com

ITB 2025
  • Location: Washington, DC
  • Dates: April 30, 2025 - May 2, 2025 - Washington, DC
  • Tickets and more info: https://t.co/cFLDUJZEyM
  • 50% off blind tickets
    • $249.50 for the Conference
    • $349.50 for the Conference + Workshop!!!
  • Call for Speakers CLOSED

CFCamp 2025
May 22, 23rd - 2025
Atomis Hotel Munich Airport
https://www.cfcamp.org/
Call for Speakers open - https://www.papercall.io/cfcamp2025

More conferences
Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/


Blogs, Posts, and Videos of the Week

12/9/24 - Blog - Ben Nadel - Mastering Postgres Video Course By Aaron Francis
Anytime you bring up databases in public, someone will inevitably suggest that Postgres (aka PostgreSQL) can address all of your data storage needs and then some. I love relational databases as much as the next person; but, I've never felt the kind of fervor and passion that seem to permeate the Postgres ecosystem. As an outsider, it's fascinating! So when I saw that Aaron Francis had a video course on Mastering Postgres, I jumped at a chance to get an insider's look at the database technology that seems to have a cult-like following.
https://www.bennadel.com/blog/4740-mastering-postgres-video-course-by-aaron-francis.htm

12/7/24 - Blog - Gregory Alexander - Securing ColdFusion Applications Using Encryption and Hashing
The blog post "Securing ColdFusion Applications Using Encryption and Hashing" by Gregory Alexander discusses methods to enhance security in ColdFusion applications. Key points include:
  • Hashing Fundamentals: Hashing converts input data into a fixed-length string, which is nearly impossible to reverse-engineer, ensuring data integrity and security.
  • Hashing vs. Encryption: Hashing is a one-way process, making it irreversible, while encryption is a two-way process that allows data to be decrypted with the appropriate key.
  • Salting and Peppering: These techniques add random data to inputs before hashing to increase complexity and reduce vulnerabilities to attacks.
  • ColdFusion Functions: The post explains how to use ColdFusion's generateSecretKey, Encrypt, and Decrypt functions for secure data handling.
  • User Authentication: It provides guidance on implementing user authentication using hashed passwords in ColdFusion applications.
  • Code Examples: The article includes practical code snippets demonstrating encryption, decryption, and hashing techniques in ColdFusion.
  • Blog explores how to check if an IP address is within a CIDR range.
  • Discusses challenges with IPv4 and IPv6 in ColdFusion.
  • Recommends the seancfoley IPAddress Java library for advanced IP handling.
  • Key features: IP validation, conversion, normalization, and CIDR checks.
  • Implementation examples in CFML included for real-world use.
  • Noted adoption of the library by major companies like Google, Microsoft, and Netflix.
  • Links to additional resources for in-depth ColdFusion IP handling.
https://dev.to/gamesover/testing-if-ip-is-within-a-cidr-range-29jb

12/4/24 - Blog - Ben Nadel - Ask Ben: Sorting Quasi-Numeric Values Like 4K And 3M In ColdFusion
Out of the box, ColdFusion provides a .sort() method on arrays that makes it trivial to sort uniform collections; that is, collections which contain uniformly numeric or uniformly text values. But, when you have mixed collections, complex objects, or when you want to implement a "natural sort", the text and numeric sorting strategies fall-short. In such cases, the .sort() method also accepts a callback that can act as the comparison operator. We can use this operator to reduce the elements down to a set of sortable values.
https://www.bennadel.com/blog/4737-ask-ben-sorting-quasi-numeric-values-like-4k-and-3m-in-coldfusion.htm

12/3/24 - Blog - Greg Alexander - Using CodeMirror 5 and ColdFusion's FileOpen and FileWrite Functions to Implement CMS Functionality
In this article, we will learn how to implement CodeMirror and use ColdFusion and Lucee's file methods to create a browser-based interface for editing server-side code. This interface was designed to implement a browser-based content management system (CMS) for an upcoming version of Galaxie Blog.
https://www.gregoryalexander.com/blog/2024/12/3/using-codemirror-5-and-coldfusions-fileopen-and-filesave-functions-to-implement-cms-functionality

12/3/24 - Blog - Ben Nadel - Associating Form Inputs With ColdFusion Validation Error Types
In my ColdFusion applications, I've never have a lot of ceremony around error handling. I simply try to catch errors as high-up in the stack as I can; and then, I use a centralized error translator to translate exceptions into a user-safe error response which I then render at the top of my form interface. It recently occurred to me that I might be able to use my user-safe error response to make my ColdFusion forms more accessible by marking form inputs as being related to certain server-side validation errors.
https://www.bennadel.com/blog/4736-associating-form-inputs-with-coldfusion-validation-error-types.htm

12/3/24 - Blog - Ortus Solutions - Ortus Solutions Brings Innovation with BoxLang as Platinum Sponsor and Keynote Presenter at CFCamp 2025!
Join us for groundbreaking workshops and discover the future of modern development with BoxLang.
Ortus Solutions is thrilled to announce its participation as a Platinum Sponsor and Keynote Presenter at CFCamp 2025, the premier conference for modern web development! Held at the Atomis Hotel Munich Airport by Mercure in Oberding, Germany, on May 22–23, 2025, this event is a must-attend for developers and tech enthusiasts.
https://www.ortussolutions.com/blog/ortus-solutions-brings-innovation-with-boxlang-as-platinum-sponsor-and-keynote-presenter-at-cfcamp-2025

12/2/24 - Blog - Ben Nadel - Exploring Cloudflare R2 And Request Authorization Using AWS Signature V4
Once I rebuilt my Incident Commander app in ColdFusion, I finally had the ability to upload images and screenshots as supporting evidence of the incident triage investigation. Right now, those uploads are saved to the server—it's what makes the most sense in a free MVP (minimum viable product). In the long run, I'd prefer to save uploads to a remote object store like Amazon Web Services (AWS) S3 or Cloudflare R2.
https://www.bennadel.com/blog/4735-exploring-cloudflare-r2-and-request-authorization-using-aws-signature-v4.htm

12/2/24 - Blog - Ortus Solutions - Ortus Monthly Newsletter - November Recap 2024
Welcome to the November Ortus Newsletter! This month has been full of exciting updates, insightful blog posts, and important announcements to keep you informed and inspired.Whether you're a seasoned developer or just starting out, there’s something here for everyone. Let's dive into this month's highlights!

  • Product releases: TestBox, SocketBox STOMP Broker, and CommandBox 6.1.0.
  • Blog articles on UX/UI design, ColdFusion consulting, and application modernization.
  • Modernize or Die Podcast episodes from November 5th and 19th.
  • Upcoming events: Into the Box 2025 in Washington, DC, and CFCamp Pre-Conference Workshops in Munich.
  • Links to resources and updates for developers.

https://www.ortussolutions.com/blog/ortus-monthly-newsletter-november-recap-2024

12/2/24 - Blog - Ortus Solutions - How a ColdFusion Security Audit Can Protect Your Business from Data Breaches
In today’s digital landscape, security threats are evolving at an alarming rate, and your business’s ColdFusion application—whether powered by Lucee or Adobe ColdFusion—may be more vulnerable than you think. A comprehensive ColdFusion security audit is essential to safeguarding sensitive data, maintaining compliance, and protecting your organization from potential cyberattacks.

  • Importance of ColdFusion security audits.
  • Identifies risks like SQL injection and XSS.
  • Explains consequences of data breaches.
  • Covers Ortus Solutions' audit process.
  • Highlights expertise in ColdFusion security.

https://www.ortussolutions.com/blog/how-a-coldfusion-security-audit-can-protect-your-business-from-data-breaches

11/29/24 - Blog - Adobe Portal - Code the Future: Join the ColdFusion 2025 Beta Today!
Get an exclusive sneak peek at what’s next for ColdFusion! Sign up for the ColdFusion 2025 Beta Program and get early access to shape the future with us. Engage with the community in the forums, share your thoughts, and keep up with the newest updates and features.

  • Adobe launches the ColdFusion 2025 Beta Program.
  • Provides early access to upcoming features.
  • Encourages community participation and feedback.
  • Offers weekly challenges with prizes.
  • Includes webinars led by engineers on new features.
  • Provides a shared Git repository for demo code.
  • Opportunity to shape the future of ColdFusion.
https://coldfusion.adobe.com/2024/11/code-the-future-join-the-coldfusion-2025-beta-today/

11/27/24 - Blog - Ortus Solutions - Scaling Databases Without the Growing Pains: How to assure Your Business Expansion?
In today’s fast-paced digital environment, a database that scales seamlessly is crucial for growing businesses. Whether you're experiencing seasonal traffic spikes, entering new markets, or launching new products, your database must keep up with increasing demands without compromising performance or user experience. However, scaling databases presents significant hurdles, from hardware limitations to performance bottlenecks.
This post explores the common challenges businesses face when scaling databases and practical strategies to ensure smooth, cost-effective scalability—whether on-premises or in the cloud.
https://www.ortussolutions.com/blog/scaling-databases-without-the-growing-pains-how-to-assure-your-business-expansion

11/22/24 - Blog - Ben Nadel - Considering Encrypting Passwords At Rest In ColdFusion
Now that I've rebuilt my Incident Commander triage app in ColdFusion, I'm looking at ways to make it more security-minded. Right now, it uses a large 64-byte alpha-numeric URL-based token to prevent brute-force attacks. But, I'd like to give users the option of including an additional non-URL-based authentication mechanism. To this end, I'm exploring the idea of a session password. Only, unlike a traditional password, which can leverage a one-way hash (think bCrypt, sCrypt, and Argon2), I need to be able to render this password in the application experience. To do this securely, I need to store the password in an encrypted state.
https://www.bennadel.com/blog/4732-considering-encrypting-passwords-at-rest-in-coldfusion.htm

11/21/24 - Blog - Ben Nadel - Considering A Secure Encoding Technique Inspired By JWT In ColdFusion
Earlier this week, I looked at rebuilding my Incident Commander triage application in ColdFusion. The initial implementation uses a 64-byte alpha-numeric URL-based token to gate access to an incident. The goal of this token is to keep the application secure and prevent brute-force attacks without requiring the user to authenticate via any other mechanism. Essentially, I want to keep the barrier to entry for the application as low as possible in order to remove as much friction as I can from what is otherwise likely to be a very stressful situation (the current incident or outage).
https://www.bennadel.com/blog/4731-considering-a-secure-encoding-technique-inspired-by-jwt-in-coldfusion.htm

11/21/24 - Blog - Ortus Solutions - TestBox Latest Updates and News!
Did You Miss It? The New TestBox Site & v6.0 Are Here!
Share Your Feedback and Get Featured on Our Site!
We’re thrilled to have launched the new TestBox website and TestBox 6.0! If you haven’t had a chance to explore yet, visit TestBox to discover updated documentation, powerful resources, and features that make testing more efficient than ever.

https://www.ortussolutions.com/blog/testbox-updates-and-news

11/20/24 - Blog - Ben Nadel - Counting The Occurrences Of A Substring Or RegEx Pattern In ColdFusion
The other day, in my Incident Commander app code, I needed to count the number of back-ticks in a truncated piece of text in order to make sure that the count was balanced (ie, that there were an equal number of starting and ending back-ticks for a Slack-formatted message). I don't often have to count substrings in ColdFusion; but, I was surprised to find that even in recent releases of the language there's no native method for counting occurrences of a substring or regular expression pattern. As such, I wanted to take a quick look at how this can be done in Adobe ColdFusion.
https://www.bennadel.com/blog/4729-counting-the-occurrences-of-a-substring-or-regex-pattern-in-coldfusion.htm

BoxLang Corner

12/4/24 - Blog - Ortus Solutions - Why BoxLang is the Modern Software Development Evolution You’ve Been Waiting For?
In today’s software landscape, developers need tools that deliver flexibility, efficiency, and modernization. With decades of open-source expertise, Ortus Solutions introduces BoxLang—our most ambitious project yet. Built for the JVM, BoxLang integrates seamlessly with Java, offering powerful features for scalable, high-performance web applications. Fully compatible with CFML, it ensures a smooth transition and expanded capabilities for existing projects. BoxLang Stable Release is coming soon, and we want you to get ready for a dynamic future od software development practices and tools.
https://www.ortussolutions.com/blog/why-boxlang-is-the-modern-software-development-evolution-youve-been-waiting-for

12/3/24 - Blog - Ortus Solutions - The future of programming is almost here: BoxLang stable release imminent!
The wait is almost over. BoxLang, the revolutionary programming language designed to empower developers, is about to launch its stable release. Get ready to experience a new era of development, where innovation, flexibility, and performance converge.
https://www.ortussolutions.com/blog/the-future-of-programming-is-almost-here-boxlang-stable-release-imminent

12/2/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 24 Launched
We’re excited to announce the release of Beta 24, packed with powerful new features, essential bug fixes, and impactful improvements that enhance performance and security. This release brings more robust logging capabilities, enhanced configuration flexibility, and new query-handling methods to streamline your development experience. We’ve also squashed several parsing bugs, ensuring smoother code execution.
Whether you’re optimizing your runtime with custom logging encoders or leveraging the new queryColumnList for seamless data manipulation, Beta 24 is designed to empower developers with a more secure, customizable, and efficient development environment.
Please continue to test your applications as we continue to push forwards towards stable release this winter.
https://www.ortussolutions.com/blog/boxlang-100-beta-24-launched

11/23/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 23 Launched
The latest release of BoxLang, Beta 23, marks a significant step forward in our journey to create the ultimate dynamic language for the JVM. Packed with powerful new features, important bug fixes, and thoughtful optimizations, this update is designed to make your development experience smoother, faster, and more reliable, especially after now starting to take 100s of comments and bug reports from our community.
Please continue to test your applications as we continue to push forwards towards stable release this winter.
https://www.ortussolutions.com/blog/boxlang-100-beta-23-launched

12/2/24 - Blog - Ortus Solutions - BoxLang Monthly Newsletter - November Recap 2024
This month, we’re excited to share the latest developments, updates, and opportunities from the BoxLang ecosystem. From groundbreaking beta releases to insightful new tools and community highlights, there’s something for every modern web developer.
Dive into our November Recap to explore how BoxLang is shaping the future of web development and discover ways to get involved. Don’t miss exclusive content, upcoming events, and special offers designed to keep you ahead of the curve in the JVM ecosystem.
Let’s continue building the future of modern software development, together!
https://www.ortussolutions.com/blog/boxlang-monthly-newsletter-november-recap-2024

CFML Jobs

Several positions available on https://www.getcfmljobs.com/

Listing over 22 ColdFusion positions from 21 companies across 15 locations in 5 Countries.

1 new jobs listed in the last two weeks


Full-Time - Coldfusion Developer at Washington D.C - United States
Nov 27
https://www.getcfmljobs.com/jobs/index.cfm/united-states/ColdFusionDev-at-Washington-DC/11650

ForgeBox Module of the Week

Cbturnstile
  • Released today 12/10/24 by David Sedeño
  • Easy Turnstile Integration: Simplifies adding Cloudflare Turnstile CAPTCHA to your forms.
  • Server-Side Validation: Provides a service to validate CAPTCHA responses securely.
  • Customizable Configuration: Supports site and secret key setup in ColdBox settings.
  • ColdBox 7+ Ready: Compatible with modern ColdBox module settings.
  • Quick Form Usage: Includes a helper view for rendering CAPTCHA widgets in forms.
  • Detailed Validation Data: Returns metadata like success status, errors, and challenge timestamps.

CloudFlare Turnstile Key Features
  • User-Friendly: No puzzles or image challenges; works silently in the background.
  • Privacy-Focused: No tracking or cookies; complies with privacy laws like GDPR.
  • Advanced Bot Detection: Uses behavior analysis and browser checks to identify bots.
  • Customizable: Easy to integrate via JavaScript or APIs for various platforms.
  • Free to Use: Available without needing other Cloudflare services.
  • Cross-Platform: Compatible with modern browsers and mobile-friendly.

https://forgebox.io/view/cbturnstile


VS Code Hint, Tip, and Trick of the Week

Code Spell Checker
  • Detects spelling errors in comments, strings, and plain text.
  • Works with all programming languages in VS Code.
  • Supports custom and project-specific dictionaries.
  • Includes additional language dictionaries for multilingual projects.
  • Allows ignoring specific files, folders, or patterns.
  • Recognizes programming-specific terms and syntax.
  • Enables quick addition of words to personal dictionaries.
  • Provides real-time spell-checking as you type.
  • Allows workspace-wide spell checks on demand.

https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker


Thank you to all of our Patreon Supporters (jolly)

These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox, ContentBox, TestBox and all the other boxes keep getting the continuous development they need, 

Their Contributions fund the cloud infrastructure at our community relies on like 
  • ForgeBox for our 
  • Package Management with CommandBox. 

You can support us on Patreon here https://www.patreon.com/ortussolutions


Don’t forget, we have Annual Memberships, pay for the year and save 10% - great for businesses everyone.

  • Bronze Packages and up, now get a ForgeBox Pro and CFCasts subscriptions as a perk for their Patreon Subscription.
  • All Patreon supporters have a Profile badge on the Community Website
  • All Patreon supporters have their own Private Forum access on the Community Website
  • All Patreon supporters have their own Private Channel access BoxTeam Slack

https://community.ortussolutions.com/

Top Patreons (jolly)

John Wilson - Synaptrix
Tomorrows Guides
Jordan Clark
Gary Knight
Giancarlo Gomez
David Belanger
Dan Card
James Moberg & Jeffry McGee - Sunstar Media
Dean Maunder
Kevin Wright
Doug Cain
Nolan Erck
Abdul Raheen

And many more Patreons - up to 59 now!!!!!

You can see an up to date list of all sponsors on Ortus Solutions' Website
https://ortussolutions.com/about-us/sponsors

Thanks everyone!!!









★ Support this podcast on Patreon ★

Switch to Modernize or Die ® Podcast - SoapBox Edition - Switch to Modernize or Die ® Podcast - Conference Edition

Powered by

Music from this podcast used under Royalty Free license from SoundDotCom and BlueTreeAudio

© 2019 Ortus Solutions