Modernize or Die® - CFML News Podcast for January 23rd, 2024 - Episode 210
2024-01-23 Weekly News — Episode 210
Watch the video version on YouTube at https://www.youtube.com/watch?v=K2-hjkIsSvg
Hosts:
Watch the video version on YouTube at https://www.youtube.com/watch?v=K2-hjkIsSvg
Hosts:
- Gavin Pickin - Senior Developer at Ortus Solutions
- Eric Peterson - Senior Developer at Ortus Solutions
Thanks to our Sponsor - Ortus Solutions
The makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there.
A few ways to say thanks back to Ortus Solutions:
- Buy workshop tickets to CF Summit East
- Buy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/
- Like and subscribe to our videos on YouTube.
- Help ORTUS reach for the Stars - Star and Fork our Repos
- Star all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github
- Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOW
- Sign up for a free or paid account on CFCasts, which is releasing new content regularly
- BOXLife store: https://www.ortussolutions.com/about-us/shop
- Buy Ortus’s Books
- 102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)
- Now on Amazon!
- https://www.amazon.com/dp/B0CJHB712M
- Learn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes
Patreon Support (staunch)
We have 38 patreons:
https://www.patreon.com/ortussolutions.
News and Announcements
ColdBox 7 Workshop at Adobe CF Summit East 2024
A Deep Dive into ColdBox 7.2 -
Date: April 25th - 26th, 2024 | After Adobe CFSummit East
Speakers: Luis Majano, creator of ColdBox
Elevate Your CFML Development Skills!
Master ColdBox 7.2 from the Ground Up in Our Workshop Following CFSummit East 2024
Calling all CFML developers and enthusiasts! We are thrilled to announce an upcoming event that promises to elevate your skills and empower you with ColdBox's latest updates and features. This two-day workshop is led by the creator of ColdBox, Luis Majano. You'll dive into ColdBox 7.2, exploring new features, updates, and fixes to build modern, high-quality projects.
Whether you're a beginner looking to jumpstart your journey into the MVC ecosystem or an experienced developer seeking to refine your ColdBox skills, this workshop is designed to meet your needs. Get ready for an immersive experience that keeps you at the forefront of ColdBox development!
Tickets are limited, get yours now and save with early bird pricing
https://www.ortussolutions.com/blog/a-deep-dive-into-coldbox-72
ITB Workshops and Speakers announced - more to come!!!
https://www.intothebox.org/
CFCamp Call for Speakers is Open - CFP closes at March 17, 2024 23:30 UTC
Last year’s CFCamp 2023 was our first event after a forced-upon-us pandemic break and we were really happy how the conference was re-adopted by the community and that we were able to run in a reasonable and yet safe environment. So….
CFCamp is back for a 2024 edition.
Would you like to meet the German and European CFML web developer communities, listen to expert speakers and find out all about the latest trends around CFML and associated technologies? Then join us at CFCamp 2024, Europe’s largest conference on CFML, Lucee, Adobe ColdFusion and associated technologies.
Look at recommended topics - big variety
https://www.papercall.io/cfcamp2024
Ben Nadel Released his Book - Feature Flags Book - Transforming Your Product Development Workflow
In my tenure as co-founder and principal engineer at InVision, I went from never having heard of "Feature Flags" (aka "feature toggles" aka "feature switches"); to seeing them become widely adopted by our engineering team; to witnessing a complete transformation with regard to how our company approached product development. For me, feature flags are as transformational as databases—they are as important as both logs and metrics. I cannot imagine creating another product without them.
I believe that I have a perspective worth sharing. I want to help people see the magic that I see. I want to help teams deliver value to their customers with love and empathy and without fear.
https://featureflagsbook.com/
New Releases and Updates
ColdBox Debugger v4.2 - Unleashing a Wave of Debugging Power!
In the ever-evolving landscape of web development, staying ahead requires cutting-edge tools. Enter ColdBox Debugger v4.2.0, the latest release that promises an action-packed experience with a plethora of features, improvements, and bug fixes. This update introduces the Hyper Collector, allowing you to track Hyper HTTP/S requests effortlessly with aggregated data on total time, slowest requests, grouping, and timelines. Lucee SQL Collector now enables profiling of SQL queries, providing valuable insights into your Lucee-powered applications. The addition of Heap Dump Support empowers users to generate Java heap dumps for offline analysis, ideal for debugging memory leaks and ensuring system stability. A revamped Request Dock and enhanced SQL/JSON formatting contribute to an improved user interface. Moreover, the ability to add timers manually and download heap dump snapshots adds versatility to your debugging toolkit.
ColdBox Debugger v4.2.0 is not just an upgrade; it's a leap forward in simplifying the debugging process and enhancing overall development efficiency. Explore the new features and take your debugging game to new heights!
https://www.ortussolutions.com/blog/coldbox-debugger-v42-unleashing-a-wave-of-debugging-power
CBWIRE 3.2 Released
Hey there CBWIRE enthusiasts! 👋 It's an exciting time in the world of ColdFusion Markup Language (CFML) development as CBWIRE 3.2 rolls out with some nifty new features that are set to make your development process smoother and more efficient. Let's dive right into the highlights of this latest release!
https://www.ortussolutions.com/blog/cbwire-32-released
Webinars, Meetups and Workshops
Online CFMeetup - The Many Capabilities of CF Package Management and cfpm" with Charlie Arehart #305
Thursday, January 25, 2024
9:00 AM PST
You may or may not have heard that CF2021 added a new tool called cfpm, the ColdFusion Package Manager. It was introduced in CF2021, and while some are aware that it can help manage the new modular packages-based design of ColdFusion, many are unaware of the many features of this cfpm tool--and how this package management mechanism can be used to their advantage.
In this talk, veteran CF troubleshooter Charlie Arehart will introduce the feature (CF's package-based design and the package manager), including identifying the way it can manage the packages used in a current CF instance as well as in automating creation of new instances. Perhaps most useful, we'll see how the tool offers a mechanism to SCAN your CFML code base to identify what packages you would need. We'll also see how the tool can help with updating CF, as well as managing the update download "repo". And speaking of updates, we'll discuss ways the cfpm/package mechanism has evolved in updates since the release of CF2021 and in CF2023.
ICYMI - Online CFMeetup - Charlie has presented a few talks recently
Jan 18, 2024 - "Updating the Java underlying ColdFusion: considering/doing it" - Charlie Arehart
Meetup: https://www.meetup.com/coldfusionmeetup/events/298589384/
Recording: https://www.youtube.com/watch?v=iAJf52lJ_TQ&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=2&pp=iAQB
Dec 21, 2023 - "Installing CF2023: choices, challenges, and solutions" - Charlie Arehart
Meetup: https://www.meetup.com/coldfusionmeetup/events/298025246/
Recording: https://www.youtube.com/watch?v=-vflHUshJ5w&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=4&pp=iAQB
Dec 14, 2023 - "Migrating apps to ColdFusion 2023 from earlier versions" - Charlie Arehart
Meetup: https://www.meetup.com/coldfusionmeetup/events/297907008/
Recording: https://www.youtube.com/watch?v=vUBcJ1xcyxI&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=5&pp=iAQB
Conferences and Training
ITB 2024
We have 38 patreons:
https://www.patreon.com/ortussolutions.
News and Announcements
ColdBox 7 Workshop at Adobe CF Summit East 2024
A Deep Dive into ColdBox 7.2 -
Date: April 25th - 26th, 2024 | After Adobe CFSummit East
Speakers: Luis Majano, creator of ColdBox
Elevate Your CFML Development Skills!
Master ColdBox 7.2 from the Ground Up in Our Workshop Following CFSummit East 2024
Calling all CFML developers and enthusiasts! We are thrilled to announce an upcoming event that promises to elevate your skills and empower you with ColdBox's latest updates and features. This two-day workshop is led by the creator of ColdBox, Luis Majano. You'll dive into ColdBox 7.2, exploring new features, updates, and fixes to build modern, high-quality projects.
Whether you're a beginner looking to jumpstart your journey into the MVC ecosystem or an experienced developer seeking to refine your ColdBox skills, this workshop is designed to meet your needs. Get ready for an immersive experience that keeps you at the forefront of ColdBox development!
Tickets are limited, get yours now and save with early bird pricing
https://www.ortussolutions.com/blog/a-deep-dive-into-coldbox-72
ITB Workshops and Speakers announced - more to come!!!
https://www.intothebox.org/
CFCamp Call for Speakers is Open - CFP closes at March 17, 2024 23:30 UTC
Last year’s CFCamp 2023 was our first event after a forced-upon-us pandemic break and we were really happy how the conference was re-adopted by the community and that we were able to run in a reasonable and yet safe environment. So….
CFCamp is back for a 2024 edition.
Would you like to meet the German and European CFML web developer communities, listen to expert speakers and find out all about the latest trends around CFML and associated technologies? Then join us at CFCamp 2024, Europe’s largest conference on CFML, Lucee, Adobe ColdFusion and associated technologies.
Look at recommended topics - big variety
https://www.papercall.io/cfcamp2024
Ben Nadel Released his Book - Feature Flags Book - Transforming Your Product Development Workflow
In my tenure as co-founder and principal engineer at InVision, I went from never having heard of "Feature Flags" (aka "feature toggles" aka "feature switches"); to seeing them become widely adopted by our engineering team; to witnessing a complete transformation with regard to how our company approached product development. For me, feature flags are as transformational as databases—they are as important as both logs and metrics. I cannot imagine creating another product without them.
I believe that I have a perspective worth sharing. I want to help people see the magic that I see. I want to help teams deliver value to their customers with love and empathy and without fear.
https://featureflagsbook.com/
New Releases and Updates
ColdBox Debugger v4.2 - Unleashing a Wave of Debugging Power!
In the ever-evolving landscape of web development, staying ahead requires cutting-edge tools. Enter ColdBox Debugger v4.2.0, the latest release that promises an action-packed experience with a plethora of features, improvements, and bug fixes. This update introduces the Hyper Collector, allowing you to track Hyper HTTP/S requests effortlessly with aggregated data on total time, slowest requests, grouping, and timelines. Lucee SQL Collector now enables profiling of SQL queries, providing valuable insights into your Lucee-powered applications. The addition of Heap Dump Support empowers users to generate Java heap dumps for offline analysis, ideal for debugging memory leaks and ensuring system stability. A revamped Request Dock and enhanced SQL/JSON formatting contribute to an improved user interface. Moreover, the ability to add timers manually and download heap dump snapshots adds versatility to your debugging toolkit.
ColdBox Debugger v4.2.0 is not just an upgrade; it's a leap forward in simplifying the debugging process and enhancing overall development efficiency. Explore the new features and take your debugging game to new heights!
https://www.ortussolutions.com/blog/coldbox-debugger-v42-unleashing-a-wave-of-debugging-power
CBWIRE 3.2 Released
Hey there CBWIRE enthusiasts! 👋 It's an exciting time in the world of ColdFusion Markup Language (CFML) development as CBWIRE 3.2 rolls out with some nifty new features that are set to make your development process smoother and more efficient. Let's dive right into the highlights of this latest release!
https://www.ortussolutions.com/blog/cbwire-32-released
Webinars, Meetups and Workshops
Online CFMeetup - The Many Capabilities of CF Package Management and cfpm" with Charlie Arehart #305
Thursday, January 25, 2024
9:00 AM PST
You may or may not have heard that CF2021 added a new tool called cfpm, the ColdFusion Package Manager. It was introduced in CF2021, and while some are aware that it can help manage the new modular packages-based design of ColdFusion, many are unaware of the many features of this cfpm tool--and how this package management mechanism can be used to their advantage.
In this talk, veteran CF troubleshooter Charlie Arehart will introduce the feature (CF's package-based design and the package manager), including identifying the way it can manage the packages used in a current CF instance as well as in automating creation of new instances. Perhaps most useful, we'll see how the tool offers a mechanism to SCAN your CFML code base to identify what packages you would need. We'll also see how the tool can help with updating CF, as well as managing the update download "repo". And speaking of updates, we'll discuss ways the cfpm/package mechanism has evolved in updates since the release of CF2021 and in CF2023.
ICYMI - Online CFMeetup - Charlie has presented a few talks recently
Jan 18, 2024 - "Updating the Java underlying ColdFusion: considering/doing it" - Charlie Arehart
Meetup: https://www.meetup.com/coldfusionmeetup/events/298589384/
Recording: https://www.youtube.com/watch?v=iAJf52lJ_TQ&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=2&pp=iAQB
Dec 21, 2023 - "Installing CF2023: choices, challenges, and solutions" - Charlie Arehart
Meetup: https://www.meetup.com/coldfusionmeetup/events/298025246/
Recording: https://www.youtube.com/watch?v=-vflHUshJ5w&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=4&pp=iAQB
Dec 14, 2023 - "Migrating apps to ColdFusion 2023 from earlier versions" - Charlie Arehart
Meetup: https://www.meetup.com/coldfusionmeetup/events/297907008/
Recording: https://www.youtube.com/watch?v=vUBcJ1xcyxI&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=5&pp=iAQB
Conferences and Training
ITB 2024
- Location: Optica in Washington, DC
- Announcement Blog Post: https://www.ortussolutions.com/blog/our-into-the-box-2024-venue-and-dates-are-set
- Dates: May 15-17, 2024
- https://www.eventbrite.com/e/into-the-box-2024-the-new-era-of-modernization-tickets-663126347757
- Call for Speakers: CLOSED
- First batches of sessions and workshops have been announced: https://www.intothebox.org/
- Workshops have been announced
Save the Date: CFCamp 2024
- Location: Munich, Freising, Germany
- Dates: June 13-14, 2024
- Call for Speakers: https://www.papercall.io/cfcamp2024
- Twitter Link: https://twitter.com/cf_camp/status/1736705195927646236
- Facebook Link: https://t.co/YKU4dhuHEO
- https://www.cfcamp.org/
More conferences
Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/
Blogs, Tweets, and Videos of the Week
1/4/24 - Blog - Majo Herrera - Ortus Solutions - A Deep Dive into ColdBox 7.2
Elevate Your CFML Development Skills!
Master ColdBox 7.2 from the Ground Up in Our Workshop Following CFSummit East 2024
Calling all CFML developers and enthusiasts! We are thrilled to announce an upcoming event that promises to elevate your skills and empower you with ColdBox's latest updates and features. This two-day workshop is led by the creator of ColdBox, Luis Majano. You'll dive into ColdBox 7.2, exploring new features, updates, and fixes to build modern, high-quality projects.
Whether you're a beginner looking to jumpstart your journey into the MVC ecosystem or an experienced developer seeking to refine your ColdBox skills, this workshop is designed to meet your needs. Get ready for an immersive experience that keeps you at the forefront of ColdBox development!
Tickets are limited, get yours now and save with early bird pricing
https://www.ortussolutions.com/blog/a-deep-dive-into-coldbox-72
1/4/24 - Blog - Grant Copley - CBWIRE 3.2 Released
Hey there CBWIRE enthusiasts! 👋 It's an exciting time in the world of ColdFusion Markup Language (CFML) development as CBWIRE 3.2 rolls out with some nifty new features that are set to make your development process smoother and more efficient. Let's dive right into the highlights of this latest release!
https://www.ortussolutions.com/blog/cbwire-32-released
1/11/24 - Blog - Luis Majano - ColdBox Debugger v4.2 - Unleashing a Wave of Debugging Power!
In the ever-evolving landscape of web development, staying ahead requires cutting-edge tools. Enter ColdBox Debugger v4.2.0, the latest release that promises an action-packed experience with a plethora of features, improvements, and bug fixes. This update introduces the Hyper Collector, allowing you to track Hyper HTTP/S requests effortlessly with aggregated data on total time, slowest requests, grouping, and timelines. Lucee SQL Collector now enables profiling of SQL queries, providing valuable insights into your Lucee-powered applications. The addition of Heap Dump Support empowers users to generate Java heap dumps for offline analysis, ideal for debugging memory leaks and ensuring system stability. A revamped Request Dock and enhanced SQL/JSON formatting contribute to an improved user interface. Moreover, the ability to add timers manually and download heap dump snapshots adds versatility to your debugging toolkit.
ColdBox Debugger v4.2.0 is not just an upgrade; it's a leap forward in simplifying the debugging process and enhancing overall development efficiency. Explore the new features and take your debugging game to new heights!
https://www.ortussolutions.com/blog/coldbox-debugger-v42-unleashing-a-wave-of-debugging-power
1/16/24 - Blog - Charlie Arehart - New updates released for Java 8, 11, 17, and 21 as of Jan 16 2024: resources and thoughts
It's that time again: there are new JVM updates released today (Jan 16, 2024) for the current long-term support (LTS) releases of Oracle Java, 8, 11, 17, and 21.
TLDR: The new updates are 1.8.0_401 (aka 8u401), 11.0.22, 17.0.10, and 21.0.2 respectively). For more on each of them, including what changed and the security fixes they each contain (including their CVE scores regarding urgency of concerns), see the Oracle resources I list below. Oracle calls them "critical patch updates" (yep, CPU), but they are in fact scheduled quarterly updates, so that "critical" nomenclature may sometimes be a bit overstated. Again, more details below. And as is generally the case with these Java updates, most of them have the same changes and fixes across the four JVM versions, though not always.
https://www.carehart.org/blog/2024/1/16/java_updates_jan_2024
1/17/24 - Blog - Charlie Arehart - Several things to consider when applying JVM updates
If you learn there's a new Java update available, it may well be relatively simple for you to apply that update, but if you're running important applications that rely on Java, it's in your interest to give some consideration to various matters related to doing such an update.
And as important, if you may have skipped some Java updates before this one, there are some additional points to consider regarding some potentially important changes in updates you may be skipping.
https://www.carehart.org/blog/2024/1/17/jvm_update_considerations
Ben Nadel Corner
1/4/24 - Blog - Ben Nadel - Considering The Ergonomics Of Tags And Objects In ColdFusion
The other day, I had to add an HTTP call from my ColdFusion application to the Postmark API. The results of this API call determine whether or not the current workflow can continue executing; which makes the stability of this API call rather important. In an ideal world, I would have added some retry logic to the CFHttp tag. But, CFHttp doesn't have any in-built retry mechanics. This got me thinking about what it would take to add a retry abstraction to my CFHttp workflow; which, in turn, got me thinking about the overall developer ergonomics of tags and objects in ColdFusion...
https://www.bennadel.com/blog/4571-considering-the-ergonomics-of-tags-and-objects-in-coldfusion.htm
1/5/24 - Blog - Ben Nadel - Proof Of Concept: CFHttp With A Retry Policy In ColdFusion
Yesterday, I was considering the ergonomics of Tags and Objects in ColdFusion. The thing that got me started down that path was the
https://www.bennadel.com/blog/4572-proof-of-concept-cfhttp-with-a-retry-policy-in-coldfusion.htm
1/6/24 - Blog - Ben Nadel - Follow-Up On Error Handling During Async Iteration In ColdFusion
I started to write this blog post, having completely forgotten that I already explored this exact topic back in 2020: A Closer Look At Error Handling During Parallel Array Iteration. In an ironic twist of fate, however, this turns out to be a helpful oversight because the error handling behavior has changed in Lucee CFML since that post; and, is now divergent from Adobe ColdFusion's implementation. As such, even though it's a bit redundant, I think it's still worthy of a quick look at error handling during async iteration in ColdFusion - 2024 edition!..
https://www.bennadel.com/blog/4573-follow-up-on-error-handling-during-async-iteration-in-coldfusion.htm
1/8/24 - Blog - Ben Nadel - Using Cloudflare Turnstile reCAPTCHA-Alternative In ColdFusion
A couple of weeks ago, I looked at using Google's reCAPTCHA to block spam in my Dig Deep Fitness website. In response to that post, Alex Skinner suggested that I look into Cloudflare Turnstile. I wasn't having any issues with reCAPTCHA. But, I do love Cloudflare as a company; so, I figured it'd be fun to take a look. Here's a quick demo of using Cloudflare Turnstile in order to block spam in ColdFusion…
https://www.bennadel.com/blog/4574-using-cloudflare-turnstile-recaptcha-alternative-in-coldfusion.htm
1/9/24 - Blog - Ben Nadel - Lessons Learned From Sending 7 Million Emails In 5 Days Using ColdFusion
At work, I was asked to send an email notification to every one of our users. When originally presented with this problem, I said it was a terrible idea—that there are professional services that do exactly this thing; and, that I have no experience sending a massive amount of emails; and, that anything I built would end up being the "Dollar Store" version of such a feature. None of this persuaded the powers-that-be. And so, I ended up building a small ColdFusion system that just finished sending 7 million emails in 5 days. It was a lot less complicated than I had anticipated; but, we learned a number of important lessons along the way…
https://www.bennadel.com/blog/4575-lessons-learned-from-sending-7-million-emails-in-5-days-using-coldfusion.htm
1/10/24 - Blog - Ben Nadel - Consuming Large Configuration Files Inside A ColdFusion Component
A few weeks ago, I stumbled across a GitHub repository that maintains a large collection (3K+) of disposable email address domains. These are domains that will generate a random email address that is only valid for a short period of time. I was considering adding some email validation logic to one of my ColdFusion applications; which is when I had to decide where to put the list of domains in my ColdFusion code. This isn't a use-case that I encounter very often, so I wanted to do a quick write-up…
https://www.bennadel.com/blog/4577-consuming-large-configuration-files-inside-a-coldfusion-component.htm
1/11/24 - Blog - Ben Nadel - Using Per-Application Mappings To Alias Files In ColdFusion
For as long as I can remember, I've been using the per-application mappings in ColdFusion to alias directories. And then, using those aliases to prefix file paths and CFInclude template paths. Yesterday, however, as I was looking at consuming configuration files in ColdFusion, it occurred to me that per-application mappings might be able to do more than provide prefixes—they might be able to alias full file paths. I can't believe this never occurred to me before; so, I wanted to try it out in both Adobe ColdFusion and Lucee CFML…
https://www.bennadel.com/blog/4578-using-per-application-mappings-to-alias-files-in-coldfusion.htm
1/13/24 - Blog - Ben Nadel - Timeboxing Code Execution In ColdFusion
In my post earlier this week, about sending 7 million emails in 5 days, I mentioned that the underlying mechanics were driven by a ColdFusion scheduled task that executes every 5 minutes. In order to prevent scheduled tasks—like this one—from overlapping in execution, I will often include timeboxing logic that makes sure that a given algorithm executes within a given time period. Seeing that I use this logic in a number of places, I wanted to think about what an abstraction for timeboxing code might look like in ColdFusion...
https://www.bennadel.com/blog/4579-timeboxing-code-execution-in-coldfusion.htm
1/18/24 - Blog - Ben Nadel - Define Your Email Content Using Pure Templates In ColdFusion
In general, when rendering content in a ColdFusion application, I find it best to define your view templates as "pure templates". Meaning, the rendering logic within the view template file is completely driven by inputs that are either passed into that template (as a module attribute) or made available to that template (as an include context). This keeps the view template devoid of data fetching and manipulation logic. An email template is, essentially, a view template that's rendered to the CFMail tag instead of being rendered to the browser. As such, the same "pure template" principles should be applied...
https://www.bennadel.com/blog/4581-define-your-email-content-using-pure-templates-in-coldfusion.htm
1/20/24 - Blog - Ben Nadel - Generating Secure URL Signatures To Prevent Tampering In ColdFusion
Earlier this week, I was talking to my colleague, Max Nunes, about generating a URL that was locked-down for a single user's consumption. We settled on including a secure URL signature that prevented tampering. I've used URL signatures in the past, but I don't believe that I've ever addressed them directly. As such, I wanted to run through generating and validating a URL signature in ColdFusion.
https://www.bennadel.com/blog/4582-generating-secure-url-signatures-to-prevent-tampering-in-coldfusion.htm
1/23/24 - Blog - Ben Nadel - Always Identify Your Calling Service Within The HTTP User Agent Header
As part of a large cost-cutting initiative, we recently canceled our Pingdom uptime monitoring service (which is no knock against the Pingdom service itself). But, when I checked our request logs, I saw that we still had steady traffic hitting our Pingdom end-point from the US, Japan, and Ireland. There was nothing in the request logs to help identify who was initiating these requests. And, after some additional debugging code (that I deployed to production), I saw that the requests were coming from a New Relic Synthetic Monitor. To their credit, New Relic included an X-Abuse-Info HTTP header with more information; however, this felt like a good lesson: your calling service should always be identified in the HTTP user agent header.
https://www.bennadel.com/blog/4583-always-identify-your-calling-service-within-the-http-usage-agent-header.htm
CFML Jobs
Several positions available on https://www.getcfmljobs.com/
Listing over 113 ColdFusion positions from 68 companies across 48 locations in 5 Countries.
4 new jobs listed in the last few weeks
Full-Time - Software Engineering Manager (ColdFusion)- Remote at Fort Wa.. - United States Posted: Jan 19
https://www.getcfmljobs.com/jobs/index.cfm/united-states/SoftwareEngManager-ColdFusion/11629
Full-Time - Senior ColdFusion Developer at Remote - United States
Posted: Jan 11
https://www.getcfmljobs.com/jobs/index.cfm/united-states/Senior-CFDeveloper-at-Remote-US/11628
Full-Time - Sr. Technical Lead - CFML Developer at Remote - United States
Posted: Jan 09
https://www.getcfmljobs.com/viewjob.cfm?jobid=11627
Full-Time - Web Developer – ColdFusion at Remote - United States
Posted: Jan 03
https://www.getcfmljobs.com/jobs/index.cfm/united-states/WebDev-ColdFusion-at-Remote-UnitedStates/11626
Other Job Links
There is a jobs channel in the CFML slack team, and in the Box team slack now too
https://xkcd.com/1172/
ForgeBox Module of the Week
ColdBox Debugger Module - CBDebugger - V4.2
The ColdBox Debugger module is a light-weight performance monitor and profiling tool for ColdBox applications. It can generate a nice debugging panel on every rendered page or a dedicated visualizer to make your ColdBox application development nicer, funner and greater! Yes, funner is a word!
The ColdBox debugger is a light-weigth performance monitor and profiler for your ColdBox applications. It tracks your requests, whether Ajax, traditional or REST, it's environment, execution and much more.
New to 4.x
Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/
Blogs, Tweets, and Videos of the Week
1/4/24 - Blog - Majo Herrera - Ortus Solutions - A Deep Dive into ColdBox 7.2
Elevate Your CFML Development Skills!
Master ColdBox 7.2 from the Ground Up in Our Workshop Following CFSummit East 2024
Calling all CFML developers and enthusiasts! We are thrilled to announce an upcoming event that promises to elevate your skills and empower you with ColdBox's latest updates and features. This two-day workshop is led by the creator of ColdBox, Luis Majano. You'll dive into ColdBox 7.2, exploring new features, updates, and fixes to build modern, high-quality projects.
Whether you're a beginner looking to jumpstart your journey into the MVC ecosystem or an experienced developer seeking to refine your ColdBox skills, this workshop is designed to meet your needs. Get ready for an immersive experience that keeps you at the forefront of ColdBox development!
Tickets are limited, get yours now and save with early bird pricing
https://www.ortussolutions.com/blog/a-deep-dive-into-coldbox-72
1/4/24 - Blog - Grant Copley - CBWIRE 3.2 Released
Hey there CBWIRE enthusiasts! 👋 It's an exciting time in the world of ColdFusion Markup Language (CFML) development as CBWIRE 3.2 rolls out with some nifty new features that are set to make your development process smoother and more efficient. Let's dive right into the highlights of this latest release!
https://www.ortussolutions.com/blog/cbwire-32-released
1/11/24 - Blog - Luis Majano - ColdBox Debugger v4.2 - Unleashing a Wave of Debugging Power!
In the ever-evolving landscape of web development, staying ahead requires cutting-edge tools. Enter ColdBox Debugger v4.2.0, the latest release that promises an action-packed experience with a plethora of features, improvements, and bug fixes. This update introduces the Hyper Collector, allowing you to track Hyper HTTP/S requests effortlessly with aggregated data on total time, slowest requests, grouping, and timelines. Lucee SQL Collector now enables profiling of SQL queries, providing valuable insights into your Lucee-powered applications. The addition of Heap Dump Support empowers users to generate Java heap dumps for offline analysis, ideal for debugging memory leaks and ensuring system stability. A revamped Request Dock and enhanced SQL/JSON formatting contribute to an improved user interface. Moreover, the ability to add timers manually and download heap dump snapshots adds versatility to your debugging toolkit.
ColdBox Debugger v4.2.0 is not just an upgrade; it's a leap forward in simplifying the debugging process and enhancing overall development efficiency. Explore the new features and take your debugging game to new heights!
https://www.ortussolutions.com/blog/coldbox-debugger-v42-unleashing-a-wave-of-debugging-power
1/16/24 - Blog - Charlie Arehart - New updates released for Java 8, 11, 17, and 21 as of Jan 16 2024: resources and thoughts
It's that time again: there are new JVM updates released today (Jan 16, 2024) for the current long-term support (LTS) releases of Oracle Java, 8, 11, 17, and 21.
TLDR: The new updates are 1.8.0_401 (aka 8u401), 11.0.22, 17.0.10, and 21.0.2 respectively). For more on each of them, including what changed and the security fixes they each contain (including their CVE scores regarding urgency of concerns), see the Oracle resources I list below. Oracle calls them "critical patch updates" (yep, CPU), but they are in fact scheduled quarterly updates, so that "critical" nomenclature may sometimes be a bit overstated. Again, more details below. And as is generally the case with these Java updates, most of them have the same changes and fixes across the four JVM versions, though not always.
https://www.carehart.org/blog/2024/1/16/java_updates_jan_2024
1/17/24 - Blog - Charlie Arehart - Several things to consider when applying JVM updates
If you learn there's a new Java update available, it may well be relatively simple for you to apply that update, but if you're running important applications that rely on Java, it's in your interest to give some consideration to various matters related to doing such an update.
And as important, if you may have skipped some Java updates before this one, there are some additional points to consider regarding some potentially important changes in updates you may be skipping.
https://www.carehart.org/blog/2024/1/17/jvm_update_considerations
Ben Nadel Corner
1/4/24 - Blog - Ben Nadel - Considering The Ergonomics Of Tags And Objects In ColdFusion
The other day, I had to add an HTTP call from my ColdFusion application to the Postmark API. The results of this API call determine whether or not the current workflow can continue executing; which makes the stability of this API call rather important. In an ideal world, I would have added some retry logic to the CFHttp tag. But, CFHttp doesn't have any in-built retry mechanics. This got me thinking about what it would take to add a retry abstraction to my CFHttp workflow; which, in turn, got me thinking about the overall developer ergonomics of tags and objects in ColdFusion...
https://www.bennadel.com/blog/4571-considering-the-ergonomics-of-tags-and-objects-in-coldfusion.htm
1/5/24 - Blog - Ben Nadel - Proof Of Concept: CFHttp With A Retry Policy In ColdFusion
Yesterday, I was considering the ergonomics of Tags and Objects in ColdFusion. The thing that got me started down that path was the
https://www.bennadel.com/blog/4572-proof-of-concept-cfhttp-with-a-retry-policy-in-coldfusion.htm
1/6/24 - Blog - Ben Nadel - Follow-Up On Error Handling During Async Iteration In ColdFusion
I started to write this blog post, having completely forgotten that I already explored this exact topic back in 2020: A Closer Look At Error Handling During Parallel Array Iteration. In an ironic twist of fate, however, this turns out to be a helpful oversight because the error handling behavior has changed in Lucee CFML since that post; and, is now divergent from Adobe ColdFusion's implementation. As such, even though it's a bit redundant, I think it's still worthy of a quick look at error handling during async iteration in ColdFusion - 2024 edition!..
https://www.bennadel.com/blog/4573-follow-up-on-error-handling-during-async-iteration-in-coldfusion.htm
1/8/24 - Blog - Ben Nadel - Using Cloudflare Turnstile reCAPTCHA-Alternative In ColdFusion
A couple of weeks ago, I looked at using Google's reCAPTCHA to block spam in my Dig Deep Fitness website. In response to that post, Alex Skinner suggested that I look into Cloudflare Turnstile. I wasn't having any issues with reCAPTCHA. But, I do love Cloudflare as a company; so, I figured it'd be fun to take a look. Here's a quick demo of using Cloudflare Turnstile in order to block spam in ColdFusion…
https://www.bennadel.com/blog/4574-using-cloudflare-turnstile-recaptcha-alternative-in-coldfusion.htm
1/9/24 - Blog - Ben Nadel - Lessons Learned From Sending 7 Million Emails In 5 Days Using ColdFusion
At work, I was asked to send an email notification to every one of our users. When originally presented with this problem, I said it was a terrible idea—that there are professional services that do exactly this thing; and, that I have no experience sending a massive amount of emails; and, that anything I built would end up being the "Dollar Store" version of such a feature. None of this persuaded the powers-that-be. And so, I ended up building a small ColdFusion system that just finished sending 7 million emails in 5 days. It was a lot less complicated than I had anticipated; but, we learned a number of important lessons along the way…
https://www.bennadel.com/blog/4575-lessons-learned-from-sending-7-million-emails-in-5-days-using-coldfusion.htm
1/10/24 - Blog - Ben Nadel - Consuming Large Configuration Files Inside A ColdFusion Component
A few weeks ago, I stumbled across a GitHub repository that maintains a large collection (3K+) of disposable email address domains. These are domains that will generate a random email address that is only valid for a short period of time. I was considering adding some email validation logic to one of my ColdFusion applications; which is when I had to decide where to put the list of domains in my ColdFusion code. This isn't a use-case that I encounter very often, so I wanted to do a quick write-up…
https://www.bennadel.com/blog/4577-consuming-large-configuration-files-inside-a-coldfusion-component.htm
1/11/24 - Blog - Ben Nadel - Using Per-Application Mappings To Alias Files In ColdFusion
For as long as I can remember, I've been using the per-application mappings in ColdFusion to alias directories. And then, using those aliases to prefix file paths and CFInclude template paths. Yesterday, however, as I was looking at consuming configuration files in ColdFusion, it occurred to me that per-application mappings might be able to do more than provide prefixes—they might be able to alias full file paths. I can't believe this never occurred to me before; so, I wanted to try it out in both Adobe ColdFusion and Lucee CFML…
https://www.bennadel.com/blog/4578-using-per-application-mappings-to-alias-files-in-coldfusion.htm
1/13/24 - Blog - Ben Nadel - Timeboxing Code Execution In ColdFusion
In my post earlier this week, about sending 7 million emails in 5 days, I mentioned that the underlying mechanics were driven by a ColdFusion scheduled task that executes every 5 minutes. In order to prevent scheduled tasks—like this one—from overlapping in execution, I will often include timeboxing logic that makes sure that a given algorithm executes within a given time period. Seeing that I use this logic in a number of places, I wanted to think about what an abstraction for timeboxing code might look like in ColdFusion...
https://www.bennadel.com/blog/4579-timeboxing-code-execution-in-coldfusion.htm
1/18/24 - Blog - Ben Nadel - Define Your Email Content Using Pure Templates In ColdFusion
In general, when rendering content in a ColdFusion application, I find it best to define your view templates as "pure templates". Meaning, the rendering logic within the view template file is completely driven by inputs that are either passed into that template (as a module attribute) or made available to that template (as an include context). This keeps the view template devoid of data fetching and manipulation logic. An email template is, essentially, a view template that's rendered to the CFMail tag instead of being rendered to the browser. As such, the same "pure template" principles should be applied...
https://www.bennadel.com/blog/4581-define-your-email-content-using-pure-templates-in-coldfusion.htm
1/20/24 - Blog - Ben Nadel - Generating Secure URL Signatures To Prevent Tampering In ColdFusion
Earlier this week, I was talking to my colleague, Max Nunes, about generating a URL that was locked-down for a single user's consumption. We settled on including a secure URL signature that prevented tampering. I've used URL signatures in the past, but I don't believe that I've ever addressed them directly. As such, I wanted to run through generating and validating a URL signature in ColdFusion.
https://www.bennadel.com/blog/4582-generating-secure-url-signatures-to-prevent-tampering-in-coldfusion.htm
1/23/24 - Blog - Ben Nadel - Always Identify Your Calling Service Within The HTTP User Agent Header
As part of a large cost-cutting initiative, we recently canceled our Pingdom uptime monitoring service (which is no knock against the Pingdom service itself). But, when I checked our request logs, I saw that we still had steady traffic hitting our Pingdom end-point from the US, Japan, and Ireland. There was nothing in the request logs to help identify who was initiating these requests. And, after some additional debugging code (that I deployed to production), I saw that the requests were coming from a New Relic Synthetic Monitor. To their credit, New Relic included an X-Abuse-Info HTTP header with more information; however, this felt like a good lesson: your calling service should always be identified in the HTTP user agent header.
https://www.bennadel.com/blog/4583-always-identify-your-calling-service-within-the-http-usage-agent-header.htm
CFML Jobs
Several positions available on https://www.getcfmljobs.com/
Listing over 113 ColdFusion positions from 68 companies across 48 locations in 5 Countries.
4 new jobs listed in the last few weeks
Full-Time - Software Engineering Manager (ColdFusion)- Remote at Fort Wa.. - United States Posted: Jan 19
https://www.getcfmljobs.com/jobs/index.cfm/united-states/SoftwareEngManager-ColdFusion/11629
Full-Time - Senior ColdFusion Developer at Remote - United States
Posted: Jan 11
https://www.getcfmljobs.com/jobs/index.cfm/united-states/Senior-CFDeveloper-at-Remote-US/11628
Full-Time - Sr. Technical Lead - CFML Developer at Remote - United States
Posted: Jan 09
https://www.getcfmljobs.com/viewjob.cfm?jobid=11627
Full-Time - Web Developer – ColdFusion at Remote - United States
Posted: Jan 03
https://www.getcfmljobs.com/jobs/index.cfm/united-states/WebDev-ColdFusion-at-Remote-UnitedStates/11626
Other Job Links
There is a jobs channel in the CFML slack team, and in the Box team slack now too
https://xkcd.com/1172/
ForgeBox Module of the Week
ColdBox Debugger Module - CBDebugger - V4.2
The ColdBox Debugger module is a light-weight performance monitor and profiling tool for ColdBox applications. It can generate a nice debugging panel on every rendered page or a dedicated visualizer to make your ColdBox application development nicer, funner and greater! Yes, funner is a word!
The ColdBox debugger is a light-weigth performance monitor and profiler for your ColdBox applications. It tracks your requests, whether Ajax, traditional or REST, it's environment, execution and much more.
New to 4.x
- ColdBox 7 Support
- WireBoxCollector
- Ability to open CFCs that are profiled by the WireBox Collector in any Code Editor
- Ability to open the Handler events that are profiled by the Request Collector in any Code Editor.
- New Slowest Queries panel for cborm, acf, and qb/quick
- New visualizer total db time as well as request time including percentage of the request time
- Ability to export a profiler in json
- Ability to sort the visualizer's profilers
- New life-cycle events: onDebuggerUnload, onDebuggerLoad
- Hyper Collector
- Lucee SQL Collector
- Heap Dump Support
- New Request Dock
- Improved SQL/JSON Formatting
- Add Timers Manually
- New Github actions for better builds
https://cbdebugger.ortusbooks.com/
https://www.forgebox.io/view/cbdebugger
VS Code Hint Tips and Tricks of the Week
Figma for VS Code
Streamline your design to code workflow with Figma for VS Code
Figma for VS Code lets you navigate and inspect design files, collaborate with designers, track changes, and speed up implementation - all without leaving your text editor. Improve developer productivity by eliminating the context switching and busy work needed to turn designs into code.
This is a beta - but has some cool features
- See and respond to comments and activity in real time
- Get code suggestions based on designs
- Link code files to design components
https://marketplace.visualstudio.com/items?itemName=figma.figma-vscode-extension
Thank you to all of our Patreon Supporters
These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox, ContentBox, TestBox and all the other boxes keep getting the continuous development they need, and funds the cloud infrastructure at our community relies on like ForgeBox for our Package Management with CommandBox.
You can support us on Patreon here https://www.patreon.com/ortussolutions
Don’t forget, we have Annual Memberships, pay for the year and save 10% - great for businesses everyone.
- Bronze Packages and up, now get a ForgeBox Pro and CFCasts subscriptions as a perk for their Patreon Subscription.
- All Patreon supporters have a Profile badge on the Community Website
- All Patreon supporters have their own Private Forum access on the Community Website
- All Patreon supporters have their own Private Channel access BoxTeam Slack
- John Wilson - Synaptrix
- Tomorrows Guides
- Jordan Clark
- Gary Knight
- Giancarlo Gomez
- David Belanger
- Dan Card
- James Moberg & Jeffry McGee - Sunstar Media
- Dean Maunder
- Kevin Wright
- Doug Cain
- Nolan Erck
- Abdul Raheen
And many more Patreons
You can see an up to date list of all sponsors on Ortus Solutions' Website
https://ortussolutions.com/about-us/sponsors
Thanks and Welcome back from your Holidays everyone!!!
Switch to Modernize or Die ® Podcast - SoapBox Edition - Switch to Modernize or Die ® Podcast - Conference Edition
Music from this podcast used under Royalty Free license from SoundDotCom and BlueTreeAudio
© 2019 Ortus Solutions