2022-02-01 Weekly News - Episode 133Watch the video version on YouTube at
https://youtu.be/6tJ1eEzQ398Hosts: Eric Peterson - Senior Developer for Ortus Solutions
Brad Wood - Software Consultant for Ortus Solutions
Thanks to our Sponsor - Ortus Solutions
The makers of ColdBox, CommandBox, ForgeBox, TestBox and almost every other Box out there.
A few ways to say thanks back to Ortus Solutions:
Patreon SupportWe have 37 patreons providing 96% of the funding for our Modernize or Die Podcasts via our Patreon site:
https://www.patreon.com/ortussolutions.
News and Events
State of the CF Union 2022 Survey Released
Help us find out the state of the CF Union – what versions of CFML Engine do people use, what frameworks, tools etc.
https://teratech.com/state-of-the-cf-union-2022-surveyICYMI - Ortus Webinar - cbwire + Alpine.js with Grant Copley
In this webinar, Grant, lead developer for cbwire, will showcase how to build modern, reactive CFML apps easily using very little JavaScript.
https://cfcasts.com/series/ortus-webinars-2022/videos/grant-copley-on-cbwire-+-alpine_jsHawaii CFUG - Using CFCs in your ColdFusion Applications with John Barrett
Friday, February 25, 2022 - 5:00 PM CT - Central Time (US and Canada)
This will be a talk on using CFCs in your ColdFusion applications. Creating and developing applications using CFCs enables you to separate the code logic from the design and presentation. Utilizing CFCs and creating a clear structured format for your code will help reduce the complexity of logic within your pages and improve the application speed. Having a clearly structured, the well-organized code base will make it easier to develop as an individual and share resources within a team. This is the instant benefit of CFC development.
https://www.meetup.com/hawaii-coldfusion-meetup-group/events/283506895/https://cfhawaii.net/CommandBox Workflow Magic (modules to speed up CF development), with Brad Wood
Brad Wood talks about “CommandBox Workflow magic (modules to speed up CF development)” in this episode of the CF Alive Podcast, with host Michaela Light.
https://teratech.com/podcast/commandbox-workflow-magic-modules-to-speed-up-cf-development-with-brad-wood/Adobe Workshops
More Adobe #ColdFusion Workshops announced, lead by Damien Bruyndonckx
2 dates announced:
February 2, 2022
9.00 AM - 4.30 PM CET (Central European Time)
1.30 PM - 9.00 PM IST (Indian Standard Time)
March 09, 2022
9.00 AM - 4.30 PM CET (Central European Time)
1.30 PM - 9.00 PM IST (Indian Standard Time)
Register online at
https://cf-workshop.meetus.adobeevents.com/ CFCasts Content Updates
https://www.cfcasts.com Just Released Conferences and Training
ICYMI - VueJS Nation ConferenceOnline Live Event
January 26th & 27th 2022
Register for Free and Watch the VODs
https://vuejsnation.com/ DevNexus 2022April 12-14, 2022
Atlanta, GA
Brad & Luis will be speaking
Luis - Alpine.js: Declare and React with Simplicity
Brad - What's a Pull Request? (Contributing to Open Source)
https://devnexus.com/Into The Box 2022
Tentative dates - September 27-30
More conferencesNeed more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/Blogs, Tweets, and Videos of the WeekTweet - Brad Wood - X-Forwarded-For in CommandBox vNextFair warning-- for a more secure-by-default behavior, CommandBox vNext will no longer trust X-Forwarded-For HTTP headers unless you configure it to. This is to prevent IP-based access control being circumvented. https://ortussolutions.atlassian.net/browse/COMMANDBOX-1424 #CFML #ColdFusion #InfoSec #SecureByDefault
https://twitter.com/bdw429s/status/1486763129216409620https://twitter.com/bdw429sTweet - Zac Spitzer - M1 support in Lucee 5.3.9.61-SNAPSHOTJust merged in native M1 support for Macs in Lucee 5.3.9.61-SNAPSHOT RC1 comes out next week, we've just been battling getting rid of the last vestiges of log4j1 try it out via #Commandbox https://luceeserver.atlassian.net/browse/LDEV-3536 #lucee #cfml
https://twitter.com/zackster/status/1487109711451377666https://twitter.com/zacksterSupplemental - Dan Abramov - npm audit: Broken by DesignCommentary about the auditing woes
https://overreacted.io/npm-audit-broken-by-design/Blog - Ben Nadel - I Always Design The Database Schema First, Then The ColdFusion CodeThroughout my career, I've often heard that it is a best practice to design your "Domain Objects" and your "Business Logic" first and then, eventually, to design a database schema that allows your domain objects to be persisted. I've even seen many ORM (Object-Relational Mapping) systems that will happily churn-out database schemas based solely on your Objects (and their metadata). Personally, I've never done this. In fact, I find this approach to be antagonistic to how my brain operates. When I'm working on a ColdFusion application (or a feature therein), I always start with the database schema first and then layer the ColdFusion application upon it using an iterative, ground-up approach.
https://www.bennadel.com/blog/4191-i-always-design-the-database-schema-first-then-the-coldfusion-code.htmBlog - Ben Nadel - Turning Off "InvalidTag" ScriptProtect Safely In ColdFusion 2021The other day, I wrote an article about dynamically generating <script> tags using Umbrella JS. Historically, writing about the <script> tag has been somewhat challenging - from a technical standpoint - because the ColdFusion server goes out of its way to protect You from persisted Cross-Site Scripting (XSS) attacks. It does this by scanning input scopes (ex, url, form, cgi, cookie) and replacing suspicious tag names (ex, script, object, embed, applet, iframe) with the phrase "InvalidTag". I was able to turn this behavior off using the Application.cfc setting, this.scriptProtect="none". This feels like a scary step, however; so, I wanted to just think out loud about why this is safe to do in my particular context.
https://www.bennadel.com/blog/4194-turning-off-invalidtag-scriptprotect-safely-in-coldfusion-2021.htmBlog - Ben Nadel - Ask Ben: Converting An XML Document Into A Nested ColdFusion StructIt's been a long, long time since I've done an Ask Ben question; but, I recently received a question about XML document parsing in ColdFusion and I thought this would be a good opportunity to get back into the swing of things. In this post, I'm going to be using a recursive, depth-first traversal algorithm to iterative create a nested structure based on the an XML configuration document.
https://www.bennadel.com/blog/4193-ask-ben-converting-an-xml-document-into-a-nested-coldfusion-struct.htmCFML JobsSeveral positions available on
https://www.getcfmljobs.com/Listing over 32 ColdFusion positions from 20 companies across 20 locations in 5 Countries
3 new jobs listed
Full-Time - Software Developer - ColdFusion at Overland Park, KS - United States
Jan 27
https://www.getcfmljobs.com/jobs/index.cfm/united-states/Software-Developer-ColdFusion-at-Overland-Park-KS/11418Full-Time - Software Developer - Database and ColdFusion Developer at Hobart TAS
Jan 27
https://www.getcfmljobs.com/jobs/index.cfm/australia/Database-and-ColdFusion-Developer-at-Hobart-TAS/11419Full-Time - Software Developer - Coldfusion Developer at Halifax, ON - United States
Jan 27
https://www.getcfmljobs.com/jobs/index.cfm/canada/Coldfusion-Developer-at-Halifax-ON/11417Other Job Links
https://www.venntro.com/careers
ForgeBox Module of the Week
totp
By Ortus Solutions
A CFML Implementation of Time-based One-time Passwords
Create secrets, authenticator urls, and QR codes for new TOTP tokens.
Generate tokens and verify those tokens using the given secrets.
https://forgebox.io/view/totpVS Code Hint Tips and Tricks of the Week
Hyper Key
This idea involves mapping Shift-Control-Option-Command to the caps lock key. Using the hyper key opens your keyboard up to a ton of new easily triggered shortcuts.
Mac:
https://www.macsparky.com/blog/2021/2/hyper-key-via-bettertouchtool/Windows:
https://gist.github.com/mitcdh/33aaf96ce2636d0c9e8ed9473059fa93Linux:
https://askubuntu.com/questions/1133312/how-do-i-remap-caps-lock-to-hyper-key-in-ubuntu-18-04Thank you to all of our Patreon SupportersThese individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox, ContentBox, TestBox and all the other boxes keep getting the continuous development they need, and funds the cloud infrastructure at our community relies on like ForgeBox for our Package Management with CommandBox.
You can support us on Patreon here
https://www.patreon.com/ortussolutionsNow offering Annual Memberships, pay for the year and save 10% - great for businesses.