Patreon Support (supercali)
We have 58 patreons:
https://www.patreon.com/ortussolutions.
News and Announcements
ColdFusion 2023 Security Update 10, ColdFusion 2021 Security Update 16Release Date: September 10, 2024
Adobe Product Security Bulletin APSB24-71 fixes one critical vulnerability.
Vulnerabilities Fixed
CVE-2024-41874 - critical (9.8) Deserialization of Untrusted Data vulnerability allowing for arbitrary code execution
Links & Resources
- APSB24-71 - Adobe Product Security Bulletin
https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html - CF2023 Update 10 - Adobe KB article for ColdFusion 2023 Update 10
https://helpx.adobe.com/coldfusion/kb/coldfusion-2023-update-10.html - CF2021 Update 16 - Adobe KB article for ColdFusion 2021 Update 16
https://helpx.adobe.com/coldfusion/kb/coldfusion-2021-update-16.html - Forum Thread - Adobe ColdFusion forum thread discussing ColdFusion 2023 Update 10 and CF 2021 Update 16.
https://community.adobe.com/t5/coldfusion-discussions/now-live-adobe-coldfusion-2023-and-2021-september-2024-security-updates/td-p/14852233 Notes / Issues
No updates to connector or packages in this release. Fixed bug CF-4223435 caused by previous update.
https://tracker.adobe.com/#/view/CF-4223435
CFCamp - Save the DateMay 22, 23rd - 2025
Atomis Hotel Munich Airport
Into the Box 2025 - Call for Speakers Still Open - Closing soon Nov 1stWe’re excited to invite you to share your knowledge and insights at Into the Box 2025: The Future is Dynamic for Modern Web Developers!
We’re seeking speakers eager to discuss their latest projects, share best practices, or explore new trends in web development. If you have valuable insights, we’d love to hear from you!
Submit your topics using the form below. The deadline is midnight on November 1, 2024. We encourage everyone to submit up-to-date and trendy topics like Modern CFML tools, BoxLang, AI, Frameworks, Open Source Libraries, Modern Web Development Trends, Cybersecurity, etc. Feel free to share all your ideas!
https://www.ortussolutions.com/blog/call-for-speakers-into-the-box-2025 New Releases and Updates
FusionReactor 12.1: Expanding Horizons with Java 21 Support and Enhanced Cloud IntegrationWe’re thrilled to announce the release of FusionReactor 12.1, our latest update that brings exciting new features to enhance your application performance monitoring experience. This release focuses on expanding language support, improving cloud integration, and streamlining user access. Let’s dive into the key features that make FusionReactor 12.1 a game-changer for developers and operations teams alike.
https://fusion-reactor.com/blog/fusionreactor-12-1-expanding-horizons-with-java-21-support-and-enhanced-cloud-integration/
BoxLang Betas — Beta 11-158/23/24 - BoxLang 1.0.0 Beta 11 Launched
9 New Features
9 Improvements
8 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-11-launched 8/30/24 - BoxLang 1.0.0 Beta 12 Launched 5 New Features
8 Improvements
5 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-12-launched 9/6/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 13 Launched4 New Features
5 Improvements
20 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-13-launched 9/13/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 14 Launched6 New Features
4 Improvements
16 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-14-launched
9/19/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 15 Launched5 New Features
10 Improvements
22 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-15-launched Webinars, Meetups and WorkshopsICYMI - Online ColdFusion Meetup - "Options for running Redis (Valkey/etc), locally or as-a-service", w/ Charlie ArehartYou may be considering use of Redis (or alternatives like Valkey), whether for caching or as a document store/db or as an alternative repository for sessions (such as is an option for ColdFusion sessions since CF2016). But before you can USE Redis you need to have some IMPLEMENTATION of it. In this session, veteran server troubleshooter Charlie Arehart will review different approaches for implementing Redis (and/or Valkey, and other plug-compatible replacements): with most approaches being free, while some come at a cost.
https://www.youtube.com/watch?v=2TGz89BsCG0&list=PLG2EHzEbhy0-QirMKgSxhjkUyTSSTvHjL&index=1
CFCasts Content Updates
https://www.cfcasts.comRecent Releases Conferences and Training
CF Summit West in Las VegasAt Resorts World - New venue!!!
Sep 30 - Oct 1st for the Conference
Oct 2nd for the Certification
https://cfsummit.adobeevents.com/Agenda is now released -
https://cfsummit.adobeevents.com/agenda/ Be sure to check out sessions from Luis Majano and Jacob Beers!
Monday, September 30th at 2:35 pm
Modern Functional Fluent REST - Luis Majano
In this session, we will review 6 versions of the same API to take it from just working to thoroughly modern, fluent, and functional. We will review the guiding principles of software architecture, but most of the time, we will review and compare code.
Tuesday, October 1st, at 11:25 am
Out of The Tar Pit - A Quick Look at a Deep Paper - Jacob Beers
In 2006 a white paper by Ben Moseley and Peter Marks called "Out of the Tar Pit" gave developers new hope for tackling the growing complexity of enterprise level applications. In the paper the authors identify several ways in which application complexity gets out of hand, how to correct it, and how to keep things simple as your features grow. This talk will communicate a streamlined and concise explanation of the content of "Out of the Tar Pit" and provide concrete examples for developers to apply when untangling the complexity of existing applications.
Pricing
$199 for the Session Pass right now.
Coupon code might be in your email if you are a previous attendee for even better pricing
$398 for the Professional Pass - include Certification Training on the 2nd of Oct.
https://cfsummit.adobeevents.com/register/registration/select Accommodations
Resorts World
3000 S Las Vegas Blvd,
Las Vegas, NV, United States, Nevada
Looking for accommodations?
We've secured exclusive, low room rates of $105 + taxes/day especially for our attendees! Easy and hassle-free booking is just a click away.
Secure your spot now to make the most of your trip with comfortable and affordable accommodations
Ortus - Workshop - Building a REST API for the Modern Developer - Only a few seats left
Led by Luis Majano
Create a ColdBox REST API using Ortus tools. Secure, document, test, and manage your API with CommandBox, cbSecurity, Swagger, and more.
September 28–29, 2024
Bottega Exchange in Las Vegas, NV
https://www.eventbrite.com/e/workshop-building-a-rest-api-for-the-modern-developer-tickets-939258757227?aff=oddtdtcreatorITB 2025 CFCamp 2025May 22, 23rd - 2025
Atomis Hotel Munich Airport
https://www.cfcamp.org/ More conferencesNeed more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/Blogs, Posts, and Videos of the Week9/24/24 - Blog - FusionReactor 12.1: Expanding Horizons with Java 21 Support and Enhanced Cloud IntegrationWe’re thrilled to announce the release of FusionReactor 12.1, our latest update that brings exciting new features to enhance your application performance monitoring experience. This release focuses on expanding language support, improving cloud integration, and streamlining user access. Let’s dive into the key features that make FusionReactor 12.1 a game-changer for developers and operations teams alike.
https://fusion-reactor.com/blog/fusionreactor-12-1-expanding-horizons-with-java-21-support-and-enhanced-cloud-integration/ 9/19/24 - Blog - Ortus Solutions - ColdBox Free Tip 1: Environment Variables In The ConfigWelcome to the first of 10 FREE tips and tricks in our "102 ColdBox Tips and Tricks" Book! In this post, we’ll show you how to easily access system environment variables within your ColdBox configuration files, making your app setup smoother and more flexible!
https://www.ortussolutions.com/blog/coldbox-environment-variables-in-the-config 9/19/24 - Blog - James Moberg - CDN, WAF, WAAP... What do you use?In the early 2000s, many of our customers still viewed the internet as a passing trend. During this period, we operated a ColdFusion 4.5 (or 5) web application on a Windows server utilizing an Access database. Initially, we relied on a dedicated T1 connection. Over time, we upgraded to a dual T1 setup and subsequently became pioneers in our region by adopting fiber optic technology. However, due to power supply issues in California, we decided to move our servers to a dedicated facility in the San Jose area. (This shift is a tale for another occasion.)
https://dev.to/gamesover/cdn-waf-waap-what-do-you-use-30ga 9/19/24 - Blog - Ortus Solutions - Modularizing Your API in ColdBox: Easy Versioning Made SimpleClean, maintainable, and scalable approach to managing multiple API versions within the same application.
As your application grows, maintaining and evolving your API can become a challenging task. New features, updates, and deprecations often require careful planning and execution, particularly when dealing with a large codebase. This is where ColdBox's capabilities come into play, enabling you to manage your API's versions effortlessly.
In this post, we'll explore how ColdBox allows you to break your API into versions via modularity, providing a clean, maintainable, and scalable approach to managing multiple API versions within the same application.
https://www.ortussolutions.com/blog/modularizing-your-api-in-coldbox-easy-versioning 9/18/24 - Blog - James Moberg - Embed a Full HTML Document Inline Using Shadow DOM We use ColdFusion/CFML to generate valid HTML documents for PDF generation using jsoup & WKHTMLTOPDF. If the generated HTML content is simply outputted onto an existing webpage, the webpage becomes invalid (due to double DOCTYPE "inception") and the website's global CSS styles will pollute the preview.
https://dev.to/gamesover/embed-a-full-html-document-inline-using-shadow-dom-5d5d9/18/24 - Blog - Nolan Erck - Speaking at CF Summit 2024The plane ticket is booked, the hotel reservation has been made, and the slide deck is ready. That makes it official: I'll be speaking at Adobe CF Summit 2024 in Las Vegas!
https://southofshasta.com/blog/speaking-at-cf-summit-2024/ 9/17/24 - Blog - Vikram Kumar - Adobe Portal - Connecting to Microsoft SQL Server with Windows Authentication in ColdFusionWhen configuring a Microsoft SQL Server database with Windows authentication in ColdFusion, you might initially assume that it’s as simple as entering the DOMAIN\USERNAME in the username field and saving it. However, there are several additional steps required to successfully configure the Data Source Name (DSN) in the ColdFusion Administrator. This blog will show how to configure the MS SQL DB with Windows authentication in ColdFusion.
https://coldfusion.adobe.com/2024/09/connecting-to-microsoft-sql-server-with-windows-authentication-in-coldfusion/ 9/12/2024 - Blog - James Moberg - Searching the CFML Output Buffer for a StringIn one of our projects about 10 years ago, we were fetching HTML fragments from a trusted third-party for inclusion on the website. Instead of using an iFrame or incorporating ajax, which could negatively impact our SEO, we would occasionally fetch the content in the background and update the webpage. While this approach worked fine, there were times when the fragments would contain some inline JavaScript, but wouldn't work because the JavaScript library wasn't loaded... or if loaded within the HTML fragment would cause a problem because now the JS library is being loaded more than once.
https://dev.to/gamesover/searching-the-cfml-output-buffer-for-a-string-1b5f 9/12/24 - Blog - Ben Nadel - Using Canonicalize() To Embed Emoji In Email Subject Lines In ColdFusionIn my previous post on using canonicalize() to render emoji characters in ColdFusion, I mentioned that this technique can be helpful in contexts where HTML entities aren't well supported. Email subject lines appear to be one such context; as I discovered yesterday when trying to add a police siren emoji to an email subject line for a time-sensitive (expiring) link. To get around this, we can use the canonicalize() function to embed emoji safely within email subject lines in our CFML.
https://www.bennadel.com/blog/4709-using-canonicalize-to-embed-emoji-in-email-subject-lines-in-coldfusion.htm
9/12/24 - Blog - James Moberg - CFML wrapper for emoji-java (identify, sanitize & convert emojis)A ColdFusion application that we developed a couple years ago worked with Twilio to log incoming text messages. The UTF-8 message payloads were saved in a MSSQL database using the NVARCHAR datatype and could be displayed on webpages without any issue. When importing a CSV file into a third-party Windows program, a random error would cause the import to abort whenever it encountered a high ASCII character. We didn't want to strip out the data, but we also didn't want to convert emojis to HTML entities or decimal values as they would be somewhat meaningless outside of an HTML environment.
https://dev.to/gamesover/cfml-wrapper-for-emoji-java-identify-sanitize-convert-emojis-5h2c 9/12/24 - Blog - Ben Nadel - Using Canonicalize() To Render Emoji In ColdFusionIn ColdFusion, the canonicalize() function is used to reduce a given string down to its simplest form. This is typically used during user input sanitization and validation; but, this normalization process can also be used to convert HTML entities into their associated characters. In other words, we can use the canonicalize() function to convert encoded emoji characters into native emoji glyphs.
https://www.bennadel.com/blog/4708-using-canonicalize-to-render-emoji-in-coldfusion.htm 9/10/24 - Blog - Adobe - RELEASED- ColdFusion 2023 and 2021 September 10th, 2024 Security UpdatesWe are pleased to announce that we have released general updates to ColdFusion (2023 release) Update 10 and ColdFusion (2021 release) Update 16. The updates resolve a critical vulnerability that could lead to the deserialization of untrusted data.
https://coldfusion.adobe.com/2024/09/released-coldfusion-2023-and-2021-september-10th-2024-security-updates/ 9/10/24 - Blog - Ortus Solutions - Are you attending Adobe CFSummit 2024?If you are attending the Adobe ColdFusion Summit 2024, this is what you need to know: As always, Ortus Solutions will be sponsoring this years event as Silver Sponsors, we are excited to meet all the new attendees and old friends of the community of Coldfusion developers
https://www.ortussolutions.com/blog/are-you-attending-adobe-cfsummit-2024 9/10/24 - Blog - Ben Nadel - Dynamically Define For-Loop Increment In ColdFusionIn my Lopem Ipsum generator, I take a collection of paragraphs and I split them up into sections of random lengths. To do this, I iterate over the collection using a dynamically defined increment. In other words, the "step" value is randomly assigned on every for-loop iteration. I don't think I've ever done this before; and it worked like a charm. So, I thought it was a mechanic worth sharing in ColdFusion.
https://www.bennadel.com/blog/4706-dynamically-define-for-loop-increment-in-coldfusion.htm 9/10/24 - Blog - Ben Nadel - Generating Lorem Ipsum Text In ColdFusionAs a fun code kata for my /utils section, I wanted to create a Lorem Ipsum text generator. Lorem Ipsum is a common way to create placeholder text during the design phase of the prototyping process. Lorem Ipsum text uses Latin words to embody English-looking text distributions without the distraction of being readable (except by those 4 people who took Latin classes in high school). What follows is my attempt to generate this placeholder text in ColdFusion.
https://www.bennadel.com/blog/4705-generating-lorem-ipsum-text-in-coldfusion.htm 9/5/24 - Blog - James Moberg - Transforming TSV data using ColdFusion & Miller (Command line FTW!) We license data from multiple providers and discovered that not all data can be treated equally even though it's the same specification. For example, we work with two (2) separate Real Estate Transaction Standards (RETS) providers and their implementations are slightly different.
https://dev.to/gamesover/transforming-tsv-data-using-coldfusion-miller-command-line-ftw-3kd9/5/24 - Blog - James Moberg - Comparing Language Detection Libraries (& API) Using Java/ColdFusion/CFMLLanguage detection is a feature that we needed in a past project. I wrote an article in 2020 regarding the use of kju2 fork of the Optimaize Language Detector java library. The Optimaize library hasn't been updated since 2015 and the kju2 fork was placed in read-only mode on Apr 16, 2023.
https://dev.to/gamesover/comparing-language-detection-libraries-api-using-javacoldfusioncfml-gkf 9/5/24 - Blog - Ortus Solutions - Choosing the right ColdFusion Hosting Solution for your needsFor ColdFusion and CFML CTOs, CIOs, IT Managers and Development Team Leaders, selecting the right hosting partner is paramount. Your hosting solution should be reliable, efficient, and tailored to the specific demands of ColdFusion environments. Unfortunately, many developers and businesses struggle with hosting services that lack the necessary support and optimization for their unique needs.
https://www.ortussolutions.com/blog/choosing-the-right-coldfusion-hosting-solution-for-your-needs9/4/24 - Blog - Ben Nadel - ColdFusion: Comparison Method Violates Its General ContractThis week, a single instance of an error showed up in my ColdFusion logging: "Comparison method violates its general contract!". The stacktrace pointed to something in the Java layer called TimSort; which is what ColdFusion's Array.sort() method is using under the hood. This error may be thrown if the .sort() callback / operator doesn't adhere to the set of requirements defined by the Comparable interface.
https://www.bennadel.com/blog/4704-coldfusion-comparison-method-violates-its-general-contract.htm 9/3/24 - Ortus Solutions - High Precision math and “Big Numbers” in BoxLang In our latest BoxLang beta, we've rolled out some exciting new features designed to make BoxLang work more naturally out-of-the-box, particularly when dealing with high precision and big numbers. But what does this mean for developers? Let's dive in!
https://www.ortussolutions.com/blog/high-precision-math-and-big-numbers-in-boxlang8/30/24 - Blog - James Moberg - Importing Data from a Pre-95 Excel 2 Worksheet XLS file. Q: How do you solve a problem you don't know how to solve?
A: Turn it into a problem that you do know how to solve.
https://dev.to/gamesover/importing-data-from-a-pre-95-excel-2-worksheet-xls-file-56md
8/30/24 - Blog - Ortus Solutions - Ortus August Newsletter 2024Welcome to our latest recap of all the exciting happenings from Ortus Solutions! This post covers a variety of announcements, from conference updates to new training opportunities, product launches, and more. Let’s dive into the details and ensure you’re up to speed!
https://www.ortussolutions.com/blog/ortus-august-newsletter-2024
8/29/24 - Blog - Ortus Solutions - Security Best Practices for ColdBox REST APIsSecurity is critical in any REST API. A well-secured API safeguards your data and ensures the integrity of your application. Implementing robust security measures prevents unauthorized access and protects sensitive information from threats.
https://www.ortussolutions.com/blog/security-best-practices-for-coldbox-rest-apisBoxLang Corner9/19/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 15 LaunchedWelcome to Beta 15! This release brings several significant enhancements aimed at improving the efficiency and functionality of the CLI environment and continued bug fixing to bring our CFML compatibility to several client applications and Ortus Libraries. Key among these is the introduction of the bx-web-support module, which allows the CLI to interface with web server capabilities, making it an excellent tool for testing and feature auditing. Additionally, the merge capabilities within module settings have been refined to support deep merges from the configuration file, ensuring greater flexibility and control.
https://www.ortussolutions.com/blog/boxlang-100-beta-15-launched 9/18/24 - Blog - Ortus Solutions - Introducing numeric placeholders in BoxLang source! Introducing Numeric Placeholders in BoxLang
We're excited to announce a new addition to our BoxLang parser—a feature that draws inspiration from several other languages but fits naturally within BoxLang.
https://www.ortussolutions.com/blog/numeric-placeholders-in-boxlang-source
9/13/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 14 LaunchedIn this release, we are excited to introduce several new features and enhancements aimed at improving functionality and user experience. These updates include the creation of immutable query types, new server keys to aid on CLI tooling, and methods to identify runtime initiation modes.
Additionally, we've added an event announcement for dump rendering to enable better integration with external listeners. Read on to learn more about these features and how they can benefit your workflow.
https://www.ortussolutions.com/blog/boxlang-100-beta-14-launched 9/9/24 - Blog - Ortus Solutions - New BoxLang Feature: Functional binding to member methods We’re excited to unveil a new feature that makes method referencing in BoxLang even smoother. Building on our recent update introducing functional static binding to built-in functions, we're now bringing the same ease to member methods.
https://www.ortussolutions.com/blog/functional-binding-to-member-methods 9/6/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 13 LaunchedThis release introduces several new features aimed at enhancing the usability and functionality of BoxLang. We have closed a tremendous amounts of bugs on this release in order to bring more compatibility and stability to BoxLang. We have also started to introduce performance enhancements and more innovations as we progress towards final release. Enjoy!
What is BoxLang?
BoxLang is a modern dynamic JVM language that can be deployed on multiple runtimes: operating system (Windows/Mac/*nix/Embedded), web server, lambda, iOS, android, web assembly, and more.
https://www.ortussolutions.com/blog/boxlang-100-beta-13-launched 8/30/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 12 Launched This update contains 9 improvements and 8 bug fixes. Thank you for your continued support and stay tuned for more exciting developments!
https://www.ortussolutions.com/blog/boxlang-100-beta-12-launched
8/30/24 - Blog - Ortus Solutions - BoxLang August Newsletter 2024Welcome to the August edition of the BoxLang Newsletter! This month has been packed with exciting updates, new features, and enhancements that continue to shape BoxLang into a robust and versatile programming language. In this edition, we highlight the latest beta releases, new integrations, and key features that have been introduced.
https://www.ortussolutions.com/blog/boxlang-august-newsletter-2024 8/28/24 - Blog - Ortus Solutions - BoxLang: Functional Binding to Member MethodsWe’re excited to unveil a new feature that makes method referencing in BoxLang even smoother. Building on our recent update introducing functional static binding to built-in functions, we're now bringing the same ease to member methods. Happy coding!
https://www.ortussolutions.com/blog/boxlang-functional-binding-to-member-methods 8/26/24 - Blog - Ortus Solutions - Member Methods for Java Streams in BoxLangBoxLang's all about enhancing your coding experience by making data manipulation smooth and intuitive.We've recently introduced some powerful new features that extend our support for Java Streams, giving you more flexibility and control over collecting and processing data.
https://www.ortussolutions.com/blog/member-methods-for-java-streams-in-boxlang 8/23/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 11 LaunchedWe have really kicked into gear with this release, tackling a whopping 26 tickets and delivering some of our most aggressive features to date. This update signifies a significant leap forward towards a stable release in the Fall. Thank you for your continued support and stay tuned for more exciting developments!
https://www.ortussolutions.com/blog/boxlang-100-beta-11-launched CFML JobsSeveral positions available on
https://www.getcfmljobs.com/Listing over 17 ColdFusion positions from 17 companies across 12 locations in 5 Countries.
1 new jobs listed in the last two weeks
Full-Time - ColdFusion Developer at Hickam Village, HI - United States Posted Sep 04
https://www.getcfmljobs.com/jobs/index.cfm/united-states/ColdFusionDeveloper-at-HickamVillage-HI/11645
ForgeBox Module of the Week
BoxLang Compat Module For CFMLThis module will allow your ColdFusion (CFML) applications under Adobe or Lucee to run under BoxLang. This module will provide the necessary compatibility layer to run your applications under BoxLang.
https://www.forgebox.io/view/bx-compat-cfml VS Code Hint, Tip, and Trick of the Week
Better Comments 7.5 million installs - 5 stars
Better Comments
The Better Comments extension will help you create more human-friendly comments in your code.
With this extension, you will be able to categorise your annotations into: