- Gavin Pickin - Senior Developer at Ortus Solutions
- Grant Copley - Senior Developer at Ortus Solutions
Big Thanks to our Sponsor - Ortus Solutions
The makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there including BoxLang.
A few ways to say thanks back to Ortus Solutions:
- Buy Tickets to Into the Box 2025 in Washington DC https://t.co/cFLDUJZEyM
- April 30, 2025 - May 2, 2025 - Washington, DC
- Like and subscribe to our videos on YouTube.
- Help ORTUS reach for the Stars - Star and Fork our Repos
- Subscribe to our Podcast on your Podcast Apps and leave us a review
- Sign up for a free or paid account on CFCasts, which is releasing new content regularly
- BOXLife store: https://www.ortussolutions.com/about-us/shop
- Buy Ortus’s Books
Patreon Support (jolly)
We have 59 patreons:
https://www.patreon.com/ortussolutions.
News and AnnouncementsAdobe CF2025 Beta is now openGet an exclusive sneak peek at what’s next for ColdFusion! Sign up for the ColdFusion 2025 Beta Program and get early access to shape the future with us. Engage with the community in the forums, share your thoughts, and keep up with the newest updates and features.
Make Your Voice Heard and Win Big!
Join our weekly engagement challenge during the ColdFusion 2025 Beta! Every week, we’ll reward top contributors with exciting prizes. Your feedback matters, and the more you share, the higher your chances of winning. Don’t miss out—get involved and be rewarded!
Deep Dive Sessions and Demo Code Access!
We’re thrilled to announce that for each feature in ColdFusion 2025, there will be exclusive deep-dive sessions hosted by the engineers who built it. These sessions will offer valuable insights and in-depth explanations straight from the experts.
Additionally, we’ve set up a central GIT repository where all demo code will be hosted. This is the same repository where Mark has already pushed his code, and it will be the hub for all developers to share their contributions. Check out the GIT links and start exploring the code!
Check out the curated webinar schedule and join us!
https://coldfusion.adobe.com/2024/11/code-the-future-join-the-coldfusion-2025-beta-today/TestBox Latest Updates and News!Did You Miss It? The New TestBox Site & v6.0 Are Here!
Share Your Feedback and Get Featured on Our Site!
We’re thrilled to have launched the new TestBox website and TestBox 6.0! If you haven’t had a chance to explore yet, visit TestBox to discover updated documentation, powerful resources, and features that make testing more efficient than ever.
https://www.ortussolutions.com/blog/testbox-updates-and-news New Releases and UpdatesICYMI - CommandBox 6.1.0 Released!We are pleased to announce the release of CommandBox 6.1.0, the latest release of our CLI, REPL, and Server, and Package Manager. This is a minor update to our last release. It has a handful of new features, and bug fixes, as well as better out-of-the-box support for BoxLang, our new CFML-compatible JVM language.
New Features
- WebSocket Server
- Updates to run BoxLang
- Add command to deploy Lucee lex or lco files
- Check if an entry has a hash associated to it and validate it
Improvement
- Sort by date last started when finding a server by web root
- Make semantic version prerelease identifiers not case sensitive
- default servlet pass predicate include Boxlang files
Tasks
- Update to Undertow 2.2.33.Final
- Update to Lucee 5.4.6.9
- Update bundled JRE to 11.0.23+9
9 Bugs
https://www.ortussolutions.com/blog/commandbox-610-released https://commandbox.ortusbooks.com/ BoxLang Beta 23 and 24 Released12/2/24 - BoxLang 1.0.0 Beta 24 Launched
3 New Features
6 Improvements
4 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-24-launched11/23/24 - BoxLang 1.0.0 Beta 23 Launched4 New Features
2 Improvements
1 Tasks
10 Bugs Fixed
https://www.ortussolutions.com/blog/boxlang-100-beta-23-launched Webinars, Meetups and Workshops
Online CF Meetup - From Development to Deployment: Load Testing ColdFusion Applications with Dakota ClumThursday, December 12, 2024
9:00 AM to 10:00 AM PST
This session will go over how to load test a ColdFusion application after it is deployed in your environment. We will cover load testing options, setting up a simulated load test, and tuning adjustments that can be made as a result of load testing.
https://www.meetup.com/coldfusionmeetup/events/304881310/ ADOBE CF 2025 Beta - SeminarsColdFusion 2025: What’s new and exciting
Mark Takata
December 2, 2024
Security and Stability in ColdFusion
Parvathy and Atul
December 3, 2024
VS Code plugin changes
Vikas Yadav
December 4, 2024
Smart language additions in ColdFusion
Ashudeep Sharma
December 5, 2024
Performance enhancements
Satyam Mishra
December 9, 2024
Unleash the power of Revamping CFCharts for modern applications
Yukti Agrawal
December 10, 2024
Spreadsheets & CSV Processing
Nikhil Dubey
December 11, 2024
Microsoft Graph Integration in ColdFusion: Unlocking data with Oauth
Shiva Marella
December 13, 2024
What’s new in containers
Suchika
December 17, 2024
Recap and QnA
Mark Takata
December 18, 2024
CFCasts Content Updates
https://www.cfcasts.comConferences and TrainingICYMI - CF Summit India 2024Join us for the Adobe ColdFusion India Summit, a premier, completely free event where developers, industry experts, and thought leaders come together to explore the latest in ColdFusion and web development. Network with peers, meet the ColdFusion engineering team, get your questions answered, discover strategies to boost your career and grow your business—all at no cost.
Price: Free
December 7, 2024
2 Cities: Bengaluru and Noida
Register:
https://cf-indiasummit-2024.attendease.com ITB 2025- Location: Washington, DC
- Dates: April 30, 2025 - May 2, 2025 - Washington, DC
- Tickets and more info: https://t.co/cFLDUJZEyM
- 50% off blind tickets
- $249.50 for the Conference
- $349.50 for the Conference + Workshop!!!
- Call for Speakers CLOSED
CFCamp 2025May 22, 23rd - 2025
Atomis Hotel Munich Airport
https://www.cfcamp.org/ Call for Speakers open -
https://www.papercall.io/cfcamp2025More conferences
Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/Blogs, Posts, and Videos of the Week12/9/24 - Blog - Ben Nadel - Mastering Postgres Video Course By Aaron FrancisAnytime you bring up databases in public, someone will inevitably suggest that Postgres (aka PostgreSQL) can address all of your data storage needs and then some. I love relational databases as much as the next person; but, I've never felt the kind of fervor and passion that seem to permeate the Postgres ecosystem. As an outsider, it's fascinating! So when I saw that Aaron Francis had a video course on Mastering Postgres, I jumped at a chance to get an insider's look at the database technology that seems to have a cult-like following.
https://www.bennadel.com/blog/4740-mastering-postgres-video-course-by-aaron-francis.htm 12/7/24 - Blog - Gregory Alexander - Securing ColdFusion Applications Using Encryption and HashingThe blog post "Securing ColdFusion Applications Using Encryption and Hashing" by Gregory Alexander discusses methods to enhance security in ColdFusion applications. Key points include:
- Hashing Fundamentals: Hashing converts input data into a fixed-length string, which is nearly impossible to reverse-engineer, ensuring data integrity and security.
- Hashing vs. Encryption: Hashing is a one-way process, making it irreversible, while encryption is a two-way process that allows data to be decrypted with the appropriate key.
- Salting and Peppering: These techniques add random data to inputs before hashing to increase complexity and reduce vulnerabilities to attacks.
- ColdFusion Functions: The post explains how to use ColdFusion's generateSecretKey, Encrypt, and Decrypt functions for secure data handling.
- User Authentication: It provides guidance on implementing user authentication using hashed passwords in ColdFusion applications.
- Code Examples: The article includes practical code snippets demonstrating encryption, decryption, and hashing techniques in ColdFusion.
- Blog explores how to check if an IP address is within a CIDR range.
- Discusses challenges with IPv4 and IPv6 in ColdFusion.
- Recommends the seancfoley IPAddress Java library for advanced IP handling.
- Key features: IP validation, conversion, normalization, and CIDR checks.
- Implementation examples in CFML included for real-world use.
- Noted adoption of the library by major companies like Google, Microsoft, and Netflix.
- Links to additional resources for in-depth ColdFusion IP handling.
https://dev.to/gamesover/testing-if-ip-is-within-a-cidr-range-29jb 12/4/24 - Blog - Ben Nadel - Ask Ben: Sorting Quasi-Numeric Values Like 4K And 3M In ColdFusionOut of the box, ColdFusion provides a .sort() method on arrays that makes it trivial to sort uniform collections; that is, collections which contain uniformly numeric or uniformly text values. But, when you have mixed collections, complex objects, or when you want to implement a "natural sort", the text and numeric sorting strategies fall-short. In such cases, the .sort() method also accepts a callback that can act as the comparison operator. We can use this operator to reduce the elements down to a set of sortable values.
https://www.bennadel.com/blog/4737-ask-ben-sorting-quasi-numeric-values-like-4k-and-3m-in-coldfusion.htm 12/3/24 - Blog - Greg Alexander - Using CodeMirror 5 and ColdFusion's FileOpen and FileWrite Functions to Implement CMS FunctionalityIn this article, we will learn how to implement CodeMirror and use ColdFusion and Lucee's file methods to create a browser-based interface for editing server-side code. This interface was designed to implement a browser-based content management system (CMS) for an upcoming version of Galaxie Blog.
https://www.gregoryalexander.com/blog/2024/12/3/using-codemirror-5-and-coldfusions-fileopen-and-filesave-functions-to-implement-cms-functionality 12/3/24 - Blog - Ben Nadel - Associating Form Inputs With ColdFusion Validation Error TypesIn my ColdFusion applications, I've never have a lot of ceremony around error handling. I simply try to catch errors as high-up in the stack as I can; and then, I use a centralized error translator to translate exceptions into a user-safe error response which I then render at the top of my form interface. It recently occurred to me that I might be able to use my user-safe error response to make my ColdFusion forms more accessible by marking form inputs as being related to certain server-side validation errors.
https://www.bennadel.com/blog/4736-associating-form-inputs-with-coldfusion-validation-error-types.htm12/3/24 - Blog - Ortus Solutions - Ortus Solutions Brings Innovation with BoxLang as Platinum Sponsor and Keynote Presenter at CFCamp 2025!Join us for groundbreaking workshops and discover the future of modern development with BoxLang.
Ortus Solutions is thrilled to announce its participation as a Platinum Sponsor and Keynote Presenter at CFCamp 2025, the premier conference for modern web development! Held at the Atomis Hotel Munich Airport by Mercure in Oberding, Germany, on May 22–23, 2025, this event is a must-attend for developers and tech enthusiasts.
https://www.ortussolutions.com/blog/ortus-solutions-brings-innovation-with-boxlang-as-platinum-sponsor-and-keynote-presenter-at-cfcamp-2025 12/2/24 - Blog - Ben Nadel - Exploring Cloudflare R2 And Request Authorization Using AWS Signature V4Once I rebuilt my Incident Commander app in ColdFusion, I finally had the ability to upload images and screenshots as supporting evidence of the incident triage investigation. Right now, those uploads are saved to the server—it's what makes the most sense in a free MVP (minimum viable product). In the long run, I'd prefer to save uploads to a remote object store like Amazon Web Services (AWS) S3 or Cloudflare R2.
https://www.bennadel.com/blog/4735-exploring-cloudflare-r2-and-request-authorization-using-aws-signature-v4.htm 12/2/24 - Blog - Ortus Solutions - Ortus Monthly Newsletter - November Recap 2024Welcome to the November Ortus Newsletter! This month has been full of exciting updates, insightful blog posts, and important announcements to keep you informed and inspired.Whether you're a seasoned developer or just starting out, there’s something here for everyone. Let's dive into this month's highlights!
- Product releases: TestBox, SocketBox STOMP Broker, and CommandBox 6.1.0.
- Blog articles on UX/UI design, ColdFusion consulting, and application modernization.
- Modernize or Die Podcast episodes from November 5th and 19th.
- Upcoming events: Into the Box 2025 in Washington, DC, and CFCamp Pre-Conference Workshops in Munich.
- Links to resources and updates for developers.
https://www.ortussolutions.com/blog/ortus-monthly-newsletter-november-recap-2024 12/2/24 - Blog - Ortus Solutions - How a ColdFusion Security Audit Can Protect Your Business from Data BreachesIn today’s digital landscape, security threats are evolving at an alarming rate, and your business’s ColdFusion application—whether powered by Lucee or Adobe ColdFusion—may be more vulnerable than you think. A comprehensive ColdFusion security audit is essential to safeguarding sensitive data, maintaining compliance, and protecting your organization from potential cyberattacks.
- Importance of ColdFusion security audits.
- Identifies risks like SQL injection and XSS.
- Explains consequences of data breaches.
- Covers Ortus Solutions' audit process.
- Highlights expertise in ColdFusion security.
- Adobe launches the ColdFusion 2025 Beta Program.
- Provides early access to upcoming features.
- Encourages community participation and feedback.
- Offers weekly challenges with prizes.
- Includes webinars led by engineers on new features.
- Provides a shared Git repository for demo code.
- Opportunity to shape the future of ColdFusion.
https://coldfusion.adobe.com/2024/11/code-the-future-join-the-coldfusion-2025-beta-today/ 11/27/24 - Blog - Ortus Solutions - Scaling Databases Without the Growing Pains: How to assure Your Business Expansion?In today’s fast-paced digital environment, a database that scales seamlessly is crucial for growing businesses. Whether you're experiencing seasonal traffic spikes, entering new markets, or launching new products, your database must keep up with increasing demands without compromising performance or user experience. However, scaling databases presents significant hurdles, from hardware limitations to performance bottlenecks.
This post explores the common challenges businesses face when scaling databases and practical strategies to ensure smooth, cost-effective scalability—whether on-premises or in the cloud.
https://www.ortussolutions.com/blog/scaling-databases-without-the-growing-pains-how-to-assure-your-business-expansion 11/22/24 - Blog - Ben Nadel - Considering Encrypting Passwords At Rest In ColdFusionNow that I've rebuilt my Incident Commander triage app in ColdFusion, I'm looking at ways to make it more security-minded. Right now, it uses a large 64-byte alpha-numeric URL-based token to prevent brute-force attacks. But, I'd like to give users the option of including an additional non-URL-based authentication mechanism. To this end, I'm exploring the idea of a session password. Only, unlike a traditional password, which can leverage a one-way hash (think bCrypt, sCrypt, and Argon2), I need to be able to render this password in the application experience. To do this securely, I need to store the password in an encrypted state.
https://www.bennadel.com/blog/4732-considering-encrypting-passwords-at-rest-in-coldfusion.htm 11/21/24 - Blog - Ben Nadel - Considering A Secure Encoding Technique Inspired By JWT In ColdFusionEarlier this week, I looked at rebuilding my Incident Commander triage application in ColdFusion. The initial implementation uses a 64-byte alpha-numeric URL-based token to gate access to an incident. The goal of this token is to keep the application secure and prevent brute-force attacks without requiring the user to authenticate via any other mechanism. Essentially, I want to keep the barrier to entry for the application as low as possible in order to remove as much friction as I can from what is otherwise likely to be a very stressful situation (the current incident or outage).
https://www.bennadel.com/blog/4731-considering-a-secure-encoding-technique-inspired-by-jwt-in-coldfusion.htm 11/21/24 - Blog - Ortus Solutions - TestBox Latest Updates and News!Did You Miss It? The New TestBox Site & v6.0 Are Here!
Share Your Feedback and Get Featured on Our Site!
We’re thrilled to have launched the new TestBox website and TestBox 6.0! If you haven’t had a chance to explore yet, visit TestBox to discover updated documentation, powerful resources, and features that make testing more efficient than ever.
https://www.ortussolutions.com/blog/testbox-updates-and-news 11/20/24 - Blog - Ben Nadel - Counting The Occurrences Of A Substring Or RegEx Pattern In ColdFusionThe other day, in my Incident Commander app code, I needed to count the number of back-ticks in a truncated piece of text in order to make sure that the count was balanced (ie, that there were an equal number of starting and ending back-ticks for a Slack-formatted message). I don't often have to count substrings in ColdFusion; but, I was surprised to find that even in recent releases of the language there's no native method for counting occurrences of a substring or regular expression pattern. As such, I wanted to take a quick look at how this can be done in Adobe ColdFusion.
https://www.bennadel.com/blog/4729-counting-the-occurrences-of-a-substring-or-regex-pattern-in-coldfusion.htm BoxLang Corner12/4/24 - Blog - Ortus Solutions - Why BoxLang is the Modern Software Development Evolution You’ve Been Waiting For?In today’s software landscape, developers need tools that deliver flexibility, efficiency, and modernization. With decades of open-source expertise, Ortus Solutions introduces BoxLang—our most ambitious project yet. Built for the JVM, BoxLang integrates seamlessly with Java, offering powerful features for scalable, high-performance web applications. Fully compatible with CFML, it ensures a smooth transition and expanded capabilities for existing projects. BoxLang Stable Release is coming soon, and we want you to get ready for a dynamic future od software development practices and tools.
https://www.ortussolutions.com/blog/why-boxlang-is-the-modern-software-development-evolution-youve-been-waiting-for 12/3/24 - Blog - Ortus Solutions - The future of programming is almost here: BoxLang stable release imminent!The wait is almost over. BoxLang, the revolutionary programming language designed to empower developers, is about to launch its stable release. Get ready to experience a new era of development, where innovation, flexibility, and performance converge.
https://www.ortussolutions.com/blog/the-future-of-programming-is-almost-here-boxlang-stable-release-imminent 12/2/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 24 LaunchedWe’re excited to announce the release of Beta 24, packed with powerful new features, essential bug fixes, and impactful improvements that enhance performance and security. This release brings more robust logging capabilities, enhanced configuration flexibility, and new query-handling methods to streamline your development experience. We’ve also squashed several parsing bugs, ensuring smoother code execution.
Whether you’re optimizing your runtime with custom logging encoders or leveraging the new queryColumnList for seamless data manipulation, Beta 24 is designed to empower developers with a more secure, customizable, and efficient development environment.
Please continue to test your applications as we continue to push forwards towards stable release this winter.
https://www.ortussolutions.com/blog/boxlang-100-beta-24-launched11/23/24 - Blog - Ortus Solutions - BoxLang 1.0.0 Beta 23 LaunchedThe latest release of BoxLang, Beta 23, marks a significant step forward in our journey to create the ultimate dynamic language for the JVM. Packed with powerful new features, important bug fixes, and thoughtful optimizations, this update is designed to make your development experience smoother, faster, and more reliable, especially after now starting to take 100s of comments and bug reports from our community.
Please continue to test your applications as we continue to push forwards towards stable release this winter.
https://www.ortussolutions.com/blog/boxlang-100-beta-23-launched 12/2/24 - Blog - Ortus Solutions - BoxLang Monthly Newsletter - November Recap 2024This month, we’re excited to share the latest developments, updates, and opportunities from the BoxLang ecosystem. From groundbreaking beta releases to insightful new tools and community highlights, there’s something for every modern web developer.
Dive into our November Recap to explore how BoxLang is shaping the future of web development and discover ways to get involved. Don’t miss exclusive content, upcoming events, and special offers designed to keep you ahead of the curve in the JVM ecosystem.
Let’s continue building the future of modern software development, together!
https://www.ortussolutions.com/blog/boxlang-monthly-newsletter-november-recap-2024 CFML JobsSeveral positions available on
https://www.getcfmljobs.com/Listing over 22 ColdFusion positions from 21 companies across 15 locations in 5 Countries.1 new jobs listed in the last two weeks
Full-Time - Coldfusion Developer at Washington D.C - United States
Nov 27
https://www.getcfmljobs.com/jobs/index.cfm/united-states/ColdFusionDev-at-Washington-DC/11650 ForgeBox Module of the Week
Cbturnstile - Released today 12/10/24 by David Sedeño
- Easy Turnstile Integration: Simplifies adding Cloudflare Turnstile CAPTCHA to your forms.
- Server-Side Validation: Provides a service to validate CAPTCHA responses securely.
- Customizable Configuration: Supports site and secret key setup in ColdBox settings.
- ColdBox 7+ Ready: Compatible with modern ColdBox module settings.
- Quick Form Usage: Includes a helper view for rendering CAPTCHA widgets in forms.
- Detailed Validation Data: Returns metadata like success status, errors, and challenge timestamps.
CloudFlare Turnstile Key Features
- User-Friendly: No puzzles or image challenges; works silently in the background.
- Privacy-Focused: No tracking or cookies; complies with privacy laws like GDPR.
- Advanced Bot Detection: Uses behavior analysis and browser checks to identify bots.
- Customizable: Easy to integrate via JavaScript or APIs for various platforms.
- Free to Use: Available without needing other Cloudflare services.
- Cross-Platform: Compatible with modern browsers and mobile-friendly.
- Detects spelling errors in comments, strings, and plain text.
- Works with all programming languages in VS Code.
- Supports custom and project-specific dictionaries.
- Includes additional language dictionaries for multilingual projects.
- Allows ignoring specific files, folders, or patterns.
- Recognizes programming-specific terms and syntax.
- Enables quick addition of words to personal dictionaries.
- Provides real-time spell-checking as you type.
- Allows workspace-wide spell checks on demand.
https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checkerThank you to all of our Patreon Supporters (jolly)These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox, ContentBox, TestBox and all the other boxes keep getting the continuous development they need,
Their Contributions fund the cloud infrastructure at our community relies on like
- ForgeBox for our
- Package Management with CommandBox.
- Bronze Packages and up, now get a ForgeBox Pro and CFCasts subscriptions as a perk for their Patreon Subscription.
- All Patreon supporters have a Profile badge on the Community Website
- All Patreon supporters have their own Private Forum access on the Community Website
- All Patreon supporters have their own Private Channel access BoxTeam Slack
https://community.ortussolutions.com/
Top Patreons (jolly)John Wilson - Synaptrix
Tomorrows Guides
Jordan Clark
Gary Knight
Giancarlo Gomez
David Belanger
Dan Card
James Moberg & Jeffry McGee - Sunstar Media
Dean Maunder
Kevin Wright
Doug Cain
Nolan Erck
Abdul Raheen
And many more Patreons - up to 59 now!!!!!
You can see an up to date list of all sponsors on Ortus Solutions' Website
https://ortussolutions.com/about-us/sponsors Thanks everyone!!!
★ Support this podcast on Patreon ★