My 2021 Github Actions Hackathon Submission

My goal was to learn more about building a modern CFML application with a CI/CD process. »
CFML, Github, and Docker

CFML Development with Github Codespaces

With Codespaces you can develop from any machine that has a internet browser. »
CFML, Github, and Docker

Exploration in Unit Testing Vue.js Components

This post is some notes on things I learned during my initial exploration with unit testing Vuex components »
Vue.js and Testing

Using .NET Integration Services with CommandBox

CommandBox is a great tool for getting CFML development environments setup very quickly. I work with an application that uses the .NET Integration feature of Coldfusion. I recently needed to change that functionality so I needed to get it working in my development environment to test it. »

Two-Factor Authentication with TOTP and CFML

A walkthrough example of how to implement 2-Factor authentication (2FA) using Time-based One-time Password Algorithm (TOTP) in a CFML application running on the Coldbox MVC framework. »
CFML and Security

Using CFLint for Static Analysis with Jenkins

I am going to walk through how you can use CFLint and Jenkins to do static code analysis on your CFML code as part of a CI process. »
CommandBox, CFLint, CFML, and Jenkins

Using Vue CLI 3 with a Coldbox Application

The Vue CLI is a great tool for developing Vue.js applications but I wanted to see how it could be integrated into an application with a CFML/Coldbox back-end. »
Coldbox, CFML, and Vue.js

OWASP TOP 10 2017 A2-Broken Authentication: Password Guidance

One of the recommendations I mention in OWASP TOP 10 2017 A2-Broken Authentication: Password Requirements is to provide guidance to your users when creating passwords. Here I attempt to explore some ways of implementing feedback to users on the strength of their passwords. »
Security, OWASP, and Vue.js

Implementing a Weak Password Blocklist in CFML

the new guidelines for password requirements say to drop all the complexity rules and to create a blocklist of weak, common, and compromised passwords that cannot be used when a user creates a new account. Here is a quick example of one way this could be implemented in CFML. »
Security, CFML, and OWASP

OWASP TOP 10 2017 A2-Broken Authentication: Password Requirements

Continuing the series on the OWASP Top 10 now we look at the #2 OWASP vulnerability which is Broken Authentication »
Security and OWASP

Secure CFML: OWASP TOP 10 2017 A1-Injection

In this post, I will focus on the #1 OWASP vulnerability which is Injection and how to prevent it in CFML applications. »
Security, CFML, and OWASP

Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations

The book Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations by Nicole Forsgren Ph.D., Jez Humble, and Gene Kim warn that organizations should be learning continuous delivery so they do not fall behind in a world where IT is critical to remain competitive in any industry. »
DevOps, Books, and Development

Linting Your CFML code with CFLint and Sublime Text Build Systems

Here is an easy way to run CFLint on files from within ST2 or ST3 using build systems. »
CFML, CFLint, and Sublime Text

Example of Using a CommandBox Task Runner to Run CFLint

I created this gist that is a CommandBox Task Runner that takes a glob pattern and runs CFLint on any files that match. »
CFML and CFLint

Refactoring Legacy CFML with Approval Tests: Part II

In part I of this blog series we walked through using TestBox-Snapshots to create some approval tests for refactoring a legacy CFML application. In this post, we will focus on setting our application up to use the ColdBox MVC framework. Once it is setup we can start using the MVC pattern to separate concerns. We start by installing ColdBox.

CFML, Testbox, Legacy Code, and Refactoring