Archive for May, 2022


CFWheels Announces a Bug Bounty

We are happy to launch a new program that we hope will lead to a more stable framework for all of us. Effective immediately we are launching our Bug Bounty program. When we first conceived of the bounty program we were looking at programs from IssueHunt and BountySource and the main goal was to widen the field of contributors to the CFWheels project as well as crush some of the long standing bugs in the framework.

Most of these bugs are edge cases that don’t effect the core functionality of the framework and for the most part users have found work arounds for. In the past it’s been difficult to dedicate our limited resources towards some of these bugs but now that we have a growing list of monthly sponsors we would like to launch out bounty program to compensate contributors who are willing to tackle some of these.

The easiest way to get started participating in this program is to visit the issues list and look for the $50 Bounty tag. Pick an issue that interests you, clone the repo, and start working on your solution. When you think you have a working solution create a PR and submit it for review. Please read the Contributing to CFWheels chapter in the guides or the contributing guidelines in the repository for details on how to contribute to the CFWheels project.

We look forward to see how the community responds to this bounty program. Depending on how things go, we can envision expanding this program to include enhancements as well as sponsorship of individual enhancements.

CFWheels 2.3.0 Released

This is the official v2.3.0 release. It is dropping a little over a week from Release Candidate 1. We simply wanted to make sure the new CI/CD workflow was functioning before calling the release final. We feel confident that we’re good to mark this release as final. There are no new enhancement or bug fixes in this release from 2.3.0.rc.1.

Download Zip

If updating from CFWheels 2.2.x:

If should be an easy upgrade, just swap out the wheels folder.

Changelog

Please refer to release 2.3.0.rc.1 for details.

CFWheels Guides Moved to GitBook

We are glad to announce that the CFWheels Guides have been moved to GitBook.com. The good folks at GitBook are proud to support CFWheels and have granted us an Open Source Community account. We have migrated all the guides from our old provider to GitBook and will be making some more changes as we review all the links now that the domain has been switched. A few things you’ll notice right off the bat.

There is now a PDF download link to the right of the screen when viewing the guides. The link allows you to download the section you are on or the entire CFWheels Guides. Which by the way, is nearly 300 pages long. There is also a new search feature that will allow you to find topics easier. But the biggest change comes from the fact that by moving to GitBook we were able to move the guides to GitHub as well.

In fact the guides have been added as a sub directory in the cfwheels/cfweels GitHub repository. By moving the guides within the codebase, you can finally include both code changes and documentation changes in the same PR. This will make the guides more accessible to our contributors and make it easier to keep the codebase and guides in sync.

Please have a look through the new guides and let us know what you think. Oh, and if you find something that needs to be updated, you know the drill, clone, edit, and submit a PR.

CFWheels 2.3.0-rc.1 Released

This version has been cooking for a while and there have been many contributors. But since this is my first release a the helm with a new CI pipeline in place, I felt more comfortable doing a Release Candidate first.

Download Zip

If updating from CFWheels 2.2.x:

If should be an easy upgrade, just swap out the wheels folder.

Changelog

View Enhancements

  • Adds association error support via includeAssociations argument #1080 – [Nikolaj Frey]

Bug Fixes

  • onerror handler should increase user defined requestTimeout value #1056 – [Adam Chapman]
  • deletedAt should also respect timestamp mode (UTC) #1063 – [David Belanger]
  • Fixes No output from Debug() usage in plugin test cases #1061 – [Tom King]
  • Development mode will now properly return a 404 status if view not found #1067 – [Adam Cameron, Tom King]
  • 404 status now properly returned without URL rewriting #1067 – [Adam Cameron, Tom King]
  • Internal Docs in ACF2018 should now not display duplicate categories [Tom King]
  • Internal Docs search now resets itself properly on backspace with empty value #982 – [Brandon Shea, Tom King]
  • ValidatesConfirmationOf() now correctly enforces prescence of confirmation property #1070 – [Adam Cameron, Tom King]
  • resource()/resources() now allows empty only property to utilise as non-route parent #1083 – [Brian Ramsey]
  • Handle XSS Injection in development enviroment – [Michael Diederich]
  • Fix params bug in CLI API [#1106] – [Peter Amiri]

Miscellaneous

  • Update Docker Lucee Commandbox version to 5.2.0 – [Adam Chapman, Tom King]
  • Minor internal obselete reference to modelComponentPath removed – [Adam Chapman, Tom King]
  • Minor visual fix for long migration logs overflow in modal (scroll) – [Brian Ramsey]
  • Add test suite for Lucee and H2 Database to the GitHub Actions test suite. – [Peter Amiri]
  • On going changes to update the H2 drivers [#1107] – [Peter Amiri]
  • Fixes some syntax formating introduced by cfformat [#1111] – [Adam Chapman]
  • Minimum ColdFusion version is now ColdFusion (2018 release) Update 3 (2018,0,03,314033) / ColdFusion (2016 release) Update 10 (2016,0,10,314028) / ColdFusion 11 Update 18 (11,0,18,314030) #923 – [Michael Diederich]
  • Wheels save(allowExplicitTimestamps=true) doesn’t produce the expected result [#1113] – [SebastienFCT]

Potentially Breaking Changes

  • Automatic Time Stamps: the deletedAt column was using the server’s local time for the timestamp while createdAt / updatedAt were using the timestamp selected for the timestamp mode. The default for CFWheels’ timestamp mode is UTC and therefore all future deletedAt timestamps will be in UTC unless you’ve changed the default. Please review any SQL that uses deletedAt for datetime comparison.