We are pleased to announce the immediate release of CommandBox 5.5.1, the latest version of our CFFML package manager, REPL, and CLI tool. This release has been 6 months in the making and closed 66 tickets.
As usual, the docs have all been updated to include the latest goodness. You can read them here:
https://commandbox.ortusbooks.com/
The release can be downloaded from our product page, installed via HomeBrew (on Mac), or by APT or Yum on your favorite Linux flavor.
New Stuff
This is what you all came here for. Here's an overview of the new stuff lurking in Commandbox 5.5.
ModCFML Support
ModCFML is a popular standard for running a CF server behind IIS or Apache web server and allowing your virtual hosts configured in the web servers to control the web root of the CF server so you can run more than one site on a single CF instance. CommandBox has historically only had a single web root per server, but now you can use a single CommandBox instance to power as many Adobe CF or Lucee Server sites as you like. CommandBox's ModCFML just needs to be enabled and can work with BonCode, mod_cfml or Nginx.
server.json
{
"ModCFML":{
"enable":"true",
"sharedKey":"my-secret"
}
}
Read more here: https://commandbox.ortusbooks.com/embedded-server/modcfml-support
Log4j 1.x is gone!
CommandBox's core is now 100% free of 1.x versions of the Log4j library. Note, if you start an older Lucee server or any Adobe ColdFusion server, they may still have Log4j 1.x bundled with them.
Library updates
Many of the java libraries have been updated
- JRE-bundled version ships with Java 11.0.15+10
- Undertow updated to 2.2.17.Final
- Lucee updated to 5.3.9.133
- JGit updated to 5.13.0.202109080827-r
- JLine updated to 3.21.0
- Runwar updated to 4.7.4
- Log4j updated to 2.17.1
Set Java System Props directly in server.json
Does what it says. Looks like this:
server.json
{
"jvm" : {
"properties" : {
"foo" : "bar baz"
"java.awt.headless" : "true"
}
}
Read More Here: https://commandbox.ortusbooks.com/embedded-server/configuring-your-server/ad-hoc-java-system-properties
JVM Args can be an array
JVM args and Runwar args can now be set an array of strings which prevents you from needing to escape or quote anything.
Old way (still works)
{
"jvm" : {
"args" : "-XX:+UseG1GC -XX:-CreateMinidumpOnCrash --add-opens=java.base/java.net=ALL-UNNAMED"
}
}
New way
{
"jvm" : {
"args" : [
"-XX:+UseG1GC",
"-XX:-CreateMinidumpOnCrash",
"--add-opens=java.base/java.net=ALL-UNNAMED"
]
}
}
Read More Here: https://commandbox.ortusbooks.com/embedded-server/configuring-your-server/jvm-args#ad-hoc-jvm-args
Request Dumper
There is now a handy little handler you can put in your server rules to view a console dump of all the header data related to your request and response.
server.json
{
"web" : {
"rules" : [
"regex('(.*).cfm') -> dump-request()"
]
}
}
OpenJDK Downloads
The java API has been moved from AdoptOpenJDK to the Eclipse Adoptium project. This is basically the same project, it just changed names.
assertFalse command
Opposite of assertTrue. Returns a passing (0) or failing (1) exit code whether falsy parameter passed. Truthy values are "yes", "true" and positive integers. All other values are considered falsy
assertFalse false && echo "The inputs was false"
assertNotEqual command
Opposite of assertEqual. Returns a passing (0) or failing (1) exit code whether both parameters DO NOT match. Comparison is case insensitive.
assertNotEqual "foo" "bar" && echo "The inputs are not equal"
Better command chaining
You can have more than two chained commands, and the command chain will keep executing so long as the next part is compatible with the previous exit code. Ex:
assertTrue false && echo "it was true!" || echo "back on track";
cfpm improvements
- We now set the JAVA_HOME for the cfpm command if it doesn't exist
- An Adobe server no longer needs to be the default server for that web root
- If cfpm is run as part of a package or server script, it will default to the using the server currently doing something
box.exe finds Java better on Windows
Previous versions of Launch4j only used the Windows registry to find the installed version of java. The following environment variables are now also checked in this order to attempt to find a JRE to use.
- JAVA_HOME
- JRE_HOME
- JDK_HOME
- PATH
head Command
Does the same basic thing as the tail command, but it reads from the top of the file or input.
cat file.txt | head lines=10
X-Forwarded-For support disabled by default
For better security, CommandBox servers will not automatically obey X-Forwarded-For HTTP headers unless you enable it.
server set web.useProxyForwardedIP=true
Only enable this setting if your CommandBox server is behind a trusted proxy which always sets this header. Otherwise, a malicious client could spoof a trusted IP an bypass IP access control.
Relaxed semantic version parsing
Both of these commands will now do the same thing. The second one used to error with version not found.
# technical correct server start cfengine=lucee@5.3.9+133 # technical incorrect, but people still always tried it server start cfengine=lucee@5.3.9.133
XML Love
XML formatting is now a first-class citizen of the print helper and the REPL. You can pass a parsed XML doc and they will be formatted upon display.
❯ repl 'xmlParse(\'<root><user name="brad"/></root>\')' <root> <user name="brad"/> </root>
Mac Tray Icon Disabled
Due to lack of Java 9+ support in the Java library that creates tray icons, we've disabled the tray icon by default on MacOS. If you want to brave the possibility of it not working or spilling errors in the console, you can re-enable it like so:
# for one server server set trayEnable=true # for all servers config set server.defaults.trayEnable=true
Hopefully when the library gets updated, we'll be able to re-enable the tray icon by default.
Release Notes
Here is the complete list of all tickets closed in this release
Bug
COMMANDBOX-1458 package init sometimes errors on endpointName not defined
COMMANDBOX-1452 SystemSettings UDF injections in ModuleConfig don't work
COMMANDBOX-1440 If you do a link command in a task, the module is not available until another command is issued
COMMANDBOX-1439 REPL can error while displaying XML
COMMANDBOX-1433 runwar.jar missing mutli-release attribute in manifest
COMMANDBOX-1432 cannot capture output of failing "run" command
COMMANDBOX-1430 Ensure shell.cd() enforces trailing slash on directory
COMMANDBOX-1420 Lockdown rules don't escape periods in file names, can match too much
COMMANDBOX-1418 Contain command output in interactive job when commands nest
COMMANDBOX-1417 Total No. of context-params incorrect for web.xml overrides
COMMANDBOX-1416 web.xml overrides only work for Lucee
COMMANDBOX-1414 Regression in auto-adding system modules
COMMANDBOX-1398 #function cfml shortcut has poor named param detection
COMMANDBOX-1392 CommandDSL mishandles weird quoted strings
COMMANDBOX-1385 adobe@2016.0.17 doesn't start properly
COMMANDBOX-1384 removing web.xml override errors until you forget the server
COMMANDBOX-1383 overriding servlet mapping that already exists errors
Improvement
COMMANDBOX-1459 Stopgap for Java regression
COMMANDBOX-1457 Concat nested server.json "env" variables with underscore instead of period
COMMANDBOX-1456 JSON append operations aren't recursive
COMMANDBOX-1455 Allow customization of default Log4j pattern
COMMANDBOX-1454 Track all ForgeBox installs
COMMANDBOX-1451 Allow terminal width to be overridden for print.table() in a dumb terminal
COMMANDBOX-1447 Hide major updates in nested dependencies for "outdated" command
COMMANDBOX-1446 Have "coldbox create app" set name in server.json
COMMANDBOX-1443 Improve validation on recipe command
COMMANDBOX-1442 Format XML in Print Helper
COMMANDBOX-1437 Add .handlebars and .hbs extensions to whitelist
COMMANDBOX-1436 Relax x range checks with prerelease ID
COMMANDBOX-1431 Set Lucee "webroot" to drive root
COMMANDBOX-1429 Optimize globber peformance
COMMANDBOX-1428 Refactor server running check to use PID over port check.
COMMANDBOX-1427 Create stop --local argument to stop all servers in your current directory
COMMANDBOX-1426 Don't allow package to be both dev and non-dev dependency
COMMANDBOX-1425 update to Lucee 5.3.9
COMMANDBOX-1424 Disable proxy peer address in servers by default
COMMANDBOX-1423 Allow access to .well-known folder
COMMANDBOX-1422 Add env var lookups to launch4j path
COMMANDBOX-1421 Misleading messaging for system package updates
COMMANDBOX-1415 Update runwar to latest version of Log4j
COMMANDBOX-1413 Allow java debugging CLI args to be case insensitive
COMMANDBOX-1412 White page for low level errors in Runwar
COMMANDBOX-1410 Add announce() method to InterceptorService
COMMANDBOX-1409 Auto-set JAVA_HOME in cfpm command if not already set
COMMANDBOX-1401 Remove short circuit from logical checks on command exit codes
COMMANDBOX-1399 Allow case insensitive env var lookup on *nix
COMMANDBOX-1397 Improve java search command
COMMANDBOX-1396 java command API from Adoptopenjdk is deprecated
COMMANDBOX-1390 Add --hideUpToDate flag out outdated command to reduce output
COMMANDBOX-1335 Sort server name tab completion based on date last started desc
New Feature
COMMANDBOX-1453 Create offlineMode which does not connect to the internet
COMMANDBOX-1449 Developer mode that reloads before every command
COMMANDBOX-1411 Support multiple contexts (mod_cfml)
COMMANDBOX-1407 Create "head" command to do opposite of "tail"
COMMANDBOX-1406 box_server_env aren't passed to server process
COMMANDBOX-1405 Improve cfpm command to better detect correct server
COMMANDBOX-1404 Allow server-related package scripts in server.json
COMMANDBOX-1403 Add assertFalse command
COMMANDBOX-1402 Add assertNotEqual command
COMMANDBOX-1395 Allow jvm.args and runwar.args to be an array in server.json
COMMANDBOX-1394 Allow java system properties as struct in server.json
COMMANDBOX-1265 We need organizations support for FORGEBOX
COMMANDBOX-1082 Request Trace flag to log all headers and Form variables or request body for a request
Task
COMMANDBOX-1444 Disable server tray icon by default on Mac and Linux
COMMANDBOX-1438 Update jGit lib to 5.13.0
Add Your Comment