Into The Box 2019 Recap

Last week was the Into The Box 2019 conference in Houston TX. Did you miss it? Do you write CFML for a living? Big mistake! ;)

This was the third or fourth year it’s been held in Houston (technically in a suburb, The Woodlands) since moving from Minneapolis, and the event continues to grow year after year. I don’t have official numbers but I think someone mentioned around a 40% increase in attendance from 2018. While we have fewer ColdFusion conferences right now (with CF.Objective, NCDevCon, and MuraCon all being on hiatus at the moment — I do hope each of them return some day) it seems that the events that are still around all have been growing and Into The Box was no exception!

We were at the same hotel as previous years: Hyatt Place, The Woodlands. It’s clean, friendly, has a gym and 24 hour kitchen, I don’t need much else. :) Wifi was solid all thru the event, staff were super helpful, and it’s only a 15-ish minute drive from the airport.

Wednesday was the pre-conference workshops, and there are more to pick from at Into The Box than any other CFML conference!  Did you skip the pre-conference workshops because you thought they were only for ColdBox apps? Big mistake! ;)

This year I attended Pete Freitag’s class on security in ColdFusion applications. Usually when Pete’s teaching a class, I’m teaching a workshop of my own in the next room — finally our schedules weren’t conflicting and I was able to sign up.

I would call Pete’s class a “must attend” for every CFML developer, regardless of the framework you’re using. Pete spent the entire day scaring the class, showing how many different ways a server can get hacked. We went over basic things that (hopefully!) everyone already knows, like using CFQueryParam and also covered a variety of less obvious situations.  Everything from bad HTML headers, to sessions, to CSRF and XSS attacks were discussed and demo’d. Did you know you can hack into a server just by uploading a PNG file? We saw a demo of this happening, and (more importantly), how to prevent it. None of the the techniques we learned are specific to ColdBox, and most of them aren’t even specific to ColdFusion - you can reuse a lot of these skills on any web app, regardless of the language it’s written in (which some minor modifications).  

Thursday and Friday were filled with the standard 1-hour sessions. Did you skip the keynotes because you still think the sessions are all (or mostly) just for ColdBox? Big mistake! ;)

We started both days with Ortus keynotes where they showed off a variety of new updates to the Ortus product suite, as well as partnerships with Foundeo and Fusion Reactor for new products — most of which all work fine on non-ColdBox applications.  As is the case every year, a portion of the Into The Box registration fees are being donated to an orphanage in El Salvador — always a classy move, and it’s great to see Ortus is able to give help to others around the world.  (Semi-related, there is now an Ortus office in El Salvador with several CFML developers.)

As I’ve mentioned in previous posts, Into The Box is -the- place to come learn modern CFML and the sessions this year were exactly that. The most introductory topic that I saw being discussed was how to install CommandBox.  There’s nothing at this conference about CFincludes or jQuery or Bootstrap CSS. Instead, topics focus on Amazon Web Services, Docker, micro-services, and how ubiquitous CommandBox (and other Ortus tooling) has become with modern CFML development.

Pete Freitag’s talk on his new product Fuseless was a great way to kick off the Thursday sessions. With Amazon Web Services becoming such a big  part of modern web development, it’s great to see the ability to write Lambda functions for AWS coming to the CFML space.  This is absolutely something I’ll be researching further — we have several projects in the works at South of Shasta that could benefit from Fuseless.

Brad Wood gave a great talk introducing people to LogBox and CacheBox — both of which can be used on non-ColdBox applications. Brad’s style of presenting is often to use the slide deck as a loose reference point, and then he’ll do lots of live coding in the session.  He’s great at thinking of hidden gems in the products and mentioning them during the session, but you may not find all of them as detailed in the slide deck itself. Just do yourself a favor and watch Brad’s sessions whenever you get a chance. :)

On Thursday afternoon I gave my first of 2 talks: CommandBox vs Node.js.  We essentially compared the 2 tools and showed that CFML developers can have the exact same workflow as JavaScript/Node people — and in some cases CommandBox actually does more than Node! Rather than risking the hotel wifi for a bunch of “box install” and “npm install” examples, I used prerecorded video of the commands which worked pretty well. That will be a regular occurrence for my talks in the future — the more I can do to avoid “demo fail”, the better! It would have been good if my session were at the start of the day (after the keynote) as many other sessions had already covered quite a bit of the same content by the time my 5pm slot rolled around. Hopefully attendees still got value out of the talk.

My second preso was “Real World Scenarios for Modern CFML”, a last minute addition to the schedule. In this session, we review some of newer language features recently added in CFML. We see demos of constructs like map(), reduce(), closures, and discuss some other modern tooling that has become valuable in recent years.  Overall it went well, but I think it could use some extra content and examples — a new updated slide deck coming soon!

I didn’t attend as many sessions as originally planned, opting to catch up with some friends instead, and needing to take care of a few things for clients.  But the notes I took have been posted here for your reference. And of the various sessions I attended, all of them were well put together with tons of great content. This really is a “must attend” conference for anyone doing ColdFusion development.

Are you planning to come to a CFML conference soon and improve your skills? Only if your boss pays for it? Big mistake! ;) Invest in yourself whenever possible.  While I understand that paying for a conference ticket and a couple nights in a hotel is not always easy, I come home having learned several new things, and with a renewed level of excitement about getting to make things for a living.  I’ve never once regretted paying for a quality conference such as Into The Box.

Thanks again to Ortus and everyone at the conference. Hope to see you all again next year!

-nolan