Over the weekend I released ColdFire 1.9.207.249. This version works with Firefox 9 and Firebug 1.9. You can download the latest from the new GitHub project site. If you have the current 1.7.207.246 version installed, there is no need to update your server side debugging code as that has not changed with this release.

Changes in the ColdFire Project

There have been some changes to the project with this release, the biggest is the move to GitHub. Moving forward the code will be hosted on GitHub and I will use the GitHub issue tracker to track bugs. The packaged releases can also be downloaded from the GitHub downloads page and I'm hoping to put some documentation up on in a wiki or project page soon.

I'll continue to maintain the RIAForge site, but I've disable the blog, forums, issue tracker.

I'm hoping this move to GitHub will encourage people to contribute to ColdFire.

Why did this release take so long

I know a lot of people have been asking for an updated ColdFire for some time. Some people have even thought the project was dead. Well about that...

As any user of Firefox knows, in the Spring of 2011 Firefox moved to a new rapid release cycle. In order to better keep pace with the Firefox, the Firebug team set about improving the internal architecture of Firebug. Unfortunately this meant that the changes introduced in Firebug 1.8 broke ColdFire. In another interesting Firebug development, right around the same time as the Firebug 1.8 release John J Barton, the lead developer of Firebug for the past several years, left the Firebug Working Group. All of this meant that Firebug 1.8 was a bit of a transitional release. I made a few attempts to get ColdFire working on Firebug 1.8 but ultimately determined a substantial re-write of ColdFire was in order. Rather than building on the Firebug 1.8 release, I decided to wait for Firebug 1.9, which would be the second release on the new internal architecture. Firebug 1.9 was released earlier this month and since then I've been working on the ColdFire update as I've had time.

What's next?

For a long time I've been against posting ColdFire to the Mozilla Addons site, or AMO, because ColdFire is more than just the Firefox extension; it also requires the ColdFusion debugging templates. However with Firefox's new rapid release cycle I can no longer manually update the extension every time a new Firefox is released so look for the next release of ColdFire to be on AMO.

That's all for now. As always, please report any issues with ColdFire to the new GitHub issue tracker.

ColdFire has been updated to work with Firefox 4/Firebug 1.7. This is an Add-on update only, so no need to update the server bits with this release. As always report any issues on the RIAForge bug tracker.

Just a quick post to let folks know I've released an update for ColdFire 1.6 that fixes an issue changing ColdFire views when Firebug is detached from the main browser window. I advise all ColdFire users to update, even you are not seeing this issue, as the initial ColdFire 1.6 release was using an obsolete Firebug API and silently throwing errors. This is a Firebug extension update only so there is no need to update any of the ColdFire templates on the server.

Thanks to ColdFire user Rob Barthle for reporting this issue and taking the time to put together a screencast so I could easily see the problem.

Yesterday the Firebug team released Firebug 1.6. This version has quite a few updates and bugfixes, but there was also some refactoring done to core components that broke ColdFire. Luckily the Firebug team does a good job with branching in their SVN repo so it was easy enough to compare Firebug 1.5 to 1.6 and make the necessary updates to ColdFire. So, if you have updated to Firebug 1.6 and noticed that ColdFire stopped working, go download the new ColdFire 1.6 and you should be good to go. Note that this release only updated the ColdFire Firebug extension so there should be no need to update any of the ColdFire debugging templates on your ColdFusion servers. As always, if you have any issues please report them on the RIAForge project page.

If you use, or would like to use, Firebug or ColdFire please consider voting for my CFUnited topic: Debugging ColdFusion Web Applications With Firebug and ColdFire. Using practical debugging examples, the presentation covers many of the core features Firebug and ColdFire. I also try hit some of the lesser know features for those more experienced with these Firefox add-ons.

I've posted a new ColdFire beta to RIAForge which works with recently released Firefox 3.6 and Firebug 1.5. I'm labeling this a beta because I discovered a ColdFusion 9 compatibility issue in my testing for this release. It appears ColdFusion's built in AJAX libraries have been updated slightly so the "Enable CFAJAX Debugging" feature does not currently work with CF 9. I'll work on updating this feature in the next couple of weeks. (Unfortunately the AJAX libraries shipped with CF are minimized and obfuscated so working with them is not as easy as it could be.) Because of the beta status of this release I've included both the ColdFire 1.4 and ColdFire 1.5 releases in the current RIAForge download. As always, if you have any issues please report them on the RIAForge project site.

Given all the security issues around ColdFusion in the past few months I thought it would be good idea to remind ColdFire users about a potential security issue. One of the enhanced features of ColdFire is the ability to dump variables without changing your code. For example, to see the application scope you can just type "application" in the variables tab, reload the page, and there you have your application scope dumped to the ColdFusion Firebug tab. This is a great feature during development but could also be an attack vector if used on a public server. Imagine you were running ColdFire on a public server and storing something like database credentials in the application scope. Depending on the debugging IP addresses configured in the ColdFusion administrator, someone running the ColdFire Firebug extension could come along and dump the application scope and see those credentials. Anyway, this isn't really an issue with ColdFire, it works as intended, just something to be aware of if you use the tool.

Today I was pretty stoked to find out that ColdFire was nominated for a Community Achievement Award in the Best Open Source Project category. I'm not sure who nominated ColdFire, but thank you. It is a honor just to be mentioned with other projects such as ColdBox, BlogCFC, Mango Blog, Mura CMS, ColdSpring, Transer and Model Glue. Of course ColdFire wouldn't even exist were it not for the vision and work of Ray Camden and Adam Podolnick. Thanks guys for letting me work on your project!

Be sure to vote for your favorite Open Source Project, and lot of other topics here.

With Firefox 3.5 in release candidate and Firebug 1.4 in its third beta release (after 31 alpha releases) I decided it was time to get my act together and update ColdFire to work with the latest and greatest. If you download ColdFire from the RIAForge site you will notice the zip now contains two releases: 1.3.207.211 and 1.4.207.218. The 1.3 release is the current "production" release which runs on Firefox 3.0 and Firebug 1.3. The 1.4 release should be considered beta since it requires Firebug 1.4, which will run on either Firefox 3.0 or 3.5. There are no new features in the 1.4 release, just support for these awesome new Firefox/Firebug releases. (The ColdFusion and Railo debugging templates are the same from 1.3 to 1.4, so if you want to run Firefox 3.0/Firebug 1.3 and Firefox 3.5/Firebug 1.4 side by side you don't have to change any of the server side ColdFire bits.)

I have to give a shout out to Jan "Honza" Odvarko for the great work he is doing on with Firebug's network monitoring. In earlier versions of ColdFire we actually rolled our own network monitoring and it was a huge pain. For ColdFire 1.2 we wised-up and used some crazy closure hacks to leverage Firebug's network monitor. It worked, allowing us to introduce features like the response queue, but boy was it ugly and brittle. Firebug 1.3 introduced a API for its NetworkMonitor module which allowed extension developers to register listeners and receive data from the network panel, which we in turn leveraged in ColdFire 1.3. Now Firebug 1.4 expands on that API, and best of all Honza has done a great job of documenting this expanded API on his blog. (Anyone interested in working with Firebug should definitely read Honza's blog, Software is Hard. I wish many of those articles had been written when I was digging through the Firebug code trying to figure things out.) ColdFire 1.4 has been updated to use this new API, which was the only significant change to ColdFire code for this release.

That's all for now. As always please report any issues on the RIAForge bug tracker.

In honor of Mark Drew's visit to the Philly CFUG last night, and Sean Corfield's announcement about the new Railo beta today, I've just posted a new version of ColdFire with a debugging template for Railo. This is a beta release. For more info on installation and what's supported in this release see my blog post on the RIAForge site.