(This is short for Lucee-ites. Kudos to @Hugh_Rainey, the de facto winner of the nicknaming contest!)
Today, we are really happy to announce Lucee 220.127.116.11.
Next to the heavy lift of the original Lucee 5 (following the fork at Railo 4.5), this release represents the biggest development push to date. For the first time ever, we’ve surpassed a triple-digit number of revisions for a Lucee release (the 4th part our versioning scheme). Whew! Is it Friday yet? Felt more like a “month of Sundays,” as the old saying goes (queue the Don Henley song), but We Love Lucee, so it was a labor of love. I’ll do my best to summarize it all here. All credit goes to the incredible development team and developer community. All mistakes are mine. Please chime in here with any and all questions/comments.
As I’ve written previously, the 5.3 release cycle has been loaded with activity, from the original alpha release, through to beta, and then continuing with the two Release Candidates we’ve put out. When we shipped the second RC, a lot of things happened all at once. First, the community responded with a considerably more active testing/feedback effort, and this resulted in the discovery of a handful of additional regressions, which we fixed over the past month during RC-2. In addition, right after we posted the RC-2 build, a security vulnerability came to our attention, so we naturally had to drop everything and address that. CFML scion Charlie Arehart has shared some detailed information (as always!) about this with regard to Adobe ColdFusion, which you can read about here. As for Lucee, we had this patched on March 3, 2019 (18.104.22.168-snapshot), and, in addition, the patch actually made it into a 5.3 final build (22.214.171.124), but, we weren’t yet done with the RC-2 period for 5.3.1, which is why we never made an announcement about 126.96.36.199. (It is not a final release for 5.3.1; please read on…)
In summary, the final release of 5.3.1 is build 188.8.131.52, and it’s available on the downloads site now. It includes the security fix, and, in addition to that, here are the tickets addressed during the RC-2 period:
If you’re a glutton for punishment, here’s the full list of tickets addressed from the first alpha of 5.3 all the way through to today’s 184.108.40.206 final release.
Given all the work done in recent months, we’ve got lots of kudos to hand out. First, thanks to @isapir on the Lucee development team for his fast work in patching the file upload vulnerability. Next, special thanks to these community members for helping us with testing during the RC-2 period:
(FYI–if I’ve missed anyone, please let me know, and we’ll make sure everyone is recognized here.)
Grab a copy of 220.127.116.11 today. Or, there are already 66 builds of 5.3.2, so you can grab a snapshot of that. The March sprint will wrap up in the next week or so, and we’ll announce 5.3.2-RC ASAP after that. As always, we’ll respond as quickly as possible to any tickets not covered by today’s 18.104.22.168 final release (believe it or not, there are some, though it covered a seemingly endless list!), or to regressions with 5.3.2-RC. After the 5.3.2 Release Candidate period in April, we’ll make that final at the end of April/beginning of May, and then we’ll immediately move to the next monthly sprint in May.
Thanks for listening!
Patrick, Lucee Product Manager