Announcing major ColdFusion 2025 update of May 20 2026 - thoughts and resources
A substantial new CF update for CF2025 has been released today, May 20, 2026. It's unique/important, in many ways:
[Looking for Charlie's main web site?]
You can reach Charlie by email at charlie (at) carehart.org, or you can follow him on twitter/X, @carehart. This blog is one resource among several within https://www.carehart.org/, where you can also find out more about him.
In fact, if you'd like his help, he's available for consulting for as little as 15 minutes.
Appreciate any of the resources I've offered?
I'd also raised those very concerns of yours in a comment yesterday at the Adobe CF portal announcement of the update which I linked to above.
I have also followed up in more direct contact with Adobe folks. I clearly agree with the concern you raise.
https://cfdownload.adobe.com/pub/adobe/coldfusion/2025/updates/hotfix-007-331586.jar
But they list two different checksums.
And the actual file I downloaded from the Update 8 link matches the listed checksum for the Update 7 file.
"While you await resolution, Oscar, the correct URL for the 8 update (jar) is https://cfdownload.adobe.com/pub/adobe/coldfusion/2025/updates/hotfix-008-331874.jar
To be clear, I got that from the RSS feed (https://www.adobe.com/go/coldfusion-updates) served by the url which is called by the Admin (or cfpm) to find updates. It pulled down the update from that URL I've offered here."
Here's a link to this discussion on the slack:
https://cfml.slack.com/archives/C06TABBT8/p1779311733993959?thread_ts=1779301689.250969&cid=C06TABBT8
Do you know how to connect to the MCP?
In any case, that's not a doc about AI within CF. That's some generic Adobe AI resource.
The docs for the new AI functionality in CF (hundreds of pages) are in the manual that starts here:
https://guides.adobe.com/coldfusion/en/docs/coldfusion-ai-guide/coldfusion-ai-guide.html
As for use of MCP within CF, there are multiple sections in that doc on that. Start with this:
https://guides.adobe.com/coldfusion/en/docs/coldfusion-ai-guide/what-is-mcp.html
See the many sections and subsections on the left there.
You may also want to watch the Adobe webinar recordings on the AI functionality (from a few weeks ago), which I mentioned above. The playlist is here:
https://www.youtube.com/playlist?list=PL3iywAijqFoXFfMGtR9CV5Dot4CtHxwdO
I'm not quite sure I see any as "eating the other's lunch". Some might have said that of Lucee, right? But clearly BoxLang was created despite that.
And of course, there's also a lot to BoxLang that's unique to using that new *language* (for those who opt to go that route), while there is indeed much that benefits those running CFML on it as a *cfml engine*. Indeed, I covered that latter in my talk at IntoTheBox a couple of weeks ago, "Getting Started with BoxLang as an alternative CFML Engine". The PDF is available at carehart.org/presentations, and the conference recordings should be on cfcasts.com soon.
I'm not at all denying that BoxLang (and Ortus) bring a lot to the table. I just don't think it's quite as you cast it. I will say that when it comes to AI, there's certainly a lot that BoxLang has and is doing with it that is very different from Adobe's implementation, which is again different from Lucee's.
And with the very landscape of AI changing about daily, along with how IT orgs are evolving in how they see the role of AI (how best to leverage it, and so on), it seems all 3 engines will have their work cut out with respect to supporting AI--in a way that will satisfy the bulk of their users.
We'll certainly have to wait and see how that all shakes out. Interesting times, indeed.
https://i.sstatic.net/Fy0byoFV.png
Once I click Copy MCP Server, I get this https://guidesai.adobe.io/mcp link. But I don't know how to generate credentials to connect to this MCP.
I recall Mark Takata mentioning something about the ACF documentation MCP in his presentation https://youtu.be/Z5xvKvoenC0 . But I don't see any details mentioned there.
I honestly have no idea what that's about, and I must have missed when Mark discussed it. (If you know the time mark in that video, some readers may be interested to check it out. As for the "not mentioned there", I don't know if you mean there, I can't tell if you mean "in the video" or in the docs site.) I tried to find more but so far no luck.
As for what it's about, I'd recommend you ask Mark directly. He offers his email address online as Takata (at) adobe.com. One example where he did that is here:
https://community.adobe.com/questions-582/future-of-coldfusion-276861?postid=1993240#post1993240
If you (or anyone seeing this) may come to learn what it's for, please do let us know here. I feel that IS within reason to discuss here, as the new docs site was something I highlighted in the post.
Charvi suggested that I can use Connect to Cursor option to setup the MCP in Cursor. This opens Cursor with a add new MCP screen, the API key is pre-loaded there, I copied this key to connect the MCP to other agents. If you don't have Cursor installed, you'll see a network call in the Dev tools like cursor://anysphere.cursor-deeplink/mcp/install?name=coldfusion-documentation&config=eyJ1cmwiOiJodHR . If you decode the value for config, you'll get the API key from the data.
First of all: tnx for all the good work!
After installing ColdFusion 2025 update 8 we noticed that things changed. We encountered two exceptions:
1.
Query-method “RemoveRows()” previously didn’t give an exception if the second argument was 0. After the update we got this exception:
“java.lang.IllegalArgumentException: fromIndex(5) > toIndex(0).”
The second argument suddenly should be bigger than 0.
2.
With the May 20 update “setValues” suddenly seems to be a reserved word (method) in CFC-classes. Previously in a function with CFC-class with the name setValues() you didn’t have to use the “this.” scope. After installing update 8 an exception occured while calling setValues without the this-scope:
“The function takes 1 parameter.”
Our CFC-function has three (required) arguments. After changing “setValues” to “this.setValues” everything works well again.
Both exceptions where not communicated by Adobe. Adobe is not doing itself and its customers a favour with undocumented changes in EVERY !! update in the last year. Realy hope things will change for the better.
As for the new set functions, those are indeed documented (such as at https://guides.adobe.com/coldfusion/en/docs/develop-coldfusion-applications/the-cfml-programming-language/sets-in-coldfusion.html), and this is not at all the first time Adobe has come out with new functions (even in just an update) that can clash with existing variables or method names.
That said, I agree it would be helpful if there was a single section of the docs listing what are new functions/reserved words in this update. I've complained to them (and above) of other issues, docs and otherwise, about this update. It's LIKE a new version, but not...and it's been treated in the docs as like a new version in some respects, but in other ways, not.
As is usually the case, it seems "it is what it is".
I commented on the Adobe blog post (I don't see it yet, so pending approval?), but I also wanted to post here since most CF users look to your site for in depth ColdFusion coverage.
I had an issue with this update on Rocky Linux 9 coming from Update 7. The issue was isolated to my solr collections and caused by the upgrade of Solr 9.7 to Solr 9.10.
My existing collections were still present on disk, but they were not listed under ColdFusion Collections in the CF Administrator.
I will only include a snippet of the error I found in the solr log file which appears to indicate that this is due to the XSLT response writer.
Caused by: org.apache.solr.common.SolrException: Error loading class 'solr.scripting.xslt.XSLTResponseWriter'
Prior to update 8, solr collections had the XSLT response writer enabled in the solrconfig.xml file located in the collection's conf directory.
{cf.root}/cfusion/jetty/multicore/collections/my-collection/conf/solrconfig.xml
Creating a new collection after applying update 8 showed that the XSLT response writer was now disabled by default in the collection's solrconfig.xml file. This is because the template solrconfig.xml file was updated to disable the XSLT response writer.
{cf.root}/cfusion/jetty/multicore/template/conf/solrconfig.xml
Screenshot below showing the disabling of the XSLT response writer. Pre update 8 on left and post update 8 on right.
https://i.imgur.com/VZjc6rA.png
One fix was to disable the XSLT response writer in all existing solr collections and restart solr/jetty.
sudo cp -pn {cf.root}/cfusion/jetty/multicore/template/conf/solrconfig.xml {cf.root}/cfusion/jetty/multicore/collections/my-collection/conf/
Another thing related to issue is that the solr-scripting-9.7.0-SNAPSHOT.jar file was removed and not replaced with a version compatible with Solr 9.10. I reviewed the Solr changelog and noticed that the XSLT was moved out of solr-core and into an option scripting module, but that was back in May 2022. I can only suspect that Adobe finally decided to fully remove the optional module in their CF solr bundle.
It was the omission of the jar file that caused the issue above.
Another possible solution to the missing collections, is to add the new version of the solr-scripting jar file to the solr lib directory.
Although, I suppose that it's possible that this could be removed on the next CF update, so I wouldn't think that this would be a good approach.
My cp is an alias to "cp -i" which is the default in most RHEL clones, so in my case I used the "-n" option to override the "-i" option in the alias.
Omit the "-n" if your cp command is not defaulting to "-i" which prompts for file overwrite.
I do get that it's "merely a pragmatic response", but this warning seems justifiable.
Really, this is a problem you should raise also to Adobe. And if you do it publicly, at tracker.adobe.com, that makes a public ticket whose link you could share here to further help those interested.
(If instead you email them at cfsup@adobe.com, they will create a private ticket that no one can see publicly, though you will get notifications from them.)