ColdFusion 2025 What's New
ColdFusion 2025 represents a major update with significant performance improvements, security enhancements, and modern platform upgrades. This guide covers new features, breaking changes, and deprecations.
Major Highlights
JDK 17 LTS Support
Official support for JDK 17 with 30-40% performance improvements over JDK 11
Enhanced Security
Updated security features, modern cipher suites, and improved default configurations
Tomcat 10.1
Upgraded application server with Jakarta EE 10 support and improved performance
cfpm Package Manager
Modular package management system for installing only required components
New Features
Java & Runtime
- JDK 17 LTS: First-class support for Java 17 with improved garbage collection (G1GC enhancements)
- Tomcat 10.1: Upgraded from Tomcat 9.0 to 10.1 with Jakarta EE 10
- Performance Improvements: 30-40% faster execution compared to CF 2023 with JDK 17
- Memory Efficiency: Reduced memory footprint with better heap management
Security Enhancements
- Modern Cipher Suites: Support for TLS 1.3 and updated cipher suite defaults
- Secure Defaults: More secure out-of-box configurations
- Enhanced Session Security: Improved session cookie handling with SameSite support
- Updated Lockdown Tool: Enhanced Adobe Lockdown Guide with CF 2025-specific hardening
- Security Headers: Built-in support for modern security headers (CSP, HSTS)
Package Management (cfpm)
- Modular Installation: Install only the packages you need
- Reduced Attack Surface: Minimize security exposure by excluding unused components
- Dependency Management: Automatic handling of package dependencies
- Version Control: Track and manage installed package versions
Performance Monitoring
- PMT (Performance Monitoring Toolset): Built-in Elastic Stack integration
- Real-time Metrics: Enhanced performance monitoring dashboards
- Custom Metrics API: Expose custom application metrics
- Health Check Endpoints: Built-in health check URLs for load balancers
Developer Experience
- Improved Error Messages: More detailed error reporting and stack traces
- Enhanced Debugging: Better debugging tools and inspection capabilities
- IDE Support: Improved IntelliSense and code completion support
- Modern APIs: Updated REST APIs with OpenAPI documentation
Breaking Changes
Important: Review these breaking changes before upgrading to ColdFusion 2025.
JDK Requirements
- Minimum JDK: JDK 11 required (JDK 17 recommended)
- JDK 8 Dropped: No longer supports JDK 8 (use CF 2023 if JDK 8 required)
- JPMS Modules: Some Java modules require explicit --add-opens flags
Tomcat Changes
- Jakarta EE Namespace: javax.* packages changed to jakarta.* (affects direct Servlet/JSP code)
- Connector Configuration: Some Tomcat connector settings have changed
- Session Serialization: Updated serialization format may affect clustered sessions
Deprecated Features
- Flash/Flex Integration: Removed (Flash EOL)
- Legacy WebSocket: Replaced with Jakarta WebSocket API
- Old Admin API: Deprecated in favor of REST-based Admin API
- Verity Search: Fully removed (migrate to Solr or Elasticsearch)
Configuration Changes
- Default Ports: Web server connector defaults may have changed
- Security Defaults: More restrictive default security settings
- Session Cookie Defaults: Secure and HttpOnly enabled by default
Migration Considerations
From ColdFusion 2023
Effort: Low - Most applications compatible with minimal changes
- Update JDK to 17 for best performance
- Review any custom Java integrations for Jakarta namespace changes
- Test session handling in clustered environments
- Update any Tomcat connector customizations
From ColdFusion 2021
Effort: Medium - Requires testing and JDK upgrade
- Must upgrade to JDK 11 minimum (JDK 17 recommended)
- Review deprecated features usage
- Update security configurations to match new defaults
- Test all custom Java integrations
From ColdFusion 2018 or Earlier
Effort: High - Significant changes and testing required
- Major JDK upgrade required
- Remove usage of deprecated features (Flash, Verity)
- Update all security configurations
- Comprehensive application testing recommended
- Consider professional migration assistance
Additional Resources
Need Migration Help?
Convective has successfully migrated hundreds of ColdFusion applications. Our experts can assess your application and provide a customized migration plan.
Get Migration Support