WaveMaker Docs

WaveMaker Docs

  • Get started
  • Widgets
  • Mobile
  • How-to
  • Enterprise
  • Releases
  • Blog
  • Sign-in

›All Blog Posts

All Blog Posts

  • Mutual TLS Support in REST APIs
  • Monitoring performance and health of deployed WaveMaker app
  • Mitigating Spring Zero-day Vulnerability CVE-2022-22965
  • WaveMaker application pom.xml
  • Upgrading saml to saml2-service-provider
  • Archiving WaveMaker 9 Projects
  • URL Change in WaveMaker Android WebView
  • Announcement about Angular 11 Update
  • Mitigating Log4J 2 Vulnerability CVE 2021 44228
  • Ending Support of WaveMaker 9 Projects
  • Git Branching Strategy
  • Important Announcement about Angular 10 Update
  • Accessibility Support in WaveMaker
  • Generating .aab files using wm-cordova-cli or AppChef
  • WaveMaker Studio enables faster database imports
  • Integrate SAP HANA Database with WaveMaker
  • Redshift Database Integration
  • Important Announcement about Changes to Documentation Domain
  • WaveMaker Releases 10.7 Version
  • Theme Builder with some coding (Build + Edit)
  • Understanding Scaling of WaveMaker Applications
  • Automatically Import your Website Branding Styles into a Theme
  • Certificate Pinning Case Study
  • Cordova 10.0.0 Upgrade
  • WaveMaker Releases 10.6 Version
  • Retain UI State in WaveMaker Apps
  • Theme builder is ready with a new update
  • PostgREST OpenAPI support in WaveMaker
  • Fully automated and scalable test execution using k8s
  • New file picker for mobile apps - Improvements in UI to select files in mobile
  • WaveMaker releases 10.5 version
  • Deliver faster applications with WaveMaker!
  • GraphQL in a Micro Services Architecture
  • Build Themes for WaveMaker Apps Without Any Coding
  • COVID-19 Visualization using WaveMaker - Part 2
  • COVID-19 Visualization using WaveMaker - Part 1
  • WaveMaker Integrates with DigitalOcean Kubernetes for App Deployments
  • Deployment Experience made better!
  • OpenAPI support in WaveMaker
  • WaveMaker platform is updated to use WKWebView.
  • Deliver WaveMaker Apps as Micro Frontend Modules
  • All-new WaveMaker docs with a powerful Search
  • Welcome to the WaveMaker Developers Blog

Mutual TLS Support in REST APIs

August 23, 2022

Praveen Chandra


TLS (Transport Layer Security) is an encryption protocol that encrypts all the information communicated between the client and the server. Mutual TLS is an additional configuration in which the server and client authenticate each other, and only then is the connection established. This blog explains in detail what MTLS (Mutual Transport Layer Security) is and why it is used.

note

WaveMaker supports MTLS from WaveMaker 11 GA onwards. For more information, see how to Configure MTLS in WaveMaker application.

Read More

Monitoring performance and health of deployed WaveMaker app

August 2, 2022

Deepika Srimanthula


In this blog we talk about how to make any WaveMaker application Observable by applying OpenTelemetry, Zipkin. While accelerating application development, WaveMaker's generated code allows easy integration with best of the breed tools and applying devops best practices while operating the app in production a cinch.

Read More

Mitigating Spring Zero-day Vulnerability CVE-2022-22965

April 5, 2022

Uday Shankar


A new zero-day vulnerability was reported in the Spring library on 29th March 2022, affecting the library versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions. The vulnerability impacts Spring MVC applications running on JDK 9+.

Spring has released a new version on 31st March 2022, 5.3.18, which fixes the vulnerability. The specific exploit requires the application to run on Tomcat as a WAR deployment. The blog post added by Spring has more details about the vulnerability.

Read More

WaveMaker application pom.xml

March 24, 2022

Praveen Chandra

WaveMaker application encloses a pom.xml. It maintains the build resources, including filters, profiles, repositories, plugin management, dependencies, and user customizations.

You would have to edit pom.xml when changing the dependency versions or add custom configurations for immediate fixes when needed. When you keep adding these configurations, it lengthens the generated pom.xml with the details of the application configurations and the Studio configurations that the developers only sometimes need access to. For this reason, the pom structure has been remodeled to inherit from the parent pom, making it easy to read and manage the code.

Read More

Upgrading saml to saml2-service-provider

March 24, 2022

Praveen Chandra

Security Assertion Markup Language (SAML) is an XML-based open standard for exchanging authentication and authorization data between different parties. The SAML exchanges are usually between

  • Identity provider (IdP) - producer of assertions, and
  • A service provider (sp) - the consumer of assertions.

The identity provider could be any vendor like ADFS, OneLogin, Okta etc. which supports SAML-based Single Sign-On (SSO). The service provider is your WaveMaker application which makes use of Identity Provider to enable single sign-on across all your WaveMaker applications.

Read More

Archiving WaveMaker 9 Projects

February 1, 2022

Swetha Kundaram


Earlier in this blog, we announced ending support of WaveMaker 9 (WM) Projects. WaveMaker offered support to manage individual versions of your app with our multi-version control system so that you could simultaneously work on both WM 9 and WM 10 projects. One of the key differences between the WM 9 and WM 10 is moving from AngularJS to Angular 11.

Angular laid its plan in January 2018 for the final releases of AngularJS before entering long-term support (LTS) and extended the LTS due to the global pandemic until December 31, 2021. As we reach the end of life of AngularJS, we officially withdrew support of WM 9 projects starting WM 10.12 release planned for February 2, 2022. As a result, the existing WM 9 projects get archived.

Read More

URL Change in WaveMaker Android WebView

January 10, 2022

Srinivasa Rao Boyina


In WaveMaker 10.10, Cordova-android is upgraded to 10.1.0. With that change, it is observed that third-party cookies are not getting stored on the WebView. Cookies are required for WaveMaker authentication. So, a plugin wm-cordova-plugin-advanced-http was used to make ajax calls instead of browser XHR. Following are the drawbacks of using the plugin.

  • All network calls are logged into the console of chrome dev tools instead of the network tab.
  • There are gaps between plugin API and XmlHttpRequest. Some of these gaps are addressed in the WaveMaker platform to make it work in WaveMaker without any changes in the existing code.

In WaveMaker 10.11, another method is implemented to solve the cookie problem.

Read More

Announcement about Angular 11 Update

December 17, 2021

Swetha Kundaram


WaveMaker generates code for applications based on Angular. As part of the continuous improvement efforts, we upgrade WaveMaker to the next major Angular version, 11, in the release 10.11, scheduled for the second week of January 2022.

Current versionUpdating to
Angular 10.2.511.2.14

To learn more, see Angular Version 11 - what's in the release.

Read More

Mitigating Log4J 2 Vulnerability CVE 2021 44228

December 13, 2021

Uday Shankar


important

WMO (WaveMaker Online) Users

Updated on 24-Jan-2022

WaveMaker has released 10.11.1 on 24 Jan 2021, updating Log4j2 dependency, which mitigates against the vulnerability CVE-2021-44832. For more information about the release, see WaveMaker 10.11.1.

  • Log4j2 upgraded to 2.17.1

Updated on 23-Dec-2021

WMO (WaveMaker Online) has released 10.10.3 on 23 Dec 2021, updating Log4j2 dependency, which mitigates against the vulnerability CVE-2021-45105. For more information about the release, see WaveMaker 10.10.3.

  • Log4j2 upgraded to 2.17.0

Updated on 16-Dec-2021

WMO (WaveMaker Online) has released 10.10.2 on 16 Dec 2021, updating Spring and Log4j2 dependencies, which mitigates against vulnerabilities CVE-2021-44228 and CVE-2021-22096. For more information about the release, see WaveMaker 10.10.2.

  • Log4j2 upgraded to 2.16.0
  • Spring Framework upgraded to 5.3.13

Action items

  1. If you are a WaveMaker Online (WMO) user and have already mitigated risk by adding Log4j2 dependencies to 2.15.0 or 2.16.0 or 2.17.0, you need to undo those changes from the <dependencies> section in pom.xml.

  2. Also, there is no need to add the System property or Environment variable in the deployment section if you redeploy with the latest project build.

caution

WME (WaveMaker Enterprise) Users

WaveMaker Enterprise users should continue to follow the risk mitigation provided in this blog.

A zero-day vulnerability is an unintentional software security flaw identified in the application, poses a zero-day threat.

A new zero-day vulnerability was reported in the Log4j2 library on 9th Dec 2021, affecting the library versions >=2.0-beta9 and <=2.14. It has the potential to allow an attacker to execute the code remotely. Log4j has provided the fix by releasing the 2.15.0 version on the same day. Plus, Log4j has released a newer 2.17.0 version, which is available for production now. For more information, see LOG4J changes report.

Read More

Ending Support of WaveMaker 9 Projects

December 8, 2021

Swetha Kundaram

The End of Support (EOS) stage marks the official withdrawal of support for WaveMaker 9.x projects.

WaveMaker app development generates Angular code, as Angular marks the official withdrawal of the previous Angular versions, including AngularJS and Angular 1.x. Therefore, WaveMaker will be ending the support of WaveMaker 9.x projects that use AngularJS and Angular 1.x by 31 Jan 2022, as Angular announced. The update is primarily focused on improving performance, security, and bug fixes.

We have covered some essential FAQs to help you understand how you can migrate to the latest version of WaveMaker Studio.

Read More
Next →
WaveMaker
  • PRICING
  • PARTNERS
  • CUSTOMERS
  • ABOUT US
  • CONTACT US
Terms of Use | Copyright © 2013-2023 WaveMaker, Inc. All rights reserved.