Changelog

Current Version: v2.23.4

This changelog covers what has changed in the WhatsApp Business API Client.

Contents

• Recommended Versions of Software
• WhatsApp Business API Client
• Amazon Web Services Templates

Recommended Versions of Software

WhatsApp Business API Client

Blocking updates are ones in which the Coreapp will suffer downtime while upgrading using the db-upgrade service. Non-blocking updates are ones in which the Coreapp should continue to run when upgrading using the db-upgrade service. You can only use the db-upgrade service to upgrade to a version >= 2.23.* from your current version.

Apr 29, 2019 (v2.23.4)

• Ability to get the group icon and profile photo by URL instead of a binary blob
• Revamped WhatsApp Web Business Tool
• Ability to upgrade the WhatsApp Business API Client database independent from the WhatsApp Business API Client
• Ability to update business profile settings independently — no longer requires all of the fields
• Support PostgreSQL database in addition to MySQL
• Message template validations at send time have been added to reduce rendering errors on the customer's device
  
  • New error codes have been added to indicate why these failed
• Ability to send videos as a message, currently limited to videos that are in the MP4 format with H.264 video codec and AAC audio codec
• New Monitoring dashboards (Grafana) added that help track the performance of database and Coreapp more closely
• Ability to send media using a web link
  • Ability to support media providers to access web links that require authentication to download the media
• More descriptive error message for existing error codes (e.g., 471, 472, etc.)
• For document messages, ability set a filename in addition to the caption field that the user will see when they attempt to download the document
• When receiving document messages, the filename provided by the sender will now also be shared in the callback in addition to the caption field

Breaking Changes

Metrics

• callback_requests replaced with callback_requests_duration_ms_count and callback_requests_duration_ms_sum
• metric out_message_received_by_server, out_message_received_by_target, out_message_received_by_target_read, out_message_sent replaced with out_message_status
• Upgrade Prometheus/Grafana containers to 2.23+ to enable monitoring for new metrics

Security Advisory

The following security vulnerabilities impact v2.23.4 images. The next patch release will include fixes.

Coreapp

• CVE-2019-2683 (CVSS Rating Medium)
• CVE-2019-2566 (CVSS Rating Medium)
• CVE-2019-2581 (CVSS Rating Medium)

Webapp

• CVE-2019-11034 (CVSS Rating Critical)
• CVE-2019-11035 (CVSS Rating Critical)

Jan 24, 2019 (v2.21.6)

• Bug fixes:
  • [Security fix] Removed Mercurial package that has a security vulnerability in the Webapp container
  • [Fixed] Couldn't send “0” in text messages
  • [Fixed] Fixed memory leak due to race condition in server request handling and media request handling
• Known issues:
  • For WhatsApp Business API client's running v2.21.6, when the client is disconnected from the server it may remain disconnected for a few minutes (up to 4 minutes) and then will retry the connection. Upgrading to v2.23.4 will allow for less downtime for a client when attempting to connect to the server.

Nov 13, 2018 (v2.21.4)

• New features:
  • Added profile name in a separate contacts object for callbacks
  • New Operations guide
  • New Security guide
  • Register 1800 and Toll Free Numbers
• Bug fixes:
  • [Fixed] Partially populated business profiles were causing GET /v1/settings/business/profile to return as empty
  • [Fixed] The Business Account Settings in the WhatsApp Business Web Toolwould not load if the business profile was empty
  • [Fixed] API calls to /v1/contacts did not return info
  • [Fixed] Error code 500 returned when sending JPEG images
  • [Fixed] When attempting to mark deleted messages as read, 500: Internal Server Error was returned.
  • [Fixed] Media upload would be attempted before the application was fully initialized

Oct 24, 2018 (v2.21.3)

• New messaging features:
  • Ability to set a TTL (time-to-live) on messages sent to consumers to specify an expiry window for yet undelivered messages (Default: 7 days)
  • Ability to send (in response to a customer care window) and receive contacts from business to consumers
  • Ability to send location from business to consumer in response to a customer care window
  • Ability for business to mark a message received from consumer as 'read'
  • Unsupported incoming messages from a consumer will now raise a callback
  • Incoming message from a consumer that was later deleted (by the consumer) will now raise a callback to notify business
  • New API to allow deleting the profile photo for a business account
  • New error codes for messages that were failed to be delivered to consumer
• New monitoring features:
  • Containers for prometheus and grafana now available to easily help setup monitoring for the Business API client
  • New stats available for monitoring web container
  • Published WADebug, an open source tool to troubleshoot WhatsApp Business API Integrations
  • Troubleshooting enhancement (new fields in API response headers) to easily track all logs related to a specific request/API call made against the Business API client
• Announcements:
  • Data volume deprecation: The data volume is no longer necessary for Business API Client operation from this version onwards
  • Admin privileges now required to access settings, registration, and uploading/deleting certificates or downloading Webhook certificates.
• Bug-fixes:
  • [Fixed] Uploading a webhook CA certificate did not work in a multi-connect deployment
  • [Fixed] API response structure for GET settings/profile/about was incorrect

Amazon Web Services Templates

The most recent version of the template is 2.3.1.

What's included in the Amazon Web Services (AWS) - Cloud Formation (CFN) templates:

Release 2.3.1

Template URLs:

• Enterprise: https://s3.amazonaws.com/wa-ent-cfn/wa_ent.yml?versionId=2xaTm9dKCdjmuxMKTZOfQI_o9iw.bBTK
• DB: https://s3.amazonaws.com/wa-ent-cfn/wa_ent_db.yml?versionId=tq8ZXaK30IIdlWhF3bevI2tCi5nIlFs6
• Lambda: https://s3.amazonaws.com/wa-ent-cfn/wa_ent_lambda.yml?versionId=IZykZHXo._QyKHPZKDffLB0ISJPfPevr
• Network: https://s3.amazonaws.com/wa-ent-cfn/wa_ent_net.yml?versionId=X51Ww5KtgjcbTwBrn_C3C0m5Sko150f3

Dependencies/Prerequisites:

N/A

Changelog:

• Support for new regions (Seoul, Singapore & Tokyo)

Release 2.3.0

Template URLs:

• Enterprise: https://s3.amazonaws.com/wa-ent-cfn/wa_ent.yml?versionId=C3JDtTfqFxGm4QAd_tMm33UHbDCGvts3
• DB: https://s3.amazonaws.com/wa-ent-cfn/wa_ent_db.yml?versionId=1XJEwdOPecEsecG0rfQIZAh9sIKh9HIv
• Lambda: https://s3.amazonaws.com/wa-ent-cfn/wa_ent_lambda.yml?versionId=qo_Tx6j6.M5WJjE4b3k22bpQz4YJHFV_
• Network: https://s3.amazonaws.com/wa-ent-cfn/wa_ent_net.yml?versionId=5lI_QAUA7H1Og9HXWdf7Ds1LYkrYTjsQ

Dependencies/Prerequisites:

It's recommended to use WhatsApp Business API client version v2.18.20 or later. This template might work with prior releases, though we don't recommend it.

Changelog:

• Multiconnect feature is now available with this template. Please follow the multiconnect guide to learn more and setup.

Release 2.2.1

Template URLs:

• Enterprise: https://s3.amazonaws.com/wa-ent-cfn-beta/wa_ent.yml?versionId=UGXYUCZXdffRe8_mAHfVFwc8HAjzDI2A
• DB: https://s3.amazonaws.com/wa-ent-cfn-beta/wa_ent_db.yml?versionId=N3I6q9CkQMbE8bQQvaFsYLRKTkCDm2Jw
• Lambda: https://s3.amazonaws.com/wa-ent-cfn-beta/wa_ent_lambda.yml?versionId=4yGnpz8a5xtaaXKg.UAiatOlOYM71UrD
• Network: https://s3.amazonaws.com/wa-ent-cfn-beta/wa_ent_net.yml?versionId=sX9jYgVgajf.gownIUc0R70S9uT_aX5e

Dependencies/Prerequisites:

This template requires WhatsApp Business API client version v2.18.14 or later. This template will not work with prior releases.

Changelog:

• Support for a configurable log driver for containers. The default log driver is json-file, which stores the logs as a JSON file on the hosts (EC2) where containers are run. This template also provides an option to configure awslogs, where all container logs are streamed to CloudWatch. This makes all logs available in one place. When the awslogs option is selected, the container logs will not be available on the EC2 hosts. However, the log files inside a container will continue to exist.
• Added all SSL parameters — SSL certificate, SSL key and SSL CA. SSL CA support was added in the 2.2.0 release, but the description is rephrased to avoid ambiguity.