Compare releases

Compare releases

Find out what's new in the latest Octopus Deploy release, or compare the latest release to what you're currently running to see what's changed.


These are the most important features you'll get by upgrading from 3.16.7 to 3.17.13

Octopus 3.16

Changes in 3.16

See our release blog post for more details.

New Features

Octopus 3.16 removes the requirement to install Mono when deploying to Linux and MacOS targets. It does this by using a self-contained .NET Core build of Calamari.


  • Support for Okta as an authentication provider
  • ScriptCS has been upgraded to version 0.17.1
  • Resolved issue introduced by Let's Encrypt API change

Breaking Changes

The latest version of ScriptCS has introduced some breaking changes so it's important to review their release notes before upgrading. This only affects projects with script steps written using C#, which are powered by ScriptCS under the hood.


This release contains a post-install data fix that may take a few minutes, depending on the size of your Events table, so please ensure you allow time for this to complete. In our testing with 180,000 records in the EventsTable took ~3 seconds to upgrade.

If you are running the watchdog service, please ensure this is stopped during the upgrade.

All of the usual steps for upgrading Octopus Deploy apply.

Octopus 3.17

Changes in 3.17

See our release blog post for more details.

New Features

Octopus 3.17 introduces first-class Java support so teams can start deploying their Java apps in a safe, repeatable and reliable way! This release includes support to deploy to Tomcat, RedHat JBOSS EAP and Wildfly application servers and the Octopus built-in repository can now manage Java packages like jar, war, ear and rar files.


  • Swagger support for the Octopus API
  • Improved user administration and authentication performance

Breaking Changes

There are no breaking changes in this release.


All of the usual steps for upgrading Octopus Deploy apply.


Changes in Octopus 3.16.7

  • 3759 - Fixed an issue causing too much verbose output in the task log

Changes in Octopus 3.17.0

  • 3506 - Service account users can be linked to an Active Directory account and will use that account's groups for team membership in Octopus
  • 3667 - External security group synchronization, with authentication providers like Active Directory, has been moved into a scheduled task to fix performance and stability problems
  • 3740 - On startup Octopus will delete obsolete files leftover from old Octopus Server installations
  • 3744 - Maintain certificate friendly-name
  • 3758 - Fixed a bug where the scheduled deployment icon and tooltip in the dashboard would not display
  • 3760 - Added variable OctopusSuppressDuplicateVariableWarning to allow logging duplicate variables warning as verbose
  • 3761 - show-configuration command now includes watchdog status
  • 3764 - Set initial project filter on tenant-project-variables page to alleviate performance issues with large variable count
  • 3766 - Remove 'beta' label from 'Mono not installed' option for SSH targets
  • 3767 - Support for java packages in the built-in package feed
  • 3768 - Deploy Java Archive deployment step
  • 3769 - Tomcat deployment steps
  • 3770 - WildFly/JBoss EAP deployment steps
  • 3771 - Resolved issue with incorrect certificate thumbprint being copied to clipboard
  • 3776 - Fixed a bug where the duplicate variable warning is logged when auto-deploying a release to a machine when redeploy on the trigger is enabled
  • 3777 - Swagger Documentation of live system
  • 3779 - Reduced the frequency of the 'Fail orphaned tasks' task

Changes in Octopus 3.17.1

  • 3591 - Fix for permission combination that allowed viewing of variables that user did not have access to
  • 3762 - Fixed Unable to parse sensitive-variables as valid JSON. error in Transfer package step on SSH targets due to decryption password was not being passed correctly
  • 3784 - Sensitive tenant variables that use variable expression can now be changed and set to a custom value
  • 3785 - The system task 'Fail orphaned tasks' has been renamed 'Clean orphaned tasks'

Changes in Octopus 3.17.2

  • 3560 - Empty string may now be provided to override the default value of optional prompted variables
  • 3796 - Server startup migrates users to the new Logins structure
  • 3811 - The API endpoint /api/tasks?running=False now returns the correct results

Changes in Octopus 3.17.4

  • 2572 - The node ping page api/octopusservernodes/ping now returns name, status and version information for the node
  • 2915 - Added a Octopus-Node HTTP header that shows which server served the request
  • 3497 - Added variables for Octopus.Task.QueueTime and Octopus.Task.QueueTimeExpiry
  • 3780 - Scheduled deployments now deploy to the machines available when the deployment is executed (instead of when the deployment is created)
  • 3781 - Fixed a memory issue with LogContext and sensitive variables
  • 3809 - Add retry logic to the send email step to reduce chance of failing a deployment due to sporadic connectivity issues with SMTP server
  • 3815 - Bundled tentacle 3.16.0 that includes --proxy option on Tentacle.exe register-with so a proxy server can be set when registering a tentacle on the command line
  • 3816 - Fixed an error when updating steps after changing a step template variable name
  • 3817 - Package acquisition better accommodates parallel steps
  • 3818 - Guided failure details now display which action and machine failed
  • 3824 - Added the variable Octopus.Action.Output.Manual.Approved to indicate if a manual intervention action was approved
  • 3826 - API returns the correct status codes again for loadbalancer ping (418 when draining) and resource creation (201)
  • 3838 - Fixed an issue collecting machine variables during multi tenant deployments

Changes in Octopus 3.17.5

  • 3840 - Fixes Missing permission: VariableView error when viewing Library Variable Sets
  • 3844 - New API added for reporting the usages of an account across Machines, Deployment Processes and Releases

Changes in Octopus 3.17.6

  • 2575 - The API now returns a 400 instead of 500 response when an empty body is posted or putted
  • 2639 - Fixed UAC permission elevation in management tool
  • 2662 - Error message when importing a script module that contains a syntax error now points to the actual script module that caused the error
  • 3579 - Fixed issue where adding last node in HA cluster broke the management tool
  • 3808 - Fix Octopus upgrade failure caused by empty value in table Event RelatedDocumentIds column
  • 3812 - Resolved migrator issue where project was prevented from being migrated by deployment step with hidden empty package ID
  • 3814 - Clarified the duplicate variable message to emphasise a user variable is overwriting a step field
  • 3819 - Duplicate variable warning no longer returns a false positive when a variable is scoped to a role
  • 3850 - Fixed an issue that caused unavailable machines to be re-included in a deployment
  • 3851 - Prevented IIS semaphore releasing too many times during high contention deployments
  • 3852 - Added support for down-level login names (domain\user) when performing Tentacle upgrades with a specific account
  • 3853 - OpenID Connect authentication providers correctly update groups from roles on user login

Changes in Octopus 3.17.7

  • 3864 - Prevent a potential security vulnerability (CVE-2017-15611) by further restricting User Invite action to those with TeamEdit and TeamCreate permissions
  • 3868 - When an offline drop target has defined the Encryption password all variables will now be encrypted into the sensitive variables (CVE-2017-15610)
  • 3869 - The special Guest account is now denied access to certificate private keys, even if that user has been granted the CertificateExportPrivateKey permission (CVE-2017-15610)

Changes in Octopus 3.17.8

  • 3213 - Variables now allow escaped strings in conditionals in JSON
  • 3757 - Fixed an issue where the current Octopus Server node could not be found during the heartbeat
  • 3863 - OpenID Connect security groups no longer get cleared by the sync task when AD isn't also enabled
  • 3865 - User permissions cache is updated on OpenID Connect login, so groups changes take effect immediately
  • 3866 - Failing a heartbeat now persists demotion to follower
  • 3872 - Fixed a Mutex exception when deploying IIS steps on PowerShell 2.0
  • 3873 - Fixed an exception loading script modules containing certain characters

Changes in Octopus 3.17.9

  • 3875 - The Octopus Server Manager now starts automatically after the installer completes, just like it used to before we introduced a bug in Octopus 3.17.6
  • 3876 - Tasks that were running or cancelling during a server upgrade are now no longer stuck in cancelling

Changes in Octopus 3.17.10

  • 2919 - The Audit log will now show no events instead of all events when filtering by a tenant tag that matches no tenants
  • 3830 - Fix for the issue where query string params are missing from all pages besides page 1
  • 3880 - Validated that the arguments for a task created via the API are at least in the right shape

Changes in Octopus 3.17.11

  • 3682 - Resolved issue where Octopus Manager was not correctly binding 'Include Task Logs' option when migrating 2.6 backups
  • 3792 - Added CommonName certificate variable
  • 3800 - When creating a Release, if Assembled date supplied then use it
  • 3855 - Resolved issue when migrating ServerTask with single MachineId where array was expected
  • 3885 - Fix for Octopus.Server.exe admin command passing email to display name field when creating a user, resulting in blank email

Changes in Octopus 3.17.12

  • 3839 - Fixed swagger.json using ints instead of strings for enums
  • 3848 - Added operationId to swagger document for better code gen
  • 3895 - Script module files now gets cleaned up after being imported by the PowerShell bootstrap script
  • 3896 - Variable substitution works now with JSON files that have an array as the root object
  • 3899 - Resolved issue introduced in 3.17.11 where Release Assembled date was being set to the beginning of time when created via octo.exe

Changes in Octopus 3.17.13

  • 2834 - Release Notes are now read from external NuGet feeds if the are returned
  • 3487 - NuGet packages with unsupported metadata elements in its .nuspec file no longer break package transfers
  • 3884 - Return browser security headers when viewing the communications port diagnostic page
  • 3886 - Packages used multiple times in the same project are no longer duplicated in package retention logs
  • 3905 - Server no longer blocks save of the Everyone team if the member list is out of sync with the user table
  • 3906 - Package acquisition will no longer run in parallel with manual intervention